In other words, the CCT Mark provides quality assurance approach to validate whether the implementation of a computer security product or services has been performed in an appropriate manner.
The CCT Mark was developed under the auspices of the UK Government's Central Sponsor for Information Assurance[2] (CSIA), which is part of the Cabinet Office's Intelligence, Security and Resilience (ISR) function.
The role of providing specialist input to the CCT Mark fell to CESG as the UK National Technical Authority (NTA) for Information Security, who assumed responsibility for the scheme as a whole on 7 April 2008.
The CCT Mark is often compared to the international Common Criteria (CC), which is simultaneously both correct and incorrect: As of September 2010, CESG have announced that the product assurance element of CCT Mark will be overtaken by the new Commercial Product Assurance (CPA) approach.
It is unclear as yet whether CCT Mark will remain in existence for assurance of Information Security services.