Policy Foundation
Policy establishes the foundation, mandate, and authority for any organization and
is an essential component to deploying biometrics effectively across the DoD.
The following policy documents outline the necessary roles and responsibilities of DoD policy
for biometrics. Policy content will include privacy, planning guidance, acquisition, enterprise
capabilities (collection, storage, use, access, and retrieval), and outreach and community
education. The success of the Biometrics Identity Management Agency (BIMA) will directly correlate to the
combination of effective technology and effective policy. BIMA is charting a course toward
becoming an effective office that will direct and lead DoD biometric efforts.
Policies that impact the use of biometrics in the DoD are listed below.
Clicking a link will open a PDF document in a new window.
You may also right click the links and select "Save As" to download the files to your
local computer. Most of our documents are in PDF format.
Get Adobe Acrobat here.
DoD Policy on Biometrics
Executive Agent Policies
Executive Agent Policies
Title |
Version |
Type |
Size |
Source |
Comments/Description |
DoD Executive Agent NUMBER 5101.1 |
9 May 03 |
.pdf |
35 kb |
DA&M |
Department of Defense Directive; Outlines the roles and responsibilities of a DoD Executive Agent. |
Executive Agent for the Department of Defense (DoD) Biometrics Project |
27 Dec 00 |
.pdf |
117 kb |
Deputy Secretary of Defense |
Lists the U.S. Secretary of the Army as the Executive Agent for Biometrics. Requires the establishment of the Biometrics Management Office and Biometrics Fusion Center. Requires the pursuit of an enterprise acquisition program for the DoD. |
Information Assurance Policies
Security / Standards Policies
Security / Standards Policies
Title |
Version |
Type |
Size |
Source |
Comments/Description |
Security Requirements for Cryptographic Modules - Federal Information Processing Standard Publication (FIPS PUB 140-2) |
25 May 2001 |
.pdf |
343 kb |
Information Technology Laboratory, National Institute of Standards and Technology |
Supersedes FIPS PUB 140-1, 11 Jan 1994. Lists biometrics as a type of authentication data that may be required by cryptographic modules. Defines the strength of authentication mechanisms (e.g., 1:1,000,000 or 1:100,000). |
NSTISSP No. 11 National Information Assurance Acquisition Policy Fact Sheet |
Jan 00 |
.pdf |
29 kb |
NSTISSC Secretariat (I42) |
States that preference should be given to the acquisition of Commercial Off-the-Shelf (COTS) IA and IA-enabled information technology products that conform to International Common Criteria, National Information Assurance Partnership (NIAP) evaluation and validation, and the Federal Information Processing Standard (FIPS) publication validation program. |
Acquisition Policies
Other General Policies
Other General Policies
Title |
Version |
Type |
Size |
Source |
Comments/Description |
Identity Management Senior Coordination Group (IMSCG) Formation |
12 Jan 2004 |
.pdf |
113 kb |
Department of Defense Chief Information Officer |
Establishes the Identity Management Senior Coordinating Group (IMSCG) as a "cohesive DoD-wide policy, requirements, strategy, and oversight group for managing the physical and virtual identities of all [DoD] personnel". This group replaces the Biometrics Senior Coordinating Group. |
DoD Quadrennial Defense Review Report |
30 Sep 2001 |
.pdf |
448 kb |
Department of Defense |
Lists biometrics as one of the five priority emerging technologies that the DoD should pursue for development and exploitation. |