Back

certification

1. [The] comprehensive evaluation of the technical and nontechnical security features of an IS [information system] and other safeguards, made as a part of and in support of the accreditation process, to establish the extent to which a particular design and implementation meets a set of specified security requirements. [INFOSEC-99]2.The issue by the UK Certification Body of a formal statement, based on a review of the conduct and results of an evaluation, of the extent to which; a. technical security measures meet the Security Requirement for a system, or b. security claims are upheld by a product. Note: A System Electronic Information Security policy is required as the basis for certification of a system. See also: Accreditation, Confidence, Information Technology Security Evaluation and Certification Scheme [CESG].3. The issue of a formal statement confirming the results of an evaluation, and that the evaluation criteria used were correctly applied [ITSEC].4. The technical evaluation of a system’s security features, made as part of and in support of the approval/accreditation process, that establishes the extent to which a particular computer system’s design and implementations meet a set of specified security requirements [TCSEC].