![[Public Interpretations Database]](http://www.niap-ccevs.org/assets/images/precedent-db.jpg){kind=small}
PD-0020: Management of Functions with No Specific Requirements
This decision represents a long-term technical decision based on an OD, and may not be the same as the final results of the source OD. With respect to published criteria documentation and scheme documents, it provides suggested guidance on evaluation direction, but is not authoritative. Authoritative decisions are provided through the published criteria documents and published scheme and international interpretations thereof. With respect to published PPs, PDs are authoritative corrections to the PP, based on input from the PP author (if available), that are in force until the publication of the next revision of that PP.
| Effective Date: | 2002-03-11 |
| Last Modified | 2006-08-02 |
Issue
During the evaluation of FMT_MOF.1 in a protection profile, it was noted that there were explict calls for the management of some functions for which there were no explicit requirements. Is the TSF under obligation to provide those functions?
Resolution
If the presence of those functions is justified through the threat, policy, and objectives, then there should be explicit requirements for those functions. This can be done through the new component created by CCIMB-INTERP-0065.
Modification History:
- 2004-08-12
- Updated effective date to reflect the date the PD was issued. (August 2004 NIB 6.c.xiv)
References:
- ALFWPPv1.d
Related NIs:
- I-0369: Security Management Functions To Be Provided Must Be Enumerated
Related CCIMB-INTERPs:
- CCIMB-INTERP-0065: No Component To Call Out Security Function Management
Source OD: 0146