NIAP

National Information Assurance Partnership (NIAP) is a program - officially known as the NIAP Common Criteria Evaluation and Validation Scheme for IT Security - established by the National Institute of Standards and Technology (NIST) and the National Security Agency (NSA) designed to evaluate IT product conformance to Common Criteria standard, and is responsible for U.S. implementation of the Common Criteria.

NIAP oversees evaluations of commercial IT products for use in national security systems.

The program is being implemented to help consumers select commercial off-the-shelf information technology (IT) products that meet their security requirements and to help manufacturers of those products gain acceptance in the global marketplace.

NIAP manages a national program for developing protection profiles, evaluation methodologies, and policies that will ensure achievable, repeatable, and testable requirements.

NIAP also approves Common Criteria testing laboratories to conduct these security evaluations in private sector operations across the U.S.

NIAP takes a collaborative approach to technology-specific protection profile development by supporting the creation of international technical communities of representatives from industry, government, end users, and academia.  This results in consistent evaluation methodologies across U.S. testing labs and among labs associated with international Common Criteria Recognition Arrangement schemes.

NIAP also works with NATO and international standards bodies (ISO) to share Common Criteria evaluation experiences and avoid duplication of effort.