Criminal Justice Information Services Security Policy

E195221

The Criminal Justice Information Services Security Policy is a comprehensive FBI framework that sets mandatory security and privacy requirements for protecting and handling criminal justice information systems and data.

All labels observed (4)

How this entity was disambiguated

Statements (53)

Predicate Object
instanceOf FBI policy document
criminal justice information protection framework
information security policy
alsoKnownAs Criminal Justice Information Services Security Policy
surface form: CJIS Security Policy
appliesTo agencies accessing FBI CJIS systems
criminal justice information
criminal justice information systems
basedOn federal information security standards and best practices
characteristic mandatory for agencies accessing FBI CJIS services
periodically updated to address new threats and technologies
defines Criminal Justice Information Services Security Policy self-linksurface differs
surface form: Criminal Justice Information

Personally Identifiable Information in CJIS context
roles and responsibilities for CJIS security
security incident involving CJIS data
goal to ensure availability of criminal justice information systems
to protect the confidentiality of criminal justice information
to protect the integrity of criminal justice information
issuedBy FBI Criminal Justice Information Services Division
Federal Bureau of Investigation
jurisdiction United States of America
surface form: United States
requires access control to areas where CJIS data is processed or stored
background checks for personnel with unescorted access to CJIS systems
encryption of CJIS data in transit over public networks
formal agreements with contractors handling CJIS data
formal security awareness training for personnel with CJIS access
periodic security audits of CJIS systems
physical protection of facilities housing CJIS systems
strong authentication for remote access to CJIS systems
timely reporting of security incidents involving CJIS data
unique user identification for system access
scopeIncludes access control requirements
administrative security controls
audit and accountability requirements
authentication requirements
configuration management requirements
encryption requirements
incident response requirements
media protection requirements
mobile device security requirements
network security requirements
outsourcing and cloud security requirements
personnel security requirements
physical security controls
privacy requirements for criminal justice information
remote access security requirements
sanctions for non-compliance
security requirements for criminal justice information
technical security controls
training and awareness requirements
usedBy authorized contractors handling CJIS data
federal agencies accessing FBI CJIS systems
local law enforcement agencies
state criminal justice agencies

How these facts were elicited

Referenced by (5)

Full triples — surface form annotated when it differs from this entity's canonical label.

FBI data governance policies constrainedBy Criminal Justice Information Services Security Policy
NGI governedBy Criminal Justice Information Services Security Policy
this entity surface form: FBI CJIS Security Policy
N-DEx governedBy Criminal Justice Information Services Security Policy
this entity surface form: CJIS Security Policy
Criminal Justice Information Services Security Policy alsoKnownAs Criminal Justice Information Services Security Policy
this entity surface form: CJIS Security Policy
Criminal Justice Information Services Security Policy defines Criminal Justice Information Services Security Policy self-linksurface differs
this entity surface form: Criminal Justice Information