Management Control Agreement

Similar documents
OKLAHOMA DEPARTMENT OF PUBLIC SAFETY OKLAHOMA LAW ENFORCEMENT TELECOMMUNICATIONS SYSTEMS

Connecticut Informational Guide for Noncriminal Justice Use of Criminal History Record Information (CHRI)

Point of Contact (POC): District s contact person when SDDCI sends out Audit information, the contact person when an onsite Audit is scheduled.

EXHIBIT L FORM OF VIOLATIONS PROCESSING SERVICES AGREEMENT

TEXAS DEPARTMENT OF PUBLIC SAFETY 5805 NORTH LAMAR BOULEVARD POST OFFICE BOX 4087, AUSTIN, TX /

STATE OF ILLINOIS ILLINOIS STATE POLICE ADAM WALSH CHILD PROTECTION ACT USER AGREEMENT BETWEEN THE ILLINOIS STATE POLICE AND

THE SURVEILLANCE AND COMMUNITY SAFETY ORDINANCE

PCI Security Standards Council, LLC Payment Card Industry Vendor Release Agreement

APPLICATION & SUBSCRIBER AGREEMENT FOR INTERNET ACCESS TO DINWIDDIE CIRCUIT COURT DOCUMENTS APPLICATION

Northern California Regional Intelligence Center

HENRICO CIRCUIT COURT CLERK S OFFICE YVONNE G. SMITH, CLERK APPLICATION FOR REMOTE ACCESS TO HENRICO CIRCUIT COURT CASE IMAGING SYSTEM (OCRA)

South Carolina Department of Motor Vehicles

END-USER SOFTWARE LICENSE AGREEMENT FOR TEKLA SOFTWARE

ADDENDUM TO STANDARD CONTRACT BETWEEN Community Coordinated Care for Children, Inc. (4C) AND (CONTRACTOR)

Site Access Agreement. (hereinafter referred to as the

ICE FUTURES U.S., INC. and [NAME OF USER] ELECTRONIC USER AGREEMENT

GWINNETT COUNTY GIS DATA LICENSE AGREEMENT

Trustwave Subscriber Agreement for Digital Certificates Ver. 15FEB17

Connectivity Services Information Document

KAISER FOUNDATION HOSPITALS ON BEHALF OF KAISER FOUNDATION HEALTH PLAN OF THE MID-ATLANTIC STATES, INC.

DISTRIBUTOR AGREEMENT

Interstate Commission for Adult Offender Supervision

Clerk of the Circuit Court Powhatan County, Virginia

AOM CHAPTER S 105. CJIS WorkStations. Table of Contents

HIPAA BUSINESS ASSOCIATE AGREEMENT. ( BUSINESS ASSOCIATE ) and is effective as of ( Effective Date ). RECITALS

Terms and Conditions of Outward Interbank Giro System and Automated Payment System Plus

The Board of Supervisors of the County of Riverside, State of California, ordains that this Ordinance is amended in its entirety to read as follows:

SUBSCRIBER AGREEMENT FOR REMOTE ACCESS TO PRINCE WILLIAM COUNTY CIRCUIT COURT PUBLIC ACCESS DOCUMENTS

EUROPEAN COMMISSION DIRECTORATE-GENERAL JUSTICE. Directorate C: Fundamental rights and Union citizenship Unit C.3: Data protection

STATE OF MINNESOTA DEPARTMENT OF PUBLIC SAFETY

Electronic Document and Electronic Signature Act Published SG 34/6 April 2001, effective 7 October 2001, amended SG 112/29 December 2001, effective 5

Rules of Procedure. Effective: May 4, 2016

Document A101 TM. Standard Form of Agreement Between Owner and Contractor where the basis of payment is a Stipulated Sum

ORDINANCE NO. 7,592 N.S. ADDING CHAPTER 2.99 TO THE BERKELEY MUNICIPAL CODE, ACQUISITION AND USE OF SURVEILLANCE TECHNOLOGY

PARTICIPANT LICENSE AGREEMENT FOR INTERNET DATA EXCHANGE VIRTUAL OFFICE WEBSITE LICENSEE INTERNAL USE

Certified Translation from German. Licence Agreement. 1. Subject-matter of the Agreement

Data Distribution Agreement of BME Market Data

Privacy Impact Assessment. April 25, 2006

BERKELEY COUNTY ENGINEERING AND

Federal Information Technology Supply Chain Risk Management Improvement Act of 2018 A BILL

Preamble. THE GOVERNMENT OF THE UNITED STATES OF AMERICA AND THE GOVERNMENT OF THE KINGDOM OF SWEDEN (hereinafter referred to as the Parties ):

