Eligibility of Product Evaluations under the CCS
This CCS Instruction establishes the criteria that must be met in order for a CC evaluation to be eligible for certification under the CCS.
The Communications Security Establishment Canada (CSEC) is responsible for ensuring that the CCS provides maximum IT security value to Government of Canada departments and agencies. Accordingly, CSEC has tailored the CCS eligibility requirements to focus on those IT products that have the greatest potential impact on the security posture of the Government of Canada.
Unless otherwise stated by CSEC, the CCS will only accept those IT products into the CC certification process that claim conformance to a Canadian-approved Protection Profile, with an EAL no higher than that specified in the Protection Profile.
When a CC evaluation facility submits an IT product for registration under the CCS certification program, the CCS certification body will verify that the draft Security Target includes the required conformance claim as a pre-requisite for registration.
Canadian-approved Protection Profiles
At the present time, the list of Canadian-approved Protection Profiles is identical to the U.S. approved Protection Profiles, located at http://www.niap-ccevs.org/pp. In the near future, CSEC will be maintaining the Canadian-approved Protection Profile list on the CCS website.
This Instruction takes effect on 16 March 2011.