Scheme Policy Letters

The following NIAP Common Criteria scheme guidance documents are currently available (or will be available in the near future) for sponsors of evaluations, developers of IT products, systems integrators, acquisition authorities and IT product consumers. Select appropriate publication and download instructions will be provided. Comments on any scheme publication can be forwarded to the NIAP Validation Body using the feedback mechanism on the home page.


Click on a column header to change the sort order.

17 Current Policy Letters
   #      ↓ Title Date
9 Crypto in Common Criteria Evaluations 2005-06-12
8 Rules for Component Evaluations under CCEVS 2005-04-24
7 Evaluation Conflict of Interest 2004-11-21
6 Location of CCTL Evaluation Testing Activities 2003-10-19
4 UPDATED: Inactive Evaluations 2008-03-25
3 TOE Security Targets Claiming Conformance to Protection Profiles 2002-03-03
2 Reuse of Previous Evaluation Results & Evidence 2002-03-03
19 UPDATED: Requirements for Evaluations with Components above Evaluation Assurance Level (EAL) 4 2008-04-21
18 Time Limits on CCEVS Evaluations 2008-02-03
17 Effects of Vulnerabilities in Evaluated Products 2008-01-22
16 Validator Oversight Review (VOR) Scheduling Priorities 2007-12-04
15 Mandatory Inclusion of Audit Generation Functionality in TOEs 2007-05-23
13 Acceptable TOEs for Evaluation 2006-02-06
12 UPDATED: Letter of Interest for CCEVS Evaluation 2007-09-26
11 Candidate CCTL Policy 2005-09-27
10 Acceptance of Security Targets (STs) Into NIAP CCEVS Evaluation 2005-06-22
1 Language in STs, ETRs, VPL, & VRs 2002-01-09
This list was generated on Friday, July 04th, 2008 at 6:41PM


Click on a column header to change the sort order.

5 Superseded or Outdated Policy Letters
   #      ↓ Title Date
5 Evaluation TOEs at Evaluated Assurance Levels (EALs) Above 4
  • This Policy Letter is superseded by Policy Letter #19
2002-09-12
4 Inactive Validation Projects 2002-06-06
19 Requirements for Evaluations with Components above Evaluated Assurance Level (EAL) 4 2008-03-26
14 Requirements for Committing NSA Resources to CCEVS Evaluations
  • This Policy Letter is superseded by Policy Letter #19
2006-04-20
12 Letter of Interest for CCEVS Evaluation 2006-02-06
This list was generated on Friday, July 04th, 2008 at 6:41PM