STATEMENT OF WORK. For

Size: px
Start display at page:

Download "STATEMENT OF WORK. For"

Transcription

1 STATEMENT OF WORK For Credentialing and Validation Support for DC Homeland Security & Emergency Management Agency (DC HSEMA) IN SUPPORT OF THE GOVERNMENT OF THE DISTRICT OF COLUMBIA November 15, 2012

2 1. INTRODUCTION The Washington DC Government has endorsed the use of General Services Administration (GSA) approved Personal Identity Verification Interoperable (PIV-I) identity credentials for use with specified DC Government personnel. The DC Governments PIV-I credential will be issued based on sound and certified criteria and should be viable for a three year time frame. Purpose The purpose of the Washington District of Columbia Homeland Security and Emergency Management Agency (DC HSEMA) 2012 Presidential Inauguration electronic validation and accountability proof-of-concept is to demonstrate the capability to electronically validate and account for on-scene Emergency Operations Center (EOC) Emergency Liaison Officers (ELO). This capability will provide geospatial data for personnel accountability, situational awareness, and post-event reconstruction to support reimbursement purposes. Background In August 2011, Federal Emergency Management Agency (FEMA) released the National Incident Management System (NIMS) Guideline for the Credentialing of Personnel, which encourages the use of Federal Information Processing Standards (FIPS) 201 credentials, business processes and technology by non-federal entities to achieve interoperability with the Federal Government s Homeland Security Presidential Directive-12 (HSPD-12) credentials. HSPD-12 is a strategic initiative intended to enhance security, increase Government efficiency, reduce identity fraud, and protect personal privacy. Specific benefits of a standardized credential as required by HSPD-12 include secure access to federal facilities and disaster response sites, multi-factor authentication, digital signature and encryption capabilities. The DC Government is seeking support for its DC Homeland Security & Emergency Management Agency (DC HSEMA) Presidential Inauguration Credentialing & Validation program. DC Government anticipates a solution to enable issuance and management of DC HSEMAs PIV-I cards to government personnel. 2. DEFINITIONS DC HSEMA DC DC Homeland Security & Emergency Management Agency FIPS 201- Federal Information Processing Standard (Publication 201) NIST National Institute of Standards and Technology PIV-I Personal Identity Verification Interoperable DOD DEERS Department of Defense Defense Enrollment Eligibility Reporting System CRL - Certificate revocation list

3 3. SCOPE The offeror s PIV-I solution shall be based on uniform standards and policies for issuing identity credentials as defined in FIPS PUB 201-1, the PIV-I standard, and associated NIST publications. This new identity credential will be used by DC Government employees and its support agencies. DC Government will only accept offers from organizations who have been certified by GSA as an end-to-end solution provider and whose PIV-I solution has been certified by GSA on or prior the date of this RFQ release. In addition to issuance of a DC Government PIV-I credential, DC HSEMA is also seeking a solution that will provide for the accountability of government personnel during major events across the region inclusive of but not limited to the Presidential Inauguration and beyond. 3.1 Purpose/Objectives To provide DC government with PIV-I cards, PIV-I credentials, an accountability application, and training on the PIV-I credentials and the accountability application. 3.2 Contractor Performance Responsibilities and Limitations Task 1: Enrollment & Issuance of PIV-I Credentials The initial phase will be 200 with expansion to cover the entire enterprise. Offeror to describe its GSA-certified PIV-I solution to meet the following criteria: Offeror must have 3 previous PIV-I Implementations Offeror must have experience working with DHS/FEMA 128k cards must be available immediately and have the following specifications: a. The physical dimensions are 3 3/8" by 2 1/8" b. Technical specifications are: Oberthur ID One Cosmo PIV Card - 128kv7 (part # ) Dual Interface EEPROM, FIPS Certified, Level 2, Dual Interface, Type A, Minimum Quantity-1000 c. Cards must contain a true card authentication certificate (CAK with asymmetric keys) and the certificate status must be posted on a CRL (certificate revocation list) *****Task 2: Accountability Application Solution shall be capable of registering personnel into an accountability application used for the Presidential Inauguration Accountability checkpoints must work on port 5067 System shall be capable of interfacing with DoD DEERs database

4 4. PERFORMANCE REQUIREMENTS Performance Requirement Provide 200 Cards Configure infrastructure Performance Standard Within ten days of contract award Within ten days of contract award Acceptable Quality Level Surveillance Method and Frequency 100% DC HSEMA will review the cards and assess their compliance with the applicable PIV-I and FIPs 201 standards. 100% Encoding first PIV-I credential according to DC HSEMA specifications.

5 5. DELIVERABLES Deliverable Media Quantity Due Date Accountability Software 1 each Within ten days of contract award application PIV-I Cards Cardstock 200 Immediately following contract award Training In Classroom 1 session Configure Infrastructure Software as a Service 1 Within ten days of contract award

Commonwealth of Virginia Personal Identity Verification-Interoperable (PIV-I) First Responder Authentication Credential (FRAC) Program

Commonwealth of Virginia Personal Identity Verification-Interoperable (PIV-I) First Responder Authentication Credential (FRAC) Program Commonwealth of Virginia Personal Identity Verification-Interoperable (PIV-I) First Responder Authentication Credential (FRAC) Program October 2012 W. Duane Stafford Statewide Credentialing Coordinator

More information

GOALS (2) The goal of this training module is to increase your awareness of HSPD-12 and the corresponding technical standard FIPS 201.

