This document describes the governance process for the Security Evaluation Standard for IoT Platforms (SESIP). The document specifies the competencies and accreditations required for the Certification Bodies and for the Laboratories performing evaluation activities, and the process that a Certification Body shall follow to issue a certificate of compliance.
This version adds a section on upgrading from SESIP2 to SESIP3 requirements; adds the Certificate QR code; and clarifies Certification Body recognition.
Previous Version(s)
The SESIP Governance document describes the governance process for the Security Evaluation Standard for IoT Platforms (SESIP). The document specifies the competencies and accreditations required for the Certification Bodies and for the Laboratories performing evaluation activities, and the process that a Certification Body (CB) shall follow to issue a certificate of compliance.
Version 1.1 adds a procedure to manage CB onboarding and recognition between CBs. An action is currently ongoing to clarify the structure of the CB recognition board and the associated decision process, but to clarify the rules for a new CB it was important to have some basic rules and an associated timeline.
This is the first public version of the governance rules for the GlobalPlatform SESIP community. This version clarifies the rules for Certification Body and Laboratory knowledge expertise requirements and also the role of GlobalPlatform as community and brand manager.
