Office of Governmentwide Policy, General Services Administration.
Under the Federal Information Processing Standards (FIPS) 201 Evaluation Program, the General Services Administration (GSA) publishes this notice of intent that it will no longer fund product/service evaluations as of April 3, 2007. Overall impact on the FIPS 201 Evaluation Program is minimal with respect to operations. Product/service evaluations will continue to be performed and approved through the current fully operational laboratory and future qualified laboratories; however, fees for evaluations will be borne on a cost-reimbursable basis by the Supplier. Instruction on how to obtain product/service evaluations and an estimated fee structure will be posted at: (http://fips201ep.cio.gov/index.php).
The GSA FIPS 201 Evaluation Program currently provides funding for evaluation of products and services through its fully operational laboratory. Suppliers whose applications for evaluation are received by the laboratory after April 3, 2007 will be required to bear the cost of their evaluation.Start Further Info
FOR FURTHER INFORMATION CONTACT:
Ms. April Giles, FIPS 201 Evaluation Program, GSA, 1800 F Street, NW, Stop 2013, Washington, DC, 20405, telephone: 202-501-1123, e-mail: firstname.lastname@example.org.End Further Info End Preamble Start Supplemental Information
Homeland Security Presidential Directive-12 (HSPD-12), “Policy for a Common Identification Standard for Federal Employees and Contractors” requires agencies to use only information technology products and services that meet this standard. The Office of Management and Budget (OMB) has designated the GSA as the Executive Agent for government-wide acquisitions for the implementation of HSPD-12. HSPD-12 establishes the requirement for a mandatory Government-wide standard for secure and reliable forms of identification issued by the Federal Government to its employees and contractors. OMB has directed Federal agencies to purchase only products and services that are compliant with the Federal policy, standards and numerous supporting technical specifications, including:
- Federal Information Processing Standard 201, Personal Identity Verification of Federal Employees and Contractors;
- National Institute of Standards and Technology (NIST) Special Publications (SP) 800-73, Interfaces for Personal Identity Verification, 800-78 Cryptographic Algorithms and Key Sizes for Personal Identity Verification, and 800-79, Guidelines for the Certification and Accreditation of PIV Card Issuing Organizations; and
- Special Publication 800-76, Biometric Data Specification for Personal Identity Verification (Pending).
To ensure standard HSPD-12 compliant products and services are available, NIST has issued requirements in FIPS 201 and supporting documentation (http://csrc.nist.gov/piv-program/fips201-support-docs.html).
As mandated by OMB through M05-24, GSA has been designated as the “executive agent for Government-wide acquisitions of information technology” under section 5112(e) of the Clinger-Cohen Act of 1996 (40 U.S.C. § 11302(e)) for the products and services required by the HSPD-12. GSA will ensure all approved Suppliers provide products and services that meet all applicable federal standards and requirements through its fully operational laboratory under the FIPS 201 Evaluation Program, web site found at (http://fips201ep.cio.gov/index.php).
The GSA FIPS 201 Evaluation Program is currently set up to evaluate products and services against the requirements outlined in FIPS 201 and its supporting documents. Twenty-two product/service categories were created using FIPS 201 and supporting documentation as the foundation. Each category has developed approval and test procedures which outline the evaluation criteria, approval mechanisms and test process employed by the laboratory during their evaluation of a Supplier's product or service against the requirements for that category. Initially the cost of evaluating each product was funded by GSA.
Once evaluated and approved by GSA, products and services are placed on the FIPS 201 Approved List. Agencies can then procure these products and services from Suppliers for their HSPD-12 implementations having full assurance that they meet all the requirements of FIPS 201 and all supporting documentation.Start Signature
Dated: January 24, 2007.
Deputy Associate Administrator, Office of Technology Strategy.
[FR Doc. E7-1693 Filed 2-1-07; 8:45 am]
BILLING CODE 6820-34-S