STRATEGIC IMPLEMENTATION PLAN
FOR THE NATIONAL STRATEGY FOR INFORMATION SHARING AND SAFEGUARDING
December 2013
Priority Objective 4: Federal Identity, Credential, and Access Management
Extend and implement the Federal Identity, Credential, and Access Management (FICAM) Roadmap across all security domains.
Steward
Senior Information Sharing and Safeguarding Steering Committee (SISS SC), partnering with the Identity Federations Coordination Working Group (IFC WG) that dual reports to the ISA IPC and Federal CIO Council
Problem Statement
A government-wide capability does not exist to control access to sensitive information on computer networks, and to assure compliance with legal, regulatory and mission-area policies, while simultaneously allowing access to that same sensitive information by authorized persons.
Desired Outcome
Enable users[1] across all security domains to access information appropriate to their authorized mission purposes; reduce stored user-Personal Identifiable Information; and increase efficiencies for information custodians to validate users’ “need to know” in order to better protect sensitive information.
Approach
Assess the current baseline and determine the desired end state for each security domain; develop an accompanying plan to reach that end state; and identify and implement shared services to support identity, credentialing, and access management implementation efforts.
| MILESTONES | Q1-Q2 FY14 | Q3-Q4 FY14 | FY15 | FY16-18 |
|---|---|---|---|---|
| Assess baseline and develop Implementation Plans for all security domains. | IFC WG and All ISE Agencies | |||
| Develop and publish a candidate list of ICAM shared services for all security domains and a cost model for delivery of initial ICAM services. | ICAM SC and IFC WG | |||
| Publish attribute and digital policy governance guidance and CONOPS. | ICAM SC and ACAG WG | |||
| Develop internal plans and policies for implementing FICAM on all security domains. | All ISE Agencies | |||
| Demonstrate compliance with the Implementation Plan via reporting specified by the IFC WG. | All ISE Agencies | All ISE Agencies |
Go to the next section: Priority Objective 5: Safeguarding