UNDERSTANDING CJIS ONLINE