|Title:||VA Needs to Improve Governance of Identity, Credential, and Access Management Processes|
|VA Office:||Office of the Secretary
|Report Author:||Office of Audits and Evaluations
Identity, credential, and access management (ICAM) is a set of tools, policies, and systems used to ensure the right individual has access to the right resource, at the right time, for the right reason in support of federal business objectives. In February 2021, the VA Office of Inspector General (OIG) received a hotline complaint claiming the Office of the Assistant Secretary for Human Resources and Administration/Operations, Security, and Preparedness and the Office of Information and Technology have not agreed since 2016 on roles and responsibilities for VA’s ICAM program. This has contributed to VA not being able to effectively comply with Office of Management and Budget (OMB) policy. The OIG reviewed to determine whether VA is effectively governing its ICAM program as required.