Procedural
Requirements
Effective Date: January 06, 2011
Expiration Date: January 06, 2016
|
|
NASA Procedural Requirements |
NPR 2841.1 Effective Date: January 06, 2011 Expiration Date: January 06, 2016 |
| | TOC | Preface | Chapter1 | Chapter2 | Chapter3 | AppendixA | AppendixB | AppendixC | ALL | |
2.1 The Agency Chief Information Officer (CIO) has overall responsibility for implementation of the requirements outlined in this directive.
2.1.1 The Agency CIO shall ensure that ICAM services for accessing IT resources are implemented in compliance with applicable laws, regulations, and NASA program directives and requirements.
2.1.2 The Agency CIO shall maintain the ICAM Enterprise Architecture segment.
2.1.3 The Agency CIO shall publish and maintain the ICAM Services Handbook, which will provide detailed information and guidance about the use of systems and processes to meet the requirements in this NPR.
2.1.4 The Agency CIO, in coordination with the Agency Associate Administrator (AA) for Protective Services, shall select and support the ICAM Business Process Leads (BPLs) as described in Section 2.3.
2.2 The Agency AA for Protective Services shall ensure that ICAM services for accessing physical resources are implemented in compliance with applicable laws, regulations, and NASA program directives and requirements.
2.2.1 The Agency AA for Protective Services, in coordination with the Agency CIO, shall select and support the ICAM BPLs as described in Section 2.3.
2.3 The ICAM BPLs shall provide business requirements and manage implementation of ICAM services within their respective Centers or Mission Directorates.
2.3.1 The ICAM Center BPL (CBPL) shall provide overall coordination and management of ICAM business processes and implementation within their Centers or Mission Directorates. The ICAM CBPL is the liaison between Center/Mission Directorate operational components and Agency ICAM representatives for all ICAM activities and is the primary interface for Center-based outreach and communications related to ICAM services.
2.3.2 The Identity Management BPL shall provide the business requirements and business processes related to identity management processes, including processes for onboarding, transfering, and offboarding civil servants, contractors, and other affiliates whose association with NASA is permanent, temporary, or through remote IT access only.
2.3.3 The Credential Management BPL shall provide the business requirements and business processes related to credential management services, including but not limited to those related to issuance of the Federal Personal Identity Verification (PIV) smartcard credential, other smartcard credentials, PKI certificates, onetime password tokens, and User IDs/passwords.
2.3.4 The Logical Access Management BPL shall provide the business requirements and processes relating to access management for IT assets. This includes asset management, permission management, and access control services. The Logical Access Management BPL is also responsible for ensuring that compliance deadlines for IT asset integration in accordance with this NPR and related documents are met.
2.3.5 The Physical Access Management BPL shall provide the business requirements and processes relating to access management for physical assets. This includes asset management, permission management, and access control services.
2.4 ICAM Service Managers shall implement and operate the ICAM enterprise architecture segment. The Service Managers shall provide system designs, technical implementation, and operational support based on the business requirements and processes as defined by the ICAM BPLs and approved by the Agency CIO and the Agency AA for Protective Services.
| TOC | Preface | Chapter1 | Chapter2 | Chapter3 | AppendixA | AppendixB | AppendixC | ALL | |
| | NODIS Library | Legal Policies(2000s) | Search | |