Iso 15408 Certification
The common criteria for information technology security evaluation referred to as common criteria or cc is an international standard isoiec 15408 for computer security certification.
Iso 15408 certification. Isoiec 15408 12005 defines two forms for expressing it security functional and assurance requirements. General information about the evaluation methodology is given in isoiec 18045 and the scope of evaluation schemes is provided. The protection profile pp construct allows creation of generalized reusable sets of these security requirements. The pp can be used by prospective consumers for specification and identification of products with it security features.
In my opinion the isoiec 15408 or the common criteria is a comprehensive standard that can guide all security experts better understand their security needs and implement strategies that would ensure the safety and security of their information systems. It establishes the general concepts and principles of it security evaluation and specifies the general model of evaluation given by various parts of isoiec 15408 which in its entirety is meant to be used as the basis for evaluation of security properties of it products. Iso 15408 is a specific standard developed for information technology security techniques. The user can use this part as a start to understand and implement the overall criteria for information security.
It is currently in version 31 revision 5. Introduction and general model 15408 1.