Security evaluations, conducted by independent, accredited evaluators provide assurance (confidence) in the evaluated products' security attributes. Some public and private sector organizations mandate that their acquired products are evaluated. Even when evaluations aren't mandatory, acquiring organizations benefit from them.
The following information describes IBM's products that have been evaluated or are in-evaluation. The two security evaluation programs are the Common Criteria (CC – a.k.a. ISO/IEC 15408) and the Cryptographic Module Validation Program (CMVP – a.k.a. FIPS 140). Only the most recently-evaluated products are shown. Older evaluations may be found at the Common Criteria Portal and the CMVP resource site.