<?xml version="1.0" encoding="UTF-8"?><rss version="2.0"
	xmlns:content="http://purl.org/rss/1.0/modules/content/"
	xmlns:wfw="http://wellformedweb.org/CommentAPI/"
	xmlns:dc="http://purl.org/dc/elements/1.1/"
	xmlns:atom="http://www.w3.org/2005/Atom"
	xmlns:sy="http://purl.org/rss/1.0/modules/syndication/"
	xmlns:slash="http://purl.org/rss/1.0/modules/slash/"
	>

<channel>
	<title>IT compliance Archives - Corsec Security, Inc.®</title>
	<atom:link href="https://www.corsec.com/tag/it-compliance/feed/" rel="self" type="application/rss+xml" />
	<link>https://www.corsec.com/tag/it-compliance/</link>
	<description>Corsec helps companies complete security certifications and validations like FIPS 140-3, Common Criteria, CSfC, &#38; the DoDIN APL / UC APL.</description>
	<lastBuildDate>Tue, 07 Jul 2026 18:16:03 +0000</lastBuildDate>
	<language>en-GB</language>
	<sy:updatePeriod>
	hourly	</sy:updatePeriod>
	<sy:updateFrequency>
	1	</sy:updateFrequency>
	

<image>
	<url>https://www.corsec.com/wp-content/uploads/cropped-Corsec-Logo-SiteMap-32x32.png</url>
	<title>IT compliance Archives - Corsec Security, Inc.®</title>
	<link>https://www.corsec.com/tag/it-compliance/</link>
	<width>32</width>
	<height>32</height>
</image> 
	<item>
		<title>Deconstructing Common Criteria: Lessons Learned</title>
		<link>https://www.corsec.com/cc-myths-lessons-learned/</link>
		
		<dc:creator><![CDATA[Mary Broerman]]></dc:creator>
		<pubDate>Tue, 07 Jul 2026 18:16:03 +0000</pubDate>
				<category><![CDATA[Common Criteria]]></category>
		<category><![CDATA[EUCC]]></category>
		<category><![CDATA[cybersecurity certification]]></category>
		<category><![CDATA[IT compliance]]></category>
		<category><![CDATA[product certification]]></category>
		<category><![CDATA[security assurance]]></category>
		<guid isPermaLink="false">https://www.corsec.com/?p=22592</guid>

					<description><![CDATA[<p>The post <a href="https://www.corsec.com/cc-myths-lessons-learned/">Deconstructing Common Criteria: Lessons Learned</a> appeared first on <a href="https://www.corsec.com">Corsec Security, Inc.®</a>.</p>
]]></description>
										<content:encoded><![CDATA[<div class="wpb-content-wrapper"><div class="vc_row wpb_row vc_row-fluid"><div class="wpb_column vc_column_container vc_col-sm-12"><div class="vc_column-inner"><div class="wpb_wrapper">
	<div class="wpb_text_column wpb_content_element" >
		<div class="wpb_wrapper">
			<p>Throughout this series, we explored some of the most common misconceptions surrounding <span style="color: #ff6600;"><a style="color: #ff6600;" href="https://www.corsec.com/common-criteria/" target="_blank" rel="noopener">Common Criteria</a></span> certification which included assumptions about cost, timelines, to misunderstandings about maintenance and global recognition. While each myth addressed a different aspect of the process, together they reveal a larger truth: organizations that approach certification strategically are often far more successful than those reacting to misconceptions or incomplete information.</p>
<p data-start="525" data-end="1064">For many organizations, Common Criteria can initially appear overwhelming. The certification process is often associated with long timelines, extensive documentation requirements, and complex technical expectations. In many cases, these perceptions are shaped by secondhand experiences, outdated assumptions, or a lack of visibility into how evaluations actually work. As a result, organizations may delay pursuing certification, underestimate the preparation involved, or assume the process only applies to a narrow segment of the market.</p>
<p data-start="525" data-end="1064">However, Common Criteria certification is not designed to be an obstacle. At its core, it is a structured framework for validating security functionality and assurance activities in a consistent, internationally recognized way. Organizations that take the time to understand the process, define realistic goals, and plan strategically are often able to navigate evaluations more efficiently than expected.</p>
<p>While each myth focused on a specific concern, the broader takeaway remained consistent: successful certification efforts are often shaped by preparation, collaboration, and long-term planning. As we conclude the series, it is worth revisiting the key lessons organizations should understand when approaching Common Criteria evaluations.</p>

		</div>
	</div>

	<div class="wpb_text_column wpb_content_element" >
		<div class="wpb_wrapper">
			<p data-start="1449" data-end="1741" data-is-last-node="" data-is-only-node=""><span style="color: #ff6600;"><strong>To help organizations navigate Common Criteria Myths, Corsec has developed a document which outlines these 5 myths and an addition 5 that Corsec has identified over the years. </strong></span><em><strong><a href="https://ww3.corsec.com/myths-common-criteria" target="_blank" rel="noopener">Learn More</a></strong></em></p>

