Sorry, you need to enable JavaScript to visit this website.
Skip to main content
Frequently asked question icon

Are there particular cryptographic algorithms or protocols that should be implemented in the ICT security product for Australian Government use?

Feb 1, 2019 - Yes. All ICT security products implementing cryptography destined for use by Australian Government agencies must use ACSC-approved cryptographic algorithms and ACSC-approved cryptographic protocols. Further information is in the ISM.

Do vendors need a non-disclosure agreement (NDA) in place with the Cryptographic evaluation starts?

Jul 1, 2018 - No. If requested, we can negotiate an NDA with the vendor. This can be a lengthy process that will postpone the start of the Cryptographic evaluation. To reduce delays, we have a standard NDA template, which is available upon request.

Are there policies explaining the AISEP framework for CC evaluations?

Jul 1, 2018 - We administer the regulations for conducting Common Criteria (CC) evaluations. You can find more detail in theĀ AISEP Policy Manual