GAO assesses FIPS 201 challenges

"Agencies Face Challenges in Implementing New Federal Employee Identification Standard"

Related Links

Congressional auditors expressed concern in a report released today that agencies will fail to meet an Oct. 27 deadline for issuing interoperable smart card identity credentials to federal employees and contractors.

The report also questions whether the federal government can accomplish the major objective of the secure identity credentialing program, which is governmentwide interoperability.

Among the significant challenges is the need for testing and buying smart cards and card readers that meet the technical standard for the new identity cards, Federal Information Processing Standard (FIPS) 201. Agencies also must solve interoperability problems that will arise because of different specifications for implementing the FIPS 201 standard, according to the auditors’ report.

Agencies face further difficulties in resolving differences among various vendors’ implementation of the biometric standard that is part of FIPS 201, the report states.

The auditors faulted the Office of Management and Budget for providing incomplete guidance on how FIPS 201 applies to securing government facilities, employees and contractors and information systems. On that point, OMB officials disagreed with the Government Accountability Office.

“Our guidance provides the appropriate balance between the need to aggressively implement the president’s deadlines while ensuring agencies have the flexibility to implement [Homeland Security Presidential Directive 12] based on the level of risk their facilities and information systems present,” wrote Karen Evans, OMB administrator for e-government and information technology, in a letter to GAO.

GAO’s final concern was that agencies would struggle with budget uncertainties and unknown costs, increasing the likelihood that agencies would miss the Oct. 27 deadline and fail to achieve the desired results of FIPS 201.

GAO recommended that the OMB director monitor agencies' progress in implementing FIPS 201 by establishing agency reporting procedures. Evans said OMB would monitor the program using its existing management and budget tools.


  • Defense
    The U.S. Army Corps of Engineers and the National Geospatial-Intelligence Agency (NGA) reveal concept renderings for the Next NGA West (N2W) campus from the design-build team McCarthy HITT winning proposal. The entirety of the campus is anticipated to be operational in 2025.

    How NGA is tackling interoperability challenges

    Mark Munsell, the National Geospatial-Intelligence Agency’s CTO, talks about talent shortages and how the agency is working to get more unclassified data.

  • Veterans Affairs
    Veterans Affairs CIO Jim Gfrerer speaks at an Oct. 10 FCW event (Photo credit: Troy K. Schneider)

    VA's pivot to agile

    With 10 months on the job, Veterans Affairs CIO Jim Gfrerer is pushing his organization toward a culture of constant delivery.

Stay Connected


Sign up for our newsletter.

I agree to this site's Privacy Policy.