GOALS (2) The goal of this training module is to increase your awareness of HSPD-12 and the corresponding technical standard FIPS 201. PERSONAL IDENTITY VERIFICATION (PIV) OVERVIEW INTRODUCTION (1) Welcome to the Homeland Security Presidential Directive 12 (HSPD-12) Personal Identity Verification (PIV) Overview module, designed to familiarize

More information

HSPD-12 Homeland Security Presidential Directive #12 Overview

HSPD-12 Homeland Security Presidential Directive #12 Overview HSPD-12 Homeland Security Presidential Directive #12 Overview HSPD-12 Stands for Homeland Security Presidential Directive #12. HSPD-12 is the Policy for a Common Identification Standard for Federal Employees

More information

NOAA HSPD-12 PIV-II Implementation October 23, 2007. Who is responsible for implementation of HSPD-12 PIV-II?

NOAA HSPD-12 PIV-II Implementation October 23, 2007. Who is responsible for implementation of HSPD-12 PIV-II? NOAA HSPD-12 PIV-II Implementation What is HSPD-12? Homeland Security Presidential Directive 12 (HSPD-12) is a Presidential requirement signed on August 27, 2004 requiring Federal agencies comply with

More information

National Capital Region. Electronic Designation and Validation of Federal/Emergency Response Officials (F/EROs) in support of National Preparedness

National Capital Region. Electronic Designation and Validation of Federal/Emergency Response Officials (F/EROs) in support of National Preparedness National Capital Region Electronic Designation and Validation of Federal/Emergency Response Officials (F/EROs) in support of National Preparedness Presented to TechAmerica February 25, 2009 Topics for

More information

For Official Use Only (FOUO)

For Official Use Only (FOUO) The FEMA Mission To support our citizens and first responders to ensure that as a nation we work together to build, sustain, and improve our capability to prepare for, protect against, respond to, and

More information

IDaaS: Managed Credentials for Local & State Emergency Responders

IDaaS: Managed Credentials for Local & State Emergency Responders IDaaS: Managed Credentials for Local & State Emergency Responders NextgenID ID*TRUST Platform NextgenID - Headquarters USA 10226 San Pedro, Suite 100 San Antonio, TX 78216 +1 (210) 530-9991 www.nextgenid.com

More information

Enabling Security, Compliance and Efficiency: Achieve Your Federal Identification Credentialing Goals

Enabling Security, Compliance and Efficiency: Achieve Your Federal Identification Credentialing Goals Enabling Security, Compliance and Efficiency: Achieve Your Federal Identification Credentialing Goals executive summary Identity management and verification depend on trusted credentialing technologies.

More information

GAO PERSONAL ID VERIFICATION. Agencies Should Set a Higher Priority on Using the Capabilities of Standardized Identification Cards

GAO PERSONAL ID VERIFICATION. Agencies Should Set a Higher Priority on Using the Capabilities of Standardized Identification Cards GAO United States Government Accountability Office Report to Congressional Requesters September 2011 PERSONAL ID VERIFICATION Agencies Should Set a Higher Priority on Using the Capabilities of Standardized

More information

An Operational Architecture for Federated Identity Management

An Operational Architecture for Federated Identity Management An Operational Architecture for Federated Identity Management March 2011 Implementing federated identity management and assurance in operational scenarios Federated Identity Solution The Federated identity

More information

E X E C U T I V E O F F I CE O F T H E P R E S I D EN T

E X E C U T I V E O F F I CE O F T H E P R E S I D EN T EXECUTIVE OFFICE OF THE PRESIDENT OFFICE OF MANAGEMENT AND BUDGET WASHINGTON, D.C. 20503 THE DIRECTOR M-05-24 August 5, 2005 MEMORANDUM FOR THE HEADS OF ALL DEPARTMENTS AND AGENCIES FROM: SUBJECT: Joshua

More information

DEPARTMENT OF DEFENSE 6000 DEFENSE PENTAGON WASHINGTON, DC 20301-6000

DEPARTMENT OF DEFENSE 6000 DEFENSE PENTAGON WASHINGTON, DC 20301-6000 DEPARTMENT OF DEFENSE 6000 DEFENSE PENTAGON WASHINGTON, DC 20301-6000 CHIEF INFORMATION OFFICER OCT 05 2010 MEMORANDUM FOR SECRETARIES OF THE MILITARY DEPARTMENTS CHAIRMAN OF THE JOrNT CHIEFS OF STAFF

More information

Announcing Approval of Federal Information Processing Standard (FIPS) Publication 201-2,

Announcing Approval of Federal Information Processing Standard (FIPS) Publication 201-2, This document is scheduled to be published in the Federal Register on 09/05/2013 and available online at http://federalregister.gov/a/2013-21491, and on FDsys.gov Billing Code 3510-13 DEPARTMENT OF COMMERCE

More information

DEPARTMENTAL REGULATION

DEPARTMENTAL REGULATION U.S. DEPARTMENT OF AGRICULTURE WASHINGTON, D.C. 20250 DEPARTMENTAL REGULATION SUBJECT: Identity, Credential, and Access Management Number: 3640-001 DATE: December 9, 2011 OPI: Office of the Chief Information

More information

US Security Directive FIPS 201

US Security Directive FIPS 201 Security US Security Directive FIPS 201 Compliance Strategies Learn about compliance strategies for governmental agencies in meeting requirements of Homeland Security Presidential Directive 12 (HSPD-12),

More information

What Does it Mean to be PIVish in PACS ICAM PIV in E-PACS Guidance v2.0.2 the short form. December 3, 2012

What Does it Mean to be PIVish in PACS ICAM PIV in E-PACS Guidance v2.0.2 the short form. December 3, 2012 Federal CIO Council Information Security and Identity Management Committee IDManagement.gov What Does it Mean to be PIVish in PACS ICAM PIV in E-PACS Guidance v2.0.2 the short form December 3, 2012 HSPD-12

More information

Audio: This overview module contains an introduction, five lessons, and a conclusion.

