The scope of EN 17640 remains unchanged, adding the content of composition within:��This document describes a cybersecurity evaluation methodology that can be implemented using pre-defined time and workload��resources, for ICT products. It is intended to be applicable for all three assurance levels defined in the CSA (i.e. basic, substantial and��high).��The methodology is comprised of different evaluation blocks including assessment activities that comply with the evaluation��requirements of the CSA for the mentioned three assurance levels. Where appropriate, it can be applied both to 3rd party evaluation��and self-assessment.
