Common Criteria Training and Consulting Services

We provide specialized training and consulting services tailored for cybersecurity conformity assessment bodies, regulatory authorities and IT security evaluation laboratories. From hands-on training and conformity assessments to establishing testing facilities, we equip your team with the expertise needed for getting Common Criteria (CC) accreditation, and to carry out evaluations and certifications.

Our Services

Common Criteria Training

Comprehensive training on CC evaluation and certification tailored for Certification Bodies (CBs), IT Security Evaluation Facilities (ITSEFs), and product developers. Training includes structured learning materials, templates, real‑world examples, hands‑on exercises, and vulnerability testing to support effective CC evaluations and certifications.

GAP Analysis for Common Criteria Compliance

A detailed assessment of your existing infrastructure, processes, and expertise. This service identifues key gaps and provides recommendations for improvement to align with CC and ISO standards.

CC-Compliant Management System Setup

Expert guidance on documentation, certification procedures, quality assurance, and risk management to establish a state-of-the-art management system aligned with ISO 17025, ISO 17065, CC scheme requirements and CCRA requirements.

Testing Environment Setup for ITSEFs

Professional support in configuring and reviewing functional, penetration, and vulnerability testing environments, ensuring alignment with CC evaluation requirements.

Shadowing & Hands-On Evaluation Support

Guidance and real-time support during live CC evaluations to help CBs and ITSEFs prove competence and gain official recognition.

National Accreditation & CCRA Acceptance Support

Assistance in achieving national accreditation and navigating CCRA acceptance, including compliance consulting and negotiation support with international certification schemes.

Why Choose QIMA

• Accredited Common Criteria Laboratory

• Over 10 years of experience in CC certification and compliance

• Global reach as part of the QIMA Group

• Proven track record in helping organizations achieve accreditation

Our References

QIMA has successfully provided Common Criteria training and consulting services to cybersecurity conformity assessment bodies and IT security evaluation laboratories worldwide. Our experts have supported the establishment, accreditation, and operation of Certification Bodies (CBs), IT Security Evaluation Facilities (ITSEFs), and National Cybersecurity Certification Authorities (NCCAs).

Selected Project References

• European Governmental Certification Body and ITSEF

  Supported Common Criteria evaluations through training, shadowing, laboratory development, and EUCC compliance.

• Technical University

  Assisted in the development of CC and IoT laboratory capabilities, including national and international accreditation.

With a strong history of supporting government agencies and security laboratories, QIMAis a trusted global partner for Common Criteria certification and accreditation.