Dr 4620-002

U.S. DEPARTMENT OF AGRICULTURE
WASHINGTON, D.C. 20250

DEPARTMENTAL REGULATION
SUBJECT: Common Identification Standard for U.S.
Department of Agriculture
OPI: Office of Safety, Security, and Protection

Section
1.
2.
3.
4.
5.
6.
7.
8.
9.

NUMBER:
DR 4620-002
DATE:
June 24, 2021
EXPIRATION DATE:
June 24, 2026

Page

Purpose
Special Instructions/Cancellations
Scope
Background
Policy
Credential Issuance
Credential Utilization
Roles and Responsibilities
Inquiries

Appendix A – Acronyms and Abbreviations
Appendix B – Definitions
Appendix C – Authorities and References

1
1
3
3
3
3
4
4
6
A-1
B-1
C-1

1. PURPOSE
This Departmental Regulation (DR) prescribes the policies, roles, and responsibilities
necessary to implement and maintain Homeland Security Presidential Directive (HSPD) 12,
Policy for a Common Identification Standard for Federal Employees and Contractors, within
United States Department of Agriculture (USDA) controlled work environments.
2. SPECIAL INSTRUCTIONS/CANCELLATIONS
a.

This regulation supersedes DR 4620-002, Common Identification Standard for U.S.
Department of Agriculture, dated March 22, 2021.

b.

The issuance of the HSPD-12 credential, referred to now as the USDA LincPass,
AltLinc, or MobileLinc is mandatory and applies to all employees, as defined in 5
United States Code (U.S.C.) §2105, “Employee,” within a Department or agency.

“Employee” means a person, other than the President and Vice President, employed by,
detailed or assigned to, the USDA, including members of the Armed Forces; an expert
or consultant to USDA; an industrial or commercial contractor, licensee, certificate
holder, or grantee of USDA, including all subcontractors; or any other category of
person who acts on behalf of a Mission Area, agency, or staff office as determined by
the Mission Area, agency, or staff office head. In addition, all contractors requiring
routine access to federally controlled facilities or federally controlled information
systems will be subject to HSPD-12 requirements.
c.

No provision in this DR shall have the effect of nullifying or limiting protections for
equal employment opportunity as provided in Title VII of the Civil Rights Act, Equal
Employment Opportunities, 42 U.S.C. § 2000e, et seq., and Executive Order (E.O.)
11478, Equal Employment Opportunity in the Federal Government and E.O. 13087.
USDA prohibits discrimination in all its programs and activities on the basis of race,
color, national origin, age, disability, and where applicable, sex, marital status, familial
status, parental status, religion, sexual orientation, genetic information, political beliefs,
reprisal, or because all or a part of an individual's income is derived from any public
assistance program (not all prohibited bases apply to all programs). Persons with
disabilities who require alternative means for communication of program information
(e.g., Braille, large print, audiotape) should contact USDA's TARGET [Technology and
Accessible Resources Give Employment Today] Center at (202) 720-2600 (voice and
Telecommunications Device for the Deaf (TDD)). To file a complaint of discrimination,
write to USDA, Assistant Secretary for Civil Rights, Office of Civil Rights, 1400
Independence Avenue, S.W., Washington, DC 20250-9410 or call 1-800-795-3272
(voice) or (202) 720-6382 (TDD). USDA is an equal opportunity provider and
employer.

d.

Outside of the Personal Identity Verification (PIV) credentials, Personal Identity
Verification Interoperability (PIV-I), Personal Identity Verification Derived (PIV-D)
credentials and site badge referenced in Departmental Manual (DM) 4620-002, Common
Identification Standard for U.S. Department of Agriculture Employees and Contractors,
the only authorized badges and credentials issued by USDA will be for law
enforcement; investigations; food inspection; the Animal and Plant Health Inspection
Service (APHIS) Plant, Protection and Quarantine program; animal care; and physical
security use. This authority will remain in the control of Mission Areas, agencies, and
staff offices such as the Office of the Inspector General, the Forest Service, the
Secretary’s Personal Protection Team, the Food Safety and Inspection Service, APHIS,
the Office of Operations, and the Office of Safety, Security, and Protection (OSSP).

e.

This policy conforms with Federal Information Security Modernization Act of 2014
(FISMA), 44 U.S.C. § 3551, et seq. and National Institute of Standards and Technology
(NIST) Federal Information Processing Standards Publication (FIPS PUB) 201-2,
Personal Identity Verification (PIV) of Federal Employees and Contractors guidelines.

