Business and Systems Aligned. Business Empowered. TM Federal Identity Management Handbook May 5, 2005.

Slides:



Advertisements
Similar presentations
Status of U.S. Smart Card Deployment Jim Dray Porvoo 7/ World eID Meeting May 2005.
Advertisements

Intro. Website Purposes  Provide templates and resources for developing early childhood interagency agreements and collaborative procedures among multiple.
USG INFORMATION SECURITY PROGRAM AUDIT: ACHIEVING SUCCESSFUL AUDIT OUTCOMES Cara King Senior IT Auditor, OIAC.
Effectively Integrating Information Technology (IT) Security into the Acquisition Process Section 4: Effective Integration.
Certificate Interoperability S&I Framework Initiative Final Report August 17, 2011.
15June’061 NASA PKI and the Federal Environment 13th Fed-Ed PKI Meeting 15 June ‘06 Presenter: Tice DeYoung.
1 1 A Synopsis of Federal Information Processing Standard (FIPS) 201 for Personal Identity Verification (PIV) of Federal Employees and Contractors Presentation.
Department of Health and Human Services Personal Identity Verification Training APPLICANT.
FIPS 201 Personal Identity Verification For Federal Employees and Contractors National Institute of Standards and Technology Information Technology Laboratory.
“Personal Identity Verification (PIV) of Federal Employees and Contractors” October 27, 2005 Homeland Security Presidential Directive 12 (HSPD-12)
SMALL BUSINESS PLAN GUIDE
1 Executive Office of Public Safety. 2 National Incident Management System.
Federal Information Processing Standard (FIPS) 201, Personal Identity Verification for Federal Employees and Contractors Tim Polk May.
EDUCAUSE Fed/Higher ED PKI Coordination Meeting
Office of the Chief Information Officer EFCOG Annual Meeting Fred Catoe (IM-32) U.S. Department of Energy.
PIV Data Model Testing Ketan Mehta March 3, 2006.
Introduction to the State-Level Mitigation 20/20 TM Software for Management of State-Level Hazard Mitigation Planning and Programming A software program.
Cybersecurity Summit 2004 Andrea Norris Deputy Chief Information Officer/ Director of Division of Information Systems.
Centers for IBM e-Business Innovation :: Chicago © 2005 IBM Corporation IBM Project October 2005.
Department of Economic Opportunity WelcomeTo Contract Review Form Training.
NASA Personal Identity Verification (PIV) NASA Personal Identity Verification (PIV) High Level System Overview Tice F. DeYoung, PhD 14th Fed/Ed Workshop.
Complying With The Federal Information Security Act (FISMA)
Federal CIO Council Information Security and Identity Management Committee IDManagement.gov FICAM Testing Program and Approved Products List (APL) Overview.
Homeland Security Presidential Directive-12 (HSPD-12)
CUI Statistical: Collaborative Efforts of Federal Statistical Agencies Eve Powell-Griner National Center for Health Statistics.
Module 19 STEP 9 Completion of the Feasibility Study Module 19 STEP 9 Completion of the Feasibility Study Civil Works Orientation Course - FY 11.
HSPD-12 and FIPS-201 Overview v Learning Objectives At the end of this course, you will be able to: Describe Homeland Security Presidential Directive.
Applied Technology Services, Inc. Your Partner in Technology Applied Technology Services, Inc. Your Partner in Technology.
Organize to improve Data Quality Data Quality?. © 2012 GS1 To fully exploit and utilize the data available, a strategic approach to data governance at.
State of Maine NASACT Presentation “Using the Business Case to Guide a Transformation Procurement” 1 Using the Business Case to Guide a Transformation.
Special Publication : Interfaces for Personal Identity Verification Jim Dray NIST NPIVP Workshop March 3, 2006.
Roles and Responsibilities
Important acronyms AO = authorizing official ISO = information system owner CA = certification agent.
1 EAP and EAI Alignment: FiXs Pilot Project December 14, 2005 David Temoshok Director, Identity Policy and Management GSA Office of Governmentwide Policy.
1 This Presentation is printed on recycled materials.
National Incident Management System NIMS Revision Al Fluman, Acting Director Incident Management Systems Division (IMSD), National Integration Center.
Disaster Recover Planning & Federal Information Systems Management Act Requirements December 2007 Central Maryland ISACA Chapter.
1 This Presentation is printed on recycled materials.
1 © Material United States Department of the Interior Federal Information Security Management Act (FISMA) April 2008 Larry Ruffin & Joe Seger.
HSPD-12 Identity Management Initiative Carol Bales Senior Policy Analyst United States Office of Management and Budget North American Day 2006.
Project Kick-off Meeting Presented By: > > > > Office of the Chief Information Officer.
Federal Information Security Management Act (FISMA) By K. Brenner OCIO Internship Summer 2013.
Federal Strategic Sourcing Initiative U.S. General Services Administration FSSI Office Products II “ OS2 in a Box” Implementation Kit.
1 NDIA Earned Value Management Application Guide Status Report August 16-17, 2005 Wayne Abba Walt Berkey David Muzio David Treacy NDIA EVM Application.
NIST / URAC / WEDi Health Care Security Workgroup Presented by: Andrew Melczer, Ph.D. Illinois State Medical Society.
Using OMB Section 508 reporting in addressing your agency's program maturity. How to Measure Your Agency's 508 Program.
NOAA Aviation Safety Board Meeting May 16, 2006 Lieutenant Commander Debora Barr NOAA Aviation Safety Program.
1 Federal Identity Management Initiatives Federal Identity Management Initatives David Temoshok Director, Identity Policy and Management GSA Office of.
Quentis Scott IT Specialist - Section 508 Coordinator General Services Administration Office of the Chief Information Officer Washington, D.C. Developing.
OMB Memorandum M Implementation of the Government Charge Card Abuse Prevention Act of 2012 (Charge Card Act) September 2013.
Federal Software Asset Management Initiative Concept of Operations Report to the Executive Steering Committee March 8, 2004 Implementing the President’s.
Defense Standardization Program Policy Updates Steve Lowell Deputy Director Defense Standardization Program Office.
Assessment of Student Learning: Phase III OSU-Okmulgee’s Evidence of Student Learning.
Presented by Eliot Christian, USGS Accessibility, usability, and preservation of government information (Section 207 of the E-Government Act) April 28,
Industry Perspective of Section 508 John Godfrey (202) Information Technology Industry Council NIST Accessibility May.
1 This Presentation is printed on recycled materials.
1 An Overview of Process and Procedures for Health IT Collaboration GSA Office of Citizen Services and Communications Intergovernmental Solutions Division.
NATIONAL INCIDENT MANAGEMENT SYSTEM Department of Homeland Security Executive Office of Public Safety.
New Paradigms for Capital Planning in IT Security Sandy Washington Federal Railroad Administration July 22, 2008.
Implementing Program Management Standards at Duke Energy.
Important acronyms AO = authorizing official ISO = information system owner CA = certification agent.
Ketan Mehta March 3, 2006 PIV Data Model Testing Ketan Mehta March 3, 2006.
Matthew Christian Dave Maddox Tim Toennies
Phase 1 Tollgate Review Discussion Template
EDUCAUSE Fed/Higher ED PKI Coordination Meeting
HIMSS National Conference New Orleans Convention Center
Executive Order No. 23 Update Air & Waste Management Association Conference November 16, 2018 Presentation will focus on the latest policy development.
NASA Personal Identity Verification (PIV) High Level System Overview Tice F. DeYoung, PhD 14th Fed/Ed Workshop December 14, 2006.
Supporting SEACs across the Province:
A Quick Tour of the FIPS 201 Revision
Presentation transcript:

