NIAP CCEVS Announcements

  • October 1, 2008 - For FY09, the NIAP CCEVS office will maintain the existing FY08 policy to continue accepting US Government PP or EAL 4 compliant products into evaluation.
  • September 8, 2008 - All of our Scheme Publications and Policy Letters were reviewed and revised where necessary. The publications had major revisions and therefore should be read in their entirety.
  • March 27, 2008 - The Validation Oversight Review (VOR) Evaluators and Validators Guide 2.0 outlining the Official VOR Process has been posted.
  • September 2007 - Beginning 1 October 2007, for FY08, the NIAP CCEVS office will begin accepting US Government PP compliant (basic, medium or high) and EAL 4 or above products in support of National Security customers. Product submissions meeting the above criteria will be queued and validation resources allocated as they become available. Detailed letters of interest identifying DoD or IC customers will continue to be required.

    CCEVS will continue to provide updates on the status of the program via the NIAP CCEVS website. Please direct questions to us at (410) 854-4458.

Fee-for-Service comments on Regulations.gov


  • Click this link for the Docket Detail page
  • Click the icons under Views for the corresponding view of each document

 

The National Information Assurance Partnership (NIAP) is a U.S. Government initiative originated to meet the security testing needs of both information technology (IT) consumers and producers and is operated by the National Security Agency (NSA).

Goal of the Partnership

The long-term goal of NIAP is to help increase the level of trust consumers have in their information systems and networks through the use of cost-effective security testing, evaluation, and validation programs. In meeting this goal, NIAP seeks to:

  • Promote the development and use of evaluated IT products and systems;
  • Champion the development and use of national and international standards for IT security;
  • Foster research and development in IT security requirements definition, test methods, tools, techniques, and assurance metrics;
  • Support a framework for international recognition and acceptance of IT security testing and evaluation results; and
  • Facilitate the development and growth of a commercial security testing industry within the U.S.