The benefits of a Presidential directive aimed at
establishing a government-wide smart card system won’t
be realized and agencies may not meet the Office of
Management and Budget’s deadlines for moving forward
until certain implementation challenges are met, the
Government Accountability Office has said.
Further, it said that interoperability among federal
government agencies’ smart card programs – one of the
major goals of federal information process standard 201
– may not be achieved.
According to GAO-06-178, challenges agencies face
include: testing and acquiring compliant commercial
products within required time frames; reconciling
divergent implementation specifications; assessing the
risks associated with specific vendor implementations
of the recently chosen biometric standard; incomplete
guidance regarding the applicability of FIPS 201 to
facilities, people, and information systems; and,
planning and budgeting with uncertain knowledge and
the potential for substantial cost increases.
The report said the departments of Defense, Interior,
Homeland Security, Housing and Urban Development, and
Labor, as well as NASA, have all taken actions to
begin implementing FIPS 201, mainly by focusing on
establishing appropriate identity proofing and card
issuance policies and procedures, and agencies have
set policies to require that at least a successful
fingerprint check be completed prior to issuing a
credential.
However, Defense and NASA reported that they were
still modifying their background check policies, and
based on OMB guidance agencies have until October 27,
2006, to implement the second part of the standard,
requiring them to implement interoperable smart-card
based ID systems.
Defense and Interior have assessed technological gaps
between existing systems and the infrastructure
required by the standard, but have not yet developed
specific designs for card systems that meet
interoperability requirements, according to GAO.
