NIAP: NIAP Home Page

NIAP Oversees Evaluations of Commercial IT Products for Use in National Security Systems
Questions?  We're here to help

  About NIAP

The National Information Assurance Partnership (NIAP) is responsible for U.S. implementation of the Common Criteria, including management of the NIAP Common Criteria Evaluation and Validation Scheme (CCEVS) validation body.  NIAP manages a national program for developing Protection Profiles, evaluation methodologies, and policies that will ensure achievable, repeatable, and testable requirements.  In partnership with NIST, NIAP also approves Common Criteria Testing Laboratories to conduct these security evaluations in private sector operations across the U.S. 

NIAP takes a collaborative approach to technology-specific protection profile development by supporting the creation of international technical communities of representatives from industry, government, end users, and academia.  This results in consistent evaluation methodologies across U.S. testing labs and among labs associated with international Common Criteria Recognition Arrangement schemes. 

NIAP also works with NATO and international standards bodies (ISO) to share Common Criteria evaluation experiences and avoid duplication of effort.  In the U.S., NIAP engages with other National Security Systems (NSS) users to ensure Protection Profiles, along with their associated DoD Annexes, provide a streamlined certification path for IA and IA enabled COTS products employed with NSS. 

  • Call for Participants for SSL/TLS Inspection Technical Community

    The National Information Assurance Partnership/Common Criteria Evaluation and Validation Scheme (NIAP/CCEVS) is pleased to invite interested parties to be part of a technical community for the development of a protection profile for TLS Inspection products. Members of this TC are expected to provide technical input to the development of Protection Profile for products that provide a TLS inspection capa...

    Read More

  • NIAP has released the progress report for 2016 that documents significant accomplishments and looks further ahead into 2017.

    Read the report here.

  • The National Information Assurance Partnership/Common Criteria Evaluation and Validation Scheme (NIAP/CCEVS) is pleased to announce the posting of the Protection Profile for Mobile Device Management, Version 3.0 (MDM PP v3.0) and MDM Agents Extended Package, Version 3.0 (MDM Agent EP v3.0). This PP/EP includes updates based on questions sent to the Technical Rapid Response Team, clarification to many requirements and assurance activities, and adding SFRs to support Bring Your Own Device (BYOD) Use Case. This PP/EP ca...

    Read More

  • Updated DoD Annexes for MDM PP and MDM Agent PP v2.0

    An updated version of the DoD Annex for the Mobile Device Management Protection Profile (MDM PP) v2.0 and MDM Agent PP v2.0 has been published to the NIAP Protection Profile website.  These DoD Annexes are used to mandate specific PP selections, assignments, and security functional requirements to be fully compliant with DoD cybersecurity policies, and applies to all DoD-administered systems and all systems connected to DoD networks.     


  • Want more news?

    Check out all the announcements online or...


  Focus Areas

U.S. Government
International Partners

Site Map              Contact Us