Business and Systems Aligned. Business Empowered. TM Federal Identity Management Handbook May 5, 2005

Confidential and Proprietary 1 © 2005 BearingPoint, Inc. All trademarks are property of their respective owners. Introduction Guidance for credentialing managers, their leadership, implementation teams, and other stakeholders as they pursue compliance with HSPD 12. Provides specific implementation direction on course of action, business & policy, schedule requirements, acquisition planning, migration planning, lessons learned, and case studies and implementation tools. A collaborative effort: The Federal Identity Credentialing Committee (FICC) Smart Card Interagency Advisory Board (IAB) Federal PKI Authority (FPKIA) Office of Management and Budget (OMB) National Institute for Standards and Technology (NIST) U.S. Department of Defense Smart Card Alliance Many other contributors

Confidential and Proprietary 2 © 2005 BearingPoint, Inc. All trademarks are property of their respective owners. Organization Information Flow is similar to FIPS 201 with some key differences Major Sections Include 1.0 Introduction 2.0 PIV I – Common Identification, Security and Privacy Requirements 3.0 PIV - Validation Certification & Accreditation 4.0 PIV II – Front End Sub-System 5.0 Implementation Planning Appendix – Tools and References Primary Flow of PIV I and PIV II Sections Description Mandatory Requirements Optional Items Implementation Recommendations Idea and Suggestions Summary

