A context prerequisite for certification consists of three elements whose precise interpretation and characterization are mandatory for the resolution of technological issues: an object-of-certification (e.g., a computer system), a basis for certification (e.g., security control requirements for such a system), and the relation of compliancy. Certification can only be realized if the security control characteristics and capabilities of computer systems and their components are adequately characterized. Semantic issues have been most effectively resolved, but technological issues remain and are discussed in detail. Administrative issues have their basis in both the certifier and the recipient as determined by the respective significance of the semantic and technological issues of each. Charts and diagrams are provided.