2

3. SCOPE
This DR applies to all Mission Areas, agencies, and staff offices.
4. BACKGROUND
a.

HSPD-12 establishes the general requirements for a common Federal identification
system. The President has mandated that all Federal departments provide a process for
identity proofing and credentialing employees and contractors to increase security and
provide greater interoperability between departments and Federal facilities.

b.

For further information on HSPD-12 and its related requirements and standards, please
see sources in Appendix C.

5. POLICY
This policy is established to enhance security, increase Government efficiency, reduce
identity fraud, and protect personal privacy by establishing a mandatory, USDA-wide
standard for secure and reliable forms of identification to its employees and contractors.
a.

Departmental Mission Areas, agencies, and staff offices must comply with HSPD-12 for
all applicable USDA Federal and non-Federal employees who work for USDA.
Detailed procedures are described in DM 4620-002.

b.

Employees as defined by 5 U.S.C § 2105, and non-Federal employees working for
USDA will be required to follow procedures in FIPS 201-2, the NIST Special
Publication (SP) series related to HSPD-12, and DM 4620-002, if they require routine
unaccompanied access to USDA controlled facilities or information systems.

c.

Employees who are stationed outside the United States at Government facilities may be
issued a Department of State credential.

d.

Retired USDA employees will no longer be issued retirement badges and must be issued
Visitor badges when visiting USDA facilities. Previously issued retirement badges must
be revoked, collected from the former employees, and destroyed.

6. CREDENTIAL ISSUANCE
USDA has three types of credentials to address HSPD-12 requirements. The LincPass is
USDA’s PIV credential for long term Federal employees and non-Federal employees. The
AltLinc is USDA’s PIV-I credential for short term Federal employees and non-Federal
employees. The MobileLinc is USDA’s PIV-D credential which is issued for use on USDA

3

authorized mobile devices. Individuals must have an issued PIV card prior to being eligible
for MobileLinc.
7. CREDENTIAL UTILIZATION
a.

See DR 3505-003, Access Control for Information and Information Systems (logical
access requirements), DR 3640-001, Identity, Credential, and Access Management
[ICAM], and DM 4620-002 for further clarification on logical access requirements.

b.

See DM 4620-002, Section 11a, Physical Access Control Systems (PACS) for physical
access requirements.

8. ROLES AND RESPONSIBILITIES
a.

The Director of OSSP will:
(1) Develop, in consultation with the USDA CIO and the Office of the Chief
Information Officer (OCIO), policies, standards, and procedures for implementing
and administering the HSPD-12 program throughout the Department;
(2) Work with Mission Areas, agencies, and staff offices to maintain policies and
procedures to support the identity proofing, registration and credentialing of
employees;
(3) Maintain an enterprise Physical Access Control System (ePACS) environment to
support Mission Area, agency, and staff office physical access control systems;
(4) Oversee and assist with migrating all physical access control systems into HSPD-12
compliance;
(5) Support role holder training module development; and
(6) Support Mission Areas, agencies, and staff offices with the roles and
responsibilities for managing non-Federal employees including the establishment
and implementation of the appeal and removal procedures for those denied a
LincPass or AltLinc in accordance with DM 4620-002.

b.

The USDA Chief Information Officer (CIO) will:
(1) Assist OSSP with maintaining connectivity to the various enterprise systems that
support HSPD-12 requirements; and

4

(2) Work with OSSP to ensure personal information collected for employee and
contractor identification purposes is handled consistent with the Privacy Act of
1974, 5 U.S.C. § 552a and all FISMA requirements (see 44 U.S.C. § 3551, et seq.).
c.

The Director of the Office of Human Resources Management (OHRM) will:
(1) Develop, maintain, and disseminate on-boarding policies and procedures for
Mission Area, agency, and staff office Human Resources staff; and
(2) Develop, maintain, and disseminate off-boarding policies and procedures that
include the collection of identification credentials for Mission Area, agency, and
staff office Human Resources staff.

d.

The Director of the Office of Contracting and Procurement (OCP) will:
(1) Provide HSPD-12 procurement and contracting guidance to the acquisition
workforce through OCP PGI 404.1301 and 411.107 of the USDA Contracting Desk
Book; and
(2) Prepare guidance and Blanket Purchase Agreements (BPA) to ensure that HSPD-12
compliant equipment is purchased.

e.

