The Common Criteria (CC) ISO/IEC 15408: 2022 was published by ISO in August 2022 and is now available for conducting evaluations and certifications of IT products. ISO/IEC 15408:2022 replaces the previous ISO version of this standard.

This ISO version of the Common Criteria now consists of five parts:

• Part 1: Introduction and general model
• Part 2: Security functional components
• Part 3: Security assurance components
• Part 4: Framework for the specification of evaluation methods and activities
• Part 5: Pre-defined packages of security requirements

ISO/IEC 15408:2022 can be obtained according to the above link via the ISO portal or, if applicable, via national sources of supply for standards.

The common evaluation methodology ISO/IEC 18045:2022 was also published by ISO in August 2022 and is now available for conducting evaluations of IT products. ISO/IEC 18045:2022 replaces the previous ISO version of this standard. ISO/IEC 18045 specifies a harmonized methodology for evaluations based on the ISO/IEC 15408 standard.

ISO/IEC 18045:2022 can be obtained via the ISO portal or, where applicable, via national sources of supply for standards.

Information on the Common Criteria is available from the:

Bundesamt für Sicherheit in der Informationstechnik
Referat S 22 und S 24
Postfach 20 03 63
53133 Bonn
Telefon: +49 228 99 9582-111
Telefax: +49 228 99 9582-5455
E-Mail: zertifizierung@bsi.bund.de