An evaluation is reproducible and can concern the complete system, the hardware components and/or the software. An evaluation is carried out by a trustworthy authority according to specified evaluation parameters. The qualitative and quantitative data obtained during the evaluation are used to assess the evaluated object and for empirical evaluations.
There are several, internationally recognized evaluation systems for the evaluation of products and systems. Among the best known are the Information Technology Security Evaluation Criteria( ITSEC) used in information security and the Common Criterias( CC).