| NODIS Library | Legal Policies(2000s) | Search |

NASA Ball NASA
Procedural
Requirements
NPR 2841.1
Effective Date: January 06, 2011
Expiration Date: January 06, 2027
COMPLIANCE IS MANDATORY FOR NASA EMPLOYEES
Printable Format (PDF)

Subject: Identity, Credential, and Access Management (Revalidated w/change 2)

Responsible Office: Office of the Chief Information Officer


| TOC | ChangeHistory | Preface | Chapter1 | Chapter2 | Chapter3 | AppendixA | AppendixB | AppendixC | ALL |

Chapter 2. Responsibility

2.1 The Agency Chief Information Officer (CIO) has overall responsibility for implementation of the requirements outlined in this directive.

2.1.1 The Agency CIO shall ensure that ICAM services for accessing IT resources are implemented in compliance with applicable laws, regulations, and NASA program directives and requirements.

2.1.2 The Agency CIO shall maintain the ICAM Enterprise Architecture segment.

2.1.3 The Agency CIO shall publish and maintain the ICAM Services Handbook, which will provide detailed information and guidance about the use of systems and processes to meet the requirements in this NPR.

2.1.4 The Agency CIO, in coordination with the Agency Assistant Administrator (AA) for Protective Services, shall select and support the ICAM Subject Matter Experts and Subject Element Technical Experts (SMEs/SETEs) as described in Section 2.3.

2.2 The Agency AA for Protective Services shall ensure that ICAM services for accessing physical resources are implemented in compliance with applicable laws, regulations, and NASA program directives and requirements.

2.2.1 The Agency AA for Protective Services, in coordination with the Agency CIO, shall select and support the ICAM SMEs/SETEs as described in Section 2.3.

2.3 The ICAM SME shall provide business requirements and manage implementation of ICAM services within their respective Centers or Mission Directorates.

2.3.1 The ICAM Center SME shall provide overall coordination and management of ICAM business processes and implementation within their Centers or Mission Directorates. The ICAM SME is the liaison between Center/Mission Directorate operational components and Agency ICAM representatives for all ICAM activities and is the primary interface for Center-based outreach and communications related to ICAM services.

2.3.2 The Identity Management SMEs/SETEs shall provide the business requirements and business processes related to identity management processes, including processes for onboarding, transfering, and offboarding civil servants, contractors, and other affiliates whose association with NASA is permanent, temporary, or through remote IT access only.

2.3.3 The Credential Management SMEs/SETEs shall provide the business requirements and business processes related to credential management services, including but not limited to those related to issuance of the Federal Personal Identity Verification (PIV) smartcard credential, other smartcard credentials, PKI certificates, onetime password tokens, and username/passwords.

2.3.4 The Logical Access Management SMEs/SETEs shall provide the business requirements and processes relating to access management for IT assets. This includes asset management, permission management, and access control services. The Logical Access Management SMEs/SETEs is also responsible for ensuring that compliance deadlines for IT asset integration in accordance with this NPR and related documents are met.

2.3.5 The Physical Access Management SMEs/SETEs shall provide the business requirements and processes relating to access management for physical assets. This includes asset management, permission management, and access control services.

2.4 Office of the Protective Services (OPS) and Office of the Chief Information Officer (OCIO) Identity, Credentials and Access Management (ICAM) Service Executives (ICAM SEs) shall implement and operate the ICAM enterprise architecture segment. ICAM SEs shall provide system designs, technical implementation, and operational support based on the business requirements and processes as defined by the ICAM SMEs/SETEs and approved by the Agency CIO and the Agency AA for Protective Services.



| TOC | ChangeHistory | Preface | Chapter1 | Chapter2 | Chapter3 | AppendixA | AppendixB | AppendixC | ALL |
 
| NODIS Library | Legal Policies(2000s) | Search |

DISTRIBUTION:
NODIS


This document does not bind the public, except as authorized by law or as incorporated into a contract. This document is uncontrolled when printed. Check the NASA Online Directives Information System (NODIS) Library to verify that this is the correct version before use: https://nodis3.gsfc.nasa.gov.