Contact Us:

(850) 656-3333

support@diversecomputing.com

3717 Apalachee Parkway, Suite 102 Tallahassee, FL 32311

By using our site you agree to the terms of our privacy policy.

  • LinkedIn - Black Circle
  • Black Instagram Icon
  • Black Facebook Icon

©2019 by Diverse Computing, Inc.

Newsletter archive

Release CSP 5.8 Teaser

It’s been awhile since I sent y’all something, so here you go.

 

Version 5.8 of the CJIS Security Policy (CSP), dated June 1, 2019 is on the streets. You can find a copy, (along with the Requirements and Companion document) here: http://www.diversecomputing.com/cjis-security-policy-resources/ 

 

If you haven’t seen it yet, here’s a quick summary of the changes

 

  • Section 3.2.2 CJIS Systems Officer (CSO): changes to be consistent with other appointment requirements

  • Section 3.2.2 CJIS Systems Officer (CSO): add requirement for LASO training

  • Section 4.1 Criminal Justice Information (CJI): addition clarifying language 

  • Section 5.2.1 Awareness Topics: rename section to “Basic Security Awareness Training”

  • Section 5.2.2 Security Training Records: change section title to “LASO Training” and add new requirements

  • Section 5.6.2.1.1 Password: add new introductory paragraph and note

  • Section 5.6.2.1.1.2 Advanced Password Standards: add new section and requirements

  • Section 5.10.1.3 Intrusion Detection Tools and Techniques: add new introductory paragraph and requirements

  • Section 5.13.2 Mobile Device Management (MDM): add exception to the MDM requirement for indirect access

  • Section 5.13.3 Wireless Device Risk Mitigations: add language to bullets 6 and 7

  • Section 5.13.7.2 Advanced Authentication: add language to relax requirement for indirect access

  • Section 5.13.7.2.1 Compensating Controls: modify language to clarify requirements, 

 

The big changes have to deal with required annual LASO Training, new Intrusion Detection Tool requirements, some tweaks to the mobile device section for MDM and AA, and a new OPTIONAL advanced password standard.

ALSO -

CJIS ACE has a big announcement coming in the next few days. We think y’all are going to like it. It’s going to help with CSP compliance.

As always, CJIS ACE is here to help you navigate the CJIS Security policy and assist with your organization’s compliance. 

If you have questions, please give us a call at 850.656.3333 or you can email me at lcoffee@cjisace.com.

 

Y’all take care!