The National Institute of Standards and Technology (NIST) and the National Security Agency (NSA) have established a program under the National Information Assurance Partnership (NIAP) to evaluate IT product conformance to international standards. The program, officially known as the NIAP Common Criteria Evaluation and Validation Scheme for IT Security (CCEVS) is a partnership between the public and private sectors. This program is being implemented to help consumers select commercial off-the-shelf information technology (IT) products that meet their security requirements and to help manufacturers of those products gain acceptance in the global marketplace.
- To meet the needs of government and industry for cost-effective evaluation of IT products;
- To encourage the formation of commercial security testing laboratories and the development of a private sector security testing industry;
- To ensure that security evaluations of IT products are performed to consistent standards;
- To improve the availability of evaluated IT products.
Goal of the Partnership
The long-term goal of NIAP is to help increase the level of trust consumers have in their information systems and networks through the use of cost-effective security testing, evaluation, and validation programs. In meeting this goal, NIAP seeks to:
- Promote the development and use of evaluated IT products and systems;
- Champion the development and use of national and international standards for IT security;
- Foster research and development in IT security requirements definition, test methods, tools, techniques, and assurance metrics;
- Support a framework for international recognition and acceptance of IT security testing and evaluation results; and
- Facilitate the development and growth of a commercial security testing industry within the U.S.
National Information Assurance Partnership
9800 Savage Road, Suite 6940
Ft. Meade, Maryland 20755-6940