Audio: This overview module contains an introduction, five lessons, and a conclusion. Homeland Security Presidential Directive 12 (HSPD 12) Overview Audio: Welcome to the Homeland Security Presidential Directive 12 (HSPD 12) overview module, the first in a series of informational modules

More information

Interagency Advisory Board Meeting Agenda, September 27, 2010

Interagency Advisory Board Meeting Agenda, September 27, 2010 Interagency Advisory Board Meeting Agenda, September 27, 2010 1. Opening Remarks 2. Transportation Worker Identity Credential Program Status Update (John Schwartz, TWIC PM) 3. Virginia First Responder

More information

Understanding the differences in PIV, PIV-I, PIV-C August 23, 2010

Understanding the differences in PIV, PIV-I, PIV-C August 23, 2010 Federal CIO Council Information Security and Identity Management Committee Identity, Credential, and Access Management Understanding the differences in PIV, PIV-I, PIV-C August 23, 2010 Tim Baldridge AWG

More information

FOUR PILLARS FOR A SUCCESSFUL PIV ECOSYSTEM

FOUR PILLARS FOR A SUCCESSFUL PIV ECOSYSTEM FOUR PILLARS FOR A SUCCESSFUL PIV ECOSYSTEM Four Pillars that HSPD-12 Programs must consider for a secure, efficient, interoperable PIV enterprise deployment. Continued HSPD-12 Implementation under OMB

More information

Enrolling with PIV and PIV-I Velocity Enrollment Manager

Enrolling with PIV and PIV-I Velocity Enrollment Manager Enrolling with PIV and PIV-I Velocity Enrollment Manager Overview The Homeland Security Presidential Directive 12 (HSPD-12) called for a common identification standard to be adopted by all Federal Government

More information

~ Final Credentialing Standards for Issuing Personal Identity Verification Cards under HSPD-12

~ Final Credentialing Standards for Issuing Personal Identity Verification Cards under HSPD-12 UNITED STATES OFFICE OF PERSONNEL MANAGEMENT Washington, DC 20415 The Director July 31, 2008 MEMORANDUM FOR HEADS OF DEPARTMENTS AND AGENCIES FROM: SUBJECT: LINDA M. SPRINGER DIRECTOR ~ Final Credentialing

More information

I N F O R M A T I O N S E C U R I T Y

I N F O R M A T I O N S E C U R I T Y NIST Special Publication 800-78-3 DRAFT Cryptographic Algorithms and Key Sizes for Personal Identity Verification W. Timothy Polk Donna F. Dodson William E. Burr Hildegard Ferraiolo David Cooper I N F

More information

I N F O R M A T I O N S E C U R I T Y

I N F O R M A T I O N S E C U R I T Y NIST Special Publication 800-78-2 DRAFT Cryptographic Algorithms and Key Sizes for Personal Identity Verification W. Timothy Polk Donna F. Dodson William. E. Burr I N F O R M A T I O N S E C U R I T Y

More information

U.S. Department of Energy Washington, D.C.

U.S. Department of Energy Washington, D.C. U.S. Department of Energy Washington, D.C. ORDER DOE O 206.2 Approved: SUBJECT: IDENTITY, CREDENTIAL, AND ACCESS MANAGEMENT (ICAM) 1. PURPOSE. To establish requirements and responsibilities for DOE s identity,

More information

Card Management System Integration Made Easy: Tools for Enrollment and Management of Certificates. September 2006

Card Management System Integration Made Easy: Tools for Enrollment and Management of Certificates. September 2006 Card Management System Integration Made Easy: Tools for Enrollment and Management of Certificates September 2006 Copyright 2006 Entrust. All rights reserved. www.entrust.com Entrust is a registered trademark

More information

Derived credentials. NIST SP 800-63-1 ( 5.3.5) provides for long term derived credentials

Derived credentials. NIST SP 800-63-1 ( 5.3.5) provides for long term derived credentials Daon your trusted Identity Partner Derived Credentials A Use Case Cathy Tilton Daon 1 February 2012 Derived credentials NIST SP 800-63-1 ( 5.3.5) provides for long term derived credentials Derived credential

More information

NATIONAL INCIDENT MANAGEMENT SYSTEM

NATIONAL INCIDENT MANAGEMENT SYSTEM Guideline for the Credentialing of Personnel NATIONAL INCIDENT MANAGEMENT SYSTEM Guideline for the Credentialing of Personnel i Guideline for the Credentialing of Personnel This page intentionally left

More information

The Government-wide Implementation of Biometrics for HSPD-12

The Government-wide Implementation of Biometrics for HSPD-12 The Government-wide Implementation of Biometrics for HSPD-12 David Temoshok Director, Identity Policy and Management GSA Office of Governmentwide Policy September 24, 2008 1 The HSPD-12 Mandate Home Security

