Jail Management System - Maricopa County
07.12.2012 Views
Share Embed Flag

Jail Management System - Maricopa County

Jail Management System - Maricopa County

Jail Management System - Maricopa County

SHOW MORE
SHOW LESS
ePAPER READ
DOWNLOAD ePAPER
maricopa.gov

Create successful ePaper yourself

Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.

START NOW

Issue 3 Personnel Screening and Access<br />

Reviews<br />

Summary<br />

MCSO personnel screening, security awareness training, and account access review processes<br />

could be improved. Incomplete personnel screening and training processes may leave MCSO<br />

vulnerable to potential abuse of sensitive data. Undocumented user access procedures increase<br />

the risk that unauthorized users may inappropriately access or modify criminal justice<br />

information. MCSO should consider strengthening personnel screening policies, provide user<br />

awareness training, and conduct user access reviews.<br />

Criteria<br />

The Arizona Criminal Justice Information <strong>System</strong> (ACJIS) Operating Manual requires that<br />

MCSO conduct criminal justice employment background checks, including a fingerprint check,<br />

for all ACJIS terminal operators. All terminal operators and technical personnel who access the<br />

ACJIS system must be certified through the Terminal Operator Certification (TOC) Program.<br />

The Federal Criminal Justice Information <strong>System</strong> (CJIS) Security Policy requires that MCSO<br />

conduct security policy training for employees based on their job duties. Key training areas<br />

include the handling of criminal justice information, social engineering, media protection,<br />

malware prevention, and patch management. CJIS has established training guidelines for<br />

different employee groups.<br />

COBIT recommends:<br />

Condition<br />

Recruiting and training a competent workforce, and conducting background checks<br />

Educating and training users according to business requirements<br />

Documenting procedures for requesting, establishing, issuing, modifying, and closing<br />

user accounts<br />

Personnel Screening<br />

MCSO’s procedures appear to be in compliance with state (ACJIS) background check policies.<br />

A small number of employees from the Office of Public Defender, Office of <strong>Management</strong> and<br />

Budget, and the Department of Finance, access JMS detention and booking information that is<br />

not part of the state criminal database (ACJIS). Currently, individuals from these agencies do<br />

not go through the required background check, and the required training (TOC and security<br />

awareness).<br />

<strong>Maricopa</strong> <strong>County</strong> Internal Audit 10 <strong>Jail</strong> <strong>Management</strong> <strong>System</strong>–May 2012

logo

products

Resources

Company

Terms of service
Privacy policy
Cookie policy
Cookie settings
Imprint
Change language
Made with love in Switzerland
© 2024 Yumpu.com all rights reserved

Hooray! Your file is uploaded and ready to be published.

Saved successfully!

Ooh no, something went wrong!