The CyFun® Conformity Assessment Scheme (CyFun® CAS) foresees in conformity assessment of the three assurance levels in the CyberFundamentals Framework (Basic, Important and Essential).

Conformity assessment of the requirements of the CyberFundamentals Framework shall be performed by an independent Conformity Assessment Body (CAB), accredited in accordance with EU Regulation 765/2008, setting out the requirements for accreditation and market surveillance unless otherwise determined by national legislation.

Conformity Assessment of the Basic and Important assurance level is done as a verification conform the requirements in the CyFun® CAS and ISO/IEC 17029 (General principles and requirements for validation and verification bodies).

The Conformity Assessment Scheme (CyFun® CAS) is available online for the National Accreditation Bodies (NAB), Conformity Assessment Bodies (CAB), verified and certified entities and all other users of the CyberFundamentals Framework.

Conformity Assessment of the Essential assurance level is done as a certification conform the requirements in the CyFun® CAS and ISO/IEC 17021-1 (Requirements for bodies providing audit and certification of management systems).

The document “CyberFundamentals Framework Conformity Assessment Scheme Clarifications” provides additional clarification to the CyberFundamentals Framework.