We are beginning an upgrade of our computer-aided dispatch (CAD) and Mobile systems for the Mesa Police Dept (PD) and the Mesa Fire Dept (FD). Both the PD and FD use a shared CAD system. Because it's a shared system, a major issue we are having is trying to define, specifically, what needs to be done with the CAD/Mobile from a FBI CJIS Security perspective - i.e. what configuration, both software security and/or infrastructure, must be in place to meet CJIS Security compliance?
We want to be able to share as much information and use as many features/functionality as possible, while also staying in compliance with the FBI CJIS Security Policy. The Policy is rather vague when it comes to this issue, and doesn't provide specific details for configuration guidance. Many other agencies use a shared CAD system (PD and FD), and must have/had this issue, but we are unable to locate any published guidelines, case studies, or other documentation on this issue.
Therefore, we would like to request this TA to gather information regarding the configuration of CAD/Mobile from other agencies that use a shared (Law Enforcement and Fire/EMS) system to answer the following questions (suggested list - perhaps the TA provider will be able to assist in formulating these questions):
SOFTWARE
1) What CAD software application configurations did you include to address FBI CJIS Security Policy rules? (Include specifics regarding security configurations, user rights, user group rights, etc.)
2) What Mobile software application configurations did you include to address FBI CJIS Security Policy rules? (Include specifics regarding security configurations, user rights, user group rights, etc.)
3) Is your software configuration designed to meet or exceed the FBI CJIS Security Policy rules?
INFRASTRUCTURE
4) What infrastructure configurations did you include to address FBI CJIS Security Policy rules? (Include specifics regarding security, architecture, domains, networks, etc.)
5) Is your infrastructure configuration designed to meet or exceed the FBI CJIS Security Policy rules?
Please check the box next to the following questions if the answer is 'yes'.
Please enter the applicable Event Date if there is an Event associated with this TTA.
When entering an Event Date, the Time is also required.
If the TTA is targeted to a particular audience or location, please complete the questions below.
Milestones are an element, activity, work product, or key task associated with completing the TTA (e.g. kick-off meeting, collect data from stake holders, deliver initial data analysis).
Please complete the fields below, if applicable, to create a milestone for this TTA.
Please respond to the Performance Metrics below. The Performance Metrics questions are based on the TTA Type indicated in the General Information section of the TTA.
Please submit a signed letter of support from your agency’s executive or other senior staff member. The letter can be emailed to or uploaded with this request. The letter should be submitted on official letterhead and include the following information:
- General information regarding the request for TTA services, i.e., the who, what, where, when, and why.
- The organizational and/or community needs specific to the request for TTA services.
- The benefits or anticipated outcomes from the receipt of TTA services.
By submitting this application to BJA NTTAC, I understand that upon approval of this application for TTA, the requestor agrees to keep BJA NTTAC informed of any circumstances that may impact the delivery of the TTA, including changes in the date of the event, event cancellation, or difficulties communicating with the assigned TTA provider.
Please call [site:phone] if you need further assistance completing this application.
a:19:{s:32:"field_what_event_has_occurred_th";s:168:"This request for information/research is prompted by a desire to do due diligence in configuring systems and the need to be in compliance with the CJIS Security Policy.";s:32:"field_what_do_you_want_to_achiev";s:185:"Configuration of our CAD and Mobile systems in such a way as to provide as much functionality and information sharing as possible, while maintaining our CJIS Security Policy compliance.";s:32:"field_what_will_happen_if_this_n";s:203:"Department can configure the system without the TA services, but the information from the TA would be a great aid to the City of Mesa as well as other jurisdictions configuring CAD and/or Mobile systems.";s:32:"field_do_you_have_any_data_to_su";s:233:"Unable to locate any published case studies or specifics regarding CAD/Mobile configuration to support CJIS Security Policy compliance. Searched the FBI/CJIS website publications, DOJ/BJA publications, and well as general web search.";s:32:"field_have_there_been_previous_a";s:2:"No";s:32:"field_have_you_sought_tta_before";s:2:"No";s:32:"field_who_will_assume_leadership";s:338:"Scott Parker, Project Manager III for Public Safety, City of Mesa Information Technology Department. Hi role is focused on public safety projects for the City of Mesa. This includes both Police and Fire Departments. More specifically for this TA, it includes the management of the CAD Upgrade Project, which includes this TA, if approved.";s:32:"field_how_did_you_learn_about_nt";s:146:"Previous employment with the IJIS Institute. As part of the duties there, I managed and/or participated as a consultant in several TA’s for BJA.";s:32:"field_what_are_your_organization";s:132:"The project is open and flexible to take in new information, and adapt as appropriate in order to produce the best outcome possible.";s:32:"field_what_are_organization_s_we";s:110:"a lack of knowledge of how other agencies configure their CAD and Mobile systems for CJIS Security compliance.";s:32:"field_what_opportunities_does_th";s:210:"During the implementation of the upgrade, they are open to configuring/setting up the systems differently than the current configuration in order to maximize efficiency and improve workflow/operational support.";s:32:"field_what_are_the_challenges_th";s:227:"This is a big project and the challenge is time – time to identify and survey other agencies, and then time to collate the data. Having a TA with appropriate SMEs, under the BJA banner, would be quite helpful in this effort. ";s:32:"field_how_will_this_technical_as";s:299:"The resulting information from this TA will provide a valid reference regarding real-world implementation details for CJIS Security Policy compliance that will be used to assist in configuration decisions for CAD and Mobile. End results: save time, save resources, maintain CJIS Security compliance.";s:32:"field_what_is_your_overarching_g";s:84:"To assist in CAD/Mobile configuration and to ensure CJIS Security Policy compliance.";s:32:"field_please_list_at_least_two_o";s:255:"1) Create reference case studies for CAD and Mobile from a CJIS Security Policy compliance perspective (use in future for other agencies as well)
2) Assist Mesa with our configuration of CAD and Mobile from a CJIS Security Policy compliance perspective
";s:32:"field_as_a_result_of_this_tta_wh";s:94:"Appropriate configuration of CAD and Mobile from a CJIS Security Policy compliance perspective";s:32:"field_who_will_be_participating_";s:61:"Scott Parker, PM – liaison for the Mesa CAD Upgrade Project";s:32:"field_who_supports_you_in_this_e";s:72:"Diane Gardner, CIO, City of Mesa
Jim Mack, PMO Director, City of Mesa
";s:32:"field_what_other_resources_do_yo";s:189:"Wouldn’t expect this TA to be on-site or have any expense to Mesa. Open to providing a after-action report or potentially a speaker to address the outcomes/benefits of this TA if desired.";}