NIAP: NIAP Home Page

NIAP Oversees Evaluations of Commercial IT Products for Use in National Security Systems
Questions?  We're here to help

  About NIAP

The National Information Assurance Partnership (NIAP) is responsible for U.S. implementation of the Common Criteria, including management of the NIAP Common Criteria Evaluation and Validation Scheme (CCEVS) validation body.  NIAP manages a national program for developing Protection Profiles, evaluation methodologies, and policies that will ensure achievable, repeatable, and testable requirements.  In partnership with NIST, NIAP also approves Common Criteria Testing Laboratories to conduct these security evaluations in private sector operations across the U.S. 

NIAP takes a collaborative approach to technology-specific protection profile development by supporting the creation of international technical communities of representatives from industry, government, end users, and academia.  This results in consistent evaluation methodologies across U.S. testing labs and among labs associated with international Common Criteria Recognition Arrangement schemes. 

NIAP also works with NATO and international standards bodies (ISO) to share Common Criteria evaluation experiences and avoid duplication of effort.  In the U.S., NIAP engages with other National Security Systems (NSS) users to ensure Protection Profiles, along with their associated DoD Annexes, provide a streamlined certification path for IA and IA enabled COTS products employed with NSS. 

  • NIAP Resumes Operations

    Effective 18 May 2020, the NIAP office will resume operations. Thank you for your patience and understanding as this occurs.

  • NIAP Endorses NDcPP v2.2e


    NIAP has endorsed the Network Device collaborative Protection Profile v2.2e (NDcPP v2.2e) and published the cPP and Supporting Document to the NIAP-Approved PP List.  This endorsement is a formal statement that products successfully evaluated against the NDcPP v2.2e that demonstrate exact conformance to the cPP, and in compliance with all NIAP policies, will be placed on the NIAP Product Compliant List. This version succeeds Version 2.1 which will sunset eff...

    Read More

  • See the 2019 NIAP Annual Report to learn about NIAP 2019 accomplishments and activities.  Read the report here.


  • PP-Configuration for Network Devices, Stateful Traffic Filter Firewalls, and Virtual Private Network (VPN) Gateways, Version 1.0

    The Network Device international Technical Community (iTC) has has added the PP-Module for VPN Gateways, V1.0 to the allowed-list for the PP-Module for Stateful Traffic Filter Firewalls, V1.3.  Therefore, NIAP has published the PP-Configuration for Network Devices, Stateful Traffic Filter Firewalls, and Virtual Private Network (VPN) Gateways, Version 1.0, dated 06 March 2020 to the NIAP-Approved PP List.  Products may now be evaluated against this PP-Configuration which includes the following components:Read More

  • Want more news?

    Check out all the announcements online or...


  Focus Areas

U.S. Government
International Partners

Site Map              Contact Us