Merge pull request #609 from GSA/staging

Production Update 1005

404.html

@@ -12,7 +12,16 @@ <h1>Page not found</h1>
           <p class="usa-intro">
             We’re sorry; we can’t find the page you're looking for. It might have been removed, had its name changed, or is otherwise unavailable.
           </p>
-          <p>If you typed the URL directly, check your spelling and capitalization. Our URLs look like this: <strong>www.idmanagement.gov/content-area</strong>.</p>
+          <p>If you typed the URL directly, check your spelling and capitalization. Our URLs look like this: <strong>www.idmanagement.gov/content-area</strong>. For example:
+          <ul>
+            <li><a href="https://www.idmanagement.gov/arch/" target="_blank">FICAM Architecture</a>.</li>
+            <li><a href="https://www.idmanagement.gov/playbooks" target="_blank">For Playbooks</a> such as Single Sign-On, Privileged User, or Digital Identity Risk Assessments.</li>
+            <li><a href="https://www.idmanagement.gov/university/" target="_blank">The university section</a> has general knowledge on digital identity topics.</li>
+            <li>List of <a href="https://www.idmanagement.gov/trust-services/" target="_blank">trusted identity services</a>.</li>
+            <li><a href="https://www.idmanagement.gov/fips201/" target="_blank">FIPS 201 Approved Product List</a>.</li>
+            <li><a href="https://www.idmanagement.gov/fpki/#federal-pki-policies-and-profiles" target="_blank">Federal PKI Policies</a> including Common Policy, Federal Bridge, and Public Trust TLS.</li>
+          </ul>
+          </p>
           <p>Visit our homepage for helpful tools and resources, use our search bar in the upper right, submit an issue, or contact us and we’ll point you in the right direction.</p>
           <div class="margin-y-5">
             <ul class="usa-button-group">

CODEOWNERS

@@ -1,7 +1,7 @@
 # Global owners
-* @idmken @JBPayne007
+* @idmken @JBPayne007 @id2win
 
 # Layouts and Includes and other Jekyll structural changes
 
 # Site content changes
-*.md @JillTunick
+*.md @claytonjbarnette @0Vanessa0

_arch/architecture.md

@@ -95,7 +95,7 @@ June 30, 2023 -->
 </div>
 
 
-# Introduction
+## Introduction
 
 FICAM is the federal government’s implementation of Identity, Credential, and Access Management (ICAM).
 
@@ -181,7 +181,7 @@ In 2015, ICAM experts from across the federal government collaborated on an upda
 
 This site contains the current version for the FICAM Architecture.  The FICAM Roadmap and Implementation Guidance v2.0 is superseded by both the FICAM Architecture updates and other complementary modernized playbooks developed by ICAM committees across government. 
 
-# Goals and Objectives
+## Goals and Objectives
 
 The Goals and Objectives identify the aims and outcomes of a federal agency enterprise ICAM program. The goals and objectives align with ICAM functions and map to government-wide policies, cross-agency priorities, and strategic government initiatives.
 
@@ -212,7 +212,7 @@ The visual below presents the three goals, each with its own objectives.
 - 3.2 Evaluate, rationalize, and migrate to modern, cloud-smart solutions for ICAM services.
 - 3.3 Promote interoperability and efficiency across the federal government by buying and building ICAM solutions that use open, commercially adopted standards.
 
-# Services Framework and Service Descriptions
+## Services Framework and Service Descriptions
 
 The Services Framework is a tool designed for ICAM program managers and information technology enterprise architects. It identifies the services that provide functionality within the scope of ICAM and assists in distinguishing between business requirements and technical solutions. The services framework includes the five practice areas and services within.
 
@@ -409,11 +409,11 @@ The Governance services in the FICAM architecture include Identity Governance, A
 
 | Service | Description | Keywords |
 | --- | ------ | -----|
-| Identity Governance | The systems, solutions, and rules that link enterprise personnel, applications, and data to help agencies manage access and risk. | Management Framework, Rules and Procedures, Access Reviews and Recertifications | 
+| Identity Governance | The systems, solutions, and rules that link enterprise personnel, applications, and data to help agencies manage access and risk. | Management Framework, Rules and Procedures, Access Reviews and Re-certifications | 
 | Analytics | Leverage continuous analytics data to identify if someone has entitlements that conflict with access requirements. | Data collection, Monitoring, Review, Data Certification, Auditing and Reporting | 
 | Mitigation | Correct the problems and address risks, discovered by analysis, that may occur during standard operations. | Redress, Remediation |
 
-# Use Cases
+## Use Cases
 
 These use cases are designed for ICAM Enterprise Architects and business owners and describe some of the most common ICAM business processes.
 
