Austin, TX – atsec information security is pleased to announce that IBM Tivoli License Compliance Manager (ITLCM) version 2.2 has achieved Common Criteria certification at evaluation assurance level (EAL) 2+. The evaluation of ITLCM v2.2 was performed by atsec and certified by Germany’s Federal Office for Information Security (BSI), and is internationally recognized through the Common Criteria Recognition Arrangement.

IBM Tivoli License Compliance Manager version 2.2 provides customers with a critical component of a total software asset management solution, enabling planning, management and optimization of enterprise-wide software assets.

The atsec information security team worked closely with development, documentation, testing, and support teams at the IBM Tivoli Rome lab to define and examine security-relevant aspects of the license compliance management software and the environment in which the product is produced, tested, and maintained. Certification at the EAL2+ level confirms that evidence relevant to functional and assurance security requirements has been closely examined and accepted, providing independent assurance that the product’s security functionality is sound.

Silvia Giacone, development manager for IBM Tivoli License Compliance Manager version 2.2, notes: “Our team is very pleased to have played a leadership role in bringing Common Criteria certification efforts to the IBM Tivoli lab in Rome. The close scrutiny of our product and processes supports IBM’s worldwide strategy to pursue independently-assured security examination of our software products.”

Certification of the ITLCM product follows very soon after completion of atsec’s certification efforts for IBM AIX 5.3 CAPP and IBM AIX 5.3 LSPP. Building on its long history of successful evaluation projects with IBM, atsec currently is evaluating six IBM additional products including three products under the Tivoli software brand.

About atsec information security
atsec information security is an independent, standards-based IT (information technology) security consulting and evaluation services company that combines a business-oriented approach to information security with in-depth technical knowledge and global experience. atsec was founded in Munich (Germany) in January 2000 and has extensive international operations with offices in the US, Sweden, the UK, and China. atsec leverages its deep security, process, and standards expertise to consult on a wide range of IT security needs, enabling clients to establish integrated security management procedures in order to manage security risk and improve data, product, and business process reliability. atsec works with leading global companies such as IBM, HP, Oracle, Cray, BMW, SGI, Vodafone, Swisscom, RWE, and Wincor-Nixdorf.