GFIPM Organizational Guidelines

DEPRECATION NOTICE: All GFIPM governance, policy, and membership artifacts hosted on this page have been deprecated by the GFIPM Task Team, and are provided herein for historical purposes only. The GFIPM Task Team no longer recommends the organization of new GFIPM federations within the justice community, as this approach tends to fracture the community by creating unnecessary federation boundaries between would-be information sharing partners that belong to different federations. In lieu of establishing a new federation, the GFIPM Task Team now recommends that agencies adopt a componentized, decentralized approach to federated trust, similar to the trustmark-based approach that the National Identity Exchange Federation (NIEF) has adopted. For more information and guidance about how to pursue this approach, please contact help@gfipm.net.


Inter-organizational trust in an information sharing federation must be built upon a well-defined federation governance structure, operational policies and procedures, and trusted membership documentation. Towards that objective, GFIPM provides a set of organizational guidelines that implementers can use when establishing a federation. Without the mutual inter-organizational trust created by these guidelines, it would not be possible to establish trust at the technical level of cryptographic standards and protocols. The following artifacts comprise the GFIPM Federation Organizational Guidelines.

GFIPM Governance Guidelines [DEPRECATED]

The GFIPM Governance Guidelines document defines the governance structure for a GFIPM federation, including the parties that play a role in the governance structure (e.g. Board of Directors, Federation Management, Identity Providers, Service Providers, Trusted Identity Brokers, etc.) and the decisions to be made by each party.

Download the GFIPM Governance Guidelines

GFIPM Operational Policies and Procedures Guideline [DEPRECATED]

The GFIPM Operational Policies and Procedures Guideline document describes the operational policies and procedures that govern the basic operation of a federation for trusted information sharing, including federation membership, change management for federation standards, help desk policies, etc. It also contains some normative language related to operational protocol between parties in the federation.

Download the GFIPM Operational Policies and Procedures Guideline

GFIPM Membership Agreements Set [DEPRECATED]

The GFIPM Membership Agreements Set is a guideline specifying a set of documents that must be submitted or completed by each member of a GFIPM federation during the membership application process. It includes a signed agreement, similar to a memorandum of understanding (MOU), submitted by a member to indicate its willingness to obey the rules as specified in the GFIPM Operational Policies and Procedures Guideline.

Download the GFIPM Membership Agreements Set