NIAP: NIAP Home Page

NIAP Oversees Evaluations of Commercial IT Products for Use in National Security Systems
Questions?  We're here to help

  About NIAP

The National Information Assurance Partnership (NIAP) is responsible for U.S. implementation of the Common Criteria, including management of the NIAP Common Criteria Evaluation and Validation Scheme (CCEVS) validation body.  NIAP manages a national program for developing Protection Profiles, evaluation methodologies, and policies that will ensure achievable, repeatable, and testable requirements.  In partnership with NIST, NIAP also approves Common Criteria Testing Laboratories to conduct these security evaluations in private sector operations across the U.S. 

NIAP takes a collaborative approach to technology-specific protection profile development by supporting the creation of international technical communities of representatives from industry, government, end users, and academia.  This results in consistent evaluation methodologies across U.S. testing labs and among labs associated with international Common Criteria Recognition Arrangement schemes. 

NIAP also works with NATO and international standards bodies (ISO) to share Common Criteria evaluation experiences and avoid duplication of effort.  In the U.S., NIAP engages with other National Security Systems (NSS) users to ensure Protection Profiles, along with their associated DoD Annexes, provide a streamlined certification path for IA and IA enabled COTS products employed with NSS. 

  • Mobile Device Fundamentals Protection Profile v3.2 and Bluetooth PP-Module v1.0 Published!

    The National Information Assurance Partnership/Common Criteria Evaluation and Validation Scheme (NIAP/CCEVS) is pleased to announce the posting of the Mobile Device Fundamentals Protection Profile, Version 3.2 (MDF PP) and the PP-Module for Bluetooth (BT PP-Module), Version 1.0.  The MDF PP was modified to utilize both the TLS Functional Package and the new BT PP-Module. In addition, all applicable NIAP Technical Decisions were incorporated.

  • See the NIAP 2020 Annual Report to learn about NIAP accomplishments and activities in 2020.  Read the report here.

  • Implementation Guidance for Policy Letter #28 Published

    NIAP has published implementation guidance for Policy Letter #28, Use of evaluated Dedicated Security Components (DSCs) in Common Criteria Evaluation and Validation Scheme (CCEVS) evaluations.  This document provides guidance on the production and use of documentation from the DSC and dependent technology evaluation efforts, and the activities that need to be performed in order for the evaluation of the “Composed TOE” to be accepted...

    Read More

  • Want more news?

    Check out all the announcements online or...


  Focus Areas

U.S. Government
International Partners

Site Map              Contact Us