FREE e-Newsletter
Important News - Hot Topics
Get them Now!

Cobalt Software Platform - Mark43
Mark43's Cobalt software platform unites a set of law enforcement tools securely...

No upcoming webinars scheduled

Ask The Expert

Submit your question here

Q. Should cities place the person responsible for CJIS compliance or cyber security of systems in the city under the direction of the police department?

Section 3 of the FBI-CJIS Security Policy defines Roles and Responsibilities for an agency. With regard to this specific question, the answer is that the responsibility for this can be in either department. There are a few more roles outlined in this section that indicate a staff role assignment within an agency, etc., however, the role of CJIS Systems Agency Information Security Officer (CSA ISO) noted in Section 3.2.8 does not prohibit the role from going to an IT security person as you describe. The same can be said for the role you inquire about, the Local Agency Security Officer (LASO) in Section 3.2.9. Each of these roles has differences in responsibility and may be held by the same person.

The role is best filled with the person who has the high level working knowledge of the networks, systems application and appropriate use requirement with the authority to impact carrying out the policy over the users, application development, networks, etc. This is best determined through discussion with the agency head who has been given responsibility and access privileges to FBI-CJIS Systems and FBI CJI Criminal Justice Information and the IT department, to determine who can carry out the responsibilities effectively with the expectations for compliance. As IT has gotten more complex this often requires a collaborative effort between IT and the persons responsible for the user community. The CJIS Information Security Officer role is an administrative position that ensures policy compliance across business lines that encompass the users and IT assets. Cybersecurity requires is a specific skill set requiring much more day-to-day technical expertise.

Mark Rivera

Mark Rivera

FBI-CJIS Security Policy Compliance Officer

Mark Rivera, Customer Retention Manager and CJIS Security Compliance Officer with Vigilant Solutions, served for sixteen years with the Maryland State Police, retiring at the rank of First Sergeant with thirteen of those years at the supervisory and command level. He holds a Master of Science Degree in Management from The Johns Hopkins University and Secret clearance through the FBI, Baltimore.


Be the first to comment on this story





POLICE Magazine does not tolerate comments that include profanity, personal attacks or antisocial behavior (such as "spamming" or "trolling"). This and other inappropriate content or material will be removed. We reserve the right to block any user who violates this, including removing all content posted by that user.

Other Recent Questions

What are the biggest challenges in small rural communities for law enforcement?
With regard to security compliance the biggest challenges would be staffing and...
Is case and incident information I exchange by voice over my ePTT system (Kodiak) subject to CJIS requirements for encryption and authentication?
The short answer is “No”. Case and incident information would be generated by...
What is the certification process for vendors?
In short, there isn’t one. I wrote a whitepaper recently covering this topic, among...
To what types of data does the FBI-CJIS Security Policy apply? Does this differ for hosted solutions?
Any data that is considered criminal justice information,  or CJI. In many cases this...
What is the FBI-CJIS Security Policy?
The Federal Bureau of Investigation (FBI) created the FBI-Criminal Justice Information...

Get Your FREE Trial Issue and Win a Gift! Subscribe Today!
Yes! Please rush me my FREE TRIAL ISSUE of POLICE magazine and FREE Officer Survival Guide with tips and tactics to help me safely get out of 10 different situations.

Just fill in the form to the right and click the button to receive your FREE Trial Issue.

If POLICE does not satisfy you, just write "cancel" on the invoice and send it back. You'll pay nothing, and the FREE issue is yours to keep. If you enjoy POLICE, pay only $25 for a full one-year subscription (12 issues in all). Enjoy a savings of nearly 60% off the cover price!

Offer valid in US only. Outside U.S., click here.
It's easy! Just fill in the form below and click the red button to receive your FREE Trial Issue.
First Name:
Last Name:
Rank:
Agency:
Address:
City:
State:
  
Zip Code:
 
Country:
We respect your privacy. Please let us know if the address provided is your home, as your RANK / AGENCY will not be included on the mailing label.
E-mail Address:

Police Magazine