FBI CJIS Security Policy Compliance Services

The FBI Criminal Justice Information Services (CJIS) security policy compliance initiatives effectively establish information security best practices – and mandates – that must be in place for providing “…appropriate controls to protect the full lifecycle of CJI”.
Source: http://www.fbi.gov/about-us/cjis/cjis-security-policy-resource-center/view

Keep in mind that the CJIS database, effectively maintained by the FBI, is one of the world's largest repositories of comprehensive criminal history information, including fingerprints. As such, organizations providing critical information security services to law enforcement agencies throughout North America are being required to become compliant with the FBI’s Criminal Justice Information Services (CJIS) security policy mandates.

FBI CJIS Security Policy Compliance Experts

Ultimately, this requires highly formalized and documented information security policies, procedures, and processes to be in place, for which FLANK can assist with. After viewing the FBI CJIS Security Policy Table of Contents (ToC) at http://www.fbi.gov/about-us/cjis/cjis-security-policy-resource-center/view, it’s clear to anyone that comprehensive documentation is at the forefront of such compliance mandates. Policies have to be developed, procedures have to be implemented, and the processes must be carried out on a daily basis by everyone.

That’s a tall order – particularly the development of all mandated information security and operational policies and procedures. Talk to the experts at FLANK today when it comes to FBI CJIS security policy compliance services for organizations needing to meet the stringent demands of the FBI Criminal Justice Information Services (CJIS) security policy compliance framework.

FLANK has years of experience working with a wide variety of organizations throughout North America and Europe when it comes to regulatory compliance – and the FBI Criminal Justice Information Services (CJIS) security policy compliance is no different – thus we offer the following CJIS compliance products and services:

  • Information Security Policy and Procedure Writing: At the heart of CJIS compliance is the ability to develop, implement, and follow a wide-range of information security policies and procedures. Like any other security mandate, CJIS is all about documentation – a tremendous amount, no doubt – so now’s the time to get serious about policies and procedures, which is why the GISCP set of documents is so essential. Businesses can purchase the GISCP set of documents and author them on their own, along with also hiring FLANK for customized CJIS information security policy and procedure development – the choice is yours!
  • Security Awareness Training: CJIS compliance also calls for security awareness training protocols for employees and all other in-scope personnel. This means putting in place comprehensive and high-quality training material covering all critical security issues, threats, concerns, and best practices. FLANK offers in-depth security awareness training material, from customized programs to in-house training, and much more.
  • Risk Assessments: Assessing risk annually is a must for any organization in today’s complex world, and it’s why FLANK offers an industry leading risk management packet that includes the following: (1). Risk Assessment Policy template. (2) Risk Assessment Matrix. (3). Additional supporting risk management documentation:
  • Third-Party Service Provider Monitoring Programs: It’s also critically important for CJIS compliance to monitor all relevant third-party service providers for ensuring they also have comprehensive and well-documented policies, procedures, and processes in place. FLANK offers an industry leading third-party service provider monitoring packet for CJIS compliance.