Re: Demise of AMA?
- Subject: Re: Demise of AMA?
- From: "NIAP Interpretations Board" <email@example.com>
- Date: Tue, 21 Dec 2004 07:50:17 -0800
- Content-description: Mail message body
- Content-transfer-encoding: 7BIT
- Content-type: text/plain; charset=US-ASCII
- Priority: normal
On September 5th Jim Knoke wrote:
> Is it true that there are no longer any AMA (assurance
> maintenance) requirements at the international or US level? They seem to
> have been completely removed from v2.2 of CC Part 3 and I can no longer
> find CCIMB-2003-02-001 (Supplement: AMA) anywhere.
> We now seem to be left with CCIMB-2004-02-009 ("Assurance Continuity:
> CCRA Requirements)?? This document seems to contain much less on the
> detailed nuts-and-bolts than the presumably defunct documents mentioned
> above. And there are a couple of profiles I see that seem to include some
> of the old AMA requirements.
> The Assurance Continuity document indicates that a national scheme can
> have additional requirements, but I haven't seen any. Does the US
> scheme envision that AMA-type requirements would be any different at EAL5
> than at lower EALs?
The NIB is heartened that there is some interest in the mechanics of assurance
maintenance. Thank you for your questions.
The "Assurance Continuity: CCRA Requirements" document is the only currently
recognized guidance for addressing this issue. There are no plans either within
the US scheme or in the international organization to create any more. The NIB
feels the community would be interested if someone were to point out what they
perceive as deficiencies in that document.
Date Index |
Thread Index |
Problems or questions? Contact firstname.lastname@example.org