BS ISO/IEC 15408 allows you to compare between the results of independent security evaluations. It does so by providing a common set of requirements for the security functions of IT products and systems, and for assurance measures applied to them during a security evaluation.

The evaluation process establishes a level of confidence that the security functions of such products and systems and the assurance measures applied to them meet these requirements. The evaluation results may help consumers to determine whether the IT product or system is secure enough for their intended application and whether the security risks implicit in its use are tolerable.

Contents
Forward
Introduction
Scope
Terms and definitions
Symbols and abbreviated terms
Overview
General model
ISO/IEC 15408 requirements and evaluation results
Annex A (normative) - Specification of protection profiles
Annex B (normative) - Specification of security targets
Bibliography
ISBN 0 580 46821 6