More information

HSPD-12 Implementation Architecture Working Group Concept Overview. Version 1.0 March 17, 2006

HSPD-12 Implementation Architecture Working Group Concept Overview. Version 1.0 March 17, 2006 HSPD-12 Implementation Architecture Working Group Concept Overview Version 1.0 March 17, 2006 Table of Contents 1 PIV Lifecycle... 3 2 High Level Component Interaction Diagram... 4 3 PIV Infrastructure

More information

SIGNIFICANT CHANGES DOCUMENT

SIGNIFICANT CHANGES DOCUMENT SIGNIFICANT CHANGES DOCUMENT Descriptive Title Schedule 70_MassModification_Health IT SIN Significant Changes Disclaimer Language DISCLAIMER: GSA FAS is posting this notification of a planned solicitation

More information

GSA FIPS 201 Evaluation Program

GSA FIPS 201 Evaluation Program GSA FIPS 201 Evaluation Program David Temoshok Director, Federal Identity Policy and Management GSA Office of Governmentwide Policy NIST/DHS/TSA TWIC QPL Workshop April 21, 2010 1 HSPD-12 Government-wide

More information

Government Compliance Document FIPS 201, FIPS 197, FIPS 140-2

Government Compliance Document FIPS 201, FIPS 197, FIPS 140-2 Government Compliance Document FIPS 201, FIPS 197, FIPS 140-2 AMAG Technology has been providing tailored and unified security solutions across a range of government agencies facilities for many years.

More information

NIST s FIPS 201: Personal Identity Verification (PIV) of Federal Employees and Contractors Masaryk University in Brno Faculty of Informatics

NIST s FIPS 201: Personal Identity Verification (PIV) of Federal Employees and Contractors Masaryk University in Brno Faculty of Informatics NIST s FIPS 201: Personal Identity Verification (PIV) of Federal Employees and Contractors Masaryk University in Brno Faculty of Informatics Jan Krhovják Outline Introduction and basics of PIV Minimum

More information

Identity, Credential, and Access Management. An information exchange For Information Security and Privacy Advisory Board

Identity, Credential, and Access Management. An information exchange For Information Security and Privacy Advisory Board Federal CIO Council Information Security and Identity Management Committee Identity, Credential, and Access Management An information exchange For Information Security and Privacy Advisory Board Deb Gallagher

More information

Emergency Response Official Credentials A Smart Card Alliance White Paper. Salvatore D Agostino CEO, IDmachines LLC sal@idmachines.

Emergency Response Official Credentials A Smart Card Alliance White Paper. Salvatore D Agostino CEO, IDmachines LLC sal@idmachines. Emergency Response Official Credentials A Smart Card Alliance White Paper Salvatore D Agostino CEO, IDmachines LLC sal@idmachines.com Smart Card Alliance Broad collection of professionals working with

More information

NATIONAL INCIDENT MANAGEMENT SYSTEM INTEGRATION CENTER

NATIONAL INCIDENT MANAGEMENT SYSTEM INTEGRATION CENTER Department of Homeland Security Management Directive System MD Number: 9500 NATIONAL INCIDENT MANAGEMENT SYSTEM INTEGRATION CENTER I. Purpose This directive establishes a National Incident Management System

More information

Privacy Impact Assessment of. Personal Identity Verification Program

Privacy Impact Assessment of. Personal Identity Verification Program Official of Federal Governors Reserve seal of of the System. Board Program or application name. Privacy Impact Assessment of Personal Identity Verification Program Personal Identity Verification (PIV)

More information

Identity, Credential, and Access Management. Open Solutions for Open Government

Identity, Credential, and Access Management. Open Solutions for Open Government Federal CIO Council Information Security and Identity Management Committee Identity, Credential, and Access Management www.idmanagement.gov Open Solutions for Open Government Judith Spencer Co-Chair, ICAM

More information

ITTF POLICY STATEMENT 2010 (6)

ITTF POLICY STATEMENT 2010 (6) Pat Quinn, Governor State of Illinois Joseph Klinger Homeland Security Advisor Mike Chamness - Chair Illinois Terrorism Task Force 2200 South Dirksen Parkway ~ Springfield, IL 62703-4528 ~ phone: (217)

More information

FEDERAL IDENTITY, CREDENTIAL, AND ACCESS MANAGEMENT AND PERSONAL IDENTITY VERIFICATION (PIV) SOLUTIONS

FEDERAL IDENTITY, CREDENTIAL, AND ACCESS MANAGEMENT AND PERSONAL IDENTITY VERIFICATION (PIV) SOLUTIONS FEDERAL IDENTITY, CREDENTIAL, AND ACCESS MANAGEMENT AND PERSONAL IDENTITY VERIFICATION (PIV) SOLUTIONS Homeland Security Presidential Directive 12 (HSPD 12), FIPS 201, and the latest Federal Identity,

More information

CoSign by ARX for PIV Cards

CoSign by ARX for PIV Cards The Digital Signature Company CoSign by ARX for PIV Cards Seamless and affordable digital signature processes across FIPS 201-compliant systems Introduction to Personal Identity Verification (PIV) In response

More information

Identity and Access Management Initiatives in the United States Government

Identity and Access Management Initiatives in the United States Government Identity and Access Management Initiatives in the United States Government Executive Office of the President November 2008 Importance of Identity Management within the Federal Government "Trusted Identity"

More information

Federal Identity, Credentialing, and Access Management. Personal Identity Verification Interoperable (PIV-I) Test Plan. Version 1.1.

