Conversations in Risk-Based Security

Are You Prepared for and Compliant with the CJIS Security Policy?

Posted by Doug Yarabinetz on Oct 26, 2017 1:19:02 PM

Everyone with access to CJI is subject to be audited to ensure compliance with applicable statutes, regulations and policies. This Policy applies to every individual—contractor, private entity, noncriminal justice agency representative, or member of a criminal justice entity—with access to, or who operate in support of, criminal justice services and information. That means you!

  • Are You Prepared for and Compliant with the CJIS Security Policy?
  • Are you ready to deal with the auditors?
  • Can you guarantee compliance with CJIS policy during your inevitable audit?
  • Are you fully aware of the penalties involved with a breach or non-compliance?

The CJIS Security Policy is to provide appropriate controls to protect the full lifecycle of CJI, whether at rest or in transit. The CJIS Security Policy provides guidance for the creation, viewing, modification, transmission, dissemination, storage, and destruction of CJI. If you aren’t compliant, inspection teams will flag deficiencies until you can remediate. That means you lose access to one of the most valuable tools available for fighting crime and can be subject to sanctions. You can’t afford to let that happen.

Don’t let the auditors or penetration testing teams and the inevitable assessment lock you out of one of the most valuable tools in your battery.  Make sure you are CJIS compliant in advance of the auditors.  If you have already been audited and are dealing with deficiencies, work with experts who have experieince helping law enforcement to maintain access to this critical service.  Learn more at lynxgrc.com/cjis-compliance/.

Topics: CJIS Security Policy, CJIS Compliance, CJI