Inclusion in the CPSTIC
Qualified Products and Services
To start the qualification procedure of an ICT security product or service, the following steps are recommended:
Visit
the procedure for qualification and inclusion in the CPSTIC described in the CCN-STIC Guide 106 "Procedure for the inclusion of qualified ICT security products and services in the CPSTIC".
Identify
in CCN-STIC 140 "Reference taxonomy for the STIC product catalogue" the family into which the product or service fits.
Check
in the annex of the identified family(ies), the RFS required for the qualification.
Analyse
whether the product or service has a Functional security certification (Common Criteria or LINCE) covering the fundamental security requirements (FRS) of the families identified in the previous step.
Start
the qualification and inclusion procedure for ICT security products or services by sending the following forms and the documentation required in each of them:
Approved Products
A detailed description of the steps that a manufacturer must take for an ICT security product to be included in the catalogue as approved is given in the CCN-STIC-102 guide "Procedure for product approval".
Compliance and Governance Products and Services
To initiate the procedure included in this section, the following steps must be followed:
Identify
in the CCN-STIC 140 guide, within the taxonomy of specific to the Security Compliance and Governance section, the family in which the product or service fits.
Start
the qualification and inclusion procedure for ICT security products by submitting the following forms:
Forms should be sent to the mailbox .