Skip to main content

With EUCC, the EU commonly agreed on assessment process to certify ICT products such as technological components, hardware and software. The scheme is based on Common Criteria, an international standard (ISO/IEC 15408) broadly used internationally. 

Some regulations might require Common Criteria certification, but in all cases, such a certificate provides a competitive advantage by giving trust to customers and users

EUCC in Application

The scope of EUCC 

The vendor or manufacturer can specify the security functional requirements (SFRs) and security assurance requirements (SARs) against which their ICT products will be assessed. The methodology offers to define Protection Profiles corresponding to product Categories.

These requirements also allow for an assurance level to be indicated: the EUCC covers two, substantial and high, that have been mapped with AVA_VAN, the vulnerability assessment class of the Common Criteria.

EUCC Certificates

Since February 2025, EUCC Certificates can be issued. Certificates are issued by Certification Bodies based on an evaluation process carried out by an accredited and, where necessary, authorised laboratory. The laboratory performs documental and technical assessment activities defined by the Common Criteria standard.

During the validity period of their certificate, ICT products are subject to monitoring, vulnerability management, and disclosure procedures.

The ENISA website dedicated to certification will present EUCC certificates and other EU certificates issued under the CSA.

EUCC a live scheme

ENISA developed a candidate scheme first in 2020, with the support of an ad hoc Working Group, and reused widely the experience of the SOG-IS Mutual Recognition Agreement.

The EUCC scheme, adopted in 2024 and amended since then, is now in operation and under regular maintenance.

Access EUCC Library

EUCC is composed of a rich list of documents from the Implementing Act and its amendments to state-of-the-art documents and guidelines.

Frequently Asked Questions on EUCC

This section displays FAQs on EUCC Scheme

Frequently Asked Questions on CABs

This section displays questions and answers about CABs

Frequently Asked Questions on Certification process

This section displays Questions and answer on the generic certification Process