Document

Off the shelf Assurance Services (CAS) collection

Created:  27 Sep 2016
Updated:  10 Aug 2018
These documents still contain references to the NCSC's precursor organisation, CESG. Please read references to CESG as the NCSC.
These documents are the basics for anyone conducting or putting an off-the-shelf (commodity) service through an assessment under CAS.

This collection consists of:

  • Process for performing CAS assessments
  • General operational requirements for test laboratories
  • The test lab application questionnaire (see Downloads tab)
  • CAS service requirements for IPSec CA, sanitisation and telecommunications 
  • Documents specific to individual service assessments

CESG_Test_Laboratory_General_Requirements_v2-1.pdf

PDF, 179.99KB

This file may not be suitable for users of assistive technology.

Process for performing CAS assessments v1.3.pdf

PDF, 457.92KB

This file may not be suitable for users of assistive technology.

CESG Test Lab Application Questionnaire v1 July 2012

CESG TEST LAB APPLICATION QUESTIONNAIRE V1 JULY 2012, 100KB

This file may not be suitable for users of assistive technology.

CESG Assured Service Requirement PSN CA (IPSEC) v1.pdf

PDF, 268.28KB

This file may not be suitable for users of assistive technology.

CESG Assured Service Requirement Sanitisation v2.pdf

PDF, 469.44KB

This file may not be suitable for users of assistive technology.

CESG Assured Service Requirement Telecomms v1-1.pdf

PDF, 336.02KB

This file may not be suitable for users of assistive technology.

Security Procedures Telecommunication Systems and Services v3 Dec 2015.pdf

PDF, 1690.12KB

This file may not be suitable for users of assistive technology.

GPG 32 Audit handbook for CESG Assured Service v2 Dec 2015.pdf

PDF, 1333.51KB

This file may not be suitable for users of assistive technology.

CPA-CAS-process-diagram-v1-2.pdf

PDF, 372.82KB

This file may not be suitable for users of assistive technology.

CAS collection

  1. CESG Test Laboratory General Operational Requirements

    Generic operational requirements for test laboratories wishing to test under any of the NCSC assurance schemes.

  2. Process for performing CAS assessments

    Describes the process for performing CESG Assured Service (CAS) Assessments

  3. Assured Service (CAS) Service Requirement PSN CA (IPSEC)

    This document provides the CESG Assured Service (CAS) requirements for provision of a Certificate Authority (CA) that is part of the Public Services Network (PSN) Public Key Infrastructure (PKI).

  4. Assured Service (CAS) Service Requirement Sanitisation

    CAS assessment against the Sanitisation Service requirement is a certification scheme to which commercial sanitisation services may subscribe; thus demonstrating compliance with IS5 when serving Government customers.

  5. Assured Service (CAS) Service Requirement Telecommunications

    This document describes requirements for a particular type of assured service for assessment and certification under the CAS Scheme.

  6. Security Procedures Telecommunications Systems and Services

    These are designed to enable a communications provider to use the CESG Assured Service (Telecoms) to provide assurance to customers that its telecommunications systems and services conform to industry good practice aligned to HMG standards and requirements.

  7. Audit Handbook for CAS(T) - Good Practice Guide (GPG) 32

    Covers all aspects of conducting audits and achieving certification of telecommunications systems and services. Should be used in conjunction with other relevant CAS documentation.

  8. Overview of the CPA and CAS processes

    Diagram giving an overview and explanatory notes for the CPA and CAS assessment processes and an indication of the timescales involved.

Topics

Was this document helpful?

We need your feedback to improve this content.

Yes No