FIPS stands for Federal Information Processing Standards, which are a set of publicly announced standards developed by the National Institute of Standards and Technology (NIST) for use in computer systems of non-military United States government agencies and contractors. FIPS standards are intended to establish requirements for ensuring computer security and interoperability, and are developed when there are no acceptable industry standards or solutions for a particular government requirement.

FIPS standards cover a wide range of topics in information technology, including data security standards, personal identity verification, and 3D graphics. Some of the most well-known FIPS standards include:

• FIPS 140: Security requirements for cryptography modules
• FIPS 197: Rijndael/AES cipher
• FIPS 201: Personal Identity Verification for Federal Employees and Contractors

FIPS 140-2 is a standard that handles cryptographic modules and the ones that organizations use to encrypt data-at-rest and data-in-motion. It has four levels of security, with level 1 being the least secure and level 4 being the most secure.

FIPS standards are not always mandatory for federal agencies, and the applicability section of each FIPS details when the standard is applicable and mandatory. FIPS do not apply to national security systems. Although FIPS are developed for use by the federal government, many in the private sector voluntarily use these standards.