28 CFR 901.4 - Audits.
prev | next
(a) Audits of authorized State agencies that access the III System shall be conducted by the State's Compact Officer or, in the absence of a Compact Officer, the chief administrator for the criminal history record repository. The responsible Federal CJIS Systems Officer shall ensure that similar audits are conducted of authorized Federal agencies. Such audits shall be conducted to verify adherence to the provisions of part 901 and the FBI's CJIS Security Policy.
(b) Authorized agencies shall cause to be collected an appropriate record of each instance of III System access through a manual or electronic log. The log shall be maintained for a minimum one-year period to facilitate the audits and compliance reviews. Such records shall be maintained in accordance with the CJIS Security Policy. (For information on this security policy, contact your CJIS Systems Officer.)
(c) The audit and compliance reviews must include mechanisms to determine whether fingerprints were submitted within the time frame specified by the Compact Council.
Title 28 published on 2014-07-01.
No entries appear in the Federal Register after this date, for 28 CFR Part 901.