Navigation and service

BSI - Federal Office for Information Security (Link to homepage)

Areas to be audited

Carrying out conformity evaluations in line with Technical Guidelines

A fundamental component of each certification process in line with Technical Guidelines (TR) is the conformity evaluation. This examines whether a product/system fulfils the specifications and requirements laid down in the respective TR. As a rule, these technical evaluations are carried out by external auditing bodies rather than the BSI. These are independent private-sector bodies that have been recognised by BSI in accordance with ISO 17025 and have demonstrated their expertise in one or more TR audit areas.

The performance of conformity evaluations of products/systems with the aim of certification by the BSI is currently possible for the following Technical Guidelines / audit areas:

Note: DAkkS-accredited audit areas are marked "(DAkkS)".

  • BSI TR-01201 (DAkkS)
    Technical Guideline De-Mail

    • Account management
    • Document tray
    • Identity confirmation service
    • IT basic infrastructure
    • Mailbox and delivery service

    • IT security

      Note: Conformity evaluations in line with BSI TR-01201 Part 6.2 are carried out by auditors certified in the area "De-Mail"
      (Auditor De-Mail for BSI TR-01201).

  • BSI TR-03105 (DAkkS)
    Conformity Tests for Official Electronic ID Documents

    • Chip Tests on Layer 1-4
      in line with BSI TR-03105, Part 2
    • Chip Tests on Layer 6, 7
      in line with BSI TR-03105, Part 3.1-3.4
    • Chip Tests on Layer 1-4
      in line with BSI TR-03105, Part 4
    • Reader Tests on Layer 6, 7
      in line with BSI TR-03105, Part 5.1, 5.2
  • BSI TR-03119 (DAkkS)
    Requirements for chip card readers with nPA support

  • BSI TR-03121 (DAkkS)
    Biometrics for Public Sector Applications (TR Biometry)

    • BioAPI Conformance Testing
      in line with BSI TR-03122, Part 2, - BioAPI Conformance Testing
    • Functional Testing (Software Modules)
      in line with BSI TR-03122, Part 3, -- Test Cases for Function Modules
    • Functional Testing (Hardware Modules)
      in line with BSI TR-03122, Part 3, -- Test Cases for Function Modules
  • BSI TR-03124 (DAkkS)
    eID clients
  • BSI TR-03125 (DAkkS)
    Preservation of Evidence of Cryptographically Signed Documents (TR-ESOR)

  • BSI TR-03128

    Service providers for the eID function
    Note: Conformity evaluations in line with BSI TR-03128-2 are carried out by "Certified ISO 27001 Auditors for Audits based on IT-Grundschutz" (audit team leader)(certified audit team leader).

  • BSI TR-03130 (DAkkS)
    eID servers

  • BSI TR-03132 (DAkkS)
    Secure scenarios for communication processes with regard to official documents (TR-SiSKo hD)

    • Auditing software components according to TR-SiSKo hD
      in line with BSI TR-03133 -- Audit specification TR-SiSKo hD
  • BSI TR-03138
    Replacement Scanning (TR-RESISCAN)
    Note: Conformity evaluations in line with BSI TR-03138 are carried out by auditors who are certified for the "RESISCAN" area
    (RESISCAN auditors for BSI TR-03138).
  • BSI TR-03140
    Conformity evaluations in line with the Act on Satellite Data Security (TR-SatDSiG)
  • BSI TR-03143 (DAkkS)
    eHealth G2-COS Consistency Auditing Tool
    Note: Conformity evaluations in line with BSI TR-03143 are carried out by auditing bodies who have recognition in the German certification scheme for Common Criteria in the area Smart Cards & Similar Devices (SC) (CC auditing bodies) and have proven to the BSI corresponding know-how in eHealth (G2 cards).
  • BSI TR-03144 (DAkkS)
    eHealth -- Proof of conformity for card products of the G2 card generation
    Note: Conformity evaluations in line with BSI TR-03144 are carried out by auditing bodies who have recognition in the German certification scheme for Common Criteria in the area Smart Cards & Similar Devices (SC) (CC auditing bodies) and have proven to the BSI corresponding know-how in eHealth (G2 cards).
  • BSI TR-03145
    Secure Certification Authority operation
    Note: Conformity evaluations in line with BSI TR-03145 are carried out by auditors with a certification for the area "Secure CA Operation" (Secure CA Operation auditors).
  • BSI TR-03148
    Secure broadband router
  • BSI TR-03150 (DAkkS)
    Plan for testing of contactless media and Readers for conformance with CEN/TS 16794:2017
  • BSI TR-03153 (DAkkS)
    Technical security device for electronic recording systems
  • BSI TR-03154 (DAkkS)
    Connector audit specification for the technical module NFDM
  • BSI TR-03155 (DAkkS)
    Connector audit specification for the technical module AMTS
  • BSI TR-03157
    Audit specification for the technical module ePA

Similar topics

Back to Certification to TR