A Comparison of the SSE-CMM and NVLAP IT Security Testing
R J. Medlock
This paper describes the general accreditation requirements of the NIST National Voluntary Laboratory Accreditation Program (NVLAP) and the specific accreditation requirements for the Cryptographic Module Testing (CMT) and Common Criteria Testing (CCT) programs, which are part of the NVLAP newly established Information Technology Security Testing Program. The paper discusses the similarities and Maturity Model (SSE-CMM) Model and Appraisal Method. For an organization that has been SSE-CMM appraised, it identifies areas that would be almost the same, areas that could be tailored to meet the NVLAP requirements, and areas that would be new if the organization intended to meet the NVLAP requirements.
International Systems Security Engineering Conference
common criteria testing, cryptographic module testing, IT security testing, NVLAP, SSE-CMM