Which security control scheme do vendors often submit their products to for evaluation, to provide an independent view of product assurance?