AISEP – Australasian Information Security Evaluation Program
- ASD evaluations
- About the EPL
- About the AISEP
- Protection Profiles
- Recommendation for ASD evaluation
- Certification guidance
- International partners
- Service providers
- Supporting documentation
The Australasian Information Security Evaluation Program (AISEP) tests ICT security products for possible inclusion on the Evaluated Products List (EPL).
- The Australian Signals Directorate’s certification office, the Australasian Certification Authority (ACA), oversees AISEP product testing by licensed commercial evaluation facilities.
- Australasian Information Security Evaluation Facilities (AISEF) are licenced to perform AISEP evaluations and have been accredited by the National Association of Testing Authorities, Australia (NATA).
- ICT security professionals should use the EPL, the Common Criteria Portal and Information Security Manual principles when developing systems for Australian and New Zealand government agencies. Consult the New Zealand Information Security Manual for specific New Zealand Government requirements.
- Developers and distributors are encouraged to submit ICT security products for evaluation to Australian and New Zealand government agencies.
Collaborative Protection Profiles, August 2014
The Australasian Certification Authority (ACA) has published position statements on the development of collaborative Protection Profiles (cPP) for stateful traffic filter firewalls, full-disk encryptors and network device fundamentals on the Common Criteria Portal Technical Communities page.
Evaluation Pathway for Mobile Devices, April 2014
ASD has defined the evaluation pathway for mobile devices for use within the Australian Government, detailing the steps towards certification to meet the Information Security Manual requirements for ICT equipment containing PROTECTED information to be handled at an UNCLASSIFIED level.
Joint Statement of Support, March 2014
The ACA has issued a Joint Statement of Support for the development of collaborative Protection Profiles with several other nations.
USB Position Statement, March 2014
A position statement has been released on the development of a collaborative Protection Profile (cPP) for USB Portable Storage Devices.
Network Device Technical Community - IPS Extended Package
The United States Government's National Information Assurance Partnership (NIAP) is reconvening its Network Device Technical Community (ND TC) in order to leverage the knowledge and experience of the group to review a draft document entitled Network Device Protection Profile (NDPP) Extended Package (EP) for Intrusion Prevention Systems (IPS). This document has been co-authored by the Australian Signals Directorate and NIAP. Interested parties are encouraged to visit the NIAP website and join the discussion.
Mobile device evaluations, May 2013
In April 2011 ASD announced its endorsement of Protection Profiles as the direction for evaluations in the AISEP. Since then ASD has endorsed several Protection Profiles for a variety of technologies.
We are currently working closely with members of the international Common Criteria community to finalise Protection Profiles for mobile devices. Until these Protection Profiles are available and endorsed, any vendors or government agencies considering entering or sponsoring mobile devices for AISEP evaluation should email ASD for advice on how to proceed.
Common Criteria Users Forum
The Common Criteria Users Forum mission is to provide a voice and communication channel amongst the Common Criteria community, including the vendors, consultants, testing laboratories, Common Criteria organisational committees, national schemes, policy makers and other interested parties.