![[Public Interpretations Database]](/assets/images/public-interps.jpg){kind=small}
I-0404: Security Requirements For The Non-IT Environment
TYPE: NIAP Interpretation
NUMBER: I-0404
STATUS: Pending on: APE/ASE Rewrite
REASON: Hold - Pending ASE/APE Rewrite
TITLE: Security Requirements For The Non-IT Environment
SOURCE REFERENCE: CC v2.1 Part 1 Subclause B.2.6
CC v2.1 Part 1 Subclause C.2.6
RELATED TO: <None>
ISSUE:
To be specified, based on background.STATEMENT
The following interprets the sections of Part 1, Annexes B and C, that discuss the utility of the requirements for the non-IT environment:B.2.6 b) Paragraph 2: Note that security requirements for the non-IT environment, while often useful in practice, are not required to be a formal part of the PP as they do not relate directly to the implementation of the TOE.
C.2.6 b) Paragraph 2: Note that security requirements for the non-IT environment, while often useful in practice, are not required to be a formal part of the PP as they do not relate directly to the implementation of the TOE.
Security requirements for the non-IT environment may be directly related to the implemetnation of the TOE; in particular, they may affect the content of the administrator or user guidance.
RECOMMENDED CRITERIA CHANGES
TBD. The CC's stand in B.2.6 and C.2.6 needs to be softened. There should also be changes in the Writers Guide for PPs and STs, and well as in the CEM and the Part 3 APE/ASE Requirements.