What is the IT Security Evaluation/Certification program?
A program in which the information protection systems developed private party businesses, etc., are tested for their stability and reliability in terms of the security functions as per the international standards of ISO 15408 and ISO 18045, so that the consumers can be assured of the effectiveness of the information protection system.
Background
- 1. To achieve global reliability of IT security products
- 2. To enhance the level of information protection over the national information network and make the IT security products more
Related laws and regulations (legal foundation)
- Framework Act on National Informatization, Article 38 (Publication, etc. of Standards for Information Protection System)
- Enforcement Decree of THE FRAMEWORK ACT ON NATIONAL INFORMATIZATION, Article 35 (Supplementation, etc. of Information
- The common criteria for information protection systems
- Korea IT Security Evaluation and Certification Guidelines
- Korea IT Security Evaluation and Certification Regulation
An overview of our Evaluation services

The evaluation and certification processes

The Evaluation Assurance Level
International
- The certification is given by evaluating the security of the information protection products in accordance with the applicable international standards (CC, EAL5+).
- Mutual recognition through the CCRA accord.
- Aimed to facilitate export and proliferation in the domestic market.
- Applicable products: e-Passport, COS(SmartCard OS) and other information protection products and the products to which the national protection profile applied.
For the domestic market
- The security is to be evaluated and certified in accordance with a domestic standard (EAL2 ~ EAL4) to suit the domestic conditions.
- The evaluation is more focused on the tests of functions and vulnerabilities rather than documentary reviews.
- To supply the national government, public agencies, and domestic businesses.
- Applicable products: Firewall, Intrusion Detection systems, Intrusion Protection system, Integrated security management, Web Application Firewall, DDoS response equipment, VPN, Network access control, and Anti-virus, etc.
Inquiry and Contact Information
Visit the website of the responsible department
Click the button below to jump to the main webpage of the responsible department, where you can find the contact information of the officers in charge.