Laserfiche WebLink
WACIC and NCIC. <br /> IX. Security Responsibilities <br /> Technical Roles and Responsibilities <br /> All agencies participating in ACCESS must comply with and enforce system security. <br /> Each interface agency(city, county, or other agency) having access to a criminal justice <br /> network must have someone designated as the technical security POC. A criminal justice <br /> network is a telecommunications infrastructure dedicated to the use by criminal justice <br /> entities exchanging criminal justice information. The technical security POCs shall be <br /> responsible for the following: <br /> 1. Identifying the user of the hardware/software and ensuring that no unauthorized <br /> users have access to the same. <br /> 2. Identifying and documenting how the equipment is connected to the state system. <br /> 3. Ensuring that personnel security screening procedures are being followed as stated <br /> in the CJIS Security Policy. <br /> 4. Ensuring that appropriate hardware security measures are in place. <br /> 5. Supporting policy compliance and keeping the WSP Information Security Officer <br /> (ISO) informed of security incidents. <br /> Security Enforcement <br /> Each interface agency is responsible for enforcing system security standards for their <br /> agency, in addition to all of the other agencies and entities to which the interface agency <br /> provides CJIS and Washington State Department of Licensing (DOL) records information. <br /> Authorized users shall access CJIS and DOL systems and disseminate the data only for the <br /> purpose for which they are authorized. Each criminal justice and non-criminal justice <br /> agency authorized to access FBI CJIS systems and DOL shall have a written policy for the <br /> discipline of policy violators. <br /> Physical Security <br /> A physically secure location is a facility, a criminal justice conveyance, or an area, a room, <br /> or a group of rooms within a facility with both the physical and personnel security controls <br /> sufficient to protect CJI and associated information systems. The physically secure location <br /> is subject to criminal justice agency management control. <br /> The perimeter of a physically secure location shall be prominently posted and separated <br /> from non-secure locations by physical controls. <br /> All personnel with access to computer centers, terminal areas, and/or areas where <br /> unencrypted CJIS information is housed shall either be escorted by authorized personnel at <br /> all times or receive a fingerprint-based background check and view security awareness <br /> training prior to being granted access to the area. <br /> Personnel Security <br /> To verify identification, a state of residency and national fingerprint-based record checks <br /> shall be conducted prior to employment or assignment for all personnel who have <br /> authorized access to FBI CJIS systems and those who have direct responsibility to configure <br /> and maintain computer systems and networks with access to FBI CJIS systems. All <br /> requests for system access shall be made as specified by the CSO. The CSO or their <br /> 2021 WSP ACCESS User Acknowledgment <br /> 5 <br />