Description

This article is from the Computer Security Evaluation FAQ, by Trusted Product Evaluation Program TPEP@dockmaster.ncsc.mil.

38 Who actually performs the evaluations? (Computer Security Evaluation)

Trusted product evaluators come from the Trusted Product
Evaluation Program (TPEP) organization within the National
Security Agency (NSA) as well as from a small group of federal
contract research organizations. Some evaluations have also
benefitted from the participation of evaluators from the
security evaluation organizations of other cooperating
governments. In cooperation with the National Institute of
Standards and Technology (NIST), a program is being developed to
evaluate products in the lower Trusted Computer System
Evaluation Criteria (TCSEC) classes (i.e., C2/B1) using
approved commercial evaluation facilities. However, many
details remain to be finalized for that program.

Continue to:

• prev: 37 How do I find out about the evaluation process? (Computer Security Evaluation)
• Index
• next: 39 What information is released about an evaluated product? (Computer Security Evaluation)