CJIS vendors archive

Hey Everyone!  

Our team works with numerous agencies and CJIS vendors nationwide and I thought it would be fun to share with you some of the common things we hear about CJIS Compliance that aren’t quite right. I hope by the end of this you will have a better idea of how you can learn to speak confidently about CJIS Compliance.

If you work for an agency, be aware that most of these phrases come from vendors -- which could lead to a problem for your agency. But, iIf you are a vendor, stop saying these things!

As a vendor who supports criminal justice and law enforcement, you probably keep hearing questions about whether or not your services, products, or solutions are CJIS compliant.

Knowing that you have to comply with the FBI CJIS security policy, your next step would naturally be to look for a way to prove that your company or service is CJIS compliant, maybe through a CJIS certification.

So how do you become CJIS certified?

Short answer: you can’t. There is no official certifying body approved by the FBI.

Hello Everyone,

My name is Brooke Lynn Siracusano and I am the newest member of Diverse Computing's CJIS ACE team.

Today we will be talking about your vendor or contractor’s (we'll refer to them all as "vendors") compliance with the CJIS Security Policy (CJISSECPOL) as a result of having an executed Security Addendum with your agency.  Most importantly, we will highlight your responsibility, as the hiring authority, to ensure your vendors are compliant.

What normally happens is that an agency hires a vendor, they obtain a signed Security Addendum, and they generally hope for or assume compliance.  And you know what happens when assumptions are made."