Maintenance of the CC/CEM

The CC and the companion CEM are continuously updated to reflect the experience gained in their application, and to incorporate advances in the state of the art of the security evaluation practices.

While the "Common Criteria Development Board" (CCDB) manages the technical work program for the maintenance and ongoing development of the CC and CEM and reach agreement on the application of the CC and CEM to evaluations being carried out by the CCRA certificate producing nations to ensure harmonization across qualifying nations, the principal purpose of the "Common Criteria Maintenance Board" (CCMB) is to process request for inclusion of Change Proposals (CP), based upon national CC and CEM development requirements and taking into account CCRA requirements as specified by the CCDB. This includes:

The CC/CEM documents have major and minor version numbers, and release number. The major number reflects fundamental changes or advances in the content of the evaluation criteria or the evaluation methodology. Both the CC and the CEM are issued at the same time and share the same identifiers. New official versions, as approved by the CCRA, will have a new major or minor version number.

Releases are used to distinguish working documents whose content reflect updates and fixes, based in the Change Proposal process, which are considered useful to be published. These releases can be used under the general recognition agreement of the official version that they are based on.