Identity Assurance and Trusted Access

The Identity Assurance and Trusted Access Division (IATAD) within GSA’s Office of Technology Policy (OTP) helps agencies understand and implement identity, credential, and access management (ICAM) systems. An ICAM system comprises the tools, policies and systems that allow an organization to manage, monitor and secure access to protected resources. The IATAD provides collaboration opportunities and guidance on IT policy, standards, implementation and architecture, to help federal agencies implement ICAM. We also

  • Co-Chair the inter-agency Federal CISO Council ICAM Subcommittee to generate best practice guidance, make policy recommendations to OMB, and facilitate government-wide discussion on ICAM challenges and solutions,
  • Manage the design, development and implementation of the Federal Public Key Infrastructure (PKI) Architecture in the Federal PKI Shared Service Provider Program,
  • Co-chair the interagency Federal PKI Policy Authority to uphold digital certificate standards for government-wide trusted digital identity and transactions; and
  • Manage and maintain the Federal Information Processing Standard (FIPS) 201 Evaluation Program and Approved Product List. The FIPS 201 Evaluation Program (sometimes called the FICAM Testing Program) tests and certifies services and commercial products used in PIV credentialing systems, physical access control systems (PACS), and public key infrastructures (PKIs).

Related Policies

Find a comprehensive list of laws, regulations and policies related to FICAM and identity management on

Implementation Guidance

Below are selected playbooks and implementation guidance to help agencies implement FICAM:

Visit to learn about identity management activities across the federal government, and contact us at with questions.

Last Reviewed: 2023-04-24