Confidential and Proprietary 3 © 2005 BearingPoint, Inc. All trademarks are property of their respective owners. Organization (Continued) Additional Guidance Meant to be all-inclusive and informative – but not too technical A “living” document with plans for regular update OMB Guidance & FAQ’s Agency Plan Template Implementation Roadmap Migration Planning Acquisition Planning Lesson’s Learned Case Studies Tools & Illustrations Useful Index Common Thread – Education, Training & Awareness

Confidential and Proprietary 4 © 2005 BearingPoint, Inc. All trademarks are property of their respective owners. Implementation Plan Template

Confidential and Proprietary 5 © 2005 BearingPoint, Inc. All trademarks are property of their respective owners. Implementation Roadmap Making the best use of the information Recognizes that all Agencies are at different starting points Provides a sample implementation path (how to get started) 1.Gain a clear understanding of your agency’s current access control policies 2.Reach agreement on future policy as it pertains to HSPD-12. This is key because these policies will drive your requirements 3.Involve the primary Agency Stakeholders in the process 4.Establish a list of objectives your agency wants to achieve while meeting the directive 5.Using the policy decisions develop an initial list of requirements. 6.Communication, Training & Awareness

Confidential and Proprietary 6 © 2005 BearingPoint, Inc. All trademarks are property of their respective owners. Migration Planning

Confidential and Proprietary 7 © 2005 BearingPoint, Inc. All trademarks are property of their respective owners. Sample Organization

Confidential and Proprietary 8 © 2005 BearingPoint, Inc. All trademarks are property of their respective owners. Acquisition Planning Identifying Resource Requirements Change Management Identifying Potential Funding Streams Current Procurement Methods GSA Smart Card Contract Vehicle GSA Schedules Aggregated buy Acquisition Stakeholders

Confidential and Proprietary 9 © 2005 BearingPoint, Inc. All trademarks are property of their respective owners. Acquisition Planning (Continued) Major Components of an Identity Management System

Confidential and Proprietary 10 © 2005 BearingPoint, Inc. All trademarks are property of their respective owners. Anticipating Costs

Confidential and Proprietary 11 © 2005 BearingPoint, Inc. All trademarks are property of their respective owners. Acquisition Planning (Continued) Agency Sponsorship Shared Service Providers Acquisition Planning Template (Appendix A) Statement of Need Background Acquisition Alternatives Life Cycle Costs Delivery Requirements Performance Period Risks as Identified in the OMB Agency Plan

Confidential and Proprietary 12 © 2005 BearingPoint, Inc. All trademarks are property of their respective owners. Lessons Learned & Case Studies Lesson’s Learned Implementation Management Stakeholder Involvement System Design User Training Pre-Issuance Post-Issuance Case Studies Department of State Department of Interior Department of Homeland Security

Confidential and Proprietary 13 © 2005 BearingPoint, Inc. All trademarks are property of their respective owners. Tools Sample PIV Request Form

Confidential and Proprietary 14 © 2005 BearingPoint, Inc. All trademarks are property of their respective owners. Tools Implementation Checklist

Confidential and Proprietary 15 © 2005 BearingPoint, Inc. All trademarks are property of their respective owners. Tools

Confidential and Proprietary 16 © 2005 BearingPoint, Inc. All trademarks are property of their respective owners. Schedule Released for Public Comment Feb Comment Period Closed Mar Comments Incorporated Apr Revision submitted to FICC for Review & Comment Addition of OMB Guidance & Revised Agency Plan Template Planned Updates Conformance Testing Certification & Accreditation Reference Implementation End-User Training GSA Acquisition Services Agency Sponsorship NIST Special Technical Pubs Section 508 (Disabilities Act)

Confidential and Proprietary 17 © 2005 BearingPoint, Inc. All trademarks are property of their respective owners. References  Supporting Publications  SP – Interfaces for Personal Identity Verification (card interface commands and responses)  SP – Biometric Data Specification for Personal Identity Verification  SP –Cryptographic Algorithms and Key Sizes for Personal Identity Verification  NIST PIV Website (  Documents  Frequently Asked Questions (FAQs)  Comments Received in Original Format  FICC Website (CIO.Gov/FICC)  Identity Management Handbook  Smart Card Handbook

Confidential and Proprietary 18 © 2005 BearingPoint, Inc. All trademarks are property of their respective owners. Contact Ralph Billeri BearingPoint Inc Duke St. Suite 700 Alexandria, VA

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.