Date Published: July 2005
Author(s)
Dennis Branstad (NIST), Alicia Clay (NIST), Joan Hash (NIST)
Homeland Security Presidential Directive 12 (HSPD-12), entitled Policy for a Common Identification Standard for Federal Employees and Contractors, established a policy for all Federal departments and agencies to create and use a government-wide secure and reliable form of identification for their Federal employees and contractors. It further specified that this secure and reliable form of identification be issued only by service providers whose reliability has been established by an official accreditation process. This document should be used by any Federal department or agency to accredit the reliability of the organization that will issue Personal Identity Verification (PIV) Cards that comply with Federal Information Processing Standard (FIPS) 201 to their Federal employees or Federal contractor employees. This document describes a set of attributes that should be exhibited by a PIV Card Issuing organization (hereafter called a PCI) in order to be accredited and should be used for assessing the reliability of an organization providing PCI services to a Federal agency or contractor. Certification in this context means a formal process of assessing the attributes affecting reliability of a PCI using various methods of assessment (e.g., interviews, laboratory test results, procedure evaluation) that support the assertion that the PCI is reliable and capable of enrolling approved Federal identity card applicants and issuing them PIV Cards. Accreditation is the official management decision of a Senior Agency Official to authorize operation of a PCI after determining that its reliability has satisfactorily been established through appropriate assessment and certification processes. Accreditation provides a form of quality control and helps to assure that the managers and technical staffs at all levels of a PCI will implement and perform procedures compliant with FIPS 201.
Homeland Security Presidential Directive 12 (HSPD-12), entitled Policy for a Common Identification Standard for Federal Employees and Contractors, established a policy for all Federal departments and agencies to create and use a government-wide secure and reliable form of identification for their...
See full abstract
Homeland Security Presidential Directive 12 (HSPD-12), entitled Policy for a Common Identification Standard for Federal Employees and Contractors, established a policy for all Federal departments and agencies to create and use a government-wide secure and reliable form of identification for their Federal employees and contractors. It further specified that this secure and reliable form of identification be issued only by service providers whose reliability has been established by an official accreditation process. This document should be used by any Federal department or agency to accredit the reliability of the organization that will issue Personal Identity Verification (PIV) Cards that comply with Federal Information Processing Standard (FIPS) 201 to their Federal employees or Federal contractor employees. This document describes a set of attributes that should be exhibited by a PIV Card Issuing organization (hereafter called a PCI) in order to be accredited and should be used for assessing the reliability of an organization providing PCI services to a Federal agency or contractor. Certification in this context means a formal process of assessing the attributes affecting reliability of a PCI using various methods of assessment (e.g., interviews, laboratory test results, procedure evaluation) that support the assertion that the PCI is reliable and capable of enrolling approved Federal identity card applicants and issuing them PIV Cards. Accreditation is the official management decision of a Senior Agency Official to authorize operation of a PCI after determining that its reliability has satisfactorily been established through appropriate assessment and certification processes. Accreditation provides a form of quality control and helps to assure that the managers and technical staffs at all levels of a PCI will implement and perform procedures compliant with FIPS 201.
Hide full abstract
Keywords
Accreditation; credentials; HSPD-12; PCI; Personal Identity Verification; PIV; security assessment
Control Families
None selected