Edit this page

Collecting Metrics 2.16 & 2.17

PACS Procurement Compliance & PIV Enforcement

Calculator logo

  1. Work with your agency’s Physical Security personnel to identify all perimeter and sensitive area access readers across all locations in your agency.
  2. Identify each instance of a PACS validation system in use across the agency.
  3. Validate that the product’s (readers and validation software) comply with NIST FIPS 201. Compliant products are listed on the GSA Approved Products List (APL). Hardware and software versioning and other specific information can be found inside the Approved Letters on the APL. Only the exact versions of hardware and software listed are compliant.

    • See the PACS Resources Section for sample steps to check for compliance.\

  4. Determine which validation system is configured for each compliant reader. Count the number of readers that comply, divide by the total number of readers the agency has across all locations and multiply by 100 to obtain the percentage for this metric. Record this number for Metric 2.16.
  5. Of the readers identified in Step 3, count the number that are configured to utilize the PKI (either Card Authentication or PIV Authentication Key Certificate) for routine access.
  6. Divide Step 4 by the total number from Step 1, and multiply by 100 to obtain the percentage for this metric. Record this number for Metric 2.17.

Additional Information

Magnifying Glass logo

How do I look through my PACS software in an HID Validation Solution Environment?

  1. Create an excel based inventory of all readers for a “given area”.

    • Take note of the make, model, hardware revision, and firmware revision
    • Take note of whether the above matches what is listed on the APL\

  2. Determine/Confirm which validation system is configured to support the reader

    • Log into pivCLASS PACS Services Server
    • Open pivCLASS PACS Service Administration Application, log in if necessary
    • Go to Tools > Configure PACS Service
    • Click the Reader Services Tab
    • In the left panel, expand the “Panels” tree
    • For each PAM panel configured: (1) Match the readers therein to the readers inventoried above, and (2) note which Assurance profile the reader is configured.
    • Write this information on the Inventory Report.

Need More Information?

FIPS 201 Approved Products List]
OMB M-06-18
DHS ISC Risk Management Process

If you use a different vendor’s validation system, and are not sure how to collect these metrics, please email icam@gsa.gov for assistance.