NIAP: NIAP Home Page
What's coming in the new NIAP Webiste

NIAP Oversees Evaluations of Commercial IT Products for Use in National Security Systems
Questions?  We're here to help

  About NIAP

The National Information Assurance Partnership (NIAP) is responsible for U.S. implementation of the Common Criteria, including management of the NIAP Common Criteria Evaluation and Validation Scheme (CCEVS) validation body.  NIAP manages a national program for developing Protection Profiles, evaluation methodologies, and policies that will ensure achievable, repeatable, and testable requirements.  In partnership with NIST, NIAP also approves Common Criteria Testing Laboratories to conduct these security evaluations in private sector operations across the U.S. 

NIAP takes a collaborative approach to technology-specific protection profile development by supporting the creation of international technical communities of representatives from industry, government, end users, and academia.  This results in consistent evaluation methodologies across U.S. testing labs and among labs associated with international Common Criteria Recognition Arrangement schemes. 

NIAP also works with NATO and international standards bodies (ISO) to share Common Criteria evaluation experiences and avoid duplication of effort.  In the U.S., NIAP engages with other National Security Systems (NSS) users to ensure Protection Profiles, along with their associated DoD Annexes, provide a streamlined certification path for IA and IA enabled COTS products employed with NSS. 

  • Call for Participants in the Application Software Technical Community

    The National Information Assurance Partnership/Common Criteria Evaluation and Validation Scheme (NIAP/CCEVS) is pleased to invite interested parties to be part of a Technical Community (TC) for the update of the Protection Profile for Application Software v2.0. The purpose of this update is to convert to the latest ve...

    Read More

  • NIAP Endorses HCD cPP V1.0E

    NIAP has endorsed the Hardcopy Devices collaborative Protection Profile V1.0E (HCD cPP V1.0E) and published the cPP and Supporting Document to the NIAP-Approved PP List.  This endorsement is a formal statement that products successfully evaluated against the HCD cPP V1.0E that demonstrate exact conformance to the cPP, meeting the below identified conditions, and in compliance with all NIAP policies, will be placed on the NIAP Product Compliant List:

    Read More

  • NIAP Updates Entropy Guidance

    NIAP has issued guidance for using Entropy Source Validation certificates. Please see Entropy Documentation and Assessment Clarification (Release 2) and Labgram #118/Valgram #137 for more information.

  • NIAP 2023 Annual Report

    See the NIAP 2023 Annual Report to learn about NIAP accomplishments and activities in 2023. Read More

  • NIAP issues policy defining the requirements for Remote Testing

    NIAP has issued Policy 31 defining the requirements to verify the Common Criteria Test Laboratories (CCTL) have comparable control over any alternative test environment and the process for submitting remote testing requests. This policy is effective immediately for all new Remote Testing Requests submitted to NIAP.

    Read More

  • Call for Participants in the Enterprise Management Technical Community

    The National Information Assurance Partnership/Common Criteria Evaluation and Validation Scheme (NIAP/CCEVS) is pleased to invite interested parties to be a part of the Enterprise Management (EM) Technical Community (TC). Members of this TC are expected to provide technical input to develop a baseline set of security requirements for inclusion in the EM Protection Profile. A current draft of the Essential Security Requirements document can be found at this...

    Read More

  • Want more news?

    Check out all the announcements online or...


  Focus Areas

U.S. Government
International Partners

Site Map              Contact Us