@@ -801,7 +801,7 @@ You can combine or build upon the ICAM use cases to support your agency’s scen
 </div>
 <hr>
 
-# Reference Example
+## Reference Example
 
 This reference example include sample enterprise ICAM tools (e.g., solutions, applications, and software) aligned with ICAM service areas that illustrate ICAM functionality at an agency. The reference examples are designed for enterprise architects, security engineers, and solution architects to facilitate discussions regarding the technology solutions to integrate with enterprise applications and the business requirements.
 
@@ -883,7 +883,7 @@ Agency endpoints may include:
 - Government cloud email services
 - Government facilities
 
-# Policies and Standards
+## Policies and Standards
 
 See the [ICAM Policy Matrix]({{site.baseurl}}/university/policymatrix/) for the latest set of ICAM policies and standards.
 

_arch/icamsolutions.md

@@ -22,7 +22,7 @@ This section contains information on the GSA ICAM Solutions Catalog and GSA ICAM
 - [GSA Solutions and Shared Services Roadmap](#gsa-icam-solutions-and-shared-services-roadmap) - A roadmap for providing or updating GSA Multiple Award Schedule solutions and shared services that allow agencies to achieve the outcomes in OMB ICAM policy and NIST standards and guidelines.
 - [GSA Solutions Catalog](#gsa-icam-solutions-catalog) - A consolidated catalog of existing GSA Multiple Award Schedule ICAM solutions and shared services.
 
-# GSA ICAM Solutions and Shared Services Roadmap
+## GSA ICAM Solutions and Shared Services Roadmap
 
 [This document]({{site.baseurl}}/docs/gsa-icam-roadmap.pdf){:target="_blank"}{:rel="noopener noreferrer"} provides a response to the Office of Management and Budget (OMB) memorandum M-19-17, “Enabling Mission Delivery through Improved Identity, Credential, and Access Management.” The memorandum outlines the federal government's Identity, Credential, and Access Management (ICAM) policy and establishes government-wide responsibilities that include the General Services Administration (GSA). GSA is specifically tasked with developing and maintaining "a roadmap for providing or updating GSA solutions and shared services that allow agencies to achieve the outcomes in OMB ICAM policy and NIST standards and guidelines.” GSA analyzed the current state of ICAM solutions and shared services and developed activities to address identified gaps based on the ICAM Services Framework.
 The roadmap aligns actions to the following three phases:
@@ -163,7 +163,7 @@ The following table provides a summary of the roadmap activities. This roadmap i
   </tbody>
 </table>
 
-# GSA ICAM Solutions Catalog
+## GSA ICAM Solutions Catalog
 
 On May 21, 2019, the Office of Management and Budget (OMB) released a new Identity, Credential, and Access Management (ICAM) policy (M-19-17). This memo mandated that GSA publish “a consolidated catalog of existing ICAM solutions and shared services.” The attached catalog includes several special item numbers (SINs) within the Multiple Award Schedules (MAS). Please note that MAS has recently gone through a consolidation; therefore, new SIN designations have been included.
 
@@ -256,7 +256,7 @@ Most MAS ICAM solutions can be purchased on GSA eBuy, an online Request for Quot
   </tr>
 </table>
 
-# GSA eBuy Ordering Instructions For Agencies
+## GSA eBuy Ordering Instructions For Agencies
 
 Buyers are required to register on GSA Advantage. Buyers can use the same User ID and Password on GSA eBuy and GSA Advantage. Vendor listings change regularly and are available in eBuy. Below are modified steps to access the GSA eBuy Buyer website:
 
@@ -271,7 +271,7 @@ Buyers are required to register on GSA Advantage. Buyers can use the same User I
 9. Submit – Review and submit the RFQ/RFI.
 
 
-# Additional Resources
+## Additional Resources
 
 - [GSA eBuy Job Aid](https://www.ebuy.gsa.gov/ebuy/assets/content/eBuy-Buyer_jobaid.pdf){:target="_blank"}{:rel="noopener noreferrer"}{:class="usa-link usa-link--external"}
 - [GSA ICAM](https://www.gsa.gov/technology/government-it-initiatives/identity-credentials-and-access-management){:target="_blank"}{:rel="noopener noreferrer"}{:class="usa-link usa-link--external"}

_config.yml

@@ -154,7 +154,9 @@ collections:
   ficampmo:
     output: true
     permalink: /ficam/:path/
-
+  redirects:
+    output: true
+    permalink: /redirects/:path/
 
 # Leaving in place: 
 # Unsure of placement in new site.

_data/fips201announcements.yml

@@ -3,6 +3,16 @@
 # If announcement content is full summary, leave 'url' blank, set soure to 'IDManagement.gov' and doctype = 'Announcement'
 # HTML tags can be included inline with summary information.
 
