Harvey Newstrom CISSP CISA CISM CGEIT CSSLP CRISC CIFI NSA-IAM ISSAP ISSMP ISSPCS IBMCP Common Criteria Assurance Levels

The Information Technology Security Evaluation Criteria (ITSEC) is a UK scheme in which security features of IT systems and products are tested independently of suppliers to identify logical vulnerabilities. It combined and harmonised the national criteria produced by the United Kingdom, Germany, France and the Netherlands after the publication of the TCSEC criteria in the United States.

The ITSEC defines the following security levels:

EAL1 Inadequate Assurance.

EAL2 Structurally Tested.

EAL3 Methodically Tested and Checked.

EAL4 Methodically Designed, Tested and Reviewed.

EAL5 Semiformally Designed and Tested.

EAL6 Semiformally Verified Design and Tested.

EAL7 Formally Verified Design and Tested.

Contact Us for a proposal!