Cisco Systems Partners With Lazarus Alliance for FBI CJIS Security Audits
SCOTTSDALE, Ariz., April 12, 2018 (Newswire.com) - Lazarus Alliance, a leading provider of cyber security, governance, risk, and compliance (GRC) services, announces its partnership with Cisco Systems, a global technology leader. Lazarus Alliance will perform FBI CJIS security audits for Cisco’s WebEx and Hosted Collaboration Solution (HCS) for Government services.
The CJIS is the FBI’s largest division and encompasses several departments, including the National Crime Information Center (NCIC), the Integrated Automated Fingerprint Identification System (IAFIS), and the National Instant Criminal Background Check System (NICS). The CJIS databases are used by law enforcement agencies, other government organizations, and some corporate networks. Any service that accesses these databases must comply with the FBI CJIS Security Policy, which encompasses a common set of user security standards to protect the integrity of these highly sensitive databases.
We're excited that Cisco has entrusted us with ensuring that their WebEx and HCS for Government solutions are CJIS-compliant, and we look forward to working with them.
Michael Peters, CEO, Lazarus Alliance
“We’re excited that Cisco has entrusted us with ensuring that their WebEx and HCS for Government solutions are CJIS-compliant, and we look forward to working with them,” said Michael Peters, CEO of Lazarus Alliance.
Because the FBI CJIS Security Policy is so voluminous, organizations usually achieve compliance by “mapping” the requirements with NIST Special Publication 800-53, which uses a risk management framework to outline and document security controls for federal information systems and organizations. However, mapping CJIS standards to NIST 800-53 is a complex and time-consuming process, even for an auditor that is highly experienced with NIST.
To perform the CJIS audits for Cisco, Lazarus Alliance will utilize the IT Audit Manager (ITAM) software solution from Continuum GRC. ITAM is a cloud-based GRC automation solution that integrates IT governance, policy management, risk management, compliance management, audit management, and incident management.
“ITAM includes self-help modules for the full spectrum of regulatory and industry data security requirements, including NIST SP 800-53,” Peters explained. “All of our clients love ITAM because it speeds up the audit process and saves them a lot of money and headaches, without sacrificing accuracy. It also makes it easier for them to maintain compliance moving forward.”
Source: Lazarus Alliance