OMB has issued a memo to assist agencies with their implementation of homeland security presidential directive-12, the driver behind a common, government-wide ID card.
The guideline includes questions agencies should have considered when planning for the use of "personal identity verification credentials" with physical and logical access control systems.
Karen Evans, OMB’s administrator for e-gov and IT wrote that if agencies have not already completed plans for incorporating the use of PIV credentials with physical and logical access control systems, to do so as soon as possible and in coordination with agency officials representing personnel, physical security, budget and other appropriate offices.
She also called on agencies to continue following OMB policy as stated in documents such as A-130, "Management of Federal Information Resources" and A-11, "Preparation, Submission and Execution of the Budget," when developing plans.
OMB said HSPD-12 plans should be available to agency oversight organizations – namely OMB, GAO and inspector general offices – upon request.
GAO recently said that for the few cards agencies have issued so far, most do not utilize electronic authentication capabilities, partly because OMB has emphasized issuance of cards, rather than full use of the cards’ capabilities.
The guidelines OMB just issued ask agencies whether they have policies, implementing guidance and processes in place to track progress towards the appropriate use of the PIV credentials.