Federal Identity, Credentialing, and Access Management. Personal Identity Verification Interoperable (PIV-I) Test Plan. Version 1.1. Federal Identity, Credentialing, and Access Management Personal Identity Verification Interoperable (PIV-I) Test Plan Version 1.1.0 Final February 22, 2011 Table of Contents 1 Introduction... 1 1.1 Background...

More information

Federal PKI (FPKI) Community Transition to SHA-256 Frequently Asked Questions (FAQ)

Federal PKI (FPKI) Community Transition to SHA-256 Frequently Asked Questions (FAQ) Federal PKI (FPKI) Community Transition to SHA-256 Frequently Asked Questions (FAQ) Version 1.0 January 18, 2011 Table of Contents 1. INTRODUCTION... 3 1.1 BACKGROUND... 3 1.2 OBJECTIVE AND AUDIENCE...

More information

JEM Establishing identity during a disaster: The Emergency Management Assistance Compact and the First Responder Authentication Credential

JEM Establishing identity during a disaster: The Emergency Management Assistance Compact and the First Responder Authentication Credential JEM Establishing identity during a disaster: The Emergency Management Assistance Compact and the First Responder Authentication Credential Jillian A. Williams, JD Aileen B. Xenakis, JD ABSTRACT As emergencies

More information

STATE OF LOUISIANA STANDARD OPERATING PROCEDURE. Statewide Credentialing/Access Program. All Hazards Access

STATE OF LOUISIANA STANDARD OPERATING PROCEDURE. Statewide Credentialing/Access Program. All Hazards Access STATE OF LOUISIANA STANDARD OPERATING PROCEDURE Statewide Credentialing/Access Program All Hazards Access STATE OF LOUISIANA STANDARD OPERATING PROCEDURE Critical Infrastructure Owners/Operators Pilot

More information

RAPIDS Self Service User Guide

RAPIDS Self Service User Guide Page 1 RAPIDS Self Service User Guide https://www.dmdc.osd.mil/self_service Page 2 Introduction The RAPIDS Self Service (RSS) application provides sponsors with the capability to generate a DD Form 1172-2

More information

INFORMATION SHARING ENVIRONMENT GUIDANCE (ISE-G) IDENTITY AND ACCESS MANAGEMENT FRAMEWORK FOR THE ISE VERSION 1.0

INFORMATION SHARING ENVIRONMENT GUIDANCE (ISE-G) IDENTITY AND ACCESS MANAGEMENT FRAMEWORK FOR THE ISE VERSION 1.0 INFORMATION SHARING ENVIRONMENT GUIDANCE (ISE-G) IDENTITY AND ACCESS MANAGEMENT FRAMEWORK FOR THE ISE VERSION 1.0 1. Authority. The National Security Act of 1947, as amended; The Intelligence Reform and

More information

OFFICE OF THE INSPECTOR GENERAL SOCIAL SECURITY ADMINISTRATION

OFFICE OF THE INSPECTOR GENERAL SOCIAL SECURITY ADMINISTRATION OFFICE OF THE INSPECTOR GENERAL SOCIAL SECURITY ADMINISTRATION CONTRACTOR SECURITY OF THE SOCIAL SECURITY ADMINISTRATION S HOMELAND SECURITY PRESIDENTIAL DIRECTIVE 12 CREDENTIALS June 2012 A-14-11-11106

More information

Entrust Smartcard & USB Authentication

Entrust Smartcard & USB Authentication Entrust Smartcard & USB Authentication Technical Specifications Entrust IdentityGuard smartcard- and USB-based devices allow organizations to leverage strong certificate-based authentication of user identities

More information

The Convergence of IT Security and Physical Access Control

The Convergence of IT Security and Physical Access Control The Convergence of IT Security and Physical Access Control Using a Single Credential to Secure Access to IT and Physical Resources Executive Summary Organizations are increasingly adopting a model in which

More information

Evaluation Report. Weaknesses Identified During the FY 2013 Federal Information Security Management Act Review. April 30, 2014 Report Number 14-12

Evaluation Report. Weaknesses Identified During the FY 2013 Federal Information Security Management Act Review. April 30, 2014 Report Number 14-12 Evaluation Report Weaknesses Identified During the FY 2013 Federal Information Security Management Act Review April 30, 2014 Report Number 14-12 U.S. Small Business Administration Office of Inspector General

More information

Department of Veterans Affairs VA DIRECTIVE 6510 VA IDENTITY AND ACCESS MANAGEMENT

Department of Veterans Affairs VA DIRECTIVE 6510 VA IDENTITY AND ACCESS MANAGEMENT Department of Veterans Affairs VA DIRECTIVE 6510 Washington, DC 20420 Transmittal Sheet VA IDENTITY AND ACCESS MANAGEMENT 1. REASON FOR ISSUE: This Directive defines the policy and responsibilities to

More information

Department of Defense INSTRUCTION

Department of Defense INSTRUCTION Department of Defense INSTRUCTION NUMBER 1000.13 January 23, 2014 USD(P&R) SUBJECT: Identification (ID) Cards for Members of the Uniformed Services, Their Dependents, and Other Eligible Individuals References:

More information

2. Each server or domain controller requires its own server certificate, DoD Root Certificates and enterprise validator installed.

