The European certification scheme EUCC (European Cybersecurity Certification Scheme based on Common Criteria) introduces a new harmonized framework for cybersecurity certification of IT products within the EU. Following the Cybersecurity Act and the EUCC implementing regulation, there is a growing need to accredit testing laboratories of the ITSEF type (Information Technology Security Evaluation Facility), which carry out security evaluations under the Common Criteria.

This presentation presents how the Czech Accreditation Institute (CAI) approached the introduction of accreditation for ITSEFs and how EUCC requirements are reflected in the assessment process in the Czech Republic. We explain the relationship between the general requirements for the competence of testing laboratories under the standard ČSN EN ISO/IEC 17025:2018 and the criteria for IT security evaluation under the ČSN EN ISO/IEC 15408 series and the standard ČSN EN ISO/IEC 18045, including the role of additional ITSEF requirements under ČSN P CEN/CLC ISO/IEC/TS 23532-1 and expectations regarding the management of evaluator competence.

The presentation also includes information on how the scope of accreditation can be defined clearly and transparently in the annex to the accreditation certificate so that it meets the requirements of the EUCC scheme, including the expression of the evaluation assurance level via EAL levels.

Gor Petrosjan has long focused on quality management systems and their practical application in testing and calibration laboratories. He currently works at the Czech Accreditation Institute, where he conducts on-site laboratory assessments and verifies compliance with competence requirements and management system requirements in accordance with ISO/IEC 17025 and related accreditation rules.

In his roles as Accreditation Manager for Technical Laboratories and as Deputy Director for Testing and Calibration Laboratories, he focuses on methodological support and the development of accreditation procedures. A significant part of his work is providing training in quality management systems to internal staff and external audiences, including the general public and personnel from conformity assessment bodies. He is actively involved in professional work through leading and participating in technical committees and takes part in meetings of the European Accreditation Laboratory Committee, thereby contributing to the harmonisation of approaches and the transfer of current knowledge into national practice.

Prior to moving into accreditation, he worked in the engineering and medical-device industries, focusing on quality management systems, document control, internal and external audits, management of nonconformities, and risk management.

He obtained his degree in Quality Management from VSB – Technical University of Ostrava.

Jan Velíšek works at the Czech Accreditation Institute, as the Director of the Department for Testing and Calibration Laboratories. In this role, he has overall responsibility for the department’s strategic and operational performance, including human resources management, financial results, and ongoing communication with stakeholders in the field of accreditation. He leads a department operating at two locations (Prague and Brno) with approximately 20 employees and ensures the stable and efficient functioning of the conformity assessment process for an extensive portfolio of more than 660 conformity assessment bodies.He has been active in auditing for more than 20 years and has long-term practical experience in conducting audits and assessing the conformity of accredited bodies with the requirements of the standards ČSN EN ISO/IEC 17025 and ČSN EN ISO/IEC 17029. His work includes leading assessment teams, planning audits, approving technical scope, and forming audit teams with an emphasis on technical competence, impartiality, and the quality of outputs. He is actively involved in the development and refinement of methodological procedures that support consistent decision-making and a high standard of professional practice within ČIA.In addition to managing standard accreditation activities, he contributed to the introduction of an accreditation service for testing laboratories in the field of cyber security (ITSEF). In this context, he participates in expert meetings and cooperation with NÚKIB and helps to connect accreditation mechanisms with the requirements of security and regulatory practice. Over the long term, he also focuses on professional outreach in the areas of accreditation and auditing—he lectures at professional conferences and seminars, where he shares practical experience, explains the requirements of relevant standards, and presents current trends in conformity assessment.He holds a university degree from the Faculty of Mechanical Engineering at CTU in Prague, which has provided him with a strong technical foundation and the ability to navigate across various technical areas of testing and calibration. Throughout his career, he combines technical understanding, extensive auditing experience, and managerial leadership to ensure that accreditation processes are technically consistent, transparent, and trustworthy for all relevant partners.