		</div>
	</div>

	<div class="wpb_text_column wpb_content_element" >
		<div class="wpb_wrapper">
			<h3 data-start="2608" data-end="2759">Lessons from Myths 1 &#8211; 5</h3>
<p data-start="27" data-end="374">Across the series, we examined several common misconceptions., we examined several common misconceptions surrounding Common Criteria certification. From assumptions about who certification applies to, to misunderstandings about cost, maintenance, and global recognition, each myth highlighted an important reality that organizations should understand before beginning the evaluation process.</p>
<ul data-start="376" data-end="1447">
<li data-section-id="kr7d9" data-start="376" data-end="574"><strong data-start="378" data-end="389"><a href="https://www.corsec.com/cc-myths/" target="_blank" rel="noopener">Myth 1</a>:</strong> Common Criteria is not limited to government vendors. Certification can also support commercial market differentiation, customer trust, and procurement opportunities across industries.</li>
<li data-section-id="7yripg" data-start="576" data-end="814"><strong data-start="578" data-end="589"><a href="https://www.corsec.com/myths2/" target="_blank" rel="noopener">Myth 2</a>:</strong> While evaluations require time and resources, successful certification can present immediate ROI.</li>
<li data-section-id="1vbjdma" data-start="816" data-end="1022"><strong data-start="818" data-end="829"><a href="https://www.corsec.com/deconstructing-common-criteria-myth-3/" target="_blank" rel="noopener">Myth 3</a>:</strong> This is more than one way to navigate Common Criteria.</li>
<li data-section-id="1jbly7v" data-start="1024" data-end="1218"><strong data-start="1026" data-end="1037"><a href="https://www.corsec.com/common-criteria-myth-4/" target="_blank" rel="noopener">Myth 4</a>:</strong> An active Common Criteria Certification is a requirement in government and highly regulated industries.</li>
<li data-section-id="11rl8b7" data-start="1220" data-end="1447"><strong data-start="1222" data-end="1233"><a href="https://www.corsec.com/common-criteria-myth-5/" target="_blank" rel="noopener">Myth 5</a>:</strong> Common Criteria and the EUCC are tied to one another, not independent certifications.</li>
</ul>
<p data-start="10578" data-end="10907">Common Criteria certification is frequently misunderstood because organizations often encounter it only when a procurement requirement, customer request, or market opportunity suddenly makes certification necessary. Without context or prior experience, the process can appear more intimidating or restrictive than it actually is.</p>
<p>Many of the perceived barriers surrounding Common Criteria are rooted more in misconceptions than reality. Certification is not limited to government vendors, it is not exclusively relevant to Europe, and it is not simply a one-time technical checkbox. Instead, Common Criteria provides a consistent and globally recognized approach for demonstrating security assurance.</p>
<p>Organizations that approach evaluations strategically — with realistic expectations, strong internal collaboration, and long-term planning — are often far better positioned for successful outcomes. Many organizations also benefit from working with experienced evaluation partners who understand the complexities of the Common Criteria process. Structured guidance and evaluation support can help teams streamline preparation efforts, improve readiness, and avoid common pitfalls throughout the certification journey.</p>

		</div>
	</div>
</div></div></div></div><div class="vc_row wpb_row vc_row-fluid"><div class="wpb_column vc_column_container vc_col-sm-12"><div class="vc_column-inner"><div class="wpb_wrapper"><div class="vc_separator wpb_content_element vc_separator_align_center vc_sep_width_100 vc_sep_pos_align_center vc_separator_no_text vc_sep_color_grey wpb_content_element  wpb_content_element" ><span class="vc_sep_holder vc_sep_holder_l"><span class="vc_sep_line"></span></span><span class="vc_sep_holder vc_sep_holder_r"><span class="vc_sep_line"></span></span>
</div></div></div></div></div><div class="vc_row wpb_row vc_row-fluid"><div class="wpb_column vc_column_container vc_col-sm-12"><div class="vc_column-inner"><div class="wpb_wrapper">
	<div class="wpb_text_column wpb_content_element" >
		<div class="wpb_wrapper">
			<div class="wpb_text_column wpb_content_element ">
<h5 class="wpb_wrapper"><strong>About Corsec Security, Inc.</strong></h5>
</div>
<div class="wpb_text_column wpb_content_element ">
<div class="wpb_wrapper">
<p>For 28+ years Corsec<strong> </strong>has guided companies through the IT security certification process for <span style="color: #008000;"><strong><a style="color: #008000;" href="https://www.corsec.com/fips-140-2/" target="_blank" rel="noopener">FIPS 140-2</a> / <a style="color: #008000;" href="https://www.corsec.com/fips-140-3/" target="_blank" rel="noopener">FIPS 140-3</a></strong>,</span> <span style="color: #ff6600;"><a style="color: #ff6600;" href="https://www.corsec.com/common-criteria/" target="_blank" rel="noopener"><strong>Common Criteria</strong></a></span> (CC), <strong><span style="color: #872b2b;"><a style="color: #872b2b;" href="https://www.corsec.com/csfc/" target="_blank" rel="noopener">CSfC</a></span></strong>, and the <span style="color: #0000ff;"><strong>DoD (<a style="color: #0000ff;" href="https://www.corsec.com/stig/" target="_blank" rel="noopener">STIGs</a>, <a style="color: #0000ff;" href="https://www.corsec.com/dodin-apl/" target="_blank" rel="noopener">DoDIN APL, UC APL</a>)</strong></span>. From mobile devices to satellites, Corsec helps companies reduce validation risk, shorten timelines, and expand into regulated markets.</p>
</div>
</div>

