While it has become increasingly apparent that individuals and organizations need a security metrics program, it has been exceedingly difficult to define exactly what that means in a given situation.
Designed to be used by acquiring organizations, system integrators, manufacturers, and Common Criteria testing/certification labs, the Common Criteria (CC) for IT Security Evaluation is an internation