ITSEC definition

ITSEC means “The Information Security Evaluation Criteria” issued by the European Commission. An ITSEC rating of E4 High gives the maximum assurance from security engineering based on rigorous commercial development practices. More information on ITSEC can be found at ▇▇▇.▇▇▇▇.▇▇▇.▇▇

Split View

AI-Powered Contracts

Draft, Review & Redline at the Speed of AI

Get StartedSchedule a Demo

ITSEC means the UK Information Technology Security Evaluation and Certification Scheme, a structured set of criteria for evaluating computer security, managed by CESG, under which the security features of IT systems and products are tested independently of suppliers to identify logical vulnerabilities. ITU means International Telecommunication Union, an international organisation within the United Nations where governments and the private sector coordinate global telecom networks and services. The ITU is a leading publisher of telecommunication technology, regulatory and standards information. Key Personnel means the personnel specified in Schedule 2-2[b] who fulfil the key roles in the provision of the Ordered Services.

ITSEC means The UK Information Technology Security Evaluation and Certification Scheme, a structured set of criteria for evaluating computer security, managed by CESG, under which the security features of IT systems and products are tested independently of suppliers to identify logical vulnerabilities. ITU means International Telecommunication Union, an international organisation within the United Nations where governments and the private sector coordinate global telecom networks and services. The ITU is a leading publisher of telecommunication technology, regulatory and standards information.

Examples of ITSEC in a sentence

• E2 or E3 (ITSEC level) candidate evaluations as agreed upon by the Participants directly involved.

• Each Participant is to provide a statement about the effects of all national laws, subsidiary legislation, administrative regulations and official obligations applying in the country concerned and directly affecting the recognition of Common Criteria or ITSEC certificates.

• Such definitions are broadly consistent with those given in CC, ITSEC, CEM and ITSEM, which remain generally valid.

• Where the definitions in this Annex differ from definitions of the same terms given in CC, ITSEC, CEM or ITSEM, the definitions in this Annex are to be used in establishing the intended meaning of this Agreement.

• This Agreement covers claims of compliance against any of the Common Criteria Evaluation Assurance Level 1 through 4 or ITSEC Assurance Level E1 through E3 with Strength of Mechanisms ‘basic’.

• Each Participant is to provide to each of the other Participants a copy of each Common Criteria or ITSEC certificate, Certification Report and Certified Products List it authorises.

• However, if the compliant CB has a Qualifying status for specific IT technical domains including an assurance level (including augmentations) higher than ”E3” (ITSEC) or ”EAL4” (CC), the compliant CB shall be assessed in addition on its competencies in monitoring vulnerability analysis in the IT technical domains (for which it has Qualifying status).

• If a CB wishes to achieve the status of compliant CB under this Agreement for IT technical domains including higher assurance levels (including augmentations) than the Common Criteria Evaluation Assurance Level 4 or ITSEC Assurance Level E3, it should submit an application in writing through the Participant in its country to the Management Committee.

• There must be different mechanisms to prove the effective of security mechanisms, for example as in ITSEC.

• University of Louisiana at Lafayette's Corporate Asset Protection team requires that the ASP disclose their ASP background check procedures and results prior to IT-SEC granting approval for use of an ASP.