In September 2008, the Federal CIO Council established the Information Security & Identity Management Committee. The ISIMC, as it is commonly called, was charged with overseeing the government-wide activities related to Cybersecurity and Identity Management. In turn, the ISIMC established four subcommittees. The Identity, Credential and Access Management Subcommittee, often referred to as ICAM is co-chaired by GSA and DoD and is tasked with aligning the Identity Management activities of government, while the remaining three deal with the cybersecurity taskings. There are six working groups associated with the ICAM.
- Federal PKI Policy Authority - administers the policies of Federal PKI
- Roadmap Development Team - review team for the development and content of the ICAM Roadmap and Implementation Guidance
- Architecture Working Group - develop the new ICAM technical architecture
- Citizen Outreach Focus Group - to make recommendation concerning solution sets for government-to-citizen interaction
- Federation Interoperability Working Group - determine business drivers and terms of engagement for inter-organizational trust
- Trust Framework Evaluation Team
- PIV Interoperability Tiger Team
- NSS IdAM Focus Group
- Logical Access Working Group - developing guidance/best practices to assist agencies in implementing log on/authentication capabilities using PIV cards
ICAM Mission: Fostering effective government-wide identity and access management, enabling trust in online transactions through common identity and access management policies and approaches, aligning federal agencies around common identity and access management practices, reducing the identity and access management burden for individual agencies by fostering common interoperable approaches, ensuring alignment across all identity and access management activities that cross individual agency boundaries, and collaborating with external identity management activities through inter-federation to enhance interoperability.
The Federal ICAM segment architecture provides Federal agencies with a consistent approach for managing the vetting and credentialing of individuals requiring access to Federal information systems and facilities. The ICAM segment architecture will serve as an important tool for providing awareness to external mission partners and drive the development and implementation of interoperable solutions.
Enabling Policy and Guidance represents a sampling of the policies, mandates and standards work that has advanced the cause of good identity management for electronic transactions over the past ten years. M-04-04 "E-Authentication Guidance for Federal Agencies" provided the basis for trusted transactions across all four sectors of government while HSPD-12 and FIPS 201 provided a standard or common identity standard for the Federal government. OMB Guidance M-04-04 establishes four authentication assurance levels. NIST Special Publication 800-63 "Electronic Authentication Guideline" supplements OMB Guidance M-04-04.
Additional documentation:
- Use of ESignatures in Federal Agency Transactions
- Modernizing Federal Logical Access Control Systems (LACS) Brochure
- Modernizing Federal Physical Access Control Systems (PACS) Brochure
- PIV Interoperability for Non-Federal Issuers
- Online Government Service
- Federal Identity Credential and Access Management (FICAM) Roadmap and Implementation Guidance, Version 2 (7MB)
- ICAM Roadmap Snapshot
- Personal Identity Verification Interoperable (PIV-I) FAQ
- Federated PACS Demonstration Project
- PIV-I Cross Certification / Approved PIV-I providers and bridges
- Available support for ICAM adopted schemes