Sorry, you need to enable JavaScript to visit this website.
Skip to main content

CCRA

Common Criteria Recognition Arrangement

 

 

Evaluation

ICT product security evaluations

Jul 10, 2018 - We undertake formal independent assessment of ICT security products (both hardware and software) to make sure they meet our standards.
Frequently asked question icon

Why doesnt the EPL publish all mutually-recognised CC evaluations?

Jul 1, 2018 - Common Criteria Recognition Arrangement (CCRA) participating nations do not duplicate the publication of mutually-recognised certified products on each of their certified products lists (for the AISEP, this is the EPL). In accordance with the CCRA, certificates published on the CC Portal that are EAL 1 through 2 are instantly mutually recognised by Australia and New Zealand and, therefore, the Evaluated Products List (EPL) is not required to repeat published evaluations and certifications.
Frequently asked question icon

Which nations participate in the CCRA?

Jul 1, 2018 - Have a look at CCRA participants on the CC Portal.

What is the difference between an AISEP evaluation and an AISEP certification?

Jul 1, 2018 - AISEP evaluations are conducted by an AISEF. AISEP certification is performed by us. An AISEP evaluation applies the CC Evaluation Methodology (CEM) against CC assurance requirements.

What is the Common Criteria Recognition Arrangement (CCRA) and mutual recognition?

Jul 1, 2018 - The CCRA is an international agreement between CC certificate-producing and certificate-consuming nations to recognise CC certifications for Evaluation Assurance Levels (EAL) 1 through 2. Through AISEP, Australia and New Zealand are joint certificate-producing members of the CCRA. Certificate-consuming nations do not administer a CC scheme but recognise CC certificates issued by certificate-producing nations.

How do I know if a product is being evaluated for the EPL?

Jul 1, 2018 - All products that have started evaluation under AISEP will be listed on the EPL with the current status of the evaluation and an expected completion date. If a product you are seeking does not appear on the EPL, check if it published on the CC Portal's certified product list.

How can I get my ICT product AISEP-certified and listed on the EPL?

Jul 1, 2018 - If you are an Australian or New Zealand government agency that wishes to use a security product that is not on the EPL, you can recommend that product for evaluation in accordance with the recommendation process

Common Criteria Recognition Arrangement

Jul 2, 2014 - The Common Criteria Recognition Arrangement (CCRA) is an international agreement between CC certificate-producing and certificate-consuming nations to recognise CC certifications for Evaluation Assurance Levels (EAL) 1 through 2.