What does Evaluation Assurance Level (EAL) measure?

Evaluation Assurance Level (EAL) specifically measures the security levels of software and systems. It is part of the Common Criteria, an international standard for evaluating the security properties of IT products and systems. The EAL provides a framework that helps determine the degree of assurance that a system's security features work as intended and are adequate to protect sensitive data.

EAL ratings range from EAL1 to EAL7, with EAL1 providing the lowest level of assurance and EAL7 indicating a high level of assurance achieved through rigorous evaluation and testing processes. This systematic evaluation assesses not only the technical security of a product but also the development and life cycle processes used to create it. By establishing these levels, organizations can make informed decisions about the security capabilities of software they intend to use, ensuring it meets their specific security requirements.

The other choices do not relate to the concept of EAL; system performance, network speed, and user satisfaction pertain to different aspects of IT systems and products that are not assessed by the EAL framework.