| Trustmark Definition Name | Version |
|---|---|
|
Addresses requirements for organization PKI certificate authorities (CAs) specifying rules for interpreting names in Subscriber certificates in a referenced certificate profile.
|
1.0 |
|
Addresses requirements for mechanisms and procedures designed to ensure the availability of PKI Certificate Revocation Lists (CRLs)
|
1.0 |
|
This Trustmark Definition defines conformance and assessment criteria for compliance with minimum security requirements for access enforcement as related to overall access control requirements.
|
1.0 |
|
Addresses backup handling for keys used with PKI.
|
1.0 |
|
Addresses requirements for the Organization designating the person or Organization to asserts whether CPS conforms to CP.
|
1.0 |
|
Addresses requirements for whether the determination that the CPS conforms to the CP is based on the results and recommendations of an independent compliance auditor.
|
1.0 |
|
Addresses requirements for organization PKI certificate authorities (CAs) submitting the results of their compliance audits to the appropriate authority for approval.
|
1.0 |
|
Addresses requirements for the Certification Practice Statement (CPS) conforming to the Certificate Policy (CP).
|
1.0 |
|
Addresses requirements for the Organization CA's CPS meeting all facets of the CP.
|
1.0 |
|
Addresses requirements for organization PKI certificate authorities (CAs) submitting their CPS to the appropriate authority for approval.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that all changes to services provided by a service provider that are subject to the CJIS Security Policy managed by the CJA, authorized agency, or FBI.
|
1.0 |
|
Specifies requirements in accordance with General Data Protection Regulation (GDPR) Art. 12(5).
|
1.0 |
|
Defines conformance and assessment criteria for verifying that CHRI is only stored for extended periods under limited circumstances.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that the management control of network security remains with the CJA.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that organizations have not outsourced the management of security requirements.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization's CSA ISO established security incident response and reporting procedures.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization's policies do not permit anything prohibited by the CJIS Security Policy.
|
1.0 |
|
Defines conformance and assessment criteria for compliance with one-time password requirements defined by CJIS Security Policy.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization has implemented physical controls for media to ensure the security of the data where encryption of the data isn't possible.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization protects physical media at the same level as the information would be protected in electronic form.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization has documented protection measures more stringent than the CJIS security policy that have been imposed by their CSA.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that the CJIS Agency Coordinator receives information from the CGA (e.g., system updates) and disseminates it to appropriate Contractor employees.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that the CJIS Agency Coordinator does not permit untrained contractor employees to access CJI.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that the CJIS Agency Coordinator ensures compliance by the Contractor with NCIC validation requirements.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that a CJIS Agency Coordinator fulfills their responsibilities for the supervision and integrity of the system, training and continuing education of employees and operators.
|
1.0 |
