SCC Requirements and Guidance for the Accreditation of Information Technology Security Evaluation and Testing Facilities, 2019-07-05

Action required

Effective immediately, all laboratories must now refer to SCC Requirements and Guidance for the Accreditation of Information Technology Security Evaluation and Testing Facilities and cease referring to SCC Requirements and Guidance for the Accreditation of Information Technology Security Evaluation and Testing Facilities, including Cryptographic Module and Algorithm Testing Facilities.

Affected customers

These changes affect all accredited customers who have transitioned to ISO/IEC 17025:2017 or are transitioning to ISO/IEC 17025:2017, with operations in the specialty area of ITSET.

Background

These changes were made in order to align the SCC Requirements and Guidance for the Accreditation of Information Technology Security Evaluation and Testing Facilities to ISO/IEC 17025:2017, and to reflect the fact that CSE made a business decision to only support NVLAP accreditations of Cryptographic Module and Algorithm Testing Facilities.

New requirements

The requirements have been revised to be in line with the new standard of ISO/IEC 17025:2017.

Deadline

This change is effective immediately. Customers are asked to update their documentation as soon as possible.

The transition to the new Requirements and Guidance document will be evaluated as part of the laboratory’s transition to ISO/IEC 17025:2017.

Confirmation of this transition is deemed as verification of compliance to the Requirements and Guidance document.

Questions?

Please contact Abdel Kassou, Manager, Compliance and Assessment Services, at abdel.kassou@scc-ccn.ca or +1 613 238 3222 for more information.