Sorry, you need to enable JavaScript to visit this website.
Skip to main content

EAL

Evaluation Assurance Levels.

The Common Criteria have seven assurance levels: from EAL1, the lowest, to EAL7, the highest. At present, only assurance levels up to EAL2 have been incorporated within the international Common Criteria Recognition Arrangement (CCRA)

 

Digital Evaluation

Recommendation for ACSC evaluation

Jul 1, 2018 - You can submit a letter of recommendation for evaluation up to EAL2 where there isnt yet an ACSC-approved Protection Profile for the relevant technology. Submit your evaluation request using this letter of recommendation for evaluation template. The letter of recommendation for evaluation serves three main purposes: It provides a record and helps with tracking. It helps us communicate with you during the evaluation. It provides us with details on how you intend to use the product so we can ensure the scope of evaluation is appropriate.
Feature image - padlock green background

Protection Profiles

Jul 1, 2018 - A Protection Profile is a document that stipulates the security functionality that must be included in a Common Criteria evaluation. Agencies can have confidence that the scope of an evaluation against an ACSC-approved Protection Profile covers the necessary security functionality expected of the evaluated product and known security threats will have been addressed. The evaluation scope also includes the effectiveness and integrity of cryptographic functions.
3D line chart

Evaluation Assurance Levels (EAL)

Jul 1, 2018 - The Common Criteria have seven assurance levels: from EAL1, the lowest, to EAL7, the highest. At present, only assurance levels up to EAL2 have been incorporated within the international Common Criteria Recognition Arrangement (CCRA). The seven levels are described below. The CCRA is moving away from EAL-based evaluations in favour of Protection Profile evaluations.

What is an Evaluation Assurance Level (EAL)?

Jul 1, 2018 - An Evaluation Assurance Level (EAL) is a number assigned to a Common Criteria (CC) evaluation and certificate. It is being superseded by Protection Profiles.