Omaerz: 2 revisions imported: Initial Upload of old pages from IDESG Wiki

2018-06-28T04:02:21Z

2 revisions imported: Initial Upload of old pages from IDESG Wiki

New page

'''Title''': Guidelines for the Accreditation of Personal Identity Verification Card Issuers

 
'''Category''': Security Assessment Guide

 
'''Date''': February 2010

 
'''Creator''': NIST

 
'''URL''': http://csrc.nist.gov/publications/nistpubs/800-79-1/SP800-79-1.pdf

 
'''Description''': Survey of the requirements to be met by a PIV Card Issuer (PCI) and an accreditation methodology for
ensuring their conformance with those requirements. Accreditation topics include organizational readiness,
security management and data protection, infrastructure elements and processes.

 
'''Privacy''': The security management and data protection accreditation topic includes confirmation that privacy
requirements from FIPS 201 are satisfied. This document does not add privacy requirements but provides
guidelines for assessing conformance to those requirements. Privacy related documents required during the
accrediation process include the privacy policy, privacy impact analysis, system of record notice, privacy act
statement, rules of conduct and documented processes for requests to review personal information,
requests to amend personal information, appeals and complaints.

 
'''Security''': Provides a structure for confirming that the PIV Card Issuer meets security obligations and requirements.

 
'''Interoperability''': Supports interoperable use of PIV cards by providing a common baseline of security assurance in the
issuance process.

 
'''Terms''':

[[Category:Standards]]
[[Category:Security Assessment Guide]]

NIST SP 800-79-1 - Revision history

Omaerz: 2 revisions imported: Initial Upload of old pages from IDESG Wiki