CJIS compliance for Iowa law enforcement agencies
Iowa agencies accessing the IOWA System and NCIC data answer to the FBI's CJIS Security Policy v6.0 and the Iowa Department of Public Safety, which runs one of the more explicitly scaled audit programs in the country. ComplianceLattice tracks the federal foundation both share.
A federal baseline, audited at scale
DPS conducts triennial CJIS audits of roughly 400 criminal justice agencies across the state - a named, specific scope rather than an ad hoc schedule. Iowa also ties advance authentication (two-factor login) specifically to access from unsecure locations, and gates any dissemination of IOWA System data on a mobile device meeting CJIS's mobile device security requirements first.
Underneath those specifics, the substance is the same work every CJIS-connected agency in the country does - access control, authentication, audit logging, incident response, and the rest of CJIS v6.0's 20 policy areas. ComplianceLattice tracks that full federal baseline today, covering most of the ground before you get to Iowa's audit-scope and mobile-access specifics.
If your agency's officers access IOWA/NCIC data from a squad car or another location that could reasonably be called unsecure, confirming advance authentication is actually enforced there - not just available - is worth checking before an auditor does. If your agency is working through Iowa DPS's CJIS audit program requirements now, reach out - alpha tester feedback directly shapes what we build first.
- All 20 CJIS v6.0 policy areas, the federal baseline Iowa DPS's program builds on
- Evidence vault with expiration tracking for background checks and training renewals
- Pre-built policy templates you can adapt for Iowa-specific requirements
- One-click audit export for your DPS or FBI assessor