FedRAMP Package Access Request Form For Review of FedRAMP Security Package

MINNESOTA DEPARTMENT OF HEALTH MASTER GRANT CONTRACT FOR COMMUNITY HEALTH BOARDS

Title 17-A: MAINE CRIMINAL CODE

I. PARTIES AUTHORITIES

Pursuant to Virginia State Code : Every circuit court clerk shall provide secure remote access to land records

ROTARY INTERNATIONAL DISTRICT 5440, INC. BYLAWS

ECA Digital Certificate Foreign Subscribers Forms Packet

Annex 1: Standard Contractual Clauses (processors)

PJMnet Network Connection

Policies and Procedures No. 56

MINISTRY OF COMMUNICATIONS AND INFORMATION TECHNOLOGY (Department of Information Technology) NOTIFICATION New Delhi, the 11th April, 2011

Streaming Agent Referral Agreement

PERSONAL INFORMATION PROTECTION ACT

AKVIS END USER LICENSE AGREEMENT NOTICE TO USER:

THE GEORGIA CRIME INFORMATION CENTER Georgia Guide for Non Criminal Justice Agency Access to Criminal History Record Information (Rev.

STATE OF FLORIDA DEPARTMENT OF TRANSPORTATION STATE HIGHWAY LIGHTING, MAINTENANCE, AND COMPENSATION AGREEMENT

AUTONOMIE COMMERCIAL SOFTWARE LICENSE AGREEMENT

Mendocino Community Network Services Contract

RateForce, LLC Terms of Use Agreement

ASSETMARK TRUST COMPANY TOTALCASH MANAGER TM ACCESS AUTHORIZATION AGREEMENT

Amendment to the Infinite Campus END USER LICENSE AGREEMENT

EASA Competent Authority Rules

INFORMATION TECHNOLOGY ACT, 2000 (as amended by Information Technology Act, 2008)

AGREEMENT FOR SERVICE AGREEMENT FOR SERVICE

EU GDPR - DATA PROCESSING ADDENDUM INSTRUCTIONS FOR CDNETWORKS CUSTOMERS

PLEASE READ THIS AGREEMENT CAREFULLY BEFORE USING THE LICENSED SOFTWARE.

DigiCert, Inc. Certificate Subscriber Agreement

ZEN PROTOCOL SOFTWARE LICENSE

Georgian National Energy and Water Supply. Regulatory Commission. Resolution #23

September 15, 2015 GENERAL MEMORANDUM

PROCESS SERVERS Section Business & Professions Code

1 ELECTRONIC COMMUNICATIONS IN CONTRACTUAL TRANSACTIONS 2 DRAFT TABLE OF CONTENTS 3 PART 1 4 GENERAL PROVISIONS

EMS Subscriber Agreement between Eze Castle Software and Professional Subscriber. Customer Information

CERTIFICATE SUBSCRIBER AGREEMENT FOR DIGITAL CERTIFICATES

End User License Agreement

SUPPLIER DATA PROCESSING AGREEMENT

OFFICE OF TEMPORARY AND DISABILITY ASSISTANCE SECURITY OVER PERSONAL INFORMATION. Report 2007-S-78 OFFICE OF THE NEW YORK STATE COMPTROLLER

TECHNOLOGY CONSULTING AGREEMENT

Anglo American Procurement Solutions Site

NORTHEAST OHIO NETWORK FOR EDUCATIONAL TECHNOLOGY SERVICE PROVIDER CONTRACT INTERNET SERVICE Contract Number:

"Certification Authority" means an entity which issues Certificates and performs all of the functions associated with issuing such Certificates.

PUBLICATIONS SUBSCRIPTION AND ACCESS AGREEMENT TERMS & CONDITIONS FOR SUBSCRIBERS TO THE ELECTRONIC PUBLICATIONS

General Assembly. United Nations A/CN.9/WG.I/WP.42/Add.1

CROWNCAB OWNER/OPERATOR AGREEMENT

PARAGON UNION BERHAD WHISTLEBLOWING POLICY AND GUIDELINES

ORDINANCE BE IT ORDAINED BY THE BOARD OF COUNTY COMMISSIONERS OF POLK COUNTY, FLORIDA THAT:

GENERAL TERMS AND CONDITIONS OF SALE

JOINT RULES of the Florida Legislature

Municipal Code Online Inc. Software as a Service Agreement

(c) In addition to complying with the terms of the CPS, Company shall comply with each of the following obligations:

ORDINANCE NO. THE CITY COUNCIL OF THE CITY OF MISSION VIEJO DOES HEREBY ORDAIN AS FOLLOWS:

AMERICAN SOCIETY OF CLINICAL ONCOLOGY ONLINE SUBSCRIPTION AGREEMENT. Address.

