Sell FICAM Products and Services
If you are a vendor who wishes to sell identity, credentialing, and access management (ICAM) products and services, or provide consulting services, to the federal government, learn how to get your product or service tested and approved.
Federal agencies require systems and services to be functional, secure, and compatible with other products. The Federal ICAM (FICAM) program supports these requirements by managing the testing of certain products, and by certifying services.
- Product Approval Process – To sell an ICAM product, your product will need to undergo testing. Once approved, your product will be listed on the Approved Products List.
- Consulting Services – To provide consulting services, apply to be on a GSA Schedule.
Product Approval Process
It takes just three steps to get a product approved for use by federal agencies:
- Review testing documents
- Contact a testing lab
- Get on a GSA Schedule
Step 1 – Review Testing Documents
The FICAM testing program, also known as the Federal Information Processing Standard 201 (FIPS 201) Evaluation Program, tests commercial products used in Personal Identity Verification (PIV) credentialing systems, Physical Access Control Systems (PACS), and public key infrastructures (PKI).
Review the applicable testing document(s) for the product(s) you wish to have tested. Products we test include PIV cards and Physical Access Control Systems (PACS).
Step 2 – Contact a Testing Lab
Once you’ve reviewed the testing documents, contact one of the Testing Labs listed below. They’ll walk you through the application and testing process.
There are three Approved Testing Labs that test PIV card stock and badge holders:
- atsec information security corporation
- Contact: Andreas Fabis
- Phone: (512) 615-7300
- Booz Allen Hamilton Cyber Assurance Testing Laboratory
- Contact: Eric Winterton
- Phone: (410) 684-6691
- Contact: Michael Powers
- Phone: (443) 367-7422
GSA manages testing and certification for Physical Access Control Systems (PACS), as well as annual audit testing of production PIV credentials for federal agencies:
- GSA FICAM Testing Lab
- Contact: firstname.lastname@example.org
After your product passes testing, you’ll receive a signed document showing the approval, and your product will be listed on the Approved Products List (APL).
Step 3 – Get on a GSA Schedule
After testing and approval, apply to get your product or service listed on GSA’s IT Schedule 70 and/or Schedule 84.
- Sell through GSA IT Schedule 70 – Agencies use Schedule 70 to fulfill their technology products and services needs.
- Sell through GSA Schedule 84 – Schedule 84 is for products and services related to facility security and facility management systems.
Consulting services involve integrating solutions and/or helping agencies deploy and operate identity and credentialing systems related to PIV and CAC implementations.
GSA certifies consulting services and labor categories through an acquisition schedule:
The Certified System Engineer ICAM PACS (CSEIP) is a certification related to PACS and integration services and is often a requirement to become an approved consultant.
Thanks for your interest in providing FICAM products and services. Please contact us if you have questions or need additional assistance.
Page Reviewed/Updated: January 13, 2019