https://artifacts.trustmarkinitiative.org/lib/tips/cjis-security-policy-section-3.2.2/5.8/CJIS Security Policy Section 3.2.25.8Profile of FBI Criminal Justice Information Services (CJIS) requirements as defined by the CJIS Security Policy, version 5.8, Section 3.2.2.2021-03-31T00:00:00.000ZfalseThis artifact is published by the Georgia Tech Research Institute (GTRI) as part of the Trustmark Initiative. This artifact and the information contained herein is provided on an "AS IS" basis, and GTRI disclaims all warranties, express or implied, including but not limited to any warranty that the use of the information herein will not infringe any rights or any implied warranties or merchantability or fitness for a particular purpose. In addition, GTRI disclaims legal liability for any loss incurred as a result of the use or reliance on the document or the information contained herein.https://trustmarkinitiative.org/Trustmark InitiativePRIMARYTrustmark Supporthelp@trustmarkinitiative.org555-555-5555https://trustmarkinitiative.org/https://artifacts.trustmarkinitiative.org/lib/tips/cjis-security-policy-section-3.2.2/5.4/SecurityInformation AssuranceCJIS Security Policyhttps://artifacts.trustmarkinitiative.org/lib/tds/cjis-systems-officer-responsibility---control-of-access-to-cji/1.0/1CJIS Systems Officer Responsibility - Control of Access To CJI1.0Defines conformance and assessment criteria for verifying that an organization's CSO has set standards for the selection, supervision, and separation of personnel who have access to CJI.https://artifacts.trustmarkinitiative.org/lib/tds/cjis-systems-officer-responsibility---appointment-of-csa-iso/1.0/2CJIS Systems Officer Responsibility - Appointment of CSA ISO1.0Defines conformance and assessment criteria for verifying that an organization's CSO has appointed a CSA ISO and determined the extent of their authority.https://artifacts.trustmarkinitiative.org/lib/tds/cjis-systems-officer-responsibility---appropriate-use-and-enforcement/1.0/3CJIS Systems Officer Responsibility - Appropriate Use and Enforcement1.0Defines conformance and assessment criteria for verifying that an organization's CSO has ensured appropriate use, enforced system discipline, and ensured CJIS operating procedures are followed.https://artifacts.trustmarkinitiative.org/lib/tds/cjis-systems-officer-responsibility---approval-of-access-to-cjis-systems/1.0/4CJIS Systems Officer Responsibility - Approval of Access To CJIS Systems1.0Defines conformance and assessment criteria for verifying that an organization's CSO approves access to FBI CJIS systems.https://artifacts.trustmarkinitiative.org/lib/tds/cjis-systems-officer-responsibility---compliance/1.0/5CJIS Systems Officer Responsibility - Compliance1.0This Trusmark Definition ensures that the organization's CSO ensures state/federal agency compliance with policies approved by the APB and adopted by the FBI.https://artifacts.trustmarkinitiative.org/lib/tds/cjis-systems-officer-responsibility---designated-terminal-agency-coordinators/1.1/6CJIS Systems Officer Responsibility - Designated Terminal Agency Coordinators1.1Defines conformance and assessment criteria for verifying that Terminal Agency Coordinators have been designated for those with devices accessing CJIS systems.https://artifacts.trustmarkinitiative.org/lib/tds/cjis-systems-officer-responsibility---local-agency-security-officers/1.0/7CJIS Systems Officer Responsibility - Local Agency Security officers1.0Defines conformance and assessment criteria for verifying that Local Agency Security Officers have been designated for those with access to CJI.https://artifacts.trustmarkinitiative.org/lib/tds/cjis-systems-officer-responsibility---laso-training/1.0/8CJIS Systems Officer Responsibility - LASO Training1.0Defines conformance and assessment criteria for verifying that Local Agency Security Officers receive enhanced security training.https://artifacts.trustmarkinitiative.org/lib/tds/cjis-systems-officer-responsibility---management-of-cjis-systems/1.0/9CJIS Systems Officer Responsibility - Management of CJIS Systems1.0Defines conformance and assessment criteria for verifying that organizations' policies state that the CSO is responsible for managing the security of CJIS systems within their