DATA PROCESSING AGREEMENT. (1) You or your organization or entity as The Data Controller ( The Client or The Data Controller ); and

FIFTH AMENDMENT TO THE AGREEMENT FOR CONSULTANT SERVICES BETWEEN THE SONOMA-MARIN AREA RAIL TRANSIT DISTRICT AND SPTJ CONSULTING

1. THE SYSTEM AND INFORMATION ACCESS

Data Processing Agreement

TERMS AND CONDITIONS OF USE OF THE ELECTRONIC EXCHANGE SYSTEM. external experts in the context of EU funding programmes.

EXHIBIT G PRIVACY AND INFORMATION SECURITY PROVISIONS

LEGAL REQUIREMENTS 42 USC 666(16) MCLA MCLA MCLA MCLA MCLA MCLA MCLA

Transcription:

WISCONSIN DEPARTMENT OF JUSTICE CRIME INFORMATION BUREAU Management Control Agreement Non-Criminal Justice Agency: Criminal Justice Agency: UPURPOSE U: This agreement is intended to establish the minimum required oversight of a Criminal Justice Agency (CJA) over the Non-Criminal Justice Agency (NCJA) that supports criminal justice functions (i.e. hardware, software, network, dispatching functions on behalf of a criminal justice agency, etc). USCOPE:U Pursuant to the CJIS Security Policy, it is agreed that with respect to administration of that portion of computer systems and network infrastructure interfacing directly or indirectly with the state network (Network Name) for the interstate exchange of criminal history/criminal justice information, the (Criminal Justice Agency) shall have the authority, via managed control, to set, maintain, and enforce: (1) Priorities of services provided by the NCJA. (2) Standards for the selection, supervision, and termination of personnel access (logical and/or physical) to Criminal Justice Information (CJI). (3) Policy governing operation of justice systems, computers, access devices, circuits, hubs, routers, firewalls, and any other components, including encryption, that comprise and support a telecommunications network and related criminal justice systems to include but not limited to criminal history record/criminal justice information, insofar as the equipment is used to process or transmit criminal justice systems information guaranteeing the priority, integrity, and availability of service needed by the criminal justice community. (4) Restriction of unauthorized personnel from access (logical and/or physical) or use of equipment accessing the State network. (5) Compliance with all rules and regulations of the (Criminal Justice Agency) Policies and CJIS Security Policy in the operation of all information received.

This agreement is in accordance with Section 5.1.1.4 of the CJIS Security Policy which requires that management control of the criminal justice function remains solely with the Criminal Justice Agency and covers the overall supervision of all (Criminal Justice Agency) systems, applications, equipment, systems design, programming, and operational procedures associated with the development, implementation, and maintenance of any (Criminal Justice Agency) system to include TIME System/NCIC Programs that may be subsequently designed and/or implemented within the (Criminal Justice Agency). We, the undersigned parties, agree to the above purpose, principles, and standards of management control and responsibility. UNon-Criminal Justice Agency HeadU UCriminal Justice Agency Head (Signature) (Signature) (Title) (Title) (Typed/Printed Name) (Typed/Printed Name) (Date) (Date)