+- name: GSA FIPS 201 EP initial version of the FRTC for PACS Alternative Authenticators, version 1.0 
+  summary: <p>The initial version of the FRTC for PACS Alternative Authenticators, version 1.0 has been published for public review and comments under the Physical Access Control System section.</p><p>This document will be continuously updated as emerging technology and standards supporting FICAM compliance become available. Please review the document and provide your comments to <a href="mailto&#58;[email protected]">[email protected]</a> by November 30, 2023.</p>
+  pubdate: September 26, 2023
+  url: 
+  source: IDManagement.gov
+  target: _blank
+  expanded: false
+  doctype: Announcement
+  status: Active
+
 - name: GSA FIPS 201 Testing Lab Re-opening
   summary: It is our great pleasure to announce the reopening of the FIPS201 Evaluation Program's compliance testing lab. An email announcing the reopening of the lab was sent out to the community on Wednesday, July 20, 2022. Due to a recent change in contract vehicles the lab had to physically move to a new location. Even though the distance was not far, the move itself was time consuming. We would like to thank those PACS vendors who took the time to certify their current installations prior to the move, and you may be called upon to verify that everything moved over is in working order. You will be contacted by the lab team if further assistance is needed. For those of you who have been waiting to submit new applications, or conduct updates, we appreciate your patience. You are now free to send the paperwork to our group email address fips201ep at gsa dot gov.
   pubdate: July 27, 2022

_data/fips201pacs-await-list.yml

@@ -21,55 +21,49 @@
 #   teststatus: [string] 
 
 - position: 1	
-  solution: Software House C-CURE-9000 V2.9 PACS 13.02	
-  aplnumbers: New	
-  state: New	
-  teststatus: In queue
-
-- position: 2
-  solution: Gallagher PIV Command Center with HID Global Validation
+  solution: Gallagher PIV Command Center with HID Global Validation		
   aplnumbers: 10019 & 10020
   state: Update
   teststatus: In queue
 
-- position: 3
-  solution: Datawatch + HID pivCLASS
-  aplnumbers: New
-  state: New
+- position: 2	
+  solution: Datawatch + HID pivCLASS	
+  aplnumbers: New	
+  state: New	
   teststatus: In queue
 
-- position: 4
-  solution: Identiv Velocity Security Management System 13.02
+- position: 3	
+  solution: Identiv Velocity Security Management System 13.02	
   aplnumbers: 10103
   state: Update
   teststatus: In queue
 
-- position: 5
+- position: 4	
   solution: AMAG Symmetry Professional + HID Global Validation System
   aplnumbers: 10047 & 10048
   state: Update
   teststatus: In queue
 
-- position: 6
+- position: 5	
   solution: Genetec Security Center – Synergis with HID Global Validation System
   aplnumbers: 10061 & 10062
   state: Update
   teststatus: In queue
 
-- position: 7
+- position: 6	
   solution: AMAG Symmetry Professional + Identity One Validation System
   aplnumbers: 10143 & 10144
   state: Update
   teststatus: In queue
 
-- position: 8
-  solution: NAPCO Security
+- position: 7	
+  solution: NAPCO Security	
   aplnumbers: New
   state: New
   teststatus: In queue
 
-- position: 9
-  solution: Tyco Security Products C-CURE 9000 with Innometrics validation System
+- position: 8	
+  solution: Tyco Security Products C-CURE 9000 with Innometrics validation System	
   aplnumbers: 10115 & 10108
   state: Update
-  teststatus: On Hold by vendor
+  teststatus: On Hold by vendor

_data/fips201pacs1302.yml

@@ -100,3 +100,8 @@
   reader5url: /docs/apl-10078-79-80-81-82-xtec.pdf
   reader5apl: 10078
 
+- category: 13.02
+  fipsstatus: Approved
+  infrastructure: Software House C●CURE-9000 V2.9 PACS 13.02
+  infraurl: /docs/apl-10159-softwarehouse.pdf
+  infraapl: 10159