state and/or agency.https://artifacts.trustmarkinitiative.org/lib/tds/cjis-systems-officer-responsibility---policy/1.0/10CJIS Systems Officer Responsibility - Policy1.0Defines conformance and assessment criteria for verifying that an organization's CSO has set, maintained, and enforced appropriate policies.https://artifacts.trustmarkinitiative.org/lib/tds/cjis-systems-officer-responsibility---user-agreement-duties/1.0/11CJIS Systems Officer Responsibility - User Agreement Duties1.0Defines conformance and assessment criteria for verifying that an organization's CSO supports/performs additional duties as outlined in their organization's user agreements with the FBI CJIS Division.CJIS-SP-V5.8Criminal Justice Information Services (CJIS) Security Policy Version 5.8, 06/01/2019, CJISD-ITS-DOC-08140-5.8Access to Criminal Justice InformationAccreditationAdministration of Criminal JusticeAdvanced AuthenticationAAAgency Controlled Mobile DeviceAgency CoordinatorACAgency Issued Mobile DeviceAgency LiaisonALAsymmetric EncryptionAuthorized RecipientAuthorized User/PersonnelAuthorizing OfficialAvailabilityBiographic DataBiometric DataCase / Incident HistoryCertificate Authority (CA) CertificateCertificationChannelerCJIS Advisory Policy BoardAPBCJIS Audit UnitCAUCJIS Security PolicyCJIS Systems AgencyCSACJIS Systems Agency Information Security OfficerCSA ISOCJIS Systems OfficerCSOCloud ClientCloud ComputingCloud ProviderCloud SubscriberCompact CouncilCompact OfficersCompensating ControlsComputer Security Incident Response CapabilityCSIRCConfidentialityContracting Government AgencyCGAContractorCrime Reports DataCriminal History Record InformationCHRICriminal Justice AgencyCJACriminal Justice Agency User AgreementCriminal Justice ConveyanceCriminal Justice Information (CJI)Criminal Justice Information Services DivisionFBI CJISCJISDataDegaussDepartment of JusticeDoJDigital MediaDigital SignatureDirect AccessDisseminationEnvironmentEscortFacsimileFaxFBI CJIS Information Security Officer (FBI CJIS ISO)Federal Bureau of InvestigationFBIFederal Information Security Management ActFISMAFor Official Use OnlyFOUOFull-feature Operating SystemGuest Operating SystemHit ConfirmationHost Operating SystemHybrid EncryptionHypervisorIdentity History DataIn-BandIncidentIndirect AccessInformationInformation Exchange AgreementInformation SecurityInformation Security OfficerISOInformation SystemInformation TechnologyInformationTypesIntegrated Automated Fingerprint Identification SystemIAFISIntegrityInterconnection Security AgreementISAInterface AgencyInternet ProtocolIPInterstate Identification IndexIIIJailbreak (Jailbroken)Laptop DevicesLaw Enforcement Enterprise PortalLEEPLimited-feature Operating SystemLocal Agency Security OfficerLASOLogical AccessLogical PartitioningManagement Control AgreementMCAManagement ControlsMediaMobile (WiFi) HotspotMobile DeviceMobile Device ManagementMDMNational Crime Information CenterNCICNational Instant Criminal Background Check SystemNICSNational Institute of Standards and TechnologyNISTNCJA (Government)NCJA (Private)NCJA (Public)Noncriminal Justice AgencyNCJANoncriminal Justice PurposeOffice of Management and BudgetOMBOne Time PasswordOTPOrganizationOut-of-BandOutsourcingOutsourcing StandardPartitioningPersonal FirewallPersonally Identifiable InformationPIIPhysical AccessPhysical MediaPhysical PartitioningPhysically Secure LocationPocket/Handheld Mobile DevicePortable DevicePotential ImpactProperty DataRap BackReceive-Only TerminalROTRecordsRepository Manager, or Chief AdministratorRiskRisk ManagementRoot (Rooting, Rooted)SafeguardsSanitizationSecondary DisseminationSecurity AddendumSASecurity CategorySecurity ControlsSecurity PlanSecurity RequirementsSensitive But UnclassifiedSBUServer/Client Computer Certificate (device-based)ServiceShredderSmartphoneSocial EngineeringSoftware PatchSpamState and Federal Agency User AgreementState Compact OfficerState Identification BureauSIBState Identification Bureau ChiefSIB ChiefState of ResidencySymmetric EncryptionSystemSystem Security PlanTablet DevicesTerminal Agency CoordinatorTACThreatUserUser Certificate (user-based)Virtual EscortVirtual MachineVMVirtualizationVoice over Internet ProtocolVoIPVulnerabilityWireless (WiFi) HotspotWireless Access Point