The Chief Financial Officer (CFO) will:
(1) Maintain and update EmpowHR/Person Model in a timely manner; and
(2) Provide financial oversight and management of HSPD-12 funding.

f.

Mission Area, Agency, and Staff Office Deputy Administrators (DAM) will:
(1) Comply with all relevant HSPD-12 requirements such as NIST FIPS PUB 201-2,
NIST SPs, DR 3505-003, DR 3640-001, and DM 4620-002;
(2) Utilize the HSPD-12 risk assessment credential matrix for all Federal and nonFederal employees to determine eligibility for LincPass and AltLinc. To access the
credential matrix, see DM 4620-002;
(3) Remove from Federal service any employee denied a LincPass or AltLinc. The
appeal process for a removal from Federal service is already established in law and
regulation see 5 U.S.C. § 7513(d), Cause and Procedure; 5 Code of Federal
Regulations (CFR) § 752.405, Appeal and Grievance Rights; employees can appeal
to the Merit Systems Protection Board;
(4) Comply with Departmental policies and procedures to support registration, identity
proofing, and issuing LincPasses, AltLincs, and MobileLincs and other appropriate
badges;

5

(5) Ensure Mission Area, agency, and staff office applicants complete the enrollment
and activation process for their LincPasses, AltLincs, or MobileLincs in a timely
manner;
(6) Comply with USDA physical and logical control policies and procedures;
(7) In consultation with Mission Area, Staff Office, or Agency contracting office,
ensure HSPD-12 products and services are compliant with FIPS PUB 201-2 and
Office of Management and Budget (OMB) guidance;
(8) Assign a point of contact and alternate to the HSPD-12 Program Office that can
provide outreach to Mission Area, agency, and staff office personnel;
(9) Ensure HSPD-12 role holders are assigned such roles as Sponsor, Security Officer,
Adjudicator, Role Administrator, as further described in DM 4620-002, Section 6,
to ensure employees receive their USDA credential in a timely manner; and
(10) Identify all personnel requiring Federal Emergency Response Official (FERO)
designation and ensure designations are printed on LincPasses by providing a list of
names to the sponsor.
g.

Employees will comply with Departmental policies and procedures related to LincPass,
AltLinc, MobileLinc issuance and maintenance. This includes adhering to deadlines for
credential and certificate renewal.

9. INQUIRIES
Questions regarding this DR should be directed to OSSP at 202-690-6777 or
[email protected].
-END-

6

APPENDIX A
ACRONYMS AND ABBREVIATIONS
APHIS
BPA
CFO
CFR
CIO
DAM
DM
DR
ePACS
E.O.
FERO
FIPS PUB
FISMA
HSPD-12
ICAM
IT
LACS
NIST
OCIO
OCP
OHRM
OMB
OSSP
PACS
PIV
PIV-D
PIV-I
SP
TARGET
TDD
U.S.C.
USDA

Animal and Plant Health Inspection Service
Blanket Purchase Agreement
Chief Financial Officer
Code of Federal Regulations
Chief Information Officer
Deputy Administrator
Departmental Manual
Departmental Regulation
Enterprise Physical Access Control System
Executive Order
Federal Emergency Response Official
Federal Information Processing Standards Publication
Federal Information Security Modernization Act
Homeland Security Presidential Directive 12
Identity, Credential, and Access Management
Information Technology
Logical Access Control System
National Institute of Standards and Technology
Office of the Chief Information Officer
Office of Contracting and Procurement
Office of Human Resources Management
Office of Management and Budget
Office of Safety, Security, and Protection
Physical Access Control System
Personal Identity Verification
Personal Identify Verification Derived
Personal Identity Verification Interoperable
Special Publication
Technology and Accessible Resources Give Employment Today
Telecommunications Device for the Deaf
United States Code
United States Department of Agriculture

A-1

APPENDIX B
DEFINITIONS
a.

Access Control. The process of granting or denying requests to access physical facilities
or areas, or to logical systems (e.g., computer networks or software applications). See
also “logical access control system” and “physical access control system.”

b.

Access (Routine). Entry into and use of a facility and/or information system on a
regular basis without an escort and/or continuous monitoring by a USDA official. The
Mission Area, agency, and staff office determination should be based upon the support
to successfully complete USDA’s mission functions. Routine access requires a
mandatory PIV or PIV-I credential to be issued.

c.

