Federal Register: September 8, 2005 (Volume 70, Number 173)
DOCID: FR Doc 05-17744
DEPARTMENT OF COMMERCE
National Institute of Standards and Technology
Docket ID: [Docket No.: 050825229-5229-01]
NOTICE: NOTICES
ACTION: Information processing standards, Federal:
DOCUMENT ACTION: Notice. Request for comments.
SUBJECT CATEGORY:
Announcing Review of Proposed Changes to Federal Information Processing Standard (FIPS) Publication 201, Standard for Personal Identity Verification of Federal Employees and Contractors
DATES: Comments on these proposed changes must be received by October 11, 2005.
DOCUMENT SUMMARY:
The National Institute of Standards and Technology (NIST) announces proposed changes to Federal Information Processing Standard (FIPS) Publication 201, Standard for Personal Identity Verification of Federal Employees and Contractors. The changes to Section 2.2, PIV Identify Proofing and Registration Requirements, and to Section 5.3.1, PIV Card Issuance, will clarify the identity proofing and registration process that departments and agencies should follow when issuing identity credentials. These changes are required to make FIPS 201 consistent with the Memorandum for All Departments and Agencies (M05 24), issued by the Office of Management and Budget on August 5, 2005, Implementation of Homeland Security Presidential Directive (HSPD) 12 Policy for a Common Identification Standard for Federal Employees and Contractors. Before recommending these proposed changes to FIPS 201 to the Secretary of Commerce for review and approval, NIST invites comments from the public, users, the information technology industry, and Federal, State and local government organizations concerning the proposed changes.
SUMMARY:
Federal employees and contractors; personal identification verification,
SUPPLEMENTAL INFORMATION
Homeland Security Presidential Directive
(HSPD) 12, Policy for a Common Identification Standard for Federal
Employees and Contractors, dated August 27, 2004, directed the
Secretary of Commerce to promulgate, by February 27, 2005, a Governmentwide standard for secure and reliable forms of
identification to be issued by the Federal Government to its employees
and contractors (including contractor employees). FIPS 201 was
developed to satisfy the technical, administrative, and timeliness
requirements of HSPD 12. The standard was developed in a ``manner
consistent with the Constitution and applicable laws, including the
Privacy Act (5 U.S.C. 552a) and other statutes protecting the rights of Americans'' as required in HSPD 12.
To assist departments and agencies in implementing the provisions
of FIPS 201, Joshua Bolten, the Director of the Office of Management
and Budget (OMB), issued a Memorandum for All Departments and Agencies
on August 5, 2005 entitled ``Implementation of Homeland Security
Presidential Directive (HSPD) 12Policy for a Common Identification
Standard for Federal Employees and Contractors.'' The Memorandum
provides implementation guidance and clarifies the requirements for
identity proofing, registration and accreditation processes. Two
provisions of FIPS 201 as promulgated by the Secretary of Commerce
earlier this year are not consistent with the guidance contained in the
Bolten Memorandum and those provisions of FIPS 201 are hereby proposed
for revision. Sections 2.2, ``PIV Identify Proofing and Registration [[Page 53347]]
Requirements,'' and 5.3.1 of FIPS 201, ``PIV Card Issuance,'' are being
revised to assure that they are consistent with the OMB guidance
concerning National Agency Checks as part of the identity proofing and
registration process. Therefore, NIST has prepared changes to FIPS 201
to clarify the identity proofing and registration process that
departments and agencies should follow when issuing identity
credentials. In short, under the proposed FIPS revision if an agency
does not receive the results of the National Agency Checks (NAC) within
five days, the identity credential can be issued based on the FBI
National Criminal History Check (fingerprint check). Identity
credentials issued to individuals without a completed NAC or equivalent
must be electronically distinguishable from identity credentials issued
to individuals who have a completed investigation. Director Bolten's
Memorandum is available electronically from the OMB Web page: http://www.whitehouse.gov/omb/memoranda/index.html .
The proposed changes to FIPS Publication 201 are available electronically from the NIST Web site at: http://csrc.nist.gov/publications/ .
Authority: In accordance with the Information Technology Management Reform Act of 1996 (Public Law 104106) and the Federal Information Security Management Act (FISMA) of 2002 (Public Law 107 347), the Secretary of Commerce is authorized to approve Federal Information Processing Standards (FIPS). Homeland Security Presidential Directive (HSPD) 12, Policy for a Common Identification Standard for Federal Employees and Contractors, dated August 27, 2004, directed the Secretary of Commerce to promulgate, by February 27, 2005, a Governmentwide standard for secure and reliable forms of identification to be issued to Federal Government employees and contractors.
Executive Order 12866: This notice has been determined to be significant for the purposes of Executive Order 12866.
Dated: September 1, 2005.
William Jeffrey,
Director.
[FR Doc. 0517744 Filed 9705; 8:45 am]
BILLING CODE 351013P
FOR FURTHER INFORMATION CONTACT
W. Curtis Barker, (301) 975-8443, National Institute of Standards and Technology, 100 Bureau Drive, STOP 8930, Gaithersburg, MD 208998930, email: wbarker@nist.gov.
Information about FIPS 201 and the PIV program is available on the NIST Web pages: http://csrc.nist.gov/.