Javascript doesn't seem to be switched on - Some parts of this FMV web site don't function optimal without javascript, check your browser's settings.

This website use cookies. Cookies are used to ensure that the website function in the best way possible. If you continue without changing the settings in your computer you allow cookies to be used. Learn more about cookies and how they are used on this website.


This is where you are now:

Start / Our activities / CSEC - The Swedish Certificati… / Evaluation and Certification

Evaluation and Certification

The cornerstone of the Scheme is the process of evaluation and certification, whereby security evaluations are carried out by licensed IT Security Evaluation Facilities (ITSEF) and certifications are carried out by the Certification Body.


Evaluation is the assessment of an IT product or a protection profile against the Common Criteria using the Common Methodology for Information Technology Evaluation (called the Common Methodology or CEM) to determine whether or not the security claims on the product or protection profile are justified.


Certification is the formal approval of an IT product or protection profile based on the result of the evaluation, and is performed by the Certification Body. The certification will result in a certification report (CR), and for successful certifications, a certificate will be issued for the IT product or protection profile.

Sponsor and Developer

The Sponsor is the organisation that pays for the evaluation, applies to the Certification Body for certification, contracts with the ITSEF, and arranges for Developer participation. The Developer is the organisation that produces the product to be certified. The Sponsor and the Developer may be the same. The obligations of the Sponsor in an evaluation are detailed in the following Scheme publication.

SP-002 Evaluation and Certification


An Evaluation Facility licensed by the Certification Body to operate under the Scheme is called an ITSEF. Further details of the obligations for ITSEFs are found in the following Scheme publication.

SP-004 Licensing of Evaluation Facilities

Essential information

The presentation to our "First Meeting" contains fundamental information which is important for the sponsor to know before a CSEC certification is commenced.

First meeting (pdf)

Hint about this page

Fill in the form to send a link to this page.

Fields marked with * are compulsory.

* The field is compulsory

Published: 2011-11-22 14:31. Changed: 2019-05-21 09:11. Responsible: Show e-mail address.


Dag Ströman

Head of CSEC
Phone:+46 8 782 40 00

Common Criteria

CC is an international standard used for independent evaluation of IT security.