2. Each server or domain controller requires its own server certificate, DoD Root Certificates and enterprise validator installed. Purpose and Scope The purpose of this policy is to define the roles and responsibilities on implementing the Homeland Security Presidential Directive 12 (HSPD-12) Logical Access Control (LAC) throughout

More information

FY14 Q2 Chief Information Officer Federal Information Security Management Act Reporting Metrics v1.0

FY14 Q2 Chief Information Officer Federal Information Security Management Act Reporting Metrics v1.0 FY14 Q2 Chief Information Officer Federal Information Security Management Act Reporting Metrics v1.0 Prepared by: US Department of Homeland Security Office of Cybersecurity and Communications Federal Network

More information

Justice Management Division

Justice Management Division Justice Management Division Privacy Impact Assessment for the Personal Identity Verification (PIV) Card System Issued by: Stuart Frisch, Senior Component Official for Privacy Reviewed by: Vance E. Hitch,

More information

Identity & Privacy Protection

Identity & Privacy Protection Identity & Privacy Protection An Essential Component for a Federated Access Ecosystem Dan Turissini - CTO, WidePoint Corporation turissd@orc.com 703 246 8550 CyberSecurity One of the most serious economic

More information

SecurityManager. Enterprise Personnel & Physical Security Case Management Solution for Federal Agencies

SecurityManager. Enterprise Personnel & Physical Security Case Management Solution for Federal Agencies SecurityManager Enterprise Personnel & Physical Security Case Management Solution for Federal Agencies SecurityManager is THE CENTECH GROUP, Inc s (CENTECH s) Web-based enterprise case management solution

More information

Federal Identity Management Handbook

Federal Identity Management Handbook September 2005 PUBLIC DRAFT Acknowledgements The Office of Management and Budget and the Federal Identity Credentialing Committee would like to acknowledge the significant contributions of the National

More information

NSF AuthentX Identity Management System (IDMS) Privacy Impact Assessment. Version: 1.1 Date: 12/04/2006. National Science Foundation

NSF AuthentX Identity Management System (IDMS) Privacy Impact Assessment. Version: 1.1 Date: 12/04/2006. National Science Foundation This document has been archived and replaced by piaauthentx1207..0 National Science Foundation NSF AuthentX Identity Management System (IDMS) Privacy Impact Assessment Version: 1.1 Date: 12/04/2006 Table

More information

SYSTEM NAME: Digital Identity Access Management System (DIAMS) - P281. SYSTEM LOCATION: U.S. Department of Housing and Urban Development, 451 Seventh

SYSTEM NAME: Digital Identity Access Management System (DIAMS) - P281. SYSTEM LOCATION: U.S. Department of Housing and Urban Development, 451 Seventh SYSTEM OF RECORDS NO.: OCIO/QN.01 SYSTEM NAME: Digital Identity Access Management System (DIAMS) - P281 SYSTEM LOCATION: U.S. Department of Housing and Urban Development, 451 Seventh Street, SW, Washington

More information

Practical Challenges in Adopting PIV/PIV-I

Practical Challenges in Adopting PIV/PIV-I UNCLASSIFIED Practical Challenges in Adopting PIV/PIV-I Hank Morris UNCLASSIFIED 2 UNCLASSIFIED // FOUO Purpose and Agenda Purpose: Explore the policy, process, and mechanisms to securely leverage biometrics

More information

Moving to Multi-factor Authentication. Kevin Unthank

Moving to Multi-factor Authentication. Kevin Unthank Moving to Multi-factor Authentication Kevin Unthank What is Authentication 3 steps of Access Control Identification: The entity makes claim to a particular Identity Authentication: The entity proves that

More information

Information Technology Policy

Information Technology Policy Information Technology Policy Identity Protection and Access Management (IPAM) Architectural Standard Identity Management Services ITP Number ITP-SEC013 Category Recommended Policy Contact RA-ITCentral@pa.gov

More information

Final Exam for: IS-700.a National Incident Management System (NIMS), I-700

Final Exam for: IS-700.a National Incident Management System (NIMS), I-700 Final Exam for: IS-700.a National Incident Management System (NIMS), I-700 Privacy Act Statement (Public Law 93 579) Please note that you will be required to enter your Social Security number at the completion

More information

Interagency Advisory Board Meeting Agenda, March 5, 2009

Interagency Advisory Board Meeting Agenda, March 5, 2009 Interagency Advisory Board Meeting Agenda, March 5, 2009 1. Opening Remarks (Tim Baldridge, NASA) 2. Federal Identity, Credential, and Access Management (ICAM) The Future of the Government s IDM Strategy

More information

Interagency Advisory Board Meeting Agenda, Wednesday, February 22, 2012

Interagency Advisory Board Meeting Agenda, Wednesday, February 22, 2012 Interagency Advisory Board Meeting Agenda, Wednesday, February 22, 2012 1. Opening Remarks (Mr. Tim Baldridge, IAB Chair) 2. Generic Identity Command Set (GICS): Leveraging PIV to Build a Standard Platform

