The maintenance of assurance class provides requirements that are intended to be applied after a TOE has been certified against the CC. These requirements are aimed at assuring that the TOE will continue to meet its security target as changes are made to the TOE or its environment. Such changes include the discovery of new threats or vulnerabilities, changes in user requirements, and the correction of bugs found in the certified TOE.
The class comprises four families, and the hierarchy of components within, as shown in Figure 16.1:
Figure 16.1 - Maintenance of assurance class decomposition