In accordance with Common Criteria, an information system, part of a system or product, and all associated documentation, that is the subject of a security evaluation.
Sources:
CNSSI 4009-2015