More information

Smart Cards and Biometrics in Physical Access Control Systems

Smart Cards and Biometrics in Physical Access Control Systems Smart Cards and Biometrics in Physical Access Control Systems Robert J. Merkert, Sr. Vice President of Sales Americas Biometric Consortium 2005 Conference September 21, 2005 All Company and/or product

More information

Department of Defense SHA-256 Migration Overview

Department of Defense SHA-256 Migration Overview Department of Defense SHA-256 Migration Overview 18 March 2011 Tim Fong DoD-CIO/ IIA Timothy.Fong@osd.mil General Observations This is Important INFOSEC: Algorithms can be compromised over time. Crypto

More information

U.S. Department of Housing and Urban Development

U.S. Department of Housing and Urban Development U.S. Department of Housing and Urban Development PRIVACY IMPACT ASSESSMENT FOR: PERSONAL IDENTITY VERIFICATION (PIV) PROCESS TECHNOLOGY AND DATABASE IN COMPLIANCE WITH HOMELAND SECURITY PRESIDENTIAL DIRECTIVE

More information

Personal Identity Verification (PIV) of Federal Employees and Contractors

Personal Identity Verification (PIV) of Federal Employees and Contractors FIPS PUB 201-2 FEDERAL INFORMATION PROCESSING STANDARDS PUBLICATION Personal Identity Verification (PIV) of Federal Employees and Contractors Computer Security Division Information Technology Laboratory

More information

Georgia Emergency Operations Plan. Emergency Support Function # 5 Annex Emergency Management

Georgia Emergency Operations Plan. Emergency Support Function # 5 Annex Emergency Management Emergency Support Function # 5 Annex Emergency Management 2015 Emergency Support Function #5 E S F C o o r d i nator and Support Ag e n c i e s ESF C oordi na t or Georgia Emergency Management Agency/Homeland

More information

The Implementation of Homeland Security Presidential Directive 12

The Implementation of Homeland Security Presidential Directive 12 The Implementation of Homeland Security Presidential Directive 12 David Temoshok Director, Identity Policy and Management GSA Office of Governmentwide Policy Information Security and Privacy Advisory Board

More information

DEPARTMENT OF DEFENSE GUIDEBOOK FOR CAC-ELIGIBLE CONTRACTORS FOR UNCLASSIFIED NETWORK ACCESS

DEPARTMENT OF DEFENSE GUIDEBOOK FOR CAC-ELIGIBLE CONTRACTORS FOR UNCLASSIFIED NETWORK ACCESS DEPARTMENT OF DEFENSE GUIDEBOOK FOR CAC-ELIGIBLE CONTRACTORS FOR UNCLASSIFIED NETWORK ACCESS 21 NOVEMBER 2014 Contents SCOPE CHAPTER 1 INTRODUCTION... 4 1.1 PURPOSE AND BACKGROUND... 4 1.2 POLICY AND REGULATIONS...

More information

Personal Identity Verification (PIV) of Federal Employees and Contractors

Personal Identity Verification (PIV) of Federal Employees and Contractors FIPS PUB 201-2 FEDERAL INFORMATION PROCESSING STANDARDS PUBLICATION Personal Identity Verification (PIV) of Federal Employees and Contractors Computer Security Division Information Technology Laboratory

More information

Department of Defense INSTRUCTION

Department of Defense INSTRUCTION Department of Defense INSTRUCTION NUMBER 1000.25 March 2, 2016 USD(P&R) SUBJECT: DoD Personnel Identity Protection (PIP) Program References: See Enclosure 1 1. PURPOSE. This instruction: a. Reissues DoD

More information

Strong Authentication for PIV and PIV-I using PKI and Biometrics

Strong Authentication for PIV and PIV-I using PKI and Biometrics Strong Authentication for PIV and PIV-I using PKI and Biometrics Adam Shane PSP, Product Manager and Sr. Systems Design Architect AMAG Technology Bob Fontana CSCIP/G, Vice President-Federal Identity Codebench/HID

More information

The following NIMS FAQ was prepared by NIMS on-line, which has additional information at www.nimsonline.com.

The following NIMS FAQ was prepared by NIMS on-line, which has additional information at www.nimsonline.com. The National Incident Management System is a structure for management large-scale or multi-jurisdictional incidents. It is being phased in at the federal, state and local levels. Eventually, any jurisdiction

More information

INCIDENT SCENE AUTHORIZED ACCESS USING A MOBILE DEVICE

INCIDENT SCENE AUTHORIZED ACCESS USING A MOBILE DEVICE INCIDENT SCENE AUTHORIZED ACCESS USING A MOBILE DEVICE Karyn Higa-Smith DHS Science and Technology Directorate Homeland Security Advanced Research Projects Agency CyberSecurity Division Session ID: PNG-F42A

More information

Using FIPS 201 and the PIV Card for the Corporate Enterprise

Using FIPS 201 and the PIV Card for the Corporate Enterprise Using FIPS 201 and the PIV Card for the Corporate Enterprise A Smart Card Alliance White Paper Publication Date: October 2008 Publication Number: IC-08002 Smart Card Alliance 191 Clarksville Rd. Princeton

More information

Personal Identity Verification

Personal Identity Verification for the Personal Identity Verification Contact Point Cynthia Sjoberg Program Manager, HSPD 12 Training and Operations Security Division Office of Security Department of Homeland Security (202) 447 5010

