The standard defines the general requirements for assessing IT product security by establishing models.
The Common Criteria for Information Technology Security Evaluation is an accreditation process, adopted by over 26 different countries, and it takes into consideration the design and functionality of the product, from the planning to the final product and use.