The Identity Assurance and Trusted Access Division (IATAD) within GSA’s Office of Technology Policy helps agencies understand and implement identity, credential, and access management systems. An ICAM system comprises the tools, policies and systems that allow an organization to manage, monitor and secure access to protected resources. The IATAD provides collaboration opportunities and guidance on IT policy, standards, implementation and architecture, to help federal agencies implement ICAM.
IATAD also
- Co-Chairs the inter-agency Federal CISO Council ICAM Subcommittee to generate best practice guidance, make policy recommendations to OMB, and facilitate governmentwide discussion on ICAM challenges and solutions.
- Manages the design, development and implementation of the Federal Public Key Infrastructure Architecture in the Federal PKI Shared Service Provider Program.
- Co-chairs the interagency Federal PKI Policy Authority to uphold digital certificate standards for governmentwide trusted digital identity and transactions.
- Manages and maintains the Federal Information Processing Standard (FIPS) 201 Evaluation Program and Approved Product List. The FIPS 201 Evaluation Program (sometimes called the FICAM Testing Program) tests and certifies services and commercial products used in PIV credentialing systems, physical access control systems, and public key infrastructures.
Related policies
Find a comprehensive list of laws, regulations and policies related to FICAM and identity management on IDManagement.gov.
Implementation guidance
Below are selected playbooks and implementation guidance to help agencies implement FICAM:
Visit IDManagement.gov to learn about identity management activities across the federal government, and contact us at icam@gsa.gov with questions.