		</div>
	</div>

	<div class="wpb_text_column wpb_content_element" >
		<div class="wpb_wrapper">
			<div class="wpb_text_column wpb_content_element ">
<div class="wpb_text_column wpb_content_element "></div>
<div class="wpb_text_column wpb_content_element ">
<div class="wpb_wrapper">
<p style="text-align: center;">###</p>
</div>
</div>
</div>

		</div>
	</div>
</div></div></div></div><div class="vc_row wpb_row vc_row-fluid"><div class="wpb_column vc_column_container vc_col-sm-6"><div class="vc_column-inner"><div class="wpb_wrapper">
	<div class="wpb_text_column wpb_content_element" >
		<div class="wpb_wrapper">
			<h5 class="wpb_wrapper" style="text-align: left;"><strong style="color: #000000;"><a style="color: #000000;" href="https://www.corsec.com/company/contact-us/">Connect With Us:</a></strong></h5>
<p>Stay up to date with Corsec as we bring you all the most recent updates to the standards, certifications, and requirements – <a href="https://ww3.corsec.com/subscribe" target="_blank" rel="noopener"><span style="color: #0000ff;">Subscribe</span></a></p>

		</div>
	</div>

	<div class="wpb_text_column wpb_content_element" >
		<div class="wpb_wrapper">
			<h5 class="wpb_wrapper" style="text-align: left;"><a href="https://ww3.corsec.com/linkedin"><img decoding="async" class="alignnone" src="https://www.corsec.com/wp-content/uploads/LinkedIn.png" sizes="(max-width: 40px) 100vw, 40px" srcset="https://www.corsec.com/wp-content/uploads/LinkedIn.png 128w, https://www.corsec.com/wp-content/uploads/LinkedIn-150x150.png 150w" alt="LinkedIn" width="35" height="35" /></a>     <a href="https://ww3.corsec.com/twitter"><img decoding="async" class="alignnone" title="https://ww3.corsec.com/twitter" src="https://www.corsec.com/wp-content/uploads/Twitter.png" sizes="(max-width: 40px) 100vw, 40px" srcset="https://www.corsec.com/wp-content/uploads/Twitter.png 128w, https://www.corsec.com/wp-content/uploads/Twitter-150x150.png 150w" alt="Twitter" width="35" height="35" /></a>    <a href="https://ww3.corsec.com/facebook"><img decoding="async" class="alignnone" src="https://www.corsec.com/wp-content/uploads/Facebook.png" sizes="(max-width: 40px) 100vw, 40px" srcset="https://www.corsec.com/wp-content/uploads/Facebook.png 128w, https://www.corsec.com/wp-content/uploads/Facebook-150x150.png 150w" alt="Facebook" width="35" height="35" /></a></h5>

		</div>
	</div>
</div></div></div><div class="wpb_column vc_column_container vc_col-sm-6"><div class="vc_column-inner"><div class="wpb_wrapper">
	<div class="wpb_text_column wpb_content_element" >
		<div class="wpb_wrapper">
			<div class="wpb_text_column wpb_content_element ">
<div class="wpb_text_column wpb_content_element ">
<h5 class="wpb_wrapper" style="text-align: left;"><strong style="color: #000000;"><a style="color: #000000;" href="https://www.corsec.com/company/contact-us/">Press Contact:</a></strong></h5>
<p><span style="color: #3366ff;"><a style="color: #3366ff;" href="https://www.linkedin.com/in/jake-r-nelson/" target="_blank" rel="noopener">Jake Nelson</a></span><br />
Corsec Head of Marketing &amp; BD<br />
jnelson@corsec.com</p>
</div>
</div>

		</div>
	</div>
</div></div></div></div>
</div><p>The post <a href="https://www.corsec.com/cc-myths-lessons-learned/">Deconstructing Common Criteria: Lessons Learned</a> appeared first on <a href="https://www.corsec.com">Corsec Security, Inc.®</a>.</p>
]]></content:encoded>
					
		
		
			</item>
	</channel>
</rss>
