Skip to main content
U.S. flag

An official website of the United States government

Dot gov

The .gov means it’s official.
Federal Government websites often end in .gov or .mil. Before sharing sensitive information, make sure you’re on a Federal Government site.

Https

The site is secure.
The https:// ensures that you are connecting to the official website and that any information you provide is encrypted and transmitted securely.

This is a carousel with auto-rotating slides. Activate any of the buttons to disable rotation. Use Next and Previous buttons to navigate, or jump to a slide using the slide dots.

FICAM

helps the U.S Government agencies achieve Zero Trust cyber maturity quickly.

Learn more about FICAM

Zero Trust

concept assumes there is no implicit trust granted to assets or user accounts based solely on their physical or network location (i.e., local area networks versus the internet) or based on asset ownership (enterprise or personally owned). Authentication and authorization (both subject and device) are discrete functions performed before a session to an enterprise resource is established.

Learn more about Zero Trust

Privileged user

is authorized (and therefore, trusted) to perform security-relevant functions that ordinary users cannot perform—also known as a privileged IT user, privileged network user, or superuser.

Learn more about Privileged user

Phishing resistant authenticator criteria

is usually immune to social engineering type of attacks and provides a greater level of security and resilience than traditional authenticators.

Learn more about Phishing resistant authenticator criteria

Single Sign On

centralizes application access for agency employees and contractors or federate access with other federal executive agencies.

Learn more about Single Sign On

User authorization

is a decision whether to grant access to a user or machine account following authentication. Authorization to resources can be fine grained to help achieve attribute based access vs the traditional role based access.

Learn more about User authorization

Identity lifecycle management

encompasses the activities of creating, identity proofing, vetting, provisioning, aggregating, maintaining, and deactivating digital identities on an agency’s enterprise identity, credential, and access management (ICAM) system.

Learn more about Identity lifecycle management

Partner with us


  • Vendors

    Sell your identity, credential, and access management ICAM products and services to the federal government.

  • Acquisition professionals

    Adopt innovative identity, credential, and access nanagement ICAM products and services to meet your agency's mission-needs.

  • Program managers

    Govern and operate FICAM-compliant systems and services.

Functions


  • Federal public key infrastructure guide

    Federal public key infrastructure guide

    These guides are open source and a work in progress and we welcome contributions from our colleagues. We encourage you to contribute and share information you think is helpful for the Federal PKI community.

    Latest Update: current
    Markdown

  • FIPS 201 evaluation program

    FIPS 201 evaluation program

    The Federal information processing standard 201 FIPS 201 evaluation program (sometimes called the FICAM testing program) tests and certifies services and commercial products used in PIV credentialing systems, physical access control systems (PACS), and public key infrastructures (PKIs).

    Latest Update: current
    Markdown

  • FIPS 201 approved product lists

    FIPS 201 Approved Products Lists

    PIV cards

    PACS components

    PACS awaiting approval

    Removed product list

    Latest Update: current
    Lists

  • GSAPKI shared service provider program guide

    GSAPKI shared service provider program guide

    The General Services Administration GSA, Office of Government-wide Policy, manages the PublicKey Infrastructure(PKI) Shared Services Provider(SSP) program. The primary program focus is to help agencies meet the policy intent of Homeland Security Presidential Directive 12, as well as achieve digital signature interoperability.

    Latest Update: 2023-06
    Markdown


Playbooks


  • Cloud Identity Playbook

    Cloud Identity Playbook

    The Cloud Identity Playbook is a four-step playbook to start or further expand the use of Workforce ICAM Services delivered in a cloud operating model.

    Latest Update: 2022-12
    Markdown

  • Digital Autopen Playbook

    Digital Autopen Playbook

    This playbook outlines the process for an agency to implement a Digital Autopen for Federal Register documents.

    Latest Update: 2023-03
    Markdown

  • Digital Identity Risk Assessment Playbook

    Digital Identity Risk Assessment Playbook

    The Digital Identity Risk Assessment playbook is a six-step playbook for completing a digital identity risk assessment as described in OMB Memo 19-17 and NIST Special Publication 800-63-3.

    Latest Update: 2020-09
    Markdown

  • Digital Worker Identity Playbook

    Digital Worker Identity Playbook

    The Digital Worker Identity Playbook is a practical guide for managing digital worker identities.

    Latest Update: 2022-12
    Markdown

  • Digitally Sign a Microsoft Word Document

    Digitally Sign a Microsoft Word Document

    This guide will walk you through the steps for digitally signing a Microsoft Word document with your PIV credential or similar digital certificate.

    Latest Update: 2018-03
    Markdown

  • Digitally Sign an Office of the Federal Register Document

    Digitally Sign an Office of the Federal Register Document

    This guide will walk you through the procedures for digitally signing a Microsoft Word document for submission to the Office of the Federal Register using your PIV credential or similar digital certificate.

    Latest Update: 2022-08
    Markdown

  • Enterprise Single Sign-On Playbook

    Enterprise Single Sign-On Playbook

    The Enterprise SSO Playbook is a five-step playbook to aid agencies in planning an SSO or Identity Federation service.

    Latest Update: 2021-11
    Markdown

  • ICAM Governance Framework Version 1.0

    ICAM Governance Framework Version 1.0

    The ICAM Governance Framework is a tool to help agencies build and improve agency ICAM governance structures, processes, and policies.

    Latest Update: 2021-09
    PDF

  • Identity Lifecycle Management Playbook

    Identity Lifecycle Management Playbook

    This playbook can aid agencies in understanding how to shift the focus from managing the lifecycle of credentials to the lifecycle of identities outlined in section III of OMB Memo 19-17.

    Latest Update: 2022-12
    Markdown

  • PIV-I for Federal Agencies

    PIV-I for Federal Agencies

    This guide helps federal agencies understand how federal issuers and Non-Federal Issuers (NFI) of PIV-Interoperable (PIV-I) achieve interoperability with the PIV infrastructure.

    Latest Update: 2022-04
    Markdown

  • Privileged Identity Playbook

    Privileged Identity Playbook

    This Playbook provides federal agencies with best practices in managing its privileged user population.

    Latest Update: 2022-12
    Markdown

  • Windows Hello for Business Playbook

    Windows Hello for Business Playbook

    Windows Hello for Business (WHfB) is a playbook to guide administrators through planning, configuring, testing, and implemention.

    Latest Update: 2023-06
    Markdown

IDManagement.gov

An official website of the U.S. General Services Administration

Looking for U.S. government information and services?
Visit USA.gov

This site is a collaboration between GSA and the Federal CIO Council. It is managed by the Identity Assurance and Trusted Access Division in the GSA Office of Government-wide Policy.

Edit this page