FIPS 140-3 Management Manual - Latest Version (5-14-2025) |
The purpose of the CMVP Management Manual is to provide effective management guidance for the CMVP, CST labs, and the vendors who participate in the program. Consumers who procure validated cryptographic modules may also be interested in the contents of this manual.
This manual outlines the management activities, processes, and responsibilities that have been assigned to the various participating groups. This manual includes administrative guidance. For technical aspects of the requirements of the referenced standards, please refer to the CMVP webpage and associated links (e.g., FIPS 140-3 IG and RFG Announcements).
Archived FIPS 140-3 Management Manual V2.4 (05-07-2024)
Archived FIPS 140-3 Management Manual V2.3 (12-17-2024)
Archived FIPS 140-3 Management Manual V2.2 (04-19-2024)
Archived FIPS 140-3 Management Manual V2.1 (02-29-2024)
Archived FIPS 140-3 Management Manual V2.0 (12-06-2023)
Archived Draft FIPS 140-3 Management Manual V1.2 (12-23-2022)
Archived Draft FIPS 140-3 Management Manual V1.1 (7-13-2022)
Archived Draft FIPS 140-3 Management Manual V1.0 (9-18-2020)
Security and Privacy: cryptography, testing & validation
Technologies: hardware, software & firmware