Objectives
The aim of the security impact analysis is to provide confidence that assurance has been maintained in the TOE, through an analysis performed by the developer of the security impact of all changes affecting the TOE since it was certified.
Component levelling
This family consists of two components, levelled according to the degree to which an evaluator validates the developer's security impact analysis.
Application notes
AMA_SIA.1 requires a sampling approach to validate the developer's security impact analysis. In some cases, AMA_SIA.2 may be preferred where a sampling approach is not considered sufficient to establish confidence that assurance has been maintained in the current version of the TOE, but where a formal re-evaluation is not considered necessary.
Both components in this family require the security impact analysis to identify all new and modified TOE components in the current version of the TOE (as compared with the certified version). The accuracy of this information is checked during either the associated AM audit (by sampling), or the associated re-evaluation of the TOE when the configuration list is checked under ACM_CAP.