ISO/IEC 15408-3:2005

ISO/IEC 154082:2005, Evaluation Criteria for IT Security – Part 2: Security Functional Requirements, 2005.
[view]

ISO/IEC 154081:2005, Evaluation Criteria for IT Security – Part 1: Introduction and General Model, 2005.
[view]

<p>International Standard ISO/IEC 5408, Common Criteria for Information Technology Security Evaluation<br></p><p>Common Criteria provides assurance that the process of specification, implementation and evaluation of a computer security product has been conducted in a rigorous and standard and repeatable manner at a level that is commensurate with the target environment for use<br></p>
[view]

ISO/IEC 27001, Information Security Management Systems – Requirements, 2005.
[view]

<p>The Evaluation Assurance Level (EAL1 through EAL7) of an IT product or system is a numerical grade assigned following the completion of a Common Criteria security evaluation. The increasing assurance levels reflect added assurance requirements that must be met to achieve Common Criteria certification.</p><p>EAL 1:&nbsp;Functionally tested<br>EAL 2:&nbsp;Structurally tested<br>EAL 3:&nbsp;Methodically tested and checked<br>EAL 4:&nbsp;Methodically designed, tested and reviewed<br>EAL 5:&nbsp;Semi-formally designed and tested<br>EAL 6:&nbsp;Semi-formally verified design and tested<br>EAL 7: Formally verified design and tested</p>
[view]