The General Services Administration’s Office of Government Policy is developing new playbooks to guide agencies through Identity, Credential and Access Management (ICAM) implementation, especially as more data and services move to the cloud…
ICAM spans across all functions of how systems are run and accessed, including people as well as other technologies like automation and robotic process automation (RPA). GSA has published four playbooks since last September. The playbooks focus on single sign-on, authentication and digital identity risk assessment (DIRA) to simultaneously accelerate efficiency and security…
The six-step Digital Identity Risk Assessment playbook helps federal CIOs update and maintain consistent processes, determine whether an agency application requires a DIRA, integrate DIRA into agency Risk Management Framework (RMF) processes and learn practices to implement DIRA processes. GSA compiled best practices for the playbook based on OMB’s Memo 19-17 and NIST’s Special Publication 800-63-3.
As more agencies adopt cloud platforms, [GSA’s Director of the Identity Assurance and Trusted Access Division, Ken Myers] said its critical to have security and identity management solutions in place. GSA’s Cloud Identity playbook pretexts OMB’s FY 24 priorities, which calls on agencies to make stronger investments in cloud and security… Read the full article here.
