Presentation is loading. Please wait.

Presentation is loading. Please wait.

June 27, 2005 Preparing your Implementation Plan.

Similar presentations


Presentation on theme: "June 27, 2005 Preparing your Implementation Plan."— Presentation transcript:

1 June 27, 2005 Preparing your Implementation Plan

2 General Information I. General Information Submission Date: Agency/Department Name: Agency HSPD-12 Point of Contact: Phone Number:Email: II. Timeline Agencys planned date for compliance with Part 1, PIV I Date to begin implementation of Part 2, PIV II (i.e. starting to issue compliant cards): Date for full compliance with HSPD-12 (All employees/contractors using a compliant card):

3 Control Objective A: Identification that is issued based on sound criteria for verifying an individuals identity Instructions: Place an x in the column that corresponds to your agencys current environment. 12345 Planned completion date 1) Approved credential issuance and maintenance process, as defined in FIPS 201 section 2.0. 2) A National Agency Check (NAC) or equivalent is completed prior to credential issuance. 3) National Agency Check with Inquiries (NACI) or equivalent is completed prior to credential issuance. 4) All individuals to whom an agency ID is issued are the same intended applicant/recipient that was approved by the appropriate authority. 5) All agency credentials are issued through systems and providers whose reliability has been accredited and so documented and approved in writing? 6) Provide any comments that would assist OMB to evaluate your agencys compliance with the above control objective:

4 Control Objective B: Identification that is strongly resistant to identity fraud, tampering, counterfeiting, and terrorist exploitation Instructions: Place an x in the column that corresponds to your current environment. 12345 Planned completion date 8) All agency IDs issued with FIPS 201 visible external security features. 9) Provide any comments that would assist OMB to evaluate your agencys compliance with the control objective listed above:

5 Control Objective C: Identification that can be rapidly authenticated electronically Instructions: Where appropriate please place an x in the column that corresponds to your current environment. 12345 Planned completion date 10) All agency IDs are issued with FIPS 201 electronic security features. 10a) If these electronic security features are deployed but not in use please explain. 11) Provide any comments that would assist OMB to evaluate your agencys compliance with the control objective listed above:

6 Control Objective D: Identification that is issued only by providers whose reliability has been established by an official accreditation process Instructions: Please place an x in the column that corresponds to your current environment. 12345 Planned completion date 12) Providers (services and/or systems) of components in the credentialing system comply with all applicable FAR and agency specific requirements. 13) Please provide any comments your agency believes would assist OMB in evaluating your agencys compliance with the above control objective:

7 PIV II 14) Do you have an implementation strategy for meeting the FIPS 201 PIV II technology card specification? If yes, attach high level milestones. YesNoIf no, when? Instructions: Please place an x in the column that corresponds to your current environment. 12345 Planned completion date 15) Training is provided for all roles associated with our approved identity proofing and issuance processes.

8 Using PIV credential for physical and logical access to Federally controlled facilities and information systems Instructions: Where appropriate please place an x in the column that corresponds to your current environment.12345 Planned completion date 16) Able to authenticate our and other agencys Part 2 credential for physical access. 17) Able to authenticate own and other agencys Part 2 credential for logical access. 18) Provide any comments that your agency believes would assist OMB in evaluating your agencys compliance with the above control objective:

9 Security and Privacy 19) Assigned an individual to the role of individual responsible for privacy matters in implementing HSPD-12). Name: Title: Instructions: Please place an x in the column that corresponds to your current status.12345 Anticipated completion date 20) Ensure personal information contained in Privacy Act systems of records is handled in a manner consistent with the Privacy Act of 1974. 21) Completed a comprehensive privacy impact assessment the IT systems used to implement with HSPD-12. 22) Updated agency system of records notice to reflect any changes in the disclosure of information to other Federal agencies (i.e. routine uses). 23) Collecting information with OMB approval under the Paperwork Reduction Act. 24) Identification privacy policy is developed, implemented and posted in appropriate locations (e.g., agency intranet site, human resource offices, regional offices, etc.). 25) Please use this space to provide any comments that your agency believes would assist OMB in evaluating your agencys compliance with the privacy and security portions of the Standard:

10 Status Instructions: Please place an x in the column that indicates your answer.Complete If No, when? On October 27, 2005 my agency will be compliant with Part 1 of the Standard. YesNo When will your agency be compliant with Part 2 of the Standard? Date Name: Title:


Download ppt "June 27, 2005 Preparing your Implementation Plan."

Similar presentations


Ads by Google