_data/fpkinotifications.yml

@@ -906,7 +906,7 @@
 - notice_date: November 23, 2022
   change_type: CRL and OCSP Outage
   system: Entrust Federal CRL and OCSP Service
-  change_description: On Wednesday, Novebmer 23, 2022, Entrust reported intermittent availability issues their CRL and Federal OCSP Service between 11 AM ET and 4:45 PM ET.
+  change_description: On Wednesday, November 23, 2022, Entrust reported intermittent availability issues their CRL and Federal OCSP Service between 11 AM ET and 4:45 PM ET.
   contact: support at entrust dot com
   cdp_uri: Multiple, http://sspweb.managed.entrust.com/CRLs/EMSSSPCA3.crl, http://feddcsweb.managed.entrust.com/CRLs/FedDCSCA1.crl
   ocsp_uri: ocsp.managed.entrust.com, ocspproofs.managed.entrust.com, nfiocsp.managed.entrust.com, doesspocsp.managed.entrust.com, hhspkiocsp.managed.entrust.com, feddcsocsp.managed.entrust.com

_data/laws-policies-standards.yml

@@ -672,7 +672,7 @@
   shortName: "ICAM Governance Framework"
   longName: "Identity, Credential, and Access Management Governance Framework"
   description: >-
-    The ICAM Governance Frameowork Working Group, composed of ICAM practitioners from
+    The ICAM Governance Framework Working Group, composed of ICAM practitioners from
     several federal agencies, developed this ICAM Governance Framework as a tool to help
     agencies build and improve ICAM governance structures, processes, and policies.
   published: 2021-09-01
@@ -686,7 +686,7 @@
   shortName: "NISTIR 8149"
   longName: "NIST Interagency Report 8149: Developing Trust Frameworks to Support Identity Federations"
   description: >-
-    Desecribes trust frameworks for identity federations, which provide a secure method for leveraging shared 
+    Describes trust frameworks for identity federations, which provide a secure method for leveraging shared 
     identity credentials across communities of similarly-focused online service providers.
   published: 2018-01-12
   externalURL: "https://csrc.nist.gov/publications/detail/nistir/8149/final"
@@ -863,7 +863,7 @@
     - Access Management - Authentication
 - &PLAYBOOKS
   type: Guidance
-  shortName: "FICAM Playboks"
+  shortName: "FICAM Playbooks"
   longName: "FICAM Playbooks"
   description: >-
     A playbook is a comprehensive guide on a technical topic, describing both overarching strategy 

_ficampmo/ficampmo.md

@@ -19,13 +19,13 @@ subnav:
     href: '#federal-public-key-infrastructure-policy-authority'
 ---
 
-# Introduction
+## Introduction
 
 The GSA Federal ICAM (FICAM) program helps federal agencies plan and manage enterprise identity, credentialing, and access management (ICAM) through collaboration opportunities and guidance on IT policy, standards, implementation, and architecture. Most of the guidance and best practices found on this website are developed through interagency working groups. The FICAM Program is a Federal CIO Council initiative managed by the GSA Office of Government-wide Policy.
 
 The main difference between the GSA OGP FICAM program and an agency ICAM program (including GSA's own enterprise ICAM program) is the GSA OGP FICAM program focuses on government-wide initiatives that support interoperability between organizations.
 
-# Federal Workforce Identity Framework
+## Federal Workforce Identity Framework
 
 The FICAM Program governs through a four-part framework for identity federations.
 
@@ -51,7 +51,7 @@ Through this four-part framework, the GSA FICAM Program leads or coordinates the
    1. [FIPS 201 Evaluation Program]({{site.baseurl}}/fips201ep/) - Tests and certify services and commercial products used in PIV credentialing systems and physical access control systems.
    2. [Federal PKI Annual Review Process]({{site.baseurl}}/fpki/#annual-review-requirements-for-all-certification-authorities) - Independent compliance audit requirement and schedule of Federal PKI Certification Authorities.
 
-# ICAM Governance Bodies
+## ICAM Governance Bodies
 
 The GSA FICAM Program coordinates and oversees governmentwide ICAM initiatives as directed by the Federal CISO Council and the Office of Management and Budget. It accomplishes this mission through various governance bodies outlined below.
 
@@ -88,7 +88,7 @@ The ICAMSC charters working groups based on a defined-purpose and timeline. See
 
 ### Other ICAM Working Groups
 
-Other ICAM working groups may be charted under other committess or subcommittees of the Federal CIO Council.
+Other ICAM working groups may be charted under other committees or subcommittees of the Federal CIO Council.
 
 | Working Group Name | Purpose | Activities | Membership Requirements | Meeting Schedule | 
 | --------- | ---- | ---------- | ------- | ----------- |