Blog Post has been Updated for 2017 with New Requirements.
The FBI Criminal Justice Information Services (CJIS) security policy compliance initiatives effectively establish information security best practices – and mandates – that must be in place for providing “…appropriate controls to protect the full lifecycle of CJI”.
Keep in mind that the CJIS database, effectively maintained by the FBI, is one of the world's largest repositories of comprehensive criminal history information, including fingerprints. As such, organizations providing critical information security services to law enforcement agencies throughout North America are being required to become compliant with the FBI’s Criminal Justice Information Services (CJIS) security policy mandates.
FBI CJIS Security Policy Compliance Experts - Policies, Templates, Consultants
Ultimately, this requires highly formalized and documented information security policies, procedures, and processes to be in place, for which Flat Iron Technologies, LLC can assist with. After viewing the FBI CJIS Security Policy Table of Contents (ToC), it’s clear to anyone that comprehensive documentation is at the forefront of such compliance mandates. Policies have to be developed, procedures have to be implemented, and the processes must be carried out on a daily basis by everyone.
That’s a tall order – particularly the development of all mandated information security and operational policies and procedures. Talk to the experts at Flat Iron Technologies, LLC today when it comes to FBI CJIS security policy compliance services for organizations needing to meet the stringent demands of the FBI Criminal Justice Information Services (CJIS) security policy compliance framework.
FBI CJIS Security Policy Compliance Experts - Talk to the Compliance Leaders Today!
Flat Iron Technologies, LLC has years of experience working with a wide variety of organizations throughout North America and Europe when it comes to regulatory compliance – and the FBI Criminal Justice Information Services (CJIS) security policy compliance is no different – thus we offer the following CJIS compliance products and services
The Global Information Security Compliance Product (GISCP): A highly comprehensive set of information security and operational policies, procedures, forms, checklists – and more – totaling over 2,850 pages. This is a must-have packet when it comes to the FBI Criminal Justice Information Services (CJIS) security policy compliance mandates.
Information Security Policy and Procedure Writing: At the heart of CJIS compliance is the ability to develop, implement, and follow a wide-range of information security policies and procedures. Like any other security mandate, CJIS is all about documentation – a tremendous amount, no doubt – so now’s the time to get serious about policies and procedures, which is why the GISCP set of documents is so essential. Businesses can purchase the GISCP set of documents and author them on their own, along with also hiring Flat Iron Technologies, LLC for customized CJIS information security policy and procedure development – the choice is yours!
Security Awareness Training: CJIS compliance also calls for security awareness training protocols for employees and all other in-scope personnel. This means putting in place comprehensive and high-quality training material covering all critical security issues, threats, concerns, and best practices. Flat Iron Technologies, LLC offers in-depth security awareness training material, from customized programs to in-house training, and much more.
Risk Assessments: Assessing risk annually is a must for any organization in today’s complex world, and it’s why Flat Iron Technologies, LLC offers an industry leading risk management packet that includes the following: (1). Risk Assessment Policy template. (2) Risk Assessment Matrix. (3). Additional supporting risk management documentation:
Third-Party Service Provider Monitoring Programs: It’s also critically important for CJIS compliance to monitor all relevant third-party service providers for ensuring they also have comprehensive and well-documented policies, procedures, and processes in place. Flat Iron Technologies, LLC offers an industry leading third-party service provider monitoring packet for CJIS compliance.