More information

2. APPLICABILITY AND SCOPE

2. APPLICABILITY AND SCOPE Department of Defense DIRECTIVE NUMBER 1000.25 July 19, 2004 Certified Current as of April 23, 2007 USD(P&R) SUBJECT: DoD Personnel Identity Protection (PIP) Program References: (a) DoD Directive 1000.22,

More information

Homeland Security Presidential Directive HSPD-12 PIV-1 Implementation And Suitability Processing

Homeland Security Presidential Directive HSPD-12 PIV-1 Implementation And Suitability Processing Homeland Security Presidential Directive HSPD-12 PIV-1 Implementation And Suitability Processing POLICIES & PROCEDURES U.S. Department of Commerce National Oceanic and Atmospheric Administration (Revised

More information

FITSP-Auditor Candidate Exam Guide

FITSP-Auditor Candidate Exam Guide FITSP-Auditor Candidate Exam An Overview of the FITSP-A Certification 2010 Edition Copyright 2009-2010 FITSI 1 FITSP-Auditor Candidate Exam This page is left intentionally blank Copyright 2009-2010 FITSI

More information

National Capital Region: Urban Area Security Initiatives Grants Subgrants as of 01/31/14

National Capital Region: Urban Area Security Initiatives Grants Subgrants as of 01/31/14 National Capital Region: Urban Area Initiatives Grants Subgrants as of 01/31/14 Year Subgrantee Subgrant Name Award All Hazards Consortium HSEMA Performance and Professional Development Initiative (DC

More information

HOMELAND SECURITY AND EMERGENCY MANAGEMENT AGENCY HSEMA (BN)

HOMELAND SECURITY AND EMERGENCY MANAGEMENT AGENCY HSEMA (BN) HOMELAND SECURITY AND EMERGENCY AGENCY HSEMA (BN) MISSION The mission of the District of Columbia s (HSEMA) is to manage the District s emergency operations to prevent, respond to and recover from natural

More information

Small Business Administration Privacy Impact Assessment

Small Business Administration Privacy Impact Assessment Small Business Administration Privacy Impact Assessment Name of Project: Personal Identity Verification (PIV)/ Homeland Security Presidential Directive 12 (HSPD-12) (Note: This PIA is intended to cover

More information

RF-Enabled Applications and Technology: Comparing and Contrasting RFID and RF-Enabled Smart Cards

RF-Enabled Applications and Technology: Comparing and Contrasting RFID and RF-Enabled Smart Cards RF-Enabled Applications and Technology: Comparing and Contrasting RFID and RF-Enabled Smart Cards January 2007 Developed by: Smart Card Alliance Identity Council RF-Enabled Applications and Technology:

More information

Compliance Risk Management IT Governance Assurance

Compliance Risk Management IT Governance Assurance Compliance Risk Management IT Governance Assurance Solutions That Matter Introduction to Federal Information Security Management Act (FISMA) Without proper safeguards, federal agencies computer systems

More information

Report No. D-2008-104 June 23, 2008. DoD Implementation of Homeland Security Presidential Directive-12

Report No. D-2008-104 June 23, 2008. DoD Implementation of Homeland Security Presidential Directive-12 Report No. D-2008-104 June 23, 2008 DoD Implementation of Homeland Security Presidential Directive-12 Additional Information and Copies To obtain additional copies of this report, visit the Web site of

More information

Federal Identity, Credential, and Access Management (FICAM) Roadmap and Implementation Guidance

Federal Identity, Credential, and Access Management (FICAM) Roadmap and Implementation Guidance Federal Identity, Credential, and Access Management (FICAM) Roadmap and Implementation Guidance December 2, 2011 Powered by the Federal Chief Information Officers Council and the Federal Enterprise Architecture

More information

TREASURY INSPECTOR GENERAL FOR TAX ADMINISTRATION

TREASURY INSPECTOR GENERAL FOR TAX ADMINISTRATION TREASURY INSPECTOR GENERAL FOR TAX ADMINISTRATION Progress Has Been Made; However, Significant Work Remains to Achieve Full Implementation of Homeland Security Presidential Directive 12 September 12, 2014

More information

National Institute of Standards and Technology-- Use of Electronic Data Interchange Technology to Create Valid Obligations

National Institute of Standards and Technology-- Use of Electronic Data Interchange Technology to Create Valid Obligations OF COMPTROLLER T H E UN IT ED GENERAL S TAT ES Comptroller General of the United States Washington, D.C. 20548 Decision Matter of: National Institute of Standards and Technology-- Use of Electronic Data

More information

Personal Identity Verification (PIV) of Federal Employees and Contractors

Personal Identity Verification (PIV) of Federal Employees and Contractors FIPS PUB 201-1 Change Notice 1 FEDERAL INFORMATION PROCESSING STANDARDS PUBLICATION Personal Identity Verification (PIV) of Federal Employees and Contractors Computer Security Division Information Technology

More information

Cornell University PREPAREDNESS PLAN

Cornell University PREPAREDNESS PLAN Cornell University PREPAREDNESS PLAN Table of Contents Table of Contents Section 1 EMERGENCY MANAGEMENT PROGRAM TRAINING, TESTING, AND EXERCISES...2 1.1 National Incident Management System Training...2

More information

Internet Banking Internal Control Questionnaire

Internet Banking Internal Control Questionnaire Internet Banking Internal Control Questionnaire Completed by: Date Completed: 1. Has the institution developed and implemented a sound system of internal controls over Internet banking technology and systems?

More information