In order to keep up with the growing number of certification procedures, the Federal Office for Information Security (BSI) outsourced the monitoring of the evaluation facilities during evaluation procedures in part to Fraunhofer FOKUS. In coordination with the BSI certifiers, the employees of the Certification Lab (CertLab) take over the monitoring of the evaluation facilities during the evaluation of a software product up to EAL4. The whole certification procedure remains under the authority of the BSI.

As national IT security authority, the Federal Office for Information Security (BSI) aims to promote IT security in Germany. Thereby, the BSI is the central IT service provider of the German Federation but also addresses manufacturers as well as private and commercial users and providers of information technology.

The BSI issues security certificates for information technology products like smart cards, smart meters, operating systems, data bases and firewalls. Such a certificate is issued after the IT product passes the evaluation and assessment in the so-called certification procedure. This procedure includes three phases: Application, evaluation and certification. The manufacturer submits an application for the certification of his product and commissions a BSI approved external evaluation facility to evaluate whether the product complies with the security criteria specified in the CC.