OMB gives agencies method to evaluate HSPD-12 compliance
- By Jason Miller
- May 20, 2005
Agencies have a little more than a month to meet the Bush administration's deadline to submit a plan for meeting the new federal identity card standard. And yesterday, agency executives ' including CIOs, chief human capital officers and physical security managers ' received the method for evaluating how much work they have to do to comply with Homeland Security Presidential Directive 12 and Federal Information Processing Standard 201.
The Office of Management and Budget has issued instructions
and a questionnaire for agencies to figure out where they stand in implementing FIPS-201. Officials also released a set of frequently asked questions to help mangers understand the implementation plan guidance.
Once agency managers have completed the report, they must submit that and a separate implementation plan to OMB by June 27.
OMB and a technical review board chaired by experts from the National Institute of Standards and Technology will approve all plans by July 27, giving agencies roughly three months to comply with Personal Identity Verification I of FIPS-201. PIV I includes setting up identity-proofing, registration and issuance processes. Agencies then have another year to start to meet PIV II, which requires interoperable systems.
OMB also will issue implementation guidance later this year.
Agencies must fill out a three-page questionnaire, using a sliding 1-to-5 scale'with one meaning not started and 5 meaning complete implementation'rating their progress toward meeting FIPS-201.
OMB asks agencies to rank a number of smart-card processes, including their credential issuance and maintenance process, training, implementation plan for PIV II and whether the credentials or providers are accredited.
The memo said agencies should submit only one plan, which includes their bureaus' information as well.