POLYAS Election Glossary

We provide explanations and background information on elections, voting rights and digital democracy

Common Criteria

The Common Criteria for Information Technology Security Evaluation (CC) is an organisation which sets international standards for computer security certification. Compliance with these global standards validates the functionality of IT systems' architecture and reliability.

The Common Criteria consists of 25 member countries, which are represented through ministries and standardisation institutes. Together, the members arrange testing processes and minimum standards for various IT products.

International recognition and collaboration prevents inferior products which do not fullfil certain standards from reaching the market.

Common Criteria Testing Process:

  1. Description of the protection profile and security standards for the product 
  2. Setting up a catalogue of function requirements 
  3. Listing the collective requirements for product checking 

Products which pass the evaluation performed by an accredited national body will receive official certification under Common Criteria. This rigorous process ensures higher security and reliability of IT products. In Germany, the Federal Ministry for Securtiy in Information Technology (BSI) is responsible for handing out certificates according to Common Criteria. In the UK, the relevant organisation is the UK IT Security Evaluation and Certification Scheme.


See also: BSI , IT Security

< Go back