Access (Unaccompanied). Entry into and use of a facility and/or information system
without an escort and/or continuous monitoring by a USDA official. The Mission Area,
agency, and staff office’s determination for unaccompanied access should be based upon
the support to successfully complete USDA’s mission functions. Unaccompanied
access requires a mandatory LincPass to be issued.

d.

AltLinc. USDA has named their common identity PIV-I card the AltLinc, as it is
designed to link a person’s identity to an identification card and the card to a person’s
ability to access Federal buildings and computer systems. This card will be used to
service short-term personnel (less than 6 months) requiring limited Information
Technology (IT) or physical access. The spelling of the AltLinc PIV-I card is derived
from the word alternative as it is meant to serve as an alternative to the LincPass.

e.

Contractor. An individual under contract to USDA (for the purpose of HSPD-12
implementation).

f.

Credential. An identity card (“smart card”), also known as LincPass or AltLinc, that
contains stored identity credentials. The card is issued to an individual and the claimed
identity of the cardholder can be verified against stored credentials by another person or
by an automated process. Other approved forms of a credential may be issued when
applicable.

g.

Employee. Defined in 5 U.S.C. § 2105, “Employee,” within a department or Mission
Area, agency, and staff office. “Employee” means a person, other than the President and
Vice President, employed by, detailed or assigned to, USDA, including members of the
Armed Forces; an expert or consultant to USDA; an industrial or commercial contractor,
licensee, certificate holder, or grantee of USDA, including all subcontractors; or any
other category of person who acts on behalf of an Mission Area, agency, and staff office
as determined by the Mission Area, agency, and staff office head.

B-1

h.

Federal Facility. The term “Federal facility” means any building, structure, or fixture or
part thereof which is owned by the United States or any Federal agency or which is held
by the United States or any Federal agency under a lease-acquisition agreement under
which the United States or a Federal agency will receive fee simple title under the terms
of such agreement without further negotiation. Such term also applies to facilities
related to programs administered by Federal agencies.

i.

LincPass. USDA has named their common identity card the LincPass, as it is designed
to link a person’s identity to an identification card and the card to a person’s ability to
access Federal buildings and computer systems. The spelling of LincPass is a tribute to
President Abraham Lincoln, who created the Department of Agriculture , also known as
the People’s Department, in 1862.

j.

Logical Access Control System (LACS). Protection mechanisms that limit a user’s
access to information and restrict their forms of access on the system to only what is
appropriate for them. LACS may be built into an operating system, application, or an
added system.

k.

MobileLinc. A derived PIV (or PIV-D) credential that can be used for logical access for
individuals within USDA who have already been issued a PIV.

l.

Physical Access Control System (PACS). Protection mechanisms that limit users' access
to physical facilities or areas to only what is appropriate for them. These systems
typically involve a combination of hardware and software (e.g., a card reader), and may
involve human control (e.g., a security guard).

B-2

APPENDIX C
AUTHORITIES AND REFERENCES
Appeal and Grievance Rights, 5 CFR § 752.405
Cause and Procedure, 5 U.S.C. § 7513(d)
Title VII of the Civil Rights Act, Equal Employment Opportunities, 42 U.S.C. § 2000e, et
seq.
Employee, 5 U.S.C. § 2105
Executive Order (E.O.) 11478, Equal Opportunity Employment in the Federal Government,
August 8, 1969
Federal Information Security Modernization Act of 2014 (FISMA), 44 U.S.C. § 3551, et seq.
Homeland Security Presidential Directive (HSPD) 12, Policy for a Common Identification
Standard for Federal Employees and Contractors, August 27, 2004
NIST, FIPS PUB 201-2, Personal Identity Verification (PIV) of Federal Employees and
Contractors, August 2013
Privacy Act of 1974, 5 U.S.C. § 552a
USDA, DM 4620-002, Common Identification Standard for U.S. Department of Agriculture
Employees and Contractors, January 14, 2009
USDA, DR 3505-003, Access Control for Information and Information Systems, July 19,
2019
USDA, DR 3640-001, Identity, Credential, and Access Management, June 8, 2021
USDA, DR 4300-003, Equal Opportunity Public Notification Policy, October 17, 2019
USDA, OCP, Procurement Advisory No. 115, Continued Implementation of LincPass at
USDA, August 7, 2013

C-1