The CJIS Security Directive can be confusing as to what agreements are needed and when. We know this is true because the lack of properly executed management control agreements and CJIS security allowances are still the top compliance issues identified in FBI and state audits. The FDLE does not offer any DSM compliance certification to CJIS requirements. Instead, DSM`s Lead Agency Sponsor (LSM) makes the inter-authority agreement available and DSM provides a letter of credence to its customers. DSM will also work directly with the client to file all documents in Florida with FDLE for final approval. Starting in 2019, DSM signed a Memorandum of Understanding (MOU) with HSMV-FHP, which provides the sponsorship of the leading agency to DSM. This agreement allows law enforcement and criminal justice to sign an inter-authority agreement with HSMV instead of having to directly audit DSM`s facilities and staff. This process is already complete and is managed by HSMV. The MCA`s close cousin is the FBI CJIS Security Addendum (SA), a “uniform” addition to an agreement between a government agency (e.g.B. police department or county IT department) and a private contractor. The FBI CJIS Security Addendum is performed in accordance with an agreement (contract) between a government agency and a contractor, when that contractor requires access to CJI to fulfill its contractual missions.
The government unit can be either a criminal justice authority (e.g.B. police service) or a non-criminal justice authority (e.g.B. a BEZIRKS IT division that manages criminal justice systems for a police service by MCA). DSM has evaluated the operating policies and procedures for our offerings, including: DRaaS, DPaaS, Hybrid Cloud, Private Cloud, Public Cloud (to Azure Gov), and VPC. and confirm in existing service agreements its ability to meet THE REQUIREMENTS OF THE FDLE for the use of In-Scope services. This enables law enforcement and criminal justice to implement cloud-based solutions and comply with the CJIS Security Directive V5.8. DSM and its collaborators have signed the FBI`s CJIS Security Addendum. DSM is committed to complying with all CJIS security policies, including the processing of CJIS data, and to performing fingerprint-based background checks on all personnel with logical and/or physical access to CJI. The CJIS Security Directive incorporates presidential and federal directives, federal laws and decisions of the Criminal Justice Advisory Council, as well as guidelines from the National Institute of Standards and Technology (NIST). The Directive is updated regularly to take account of changing safety requirements.
In addition, all private contractors dealing with CJI must sign the CJIS Security Addendum, a single agreement approved by the U.S. Attorney General, which helps ensure the security and confidentiality of ICJs, as provided for in the Security Directive. . . .