IDACS compliance for Indiana law enforcement agencies

Indiana agencies accessing CJI answer to the FBI's CJIS Security Policy v6.0 and IDACS, the Indiana Data and Communications System - established directly by state statute (IC 10-13-3-35) and administered under 240 IAC 5, not just an adopted policy manual. ComplianceLattice tracks the federal foundation both share.

A federal baseline, backed by state statute

The Indiana State Police serves as the state's CJIS Systems Agency, responsible for establishing and administering the CJIS IT Security Program and enforcing it down to individual local agencies. Because IDACS is grounded in Indiana Code rather than a discretionary policy document, agencies connecting to it - directly or indirectly - are bound by Indiana Administrative Code alongside the IDACS/NCIC/NLETS rules for criminal history, wanted-file, and BMV information.

Underneath that statutory framing, the substance is the same work every CJIS-connected agency in the country does - access control, authentication, audit logging, incident response, and the rest of CJIS v6.0's 20 policy areas. ComplianceLattice tracks that full federal baseline today, covering most of the ground before you get to Indiana's IDACS-specific provisions.

Because IDACS access can be direct or indirect - through another agency's connection - it's worth confirming explicitly which category your agency falls into, since compliance obligations can differ between the two. If your agency is working through IDACS requirements now, reach out - alpha tester feedback directly shapes what we build first.

  • All 20 CJIS v6.0 policy areas, the federal baseline IDACS builds on
  • Evidence vault with expiration tracking for background checks and training renewals
  • Pre-built policy templates you can adapt for Indiana-specific requirements
  • One-click audit export for your ISP or FBI assessor
← Browse all states

Get ahead of the October 2027 enforcement deadline