NIAP: TRRT Process
  NIAP  »»  Protection Profiles  »»  TRRT Process  
Technical Rapid Response Team (TRRT) Process



The National Information Assurance Partnership (NIAP) established TRRTs to address questions and concerns related to evaluations under the Common Criteria Evaluation & Validation Scheme (CCEVS).  TRRTs provide an avenue to obtain responses to technical issues raised throughout the course of an evaluation.  As a result, TRRTs are created on a per-technology or per-Protection-Profile (PP) basis. 

Each TRRT is made up of experienced Common Criteria individuals from the validation community and NSA subject matter experts.  The goal of the TRRT process is to provide an issue resolution statement that clarifies and/or interprets PP requirements and Assurance Activities within a reasonable timeframe.  If an issue pertains to multiple evaluations and/or PPs, the TRRT will publicly disseminate the decision, called a Technical Decision (TD) on the NIAP website

Although anyone (CCTLs, Vendors, Schemes, or NIAP) can submit a question to the TRRT, there should be a level of review prior to question submission.  That is, all other avenues should be exhausted prior to a question being submitted to the TRRT.  For example, if a vendor is already in contract with a lab and has been assigned a validator, the vendor should first discuss their question with their lab.  If the question still cannot be answered, the lab should discuss their question with the assigned validator. 

TRRT Submissions

TRRTs are designed to enable the teams to respond to inquiries effectively and efficiently.  Therefore, be sure to include all pertinent information so that NIAP does not need to spend additional time requesting additional information.  For example, please include: 

  • Whether or not related to a product in evaluation or pre-evaluation,
  • Evaluation progress point(s) and estimated evaluation completion date,
  • List the cPP(s), PP(s), EP(s), and Module(s) the product is being evaluated against, and
  • Propose a resolution with the issue being submitted. 
TRRT Contact Information

Below is a list of Technical Rapid Response Teams to which questions can be directed: 

If prepared, submit a query here.
Technical Rapid Response Teams
This list was generated on Wednesday, 2024.06.19 at 0113.
Application Software
Authentication Server
Certificate Authority
Dedicated Security Component
Enterprise Security Management
Enterprise Session Controller
File Encryption
Full Drive Encryption
General Purpose Computing Platform
Hard Copy Devices
Mobile Device
Mobile Device Management
Network Device
Operating Systems
Peripheral Sharing Switch
Secure Shell
Server Virtualization
Session Border Controller
SSL/TLS Inspection Proxy
Transport Layer Security
VoIP Applications
VPN Client
VPN Gateway
Web Browser
Wireless Intrusion Detection Systems
Wireless LAN Access Systems
Wireless LAN Client
Site Map              Contact Us              Home