The FICAM playbooks offer guidance for teams to design and build functional and secure systems that comply with Federal Identity, Credential, and Access Management (FICAM) policies, technologies, and implementation patterns. They are hosted on Github, and provide common patterns to help you implement and execute ICAM at your agency.
- FICAM Architecture Playbook – Learn about the FICAM Enterprise Architecture; view the Services Framework for guidance on Identity Management, Credential Management, and Access Management.
- PIV Usage Guides Playbook – Learn how to implement common Personal Identity Verification (PIV) configurations for logical access.
- Federal PKI Guides Playbook – Learn about the Federal Public Key Infrastructure.
- Physical Access Control System Playbook – Learn about requirements and approaches for physical access control systems to use PIV credentials.
- FICAM Program Management Playbook – Learn how to plan and implement an ICAM program.
- Digital Worker Playbook – Learn how to assess the risk and issue an identity for your digital workforce.
More playbooks are in the works, and will be published here as they are developed. The content in these playbooks was created in collaboration with agencies, and we encourage you to continue to contribute! Watch this video to learn how to contribute to the FICAM Playbooks via Github.
The FICAM Roadmap, developed by working groups under the Federal CIO Council, contains processes, procedures, and considerations for planning and managing logical access, physical access, enterprise identity management, and federation within federal agencies. (Note, the enterprise architecture section of the Roadmap has been superceded by the FICAM Architecture Playbook.)
- FICAM Roadmap and Implementation Guidance (PDF, December 2011) – The authoritative roadmap for the target state of FICAM implementation
- NIST Cybersecurity – NIST’s main cybersecurity website
- NIST Computer Security Resource Center – NIST standards, guidelines, recommendations and research on computer/cyber/information security and privacy
Page Reviewed/Updated: January 15, 2020