Skip to main content
U.S. flag

An official website of the United States government

Dot gov

The .gov means it’s official.
Federal Government websites often end in .gov or .mil. Before sharing sensitive information, make sure you’re on a Federal Government site.


The site is secure.
The https:// ensures that you are connecting to the official website and that any information you provide is encrypted and transmitted securely.

Governance and Compliance

The Federal ICAM (FICAM) program helps federal agencies plan and manage enterprise identity, credentialing, and access management (ICAM) through collaboration opportunities and guidance on IT policy, standards, implementation, and architecture. Most of the guidance and best practices found on this website are developed through interagency working groups.

ICAM Program Management Guide

The ICAM Program Management Guide explains how to plan and implement an Identity, Credential, and Access Management (ICAM) Program, as outlined in the Federal Identity, Credential, and Access Management (FICAM) Architecture. In this guide, you’ll find content for ICAM program managers who need agency-level planning guides to drive adoption of ICAM services within their organizations as well as information on how to govern the program, identify and communicate with stakeholders, manage risk, and other related topics.

This guide answers the most common ICAM program organization and management questions, including:

  • How can I establish governance to ensure ICAM alignment at the agency level?
  • Who are my key ICAM stakeholders?
  • What best practices support ICAM implementation?

The guide is organized by sections, each of which describes an essential feature of ICAM program management, including recommendations and lessons learned from agencies who have implemented ICAM programs.

FICAM Architecture and Playbooks

The FICAM Architecture and accompanying guidance, maintained by GSA in coordination with OMB and DHS CISA, contains processes, procedures, and considerations for planning and managing logical access, physical access, identity management, and federation within federal agencies.

These playbooks are hosted on Github and provide common policy and patterns to help you implement and execute ICAM at your agency. The playbooks are a government-wide collaboration based on the needs and interests of individual agencies and government-wide groups. Reach out to icam at to suggest new topics.



  • National Cybersecurity Center of Excellence (NCCoE) – Works with experts from industry, government, and academia to address businesses’ most pressing cybersecurity problems with practical, standards-based solutions using commercially available technologies.
  • NIST Identity & Access Management – Through the NIST Identity and Access Management Resource Center, we seek to share our efforts that strengthen the security, privacy, usability, and interoperability of solutions that meet an organization’s identity and access management needs throughout the system lifecycle.

An official website of the General Services Administration

Looking for U.S. government information and services?
Visit Edit this page