NSA manages the National Information Assurance Partnership (NIAP), a U.S. Government program originated to meet the security testing needs of both consumers and producers of information technology (IT).
Through the NIAP's Common Criteria Evaluation and Validation Scheme (CCEVS), approved Common Criteria Testing Laboratories (CCTLs) evaluate Commercial Off-The-Shelf Products. The CCEVS Validation Body:
- Provides technical guidance to CCTLs
- Validates the results of IT security evaluations for conformance to the International Common Criteria for IT Security Evaluation, and
- Serves as an interface to other nations for the recognition of such evaluations.
The CCEVS Validation Body also maintains lists of IT products and Protection Profiles: