Certification

Comprehensive evaluation of the technical and nontechnical security safeguards of an information system to support the accreditation process that establishes the extent to which a particular design and implementation meets a set of specified security requirements. The acceptance of software by an authorized agent, usually after the software has been validated by the agent or its validity has been demonstrated to the agent. The comprehensive evaluation, made in support of the accreditation process, of the technical and nontechnical security features of an IT system and other safeguards to establish the extent to which a particular design and implementation meet a set of specified security requirements.