About us

The Standardisation and Certification Centre of NASK, which operates within the NASK structure, acts as an accredited Certification Body. The Centre certifies products, processes, and services in the field of IT security (cybersecurity) and also carries out the assessment and certification of competences.

The management system for the product certification process complies with the requirements of the standard for product certification bodies, PN-EN ISO/IEC 17065. The certification of IT products is carried out for compliance with PN-EN ISO/IEC 15408 (1-3), i.e., Common Criteria 3.1 rev. 5, based on the IT Security Evaluation and Certification Scheme (PC1). Certification may cover IT products, IT systems (including cryptographic modules), or Protection Profiles, which define security specifications for specific types of products.

Manufacturers interested in certifying their products under the Common Criteria standard are encouraged to contact us. 

Meet us
Common Criteria Certification
Common Criteria (CC) is an international standard (available as PN-EN ISO/IEC 15408) for assessing the security properties of IT products and systems. The standard specifies security requirements as well as a methodology for documenting security implementation. The CC standard is used by governments and private organizations around the world to assess the security of information technology products – compliance with the standard, demonstrated by a Common Criteria certificate, is often required as a prerequisite for cooperation.
Find out more!
Fudamentals for Business Cybersecurity
The development of digital competences among Polish entrepreneurs, the increase in cybersecurity levels in the SME sector, and the stability of economic turnover, as well as the dissemination and implementation of a new cybersecurity standard among SME companies – these are just some of the benefits of the Fundamentals for Business Cybersecurity programme. Pilot certifications are underway. Please let us know if you would like to participate in the programme, and we will notify you when the pilot is over!
Find out more!
Institutional cyber resilience for management 
Certification training for management staff. During the training, you will learn:
  • how to prepare your organization for new challenges related to European Union cybersecurity regulations;
  • best practices in the assessment of cyber risk in entities of the National Cybersecurity System;
  • when the pilot is over, we will notify you about the start of the recruitment process;
  • how to effectively manage information security and business continuity in the organization, as well as how to manage a cyber crisis effectively.
The project is currently in the pilot phase. Please let us know if you are interested in participating in the training and certification.
Find out more!
Our R&D projects

We conduct scientific projects and development initiatives.

We are implementing a lightweight Cybersecurity Assessment and Certification System, which includes lightweight Assessment Schemes for IoT, Data Processing Centers, and Cloud Computing. We are expanding our activities in the area of conformity assessment to include the production of reference materials and the organization of proficiency tests. We run an Expert Cooperation Network that brings together experts from the IT industry.

Find out more!

Inne programy

Our services

Find out more!