Understanding CJIS Compliance – Access Control
In the previous blog on auditing and accountability, we discussed about the various events that the information system needs to monitor and audit and in this blog we will discuss the next policy area- Access Control. This policy area broadly covers the planning and execution of mechanisms for restricting, writing, reading, processing and transmitting CJIS information. It also defines the restriction of modification of applications, information systems, communication configurations and services allowing access to CJIS information. There are additional access control requirements for mobile devices accessing CJI.