1. The comprehensive evaluation of the technical and nontechnical security features of an IS and other safeguards, made as a part of and in support of the accreditation process, to establish the extent to which a particular design and implementation meets a set of specified security requirements. 2. The issue by the UK Certification Body of a formal statement, based on a review of the conduct and results of an evaluation, of the extent to which; a. Technical security measures meet the Security Requirement for a system, or b. Security claims are upheld by a product. Note: A System Electronic Information Security policy is required as the basis for certification of a system. See also: Accreditation, Confidence, Information Technology Security Evaluation and Certification Scheme. 3. The issue of a formal statement confirming the results of an evaluation, and that the evaluation criteria used were correctly applied. 4. The technical evaluation of a system's security features, made as part of and in support of the approval/accreditation process, that establishes the extent to which a particular computer system's design and implementations meet a set of specified security requirements.