Scheme Policy Letters

The following NIAP Common Criteria scheme guidance documents are currently available (or will be available in the near future) for sponsors of evaluations, developers of IT products, systems integrators, acquisition authorities and IT product consumers. Select appropriate publication and download instructions will be provided. Comments on any scheme publication can be forwarded to the NIAP Validation Body using the feedback mechanism on the home page.

Click on a column header to change the sort order.

17 Current Policy Letters

#	Title	Date
9	Crypto in Common Criteria Evaluations	2005-06-12
8	Rules for Component Evaluations under CCEVS	2005-04-24
7	Evaluation Conflict of Interest	2004-11-21
6	Location of CCTL Evaluation Testing Activities	2003-10-19
4	UPDATED: Inactive Evaluations	2008-03-25
3	TOE Security Targets Claiming Conformance to Protection Profiles	2002-03-03
2	Reuse of Previous Evaluation Results & Evidence	2002-03-03
19	UPDATED: Requirements for Evaluations with Components above Evaluation Assurance Level (EAL) 4	2008-04-21
18	Time Limits on CCEVS Evaluations	2008-02-03
17	Effects of Vulnerabilities in Evaluated Products	2008-01-22
16	Validator Oversight Review (VOR) Scheduling Priorities	2007-12-04
15	Mandatory Inclusion of Audit Generation Functionality in TOEs	2007-05-23
13	Acceptable TOEs for Evaluation Addendum #1 - Clarification	2006-02-06
12	UPDATED: Letter of Interest for CCEVS Evaluation	2007-09-26
11	Candidate CCTL Policy	2005-09-27
10	Acceptance of Security Targets (STs) Into NIAP CCEVS Evaluation Addendum #1 - Permitted Number of Review Iterations	2005-06-22
1	Language in STs, ETRs, VPL, & VRs	2002-01-09

This list was generated on Friday, July 04th, 2008 at 6:41PM

Click on a column header to change the sort order.

5 Superseded or Outdated Policy Letters

#	Title	Date
5	Evaluation TOEs at Evaluated Assurance Levels (EALs) Above 4 This Policy Letter is superseded by Policy Letter #19	2002-09-12
4	Inactive Validation Projects Addendum #1 - What Constitutes Activity in an Evaluation? (Superceded by updated Policy Letter #4)	2002-06-06
19	Requirements for Evaluations with Components above Evaluated Assurance Level (EAL) 4	2008-03-26
14	Requirements for Committing NSA Resources to CCEVS Evaluations Addendum #1 - NSA Vulnerability Analysis (VLA) Evaluation Process Overview for CCEVS Evaluations This Policy Letter is superseded by Policy Letter #19	2006-04-20
12	Letter of Interest for CCEVS Evaluation	2006-02-06

This list was generated on Friday, July 04th, 2008 at 6:41PM