Media release

PUBLIC NOTICE

AUSTRALASIAN INFORMATION SECURITY EVALUATION PROGRAM

The Department of Defence, through the Defence Signals Directorate (DSD), manages the operation of the Australasian Information Security Evaluation Program (AISEP). The AISEP evaluates and certifies products for Australian and New Zealand Government use, and DSD publishes the details of certified products on the Evaluated Products List (EPL). The AISEP is one of six IT security evaluation schemes worldwide which cooperates under an international agreement known as the Common Criteria Recognition Arrangement (CCRA). At present, the AISEP has three licensed commercial service providers which operate an Australasian Information Security Evaluation Facility (AISEF): CSC Australia Pty Limited, LogicaCMG Pty Limited and Tenix Defence Pty Ltd.

In 2002 DSD engaged external consultants to undertake two reviews of the AISEP: a Framework Review, which addressed, inter alia, issues relating to governance, licensing and cost recovery; and a Technical Review, which focused on DSD's certification process. DSD has considered the recommendations of these reviews and is presently implementing a number of changes to the program as a result.

The purpose of this notice is to advise industry and all other interested parties that from 1 July 2003 (at the conclusion of the current AISEF licensing period) DSD proposes to open the AISEP to suitably qualified service providers who wish to operate a licensed evaluation facility. Information regarding the procedure for lodging an application to become an AISEF, conditions of entry into the AISEP and details of the licensing provisions will be made available on the DSD website in due course. No new applications will be entertained prior to 1 July 2003.

Inquiries relating to this notice should be directed to the DSD Customer Service Centre on 02 6265 0197 or via e-mail to aisep@dsd.gov.au.

[Published in the IT section of The Australian 6 May 2003 and The Canberra Times on 5 May 2003]