UCJIS compliance for Utah law enforcement agencies
Utah agencies accessing the Utah Criminal Justice Information System answer to the FBI's CJIS Security Policy v6.0 and the Bureau of Criminal Identification, which names a specific technical control most states describe only in general terms. ComplianceLattice tracks the federal foundation both share.
A federal baseline, with a named lockout threshold
UCJIS rules specify an exact account lockout parameter: no more than 5 consecutive invalid access attempts before the account locks for 15 minutes, with an approved system-use notification displayed before any access is granted. Every mobile device management vendor connected to UCJIS has to independently meet CJIS Security Policy requirements, and unescorted access - whether to CJIS information or to secure locations where it's kept - requires bureau approval plus a UCJIS User Agreement and fingerprint submission on file.
Underneath that named technical parameter, the substance is the same work every CJIS-connected agency in the country does - access control, authentication, audit logging, incident response, and the rest of CJIS v6.0's 20 policy areas. ComplianceLattice tracks that full federal baseline today, covering most of the ground before you get to UCJIS's specific configuration requirements.
A named 5-attempt, 15-minute lockout threshold is specific enough to check directly against your actual system configuration rather than assuming a generic "reasonable lockout policy" satisfies it. If your agency is working through UCJIS requirements now, reach out - alpha tester feedback directly shapes what we build first.
- All 20 CJIS v6.0 policy areas, the federal baseline UCJIS builds on
- Evidence vault with expiration tracking for background checks and training renewals
- Pre-built policy templates you can adapt for Utah-specific requirements
- One-click audit export for your BCI or FBI assessor