The CCRA Management Committee Chair has announced that two more countries, Qatar and Singapore, will officially sign the Common Criteria Recognition Agreement (CCRA). The addition of of the two nations brings the total number of participants to 27.
The Common Criteria Mutual Recognition Agreement (CCRA) is a pact, which was designed to allow all Common Criteria evaluations up to an evaluation assurance level (EAL) 2, to be recognized by all participating countries, regardless of where the evaluation was completed (There is no requirement in the CCRA for any country to recognize certificates awarded for EALs 5 through 7 by any other country, though they could certainly choose to do so).
Qatar and Singapore join the CCRA as Certificate Consuming participants.
“Their acceptance into the CCRA will greatly benefit the longevity and strength of the arrangement” said The CCRA Management Committee Chair. To see the official announcement, please visit the Common Criteria portal here.
About Common Criteria
Common Criteria is an internationally recognized set of guidelines (ISO 15408), which define a common framework for evaluating security features and capabilities of Information Technology security products. The standard consists of several predetermined evaluation assurance levels, each one more stringent than the last. Common Criteria allows vendors to have their products tested against a chosen level by an independent third-party testing laboratory. The U.S. government mandates Common Criteria certification of security products for federal purchases. The National Information Assurance Acquisition Policy, NSTISSP No. 11, requires agencies to purchase only those commercial security products that have met specified third-party assurance requirements and have been tested by an accredited national laboratory.