CGI’s IT Security Evaluation and Test Facility in Canada

Comprehensive services, proven results

CGI’s IT Security Evaluation and Test Facility (ITSETF) in Canada offers comprehensive software testing services and a wealth of competitive advantages to IT security product vendors worldwide. It is a qualified, accredited and independent evaluation laboratory backed by the expertise, experience and global resources of a large, end-to-end IT services company with 70,000 professionals operating in more than 40 countries.

  • We have more than a decade of IT security evaluation, consulting and testing experience.
  • Our lab is accredited by the Standards Council of Canada as a testing laboratory for specific tests.
  • We are an accredited laboratory by NVLAP for the Cryptographic Module Validation Program for FIPS 140 testing (Code 200928-0).
  • CGI’s facility clearances, security clearances and ISO-9001-certified quality processes enable us to provide clients with the highest level of confidentiality and quality. This overall capability is a rarity among most of the Common Criteria and FIPS 140 labs worldwide.
  • CGI’s security experts have worked on some of the most complex Common Criteria evaluations performed in Canada. In addition, our expertise expands beyond evaluation and testing. Most labs have trained evaluators but lack expertise in designing, developing and implementing technology solutions. As a global systems integrator, CGI has deep technology knowledge, which we bring to bear in every evaluation and testing engagement.
  • CGI is actively involved in the evolution of Common Criteria and FIPS standards and provide valuable input in terms of maximizing efficiencies in the development of IT security products.

Key advantages

CGI’s software product testing facility is located in Canada, which brings many advantages to our global clientele, including:

  • Common Criteria evaluation results from Canada are recognized worldwide under the Common Criteria Recognition Agreement.
  • There are no Common Criteria evaluation fees imposed by Canadian authorities. In other jurisdictions, a national scheme evaluation surcharge is imposed on the client.
  • The wait time to get a product reviewed by a certification body in Canada is typically much shorter than in other countries.
  • Certification bodies in Canada employ an iterative review process, which reduces surprises at the end of the evaluation.
  • Canada is known for the maturity, stability and dependability of its national Common Criteria scheme and its certification processes. Canada’s certification body has a reputation for being flexible and innovative in working with security product vendors and their laboratories to help ensure their products meet certification standards.

Comprehensive IT security assessment services

  • Common Criteria evaluations up to and including EAL2+
  • Common Criteria assurance continuity testing
  • FIPS 140 cryptographic module validations
  • Pre-evaluation consulting
  • Evidence and documentary support
  • Vulnerability assessment
  • Penetration testing
  • Forensics, including evidence grade lock-ups
  • Prototype testing and analysis, such as hardened service designs
  • Certification lifecycle and strategy consulting
  • Training
  • Outsourced product testing

Contact CGI’s IT security laboratory.