19 08, 2018

Complaints and Appeals

By |2019-02-04T15:55:39+00:0019 August, 2018||

In the event that a TrustCB customer wants to appeal against a decision made by TrustCB or raise an issue concerning the operation of TrustCB, the customer is encouraged to raise the concern with the customer’s point of contact in TrustCB. This will enable the concern to be investigated and resolved. The TrustCB point of contact will acknowledge receipt of a complaint/appeal and will keep the customer apprised of progress. The following details should be provided to the customer point of contact for any complaint or appeal raised: Certification ID of related task Reason for compliant/appeal Supporting evidence for [...]

19 08, 2018

Terms and Definitions

By |2018-10-08T03:25:14+00:0019 August, 2018||

The Terms and Definitions used within the TrustCB procedures and templates are consistent with those used within the applicable Scheme. The schemes operated by TrustCB are based on ISO/IEC 15408 (Common Criteria), so that terminology is used. For ease of reference the commonly-used terms and the phases of certification are defined here: Terms and Definitions Developer The organisation that has primary responsibility for the development and maintenance of the TOE. Typically, the Developer is also the Sponsor. Sponsor The entity paying for the certification process and that gets usage rights for the certificate. In ISO/IEC 17065, the Sponsor [...]

19 08, 2018

TrustCB Levels of Confidentiality

By |2018-10-08T03:26:20+00:0019 August, 2018||

TrustCB defines — and protects materials according to — three levels of confidentiality, as described here: Levels of Confidentiality Public Public information is already in the public domain. Confidentiality of this information does not need to be protected by TrustCB. We do, however, pay attention to the active publication of such information. In particular, information that previously was secret should not be published if it has become public without permission from its owner. Typically treated as Public: Scheme procedures, published certificates, and associated documents (such as Security Targets). Sensitive/Confidential Sensitive/Confidential information should not be made public. Protection against [...]