scope:

Purpose

This document establishes requirements and responsibilities for the policy set forth in NASA Policy Directive (NPD) 2800.1, in order to properly manage identity, credential, and access management (ICAM) services as an integrated end-to-end service to improve security, efficiency, and inter-Center collaboration. In order to meet Federal requirements established by the Office of Management and Budget (OMB) and the National Institute of Standards and Technology (NIST), and documented in the Federal ICAM Roadmap and Implementation Guidance, this NASA Procedural Requirement (NPR) establishes Agency-wide enterprise services that all Centers and applications will use.

Applicability

a. This NASA Procedural Requirement (NPR) is applicable to NASA Headquarters and NASA Centers, including Component Facilities and Technical and Service Support Centers. This language applies to the Jet Propulsion Laboratory (JPL), a Federally Funded Research and Development Center (FFRDC), other contractors, grant recipients, or parties to agreements only to the extent specified or referenced in the appropriate contracts, grants, or agreements.

b. In this directive, all mandatory actions (i.e., requirements) are denoted by statements containing the term "shall." The terms: "may" or "can" denote discretionary privilege or permission, "should" denotes a good practice and is recommended, but not required, "will" denotes expected outcome, and "are/is" denotes descriptive material.

c. In this directive, all document citations are assumed to be the latest version unless otherwise noted.