The certified products are evaluated and granted certificates by NIAP or under CCRA partnering schemes, comply with the requirements of the NIAP program and where applicable, the requirements of the Federal Information Processing Standard (FIPS) Cryptographic validation program(s).
Any product accepted into evaluation under the U.S. CC Scheme must claim compliance to an NIAP-approved PP. Protection Profiles have been approved for use by vendors for evaluation of products under the NIAP Common Criteria Evaluation and Validation Scheme and the Common Criteria Recognition Arrangement.
CCTLs are accredited by the NIST National Voluntary Laboratory Accreditation Program (NVLAP) and meet CCEVS-specific requirements to conduct IT security evaluations for conformance to the Common Criteria for Information Technology Security Evaluation, International Standard ISO/IEC 15408.
The National Information Assurance Partnership (NIAP) serves as the U.S. representative to the Common Criteria Recognition Arrangement (CCRA), composed of 31 other member nations.