FEDERAL BUREAU OF INVESTIGATION CRIMINAL JUSTICE INFORMATION SERVICES SECURITY ADDENDUM The goal of this document is to augment the CJIS Security Policy to ensure adequate security is provided for criminal justice systems while (1) under the control or management of a private entity or (2) connectivity to FBI CJIS Systems has been provided to a private entity (contractor). Adequate security is defined in Office of Management and Budget Circular A-130 as security commensurate with the risk and magnitude of harm resulting from the loss, misuse, or unauthorized access to or modification of information. The intent of this Security Addendum is to require that the Contractor maintain a security program consistent with federal and state laws, regulations, and standards (including the CJIS Security Policy in effect when the contract is executed), as well as with policies and standards established by the Criminal Justice Information Services (CJIS) Advisory Policy Board (APB). This Security Addendum identifies the duties and responsibilities with respect to the installation and maintenance of adequate internal controls within the contractual relationship so that the security and integrity of the FBI's information resources are not compromised. The security program shall include consideration of personnel security, site security, system security, and data security, and technical security. The provisions of this Security Addendum apply to all personnel, systems, networks and support facilities supporting and/or acting on behalf of the government agency. 1.00 Definitions 1.1 Contracting Government Agency (CGA) - the government agency, whether a Criminal Justice Agency or a Noncriminal Justice Agency, which enters into an agreement with a private contractor subject to this Security Addendum. 1.2 Contractor - a private business, organization or individual which has entered into an agreement for the administration of criminal justice with a Criminal Justice Agency or a Noncriminal Justice Agency. 2.00 Responsibilities of the Contracting Government Agency. 2.01 The CGA will ensure that each Contractor employee receives a copy of the Security Addendum and the CJIS Security Policy and executes an acknowledgment of such receipt and the contents of the Security Addendum. The signed acknowledgments shall remain in the possession of the CGA and available for audit purposes. The acknowledgement may be signed by hand or via digital signature (see glossary for definition of digital signature). 3.00 Responsibilities of the Contractor. 3.01 The Contractor will maintain a security program consistent with federal and state laws, regulations, and standards (including the CJIS Security Policy in effect when the contract is executed and all subsequent versions), as well as with policies and standards established by the Criminal Justice Information Services (CJIS) Advisory Policy Board (APB).

4.00 Security Violations. 4.1 The CGA must report security violations to the CJIS Systems Officer (CSO) and the Director, FBI, along with indications of actions taken by the CGA and Contractor. 4.2 Security violations can justify termination of the appended agreement. 4.3 Upon notification, the FBI reserves the right to: a. Investigate or decline to investigate any report of unauthorized use; b. Suspend or terminate access and services, including telecommunications links. The FBI will provide the CSO with timely written notice of the suspension. Access and services will be reinstated only after satisfactory assurances have been provided to the FBI by the CGA and Contractor. Upon termination, the Contractor's records containing CHRI must be deleted or returned to the CGA. 5.00 Audit 5.01 The FBI is authorized to perform a final audit of the Contractor's systems after termination of the Security Addendum. 6.00 Scope and Authority 6.1 This Security Addendum does not confer, grant, or authorize any rights, privileges, or obligations on any persons other than the Contractor, CGA, CJA (where applicable), CSA, and FBI. 6.2 The following documents are incorporated by reference and made part of this agreement: (1) the Security Addendum; (2) the NCIC 2000 Operating Manual; (3) the CJIS Security Policy; and (4) Title 28, Code of Federal Regulations, Part 20. The parties are also subject to applicable federal and state laws and regulations. 6.3 The terms set forth in this document do not constitute the sole understanding by and between the parties hereto; rather they augment the provisions of the CJIS Security Policy to provide a minimum basis for the security of the system and contained information and it is understood that there may be terms and conditions of the appended Agreement which impose more stringent requirements upon the Contractor. 6.4 This Security Addendum may only be modified by the FBI, and may not be modified by the parties to the appended Agreement without the consent of the FBI. 6.5 All notices and correspondence shall be forwarded by First Class mail to: Information Security Officer Criminal Justice Information Services Division, FBI 1000 Custer Hollow Road Clarksburg, West Virginia 26306

FEDERAL BUREAU OF INVESTIGATION CRIMINAL JUSTICE INFORMATION SERVICES SECURITY ADDENDUM UCERTIFICATION I hereby certify that I am familiar with the contents of (1) the Security Addendum, including its legal authority and purpose; (2) the NCIC Operating Manual; (3) the CJIS Security Policy; and (4) Title 28, Code of Federal Regulations, Part 20, and agree to be bound by their provisions. I recognize that criminal history record information and related data, by its very nature, is sensitive and has potential for great harm if misused. I acknowledge that access to criminal history record information and related data is therefore limited to the purpose(s) for which a government agency has entered into the contract incorporating this Security Addendum. I understand that misuse of the system by, among other things: accessing it without authorization; accessing it by exceeding authorization; accessing it for an improper purpose; using, disseminating or re-disseminating information received as a result of this contract for a purpose other than that envisioned by the contract, may subject me to administrative and criminal penalties. I understand that accessing the system for an appropriate purpose and then using, disseminating or re-disseminating the information received for another purpose other than execution of the contract also constitutes misuse. I further understand that the occurrence of misuse does not depend upon whether or not I receive additional compensation for such authorized activity. Such exposure for misuse includes, but is not limited to, suspension or loss of employment and prosecution for state and federal crimes. Printed Name/Signature of Contractor Employee Date Printed Name/Signature of Contractor Representative Date Organization and Title of Contractor Representative

2024 © lawsdocbox.com Privacy Policy | Terms of Service | Feedback