Javascript doesn't seem to be switched on - Some parts of this FMV web site don't function optimal without javascript, check your browser's settings.

This website use cookies. Cookies are used to ensure that the website function in the best way possible. If you continue without changing the settings in your computer you allow cookies to be used. Learn more about cookies and how they are used on this website.


This is where you are now:

Start / Our activities / CSEC - The Swedish Certificati… / Evaluation and certification / The process of product certifi…

The process of product certification


1. Evaluation contract between the sponsor and developer

  • Evaluation and certification of a product of the assurance level EAL 2 or higher requires the involvement of the developer
  • These evaluations requires that the evaluation company (ITSEF) is given access to technical product documentation that the developer owns

2. Ordering the evaluation

  • The sponsor contacts the evaluation company who will carry out the evaluation
  • Together with the evaluation company, the sponsor provides evidence for the Certification Application

3. Ordering the certification

  • Once the Certification Application with relevant data is completed, the sponsor sends these to CSE
  • CSEC reviews the application and delivers a tender to the sponsor
  • Based on the terms of the tender, the sponsor then orders a certification

4. Product with describtion

  • The developer (or sponsor) delivers the product to the evaluation company
  • For EAL 2 or higher, the developer will deliver evaluation documentation to the evaluation company

5. Evaluation reports

  • The evaluation company carries out the evaluation according to the evaluation methodology and documentation in the certification scheme
  • The results of the activities are documented and reported to CSEC

6. Reviewed reports

  • CSEC monitors the evaluation and conducts independent reviewes of the results of the evaluation
  • The results of the review and monitoring are reported to the evaluation company for eventual measures

7. Certification Report

  • Based on the Final Evaluation Report from the evaluation company, CSEC compiles a Certification Report
  • If the product meets the specified requirements, CSEC issues a certificate

Hint about this page

Fill in the form to send a link to this page.

Fields marked with * are compulsory.

* The field is compulsory

Published: 2017-09-13 10:31. Changed: 2017-09-13 10:35. Responsible: Show e-mail address.

Common Criteria

CC is an international standard used for independent evaluation of IT security.