The Common Criteria Version CC:2022 und CEM:2022 Release 1 were approved for use by the international community in November 2022 in the international Common Criteria Recognition Agreement (CCRA) and derived from the international standard ISO/IEC 15408:2022 and ISO/IEC 18045:2022.

In addition to the release of the criteria, a transition policy (Transition Policy to CC:2022 and CEM:2022) has been agreed for the use of previous CC versions. Further details can be found in the CCRA portal.

The CC:2022 version of the Common Criteria now consists of five parts:

• Part 1: Introduction and general model
• Part 2: Security functional components
• Part 3: Security assurance components
• Part 4: Framework for the specification of evaluation methods and activities
• Part 5: Pre-defined packages of security requirements

The Common Methodology for Information Security Evaluation (CEM) CC:2022 Release 1 was also adopted by the international community in the international Common Criteria Recognition Agreement (CCRA). It defines a coordinated methodology for evaluations based on the CC.

The CC:2022 standard can be downloaded from the CCRA web portal.

Information on the Common Criteria is available from the:

Bundesamt für Sicherheit in der Informationstechnik
Referat SZ 21 und SZ 22
Postfach 20 03 63
53133 Bonn
Telefon: +49 228 99 9582-111
Telefax: +49 228 99 9582-5455
E-Mail: zertifizierung@bsi.bund.de