Mirage News
Mirage News
Technology
 Date Time

Atsec Named First Accredited EUCC Conformity Assessor

atsec

STOCKHOLM, Sweden--BUSINESS WIRE--

atsec is thrilled to announce it is the first accredited conformity assessment body (CAB) for the new EU Common Criteria (EUCC) certification scheme. With this accreditation, atsec can provide evaluations for the Substantial assurance level immediately, the High assurance level once authorization is received shortly, as well as post-certification compliance support.

This harmonized approach to security certification is a major milestone, as the EUCC represents an evolution in cybersecurity regulations in the EU and a crucial requirement for ICT product manufacturers.

atsec is a Conformity Assessment Body that provides both Information Technology Security Evaluation Facility (ITSEF) and Certification Body (CB) services, resulting in a seamless end-to-end EUCC certification process for manufacturers.

atsec provides:

  • Security evaluations and certification services at the assurance level Substantial and High.
  • Post-certification compliance support to help manufacturers maintain their certification status.

By offering both evaluation and certification, we eliminate unnecessary complexity and streamline the certification journey for manufacturers.

As you consider EUCC certification, here's an overview of the four-step process to receive one:

1. Determine the Required Assurance Level

  • Substantial - cover vulnerability analysis at AVA_VAN level 1 or 2.
  • High - cover vulnerability analysis AVA_VAN level 3, 4 or 5.

2. Prepare Security Documentation

Each assurance level has requirements for security documentation, including providing guidance documentation, development & lifecycle evidence, test documentation. The manufacturers will need to provide the Security Target (ST) which can claim compliance to a Protection Profile (PP).

3. Conduct Independent Evaluation

The EUCC-approved ITSEF performs evaluation of your product against security assurance requirements defined in the ST. This includes:

  • Vulnerability Analysis & Penetration Testing
  • Functional Testing
  • Evaluating design and guidance documentation

4. Certification

Once the evaluation is completed, the EUCC-approved CB issues an EUCC certificate, allowing your product to be recognized across the EU market.

EUCC certification is an ongoing commitment. Certified manufacturers must:

  • Provide security guidance for end users
  • Commit to providing security updates
  • Establish a vulnerability disclosure process
  • Monitor and address publicly disclosed vulnerabilities

Failure to meet these requirements could impact the validity of the EUCC certificate.

/Public Release. This material from the originating organization/author(s) might be of the point-in-time nature, and edited for clarity, style and length. Mirage.News does not take institutional positions or sides, and all views, positions, and conclusions expressed herein are solely those of the author(s).
Tags: , , , , , , , , , , , ,

You might also like

Shedding Light on Blue Light: Impact on Sleep & Health
Chill Out: The Unexpected Perks of Cold Showers
Ethics and Implications of Facial Recognition Technology
Unraveling Health Risks of Tattooing and Piercing
Inedible Risk: Hidden Dangers of Sweeteners & Additives
How Food Presentation Helps Mindful Eating