Managing Federal Identity Programs
The Federal ICAM (FICAM) program helps federal agencies plan and manage enterprise identity, credentialing and access management (ICAM) through collaboration opportunities and guidance on IT policy, standards, implementation and architecture. Most of the guidance and best practices found on this website are developed through interagency working groups.
Roadmap and Playbooks
The FICAM Roadmap, developed by the federal CIO Council, contains processes, procedures, and considerations for planning and managing logical access, physical access, identity management, and federation within federal agencies.
But the Roadmap was last updated in 2011, and as technology, policy and security practices rapidly evolve, the government must also evolve. To modernize the original FICAM Roadmap, we’ve begun migrating this information to playbooks. These playbooks are hosted on Github, and provide common policy and patterns to help you implement and execute ICAM at your agency.
- FICAM Roadmap and Implementation Guidance (PDF, December 2011) – Guidance for federal agencies on ICAM implementation. Note, the enterprise architecture section has been superceded by the FICAM Architecture Playbook
- Playbooks – View all the FICAM playbooks
Laws, Regulations and Policies
Agency staff should be familiar with all the supporting policysurrounding federal identity management systems.
- OMB M-19-17 Enabling Mission Delivery through Improved Identity, Credential, and Access Management (PDF, May 2019)
- NIST Digital Identity Guidelines (Special Publication 800-63 Suite) (June 2017)
- Executive Order 13681 Improving the Security of Consumer Financial Transactions (October 2014)
- OMB M-11-11 Continued Implementation of Homeland Security Presidential Directive (HSPD) 12–Policy for a Common Identification Standard for Federal Employees and Contractors (PDF, February 2011)
- OMB M-05-24 Implementation of Homeland Security Presidential Directive (HSPD) 12 – Policy for a Common Identification Standard for Federal Employees and Contractors (PDF, August 2005)
- OMB M-05-05 Electronic Signatures: How to Mitigate the Risk of Commercial Managed Services (PDF, December 2004)
- Homeland Security Presidential Directive 12 (HSPD-12) – Policy for a Common Identification Standard for Federal Employees and Contractors (August 2005)
- OMB M-04-04 E-Authentication Guidance for Federal Agencies (PDF, December 2003)
Page Reviewed/Updated: September 25, 2019