External Resources (Security Solutions)

This page contains links to reference materials that guide the federal government's physical and cyber-security standards.

Presidential Directives

Homeland Security Presidential Directive 12 (HSPD-12)—A policy requiring an inter-operable identification standard for federal employees and contractors.

Legislation Federal Information Security Management Act of 2002(FISMA)—Mandates protection of federal information through a comprehensive framework with strict controls and oversight.

Health Insurance Portability and Accountability Act of 1996 (HIPPA)—This act mandates protection of confidentiality and security of health data through establishing and enforcing standards.

Office of Management and Budget (OMB) Guidance

OMB Memorandum M-05-24—Implementation of HSPD-12 [PDF - 141KB] OMB HSPD-12—Implementation guidance relating to GSA and FIPS 201.

OMB Memo M-07-04—Use of Commercial Credit Monitoring Services Blanket Purchase Agreements (BPA) [PDF - 51KB] Additional information on BPAs can be obtained from GSA Advantage!®.


National Institute of Standard Computer Resource Center Library—Includes links to legislation, directives, policies, standards and guidelines, tutorials, presentations and papers on cyber-security and HSPD-12.

Department of Commerce Federal Information Processing Standard (FIPS) 201 [PDF - 1.1MB]—Issued by the National Institute of Science and Technology. This memo specifies HSPD-12 compliant architecture and technical requirements.

FIPS 201 Evaluation Program —Implementation of FIPS 201 architecture in the evaluation of products. This includes the Approved Products List.

International CIIP Handbook 2008/2009—An Inventory of twenty-five (25) National and seven (7) International Critical Information Infrastructure Protection Policies

Technical Descriptions and Test standards—Federal Standards / Specifications on Cabinets, Safes, Locks and Vault Doors including technical descriptions and test standards developed to describe the essential physical characteristics and performance required for GSA contracts

Classified National Security Information Directive No. 1—Guidance to agencies on original and derivative classification, downgrading, declassification, and safeguarding of classified national security information.

Working Groups and Committees

Federal Identity Credentialing Committe—Provides recommendations for the development of an inter-operable identity management-infrastructure for federal organizations in accordance with HSPD-12.

Last Reviewed 2016-01-28