Cybersecurity Programs & Policy
GSA manages many IT security programs, and helps agencies implement IT policy that enhances the safety and resiliency of the government’s systems and networks.
Identity, Credential, and Access Management (ICAM)
Domains and Web Hosting
- .Gov Domain Services Program - Supports trusted internet transactions, communications, and the .gov top-level domain (TLD) used by government entities in the United States.
- DotGov Domain Registry - Learn about the dotgov domain registry.
- Federalist - A publishing platform that creates modern and compliant government websites.
- Pulse - How federal government domains are meeting web best practices.
Department of Homeland Security (DHS)
National Institute of Standards and Technology (NIST)
Cybersecurity policies and requirements for federal agencies.
- White House Office of Management and Budget (OMB) Circulars
- OMB Memoranda
- M-18-02, Fiscal Year 2017-2018 Guidance on Federal Information Security and Privacy Management [PDF] (June 15, 2017)
- M-17-12, Preparing for and Responding to a Breach of Personally Identifiable Information [PDF] (Jan 3, 2017)
- M-17-02, Precision Medicine Initiative Privacy and Security [PDF](Oct 21, 2016)
- M-16-19, Data Center Optimization Initiative (DCOI) [PDF](August 1, 2016)
- M-16-15, Federal Cybersecurity Workforce Strategy [PDF] (July 12, 2016)
- M-16-04, Cybersecurity Strategy and Implementation Plan (CSIP) for the Federal Civilian Government [PDF] (October 30, 2015)
- M-15-16, Multi-Agency Science and Technology Priorities for the FY 2017 Budget [PDF] (July 9, 2015)
- M-10-28, Clarifying Cybersecurity Responsibilities and Activities of the Executive Office of the President and the Department of Homeland [PDF]
- Presidential Executive Orders (EO)
- Presidential Policy Directives (PPD)
- Homeland Security Presidential Directives (HSPD)
- Federal Emergency Management Agency (FEMA) Directives