Technology Security Assurance: How to Apply

ICT Developer Eligibility Criteria & Requirement

All potential ICT product developers who wish to have their product for certification must be:

1. Registered with CyberSecurity Collaborative Program (CCP) under CyberSecurity Malaysian; and
2. ICT products developed in Malaysia

The ICT developers are required to adhere to the following requirements:

1. To complete the developers’ Mandatory Security Functional Requirement (MSFR) form and to attend the kick-off meeting.
2. Resources: To have sufficient dedicated technical staff to ensure the evaluation process to be completed within the stipulated time frame;
3. Commitment:
   1. The ICT product developer is to provide full commitment towards the TSA Evaluation process with email response within 2 working days;
   2. The ICT developer will need to queue again for the TSA Evaluation process if the evaluation failed.
   3. The ICT product developer is to clearly understand the Terms and Conditions for TSA Evaluation process and sign the MSFR.

1. Below is the flow of the certification process. Starts with acceptance process and ends with certification.
2. The certified product will enter certification maintenance for second and third year. Any certified product that has more than to go for another evaluation and certification process again.
3. During the maintenance process, if the product found to has major update, the product has to go for another evaluation and certification process again.
4. However, if the product found to has minor update, an addendum will be issued.

For further enquiries about the Program, please contact CyberSecurity Malaysia Information Security Certification Body (ISCB) Department by email to This email address is being protected from spambots. You need JavaScript enabled to view it..