Rescission of Memoranda Relating to Identity Management

January 19, 2017

M-17-15

MEMORANDUM FOR HEADS OF EXECUTIVE DEPARTMENTS AND AGENCIES

FROM: Shaun Donovan, Director

SUBJECT: Rescission of Memoranda Relating to Identity Management

As part of an ongoing effort to streamline and consolidate the overall body of OMB technology policy, this Memorandum rescinds the following previously issued and outdated OMB policy memoranda:

  • M-08-01, HSPD-12 Implementation Status (OMB, October 2007)
  • M-07-06, Validating and Monitoring Agency Issuance of Personal Identity Verification Credentials (OMB, January 2007)
  • M-06-16, Protection of Sensitive Agency Information (OMB, June 2006)

M-08-01 served as a reminder for agencies to complete background investigations and issue credentials to contractors and employees as required by HSPD-12, “Implementation of Homeland Security Presidential Directive (HSPD) 12. HSPD 12 remains in effect. OMB is rescinding this memorandum in order to reduce agency reporting burden.

M-07-06 required agencies to provide PIV credentials with their agencies’ standard configuration to GSA by January 19, 2007 and to report on the number of PIV credentials issued beginning March 1, 2007. These requirements are no longer germane because the policy element requiring submission of credentials has since been included in the U.S. Federal Public Key Infrastructure requirements.

M-06-16 required agencies to take actions pertaining to the protection of remote information. All requirements found in this document are now either outdated or captured within other policies and NIST standards.

Agencies are also reminded that M-00-13, Privacy Policies and Data Collection on Federal Websites, was previously rescinded in M-10-22, Guidance for Online Use of Web Measurement and Customization Technologies.

For questions or concerns please contact ofcio@omb.eop.gov.