Alcance
This International Standard specifies the security requirements for a cryptographic module utilisedwithin a security system protecting sensitive information in computer and telecommunicationsystems. This International Standard defines four security levels for cryptographic modules toprovide for a wide spectrum of data sensitivity (e.g. low value administrative data, million dollarfunds transfers, life protecting data, personal identity information, and sensitive information used bygovernment) and a diversity of application environments (e.g. a guarded facility, an office,removable media, and a completely unprotected location). This International Standard specifies foursecurity levels for each of 11 requirement areas with each security level increasing security over thepreceding level.This International Standard specifies security requirements specified intended to maintain thesecurity provided by a cryptographic module and compliance to this International Standard is notsufficient to ensure that a particular module is secure or that the security provided by the module issufficient and acceptable to the owner of the information that is being protected.