Homeland Security Presidential Directive 12 (HSPD-12)
If an organization is a part of or interacts with an Executive Branch Agency or the DoD, then it must comply with Homeland Security Presidential Directive 12 (HSPD-12). HSPD-12 was signed in August of 2004 with the intent to minimize the wide variation in forms of identification, enhance security, increase government efficiency, and to reduce fraud. HSPD-12 requires the use of a mandatory common credential, the personal identification verification or PIV card, which is used for physical and logical (network) access, by both government employees and government contractors.
Federal Information Processing Standard 201 (FIPS 201-2)
A set of rules was established on how to comply with HSPD-12 by the National Institute of Standards and Technology (NIST), Federal Information Processing Standard 201 (FIPS 201-2). FIPS 201-2 is a compilation of all of the specific details on how the new PIV credential is configured and how it interacts with other devices and systems.
M-06-18 was released in June of 2006 and provided acquisition guidance for the use of the GSA schedule. GSA then established an “Approved Products List.”
M-02-24 was released in August of 2005 and confirms that HSPD-12/FIPS201-2 applies to Executive Branch and DoD. It also established GSA as the Executive Agent, required the use of “Approved Products.”
M-11-11 was released in February of 2011 and states agencies must develop a compliance plan, designate a lead official, must use PIV for access control and accept other agencies PIV, and must use development and tech refresh funding to upgrade physical access control systems (PACS) to compliance before using those funds for any other purpose.
Special Publication 800-116
NIST also provided a guidance document for Federal Employees on how to deploy a compliant HSPD-12 PACs, Special Publication 800-116, which provides pertinent details of how to design and deploy PACS that are HSPD-12 compliant.
CSEIP (Certified Systems Engineer ICAM PACS)
Convergint has the GSA required CSEIP (Certified Systems Engineer ICAM PACS) already on staff to ensure proper application of all HSPD-12 / FIPS 201-2 requirements.