Your Roadmap to Risk Reduction!
The Continuum GRC ITAM SaaS platform has hundreds of plugin modules available, such as:
NIAP Common Criteria
Common Criteria is a framework in which computer system users can specify their security functional and assurance requirements (SFRs and SARs, respectively) in a Security Target (ST), and may be taken from Protection Profiles (PPs). Vendors can then implement or make claims about the security attributes of their products, and testing laboratories can evaluate the products to determine if they meet the claims. In other words, Common Criteria provides assurance that the process of specification, implementation and evaluation of a computer security product has been conducted in a rigorous and standard and repeatable manner at a level that is commensurate with the target environment for use. Common Criteria maintains a list of certified products, including operating systems, access control systems, databases, and key management systems.
Modules include:
- NIAP Common Criteria
Our Approach to NIAP Compliance Audits
The National Information Assurance Partnership (NIAP) helps IT providers achieve the security requirements needed for national security systems. NIAP offers detailed documents outlining specific requirements for various IT products including off-the-shelf technology, apps, and mobile devices. Continuum GRC’s audits utilize Common Criteria, a framework that allows users to specify their security function and associated security requirements. That helps vendors evaluate products to meet the specific security needs of the user.
We do a security evaluation of products using Common Criteria testing to ensure that they meet the government’s protection profile for users at all levels.
Focused Audit and Assessments
A NIAP audit is a security evaluation of various IT products, apps, and mobile devices that are used in highly-sensitive government environments, like national security. These audits use Common Criteria testing, a standardized set of guidelines and requirements.
Protection Profiles (PPs) are the different security requirements that are needed, determined by certain vulnerabilities; the Protection Profile of all IT products is checked by an accredited third party. Their access controls and cryptographic features are also checked against PP standards.
Once a product has achieved this security certification, it’s listed on both U.S. and International lists of compliant products.
FAQ
[sp_easyaccordion id="48659"]
What are you waiting for?
You are just a conversation away from putting the power of Continuum GRC to work for you.
Contact us using the form below or calling us at 1-888-896-6207 for immediate assistance.