Fine Access Control

Fine Access Control

Chief Information Officer

IC Technical Specifications

Fine Access Control


Any IT system performing entity authentication may use this specification to determine if a given entity should be granted access to a specific piece of data.


This specification applies to the IC, as defined by the National Security Act of 1947, as amended, and ICS 500-27, Collection and Sharing of Audit Data,  and such other elements of any other department or agency as may be designated by the President, or designated jointly by the Director of National Intelligence (DNI) and  the head of the department or agency concerned, as an element of the IC.  Joint and Coalition forces may use this specification but it is not required.


Compliance with this specification is measured against all aspects of the technical and documentary artifacts contained within the specification release package.


This specification is maintained by the IC Chief Information Officer via the Data Services Coordination Activity (DSCA) and Common Metadata Standards Tiger Team (CMSTT).


Technical Specification Downloads


Latest Approved Public Release:

Mission Requirements


Information sharing within the national intelligence enterprise relies on the ability to discover and access intelligence content from any location, at any time, with as few restrictions as possible.  ICD 501 empowers analysts, operators, and collectors with a wide range of capabilities for discovering, using, and sharing content within the IC and with partners.  This authority comes with great responsibility, a responsibility that must be tracked, analyzed, and reported on.

The auditing of person and non-person entities within the IC protects the nation from abuse, voluntary or involuntary disclosure, as well as insider and outside threats.  The audit specification is derived from the fundamental mission requirement to track and audit the discovery and access of intelligence content and information resources within the IC enterprise.