This four hour tutorial is an introduction to the FIPS 140-2 process, the rationale behind the standard, its history and the present path it’s on. The validation process will be explained in detail and the concept of a cryptographic module will be discussed in terms of implementation (software, hardware or firmware) and function (cryptographic algorithms, key management, etc). The eleven sections of the standard will be presented, with an emphasis on the requirements and required documentation. The laboratory and testing process will be shown, along with the algorithm testing process and the essential FIPS 140-2 documents (the standard, Implementation Guidance, Derived Test Requirements and the annexes). This tutorial has been well received both in and out of the U.S.