My WebLink
|
Help
|
About
|
Sign Out
Home
Browse
Search
LEXISNEXIS (4)
Clerk
>
Contracts / Agreements
>
L
>
LEXISNEXIS (4)
Metadata
Thumbnails
Annotations
Entry Properties
Last modified
10/31/2023 4:55:38 PM
Creation date
10/26/2023 11:19:09 AM
Metadata
Fields
Template:
Contracts
Company Name
LEXISNEXIS
Contract #
N-2023-294
Agency
Police
Expiration Date
7/1/2024
Destruction Year
2029
There are no annotations on this page.
Document management portal powered by Laserfiche WebLink 9 © 1998-2015
Laserfiche.
All rights reserved.
/
23
PDF
Print
Pages to print
Enter page numbers and/or page ranges separated by commas. For example, 1,3,5-12.
After downloading, print the document using a PDF reader (e.g. Adobe Reader).
View images
View plain text
Exhibit A <br />FEDERAL BUREAU OF INVESTIGATION <br />CRIMINAL JUSTICE INFORMATION SERVICES <br />SECURITY ADDENDUM <br />The goal of this document is to augment the CAS Security Policy to ensure adequate security is provided for criminal <br />justice systems while (1) under the control or management of a private entity or (2) connectivity to FBI CJIS Systems <br />has been provided to a private entity (contractor). Adequate security is defined in Office of Management and Budget <br />Circular A-130 as "security commensurate with the risk and magnitude of harm resulting from the loss, misuse, or <br />unauthorized access to or modification of information." <br />The intent of this Security Addendum is to require that the Contractor maintain a security program consistent with <br />federal and state laws, regulations, and standards (including the CJIS Security Policy in effect when the contract is <br />executed), as well as with policies and standards established by the Criminal Justice Information Services (CJIS) <br />Advisory Policy Board (APB). <br />This Security Addendum identifies the duties and responsibilities with respect to the installation and maintenance of <br />adequate internal controls within the contractual relationship so that the security and integrity of the FBI's information <br />resources are not compromised. The security program shall include consideration of personnel security, site security, <br />system security, and data security, and technical security. <br />The provisions of this Security Addendum apply to all personnel, systems, networks and support facilities supporting <br />and/or acting on behalf of the government agency. <br />1.00 Definitions <br />1.01 Contracting Government Agency (CGA) - the government agency, whether a Criminal Justice Agency or a <br />Noncriminal Justice Agency, which enters into an agreement with a private contractor subject to this Security <br />Addendum. <br />1.02 Contractor - a private business, organization or individual which has entered into an agreement for the <br />administration of criminal justice with a Criminal Justice Agency or a Noncriminal Justice Agency. <br />2.00 Responsibilities of the Contracting Government Agency. <br />2.01 The CGA will ensure that each Contractor employee receives a copy of the Security Addendum and the CJIS <br />Security Policy and executes an acknowledgment of such receipt and the contents of the Security Addendum. The <br />signed acknowledgments shall remain in the possession of the CGA and available for audit purposes. The <br />acknowledgement may be signed by hand or via digital signature (see glossary for definition of digital signature). <br />3.00 Responsibilities of the Contractor. <br />3.01 The Contractor will maintain a security program consistent with federal and state laws, regulations, and standards <br />(including the CIIS Security Policy in effect when the contract is executed and all subsequent versions), as well as with <br />policies and standards established by the Criminal Justice Information Services (C)IS) Advisory Policy Board (APB). <br />4.00 Security Violations. <br />4.01 The CGA must report security violations to the CIIS Systems Officer (CSO) and the Director, FBI, along with <br />indications of actions taken by the CGA and Contractor. <br />4.02 Security violations can justify termination of the appended agreement. <br />4.03 Upon notification, the FBI reserves the right to: <br />a. Investigate or decline to investigate any report of unauthorized use; <br />b. Suspend or terminate access and services, including telecommunications links. The FBI will provide the CSO with <br />timely written notice of the suspension. Access and services will be reinstated only after satisfactory assurances have <br />been provided to the FBI by the CGA and Contractor. Upon termination, the Contractor's records containing CHRI must <br />be deleted or returned to the CGA. <br />5.00 Audit <br />5.01 The FBI is authorized to perform a final audit of the Contractor's systems after termination of the Security <br />Addendum. <br />6.00 Scope and Authority <br />6.01 This Security Addendum does not confer, grant, or authorize any rights, privileges, or obligations on any persons <br />other than the Contractor, CGA, CJA (where applicable), CSA, and FBI. <br />6.02 The following documents are incorporated by reference and made part of this agreement: (1) the Security <br />Addendum; (2) the NCIC 2000 Operating Manual; (3) the CJIS Security Policy; and (4) Title 28, Code of Federal <br />Regulations, Part 20. The parties are also subject to applicable federal and state laws and regulations. <br />ADDM_ AVCC/ACA/CCM/XML Consortium Sub Agency (Q3.21.v1) a Confidential Page 6 of 7 <br />
The URL can be used to link to this page
Your browser does not support the video tag.