Every company, small, medium or large, needs to integrate its procedures, services or products it offers, with digital technology.
This need, although important for growth, exposes to vulnerabilities that are difficult to find.
For this reason we are seeing a rapid increase in what can be defined as “cyber incidents”
It is therefore essential to include the IT security aspect in the integration process.
Tecninf SpA, due to the experience and knowledge acquired over the years by its team of experts in cyber security, has been accredited by OCSI, the IT Security Certification Body of the Ministry of Economic Development, as LVS – Safety Assessment Laboratory .
In this context, in compliance with the international standards ISO / IEC IS-15408 (Common Criteria) and the European ITSEC and ITSEM criteria, it acts as an evaluator and certifier of the security of systems and products in the information technology sector.
CC
common criteria
What are the tasks of the Safety Assessment Laboratory?
01
The Safety Assessment Laboratories carry out, through the assessors, the assessments of products / systems or protection profiles according to the National Scheme and under the control of the certification body.
02
Customer assistance for:
- the drafting of safety documentation during the preparation of the assessment;
- the determination of the assessment of the TDS (safety target). ODV (subject of the assessment) or protection profile;
- management and maintenance of certificates.
03
Training on security issues in the information technology sector in general and, in particular, on assessment techniques.
04
The assessor is trained, trained and authorized by the certification body to conduct the assessment activities.
LVS
Why is the safety assessment laboratory so important for public and private operators?
One of the implementing decrees of the perimeter law (DPR 54/2021) provides that:
- The subjects included in the national perimeter, before the start of the procedures for assigning the object of the ICT supply, must officially communicate to the national assessment and certification center (CVCN) the general description, intended use, category to which they belong, etc. . ;
- if the object of the supply has not been subjected to previous evaluations, then the PA will entrust the execution of the tests to an accredited laboratory.
LVS
WHY IS CERTIFICATION OF ICT PRODUCTS / SYSTEMS IMPORTANT IN THE EUROPEAN FRAMEWORK?
- Cybersecurity certification plays an important role in strengthening the security of ICT products, services and processes;
- increases trust in an ICT ecosystem governed by shared standards;
- ensures the conformity of ICT products / systems in the sectors governed by directive (EU) 2016/1148