eAuthentication, Secure Government Access, Online Today's Date is: 

  Electronic Risk and Requirements Assessment (e-RA)

To provide authentication services that can be used across government, the E-Authentication project must first identify the full range of authentication requirements for the electronic Government Initiatives and projects. The E-Authentication Initiative teamed with the Software Engineering Institute (SEI) at Carnegie Mellon University to develop a risk-based approach to authentication requirements, called the Electronic Risk and Requirements Assessment, or e-RA. This approach identifies the Risks associated with insufficient authentication of users, and it forms the basis for the definition of authentication requirements. The tool is fully aligned with OMB M-04-04 E-Authentication Guidance.

The e-RA Tool
The e-RA tool is available to anyone through the E-Authentication Initiative to assess authentication risks of its customer's environment. Click on the appropriate link to download the version of the e-RA tool that will work for you.

In response to feedback from e-RA users and the E-Authentication Program Management Office, the e-RA tool has been improved. The current database version is 1.5 (November 2005). The new version provides the following enhancements:
  • Improved end user interface
  • Added functionality to capture transactions by user type
  • Added more comment areas
  • Added enhanced reports
Electronic Risk and Requirements Assessment Guide e-RA Activity Guide V1.5
Please refer to the E-Authentication e-RA Tool Activity Guide before using the e-RA tool; particularly (Section 2.2, page 4)

Important Note: When downloading the e-RA tool and opening the application, you may receive Security Warnings. These warnings may be ignored (click "open" to ignore the warning and begin using the tool).

Download the Tool
Page Last Updated:  10-December-2007

U.S. E-Auth Identity Federation
  • Membership Documents
  • Technical Architecture
  • E-Authentication Portal
  • Interoperability Testing
  • Approved Product Vendors

E-Authentication Policy
  • Guidance for Federal Agencies: M-04-04
  • NIST Special Publication 800-63

Resources & Tools
  • Library
  • Risk and Requirements Assessment
  • Credential Assessment Suite
  • E-Authentication Portal

Program Management Office
Crystal Park One
2011 Crystal Drive
11th Floor, Suite 1102
Arlington, VA 22202

Information: 703.605.3490
Office of Identity Solutions (OIS)
Email Address:

|  Home  |  Key Personnel  |  Federation Applications  |  Federation Links  |  Federation Members  |  Newsroom  |  Privacy & Security  |
  |  Contact Us  |  Site Map  |

E-GOV logo USA.gov - The U.S. government's official web portal THE WHITE HOUSE  WASHINGTON