Common Criteria

The Common Criteria Portal is now being operated by the US Scheme. All previous user functionality should be available as it was previously, with some initial modifications to improve functionality. If you experience any issues, please contact us and include the page(s) on which you experienced the issue(s) on, your web browser name and version, and your contact information. We will correct the problem as soon as possible and reply back.

The Working Groups section of the web site is still being refined and is not in service at this time.

Please bear with us during this important transition, and thank you for using the Common Criteria Portal.

The Common Criteria for Information Technology Security Evaluation (CC), and the companion Common Methodology for Information Technology Security Evaluation (CEM) are the technical basis for an international agreement, the Common Criteria Recognition Agreement (CCRA), which ensures that:

• Products can be evaluated by competent and independent licensed laboratories so as to determine the fulfilment of particular security properties, to a certain extent or assurance;
• Supporting documents, are used within the Common Criteria certification process to define how the criteria and evaluation methods are applied when certifying specific technologies;
• The certification of the security properties of an evaluated product can be issued by a number of Certificate Authorizing Schemes, with this certification being based on the result of their evaluation;
• These certificates are recognized by all the signatories of the CCRA.

The CC is the driving force for the widest available mutual recognition of secure IT products. This web portal is available to support the information on the status of the CCRA, the CC and the certification schemes, licensed laboratories, certified products and related information, news and events.