JISEC-CC/CEM

The current standard is CC/CEM:2022 Release 1. Please use this standard when submitting certification applications.

CC/CEM is available in English and its Japanese translation version, and the Japanese translation version of CC/CEM is available on the JISEC Japanese website below. JISEC accepts both versions as equivalent. When you use CC/CEM, you can use either the English version or the Japanese translation version.

CC/CEM(Japanese translation version)[JAPANESE]

Termination of Certification Applications Based on CC/CEM v3.1 Release 5

Certification applications based on the old standard CC/CEM v3.1 Release 5 are no longer accepted as of May 31, 2024. In addition, certification applications based on CC/CEM v3.1 Release 5 for TOEs that claim conformance to PPs requiring Exact Conformance, except for the cPPs described later, are no longer accepted as of November 30, 2025.

Migration of Exact Conformance cPPs to CC:2022

• Due to delays in the development of cPPs compliant with CC:2022, it has become difficult to secure a sufficient migration period prior to the deadline specified in the CCRA transition policy (for Exact Conformance, evaluations based on CC v3.1 may be started until December 31, 2025). Accordingly, consistent with the coexistence period applied when changes are made to the CC/CEM under CCM-01-A, the following applies.
  • Applications for TOE evaluations claiming conformance to cPPs that require Exact Conformance based on CC v3.1 will continue to be accepted for a period of six months following the issuance of the successor cPP that is compliant with CC:2022.

CC/CEM:2022 Release1

CC:2022 Release1

Common Criteria for Information Technology Security Evaluation

• Part 1: Introduction and general model CC:2022 Revision 1(CCMB-2022-11-001)(Listed on November 1, 2023)(PDF:4.3 MB)
• Part 2: Security functional components CC:2022 Revision 1(CCMB-2022-11-002)(Listed on November 1, 2023)(PDF:3.1 MB)
• Part 3: Security assurance components CC:2022 Revision 1(CCMB-2022-11-003)(Listed on November 1, 2023)(PDF:2.8 MB)
• Part 4: Framework for the specification of evaluation methods and activities CC:2022 Revision 1(CCMB-2022-11-004)(Listed on November 1, 2023)(PDF:583 KB)
• Part 5: Pre-defined packages of security requirements CC:2022 Revision 1(CCMB-2022-11-005)(Listed on November 1, 2023)(PDF:573 KB)

CEM:2022 Release1

Common Methodology for Information Technology Security Evaluation

• Evaluation methodology CEM:2022 Revision 1(CCMB-2022-11-006)(Listed on November 1, 2023)(PDF:3.5 MB)

Errata and Interpretation

• Errata and Interpretation for CC:2022 (Release 1) and CEM:2022 (Release 1) Version 1.1 (CCMB-2024-002-v1_1)(Listed on December 26, 2024)(PDF:1.4 MB)

CC/CEM v3.1 Release5

CC v3.1 Release5

Common Criteria for Information Technology Security Evaluation

• Part 1: Introduction and general model Version 3.1 Revision 5(CCMB-2017-04-001)(Listed on July 20, 2017)(PDF:1.3 MB)
• Part 2: Security functional components Version 3.1 Revision 5(CCMB-2017-04-002)(Listed on July 20, 2017)(PDF:2.9 MB)
• Part 3: Security assurance components Version 3.1 Revision 5(CCMB-2017-04-003)(Listed on July 20, 2017)(PDF:2.9 MB)

CEM v3.1 Release5

Common Methodology for Information Technology Security Evaluation

• Evaluation methodology Version 3.1 Revision 5(CCMB-2017-04-004)(Listed on July 20, 2017)(PDF:3.0 MB)

CC/CEM addenda

Exact Conformance (for reference)

This document is the addendum to CC/CEM v3.1 Release 5. This document has been integrated into CC/CEM:2022.

This addendum is the explanation of Exact Conformance. It defines the concepts to be referred to when preparing an ST based on the PP that claims Exact Conformance.

Exact Conformance

• Exact Conformance, Selection-Based SFRs, Optional SFRs Sep 2021 Version 2.0(CCDB-013-v2.0-2021-Sep-30)(Listed on April 9, 2026 )(PDF:694 KB)