Skip to main content
U.S. flag

An official website of the United States government

Dot gov

The .gov means it’s official.
Federal government websites often end in .gov or .mil. Before sharing sensitive information, make sure you’re on a federal government site.

Https

The site is secure.
The https:// ensures that you are connecting to the official website and that any information you provide is encrypted and transmitted securely.

Pardon our Dust.

Welcome to the new site for Federal Identity, Credential, and Access Management (FICAM) Playbooks! We are consolidating all existing FICAM and Federal Public Key Infrastructure (FPKI) playbooks to this new page to help you find answers and content faster. Please bookmark this URL for future reference.

Governance

A navy box with the list of Governance services defined later in the body text of this page.

Governance is the set of practices and systems that guides ICAM functions, activities, and outcomes.

To perform effective governance, agencies must collect data about ICAM functions from many sources, such as policies and entitlements stores, and analyze this data. Proper data analytics help agencies monitor compliance with established information security policies.

If your agency identifies problems during data collection and analysis, you should remediate these issues as quickly as possible. Real-time monitoring and risk mitigation is crucial to ensure employees and contractors have only the appropriate access, following the principle of least privilege.


Governance Services

The Governance services in the Federal ICAM architecture include Identity Governance, Analytics, and Mitigation.

A navy box with the Governance service definitions, which are listed in the following body text.

Identity Governance

The systems, solutions, and rules that link enterprise personnel, applications, and data to help agencies manage access and risk.

Keywords: Management Framework, Rules and Procedures, Access Reviews and Recertifications

Analytics

Leverage continuous analytics data to identify if someone has entitlements that conflict with access requirements.

Keywords: Data collection, Monitoring, Review, Data Certification, Auditing and Reporting

Mitigation

Correct the problems and address risks, discovered by analysis, that may occur during standard operations.

Keywords: Redress, Remediation