The IT Law Wiki
Advertisement

Citation[]

Common Criteria Recognition Arrangement (CCRA) (1998) (full-text).

Overview[]

The CCRA was established in 1998 for each participant of the arrangement to recognize a Common Criteria certificate awarded by a certificate authorizing participant. Initially the CCRA comprised Canada, France, Germany, the United Kingdom and the United States. It currently includes 26 nations.

Each certificate authorizing participant of the CCRA ensures that evaluations are performed to high and consistent standards. This arrangement for recognizing standards of IT security certification between member countries is called Mutual Recognition (MR) and eliminates the need for duplicating an evaluation. This agreement is at present limited to the first four security levels of the Common Criteria: EAL1 to EAL4, without cryptographic functionality.

Advertisement