Skip to main content
U.S. flag

An official website of the United States government

Dot gov

The .gov means it’s official.
Federal Government websites often end in .gov or .mil. Before sharing sensitive information, make sure you’re on a Federal Government site.

Https

The site is secure.
The https:// ensures that you are connecting to the official website and that any information you provide is encrypted and transmitted securely.

Governance and Compliance

The Federal ICAM (FICAM) program helps federal agencies plan and manage enterprise identity, credentialing and access management (ICAM) through collaboration opportunities and guidance on IT policy, standards, implementation and architecture. Most of the guidance and best practices found on this website are developed through interagency working groups.

ICAM Program Management Guide

The ICAM Program Management Guide explains how to plan and implement an Identity, Credential, and Access Management (ICAM) Program, as outlined in the Federal Identity, Credential, and Access Management (FICAM) Architecture. In this guide, you’ll find content for ICAM program managers who need agency-level planning guides to drive adoption of ICAM services within their organizations, as well as how to govern the program, identify and communicate with stakeholders, manage risk, and other related topics.

This guide answers the most common ICAM program organization and management questions, including:

  • How can I establish governance to ensure ICAM alignment at the agency level?
  • Who are my key ICAM stakeholders?
  • What best practices support ICAM implementation?

The guide is organized by sections, each of which describes an essential feature of ICAM program management, including recommendations and lessons learned from agencies who have implemented ICAM programs.

FICAM Playbooks

The FICAM Roadmap, developed by the Federal CIO Council, contains processes, procedures, and considerations for planning and managing logical access, physical access, identity management, and federation within federal agencies. But the Roadmap was last updated in 2011, and as technology, policy and security practices rapidly evolve, the government must also evolve. To modernize the original FICAM Roadmap, we’ve begun migrating this information to playbooks.

These playbooks are hosted on Github, and provide common policy and patterns to help you implement and execute ICAM at your agency. The playbooks are a government-wide collaboration based on needs and interest of individual agencies and government-wide groups. Reach out to icam at gsa.gov to suggest new topics.

View FICAM playbooks

Announcements

Training

Related Information

  • National Cybersecurity Center of Excellence (NCCoE) – Works with experts from industry, government, and academia to address businesses’ most pressing cybersecurity problems with practical, standards-based solutions using commercially available technologies.
  • NIST Identity & Access Management – Through the NIST Identity and Access Management Resource Center, we seek to share our efforts that strengthen the security, privacy, usability and interoperability of solutions that meet an organization’s identity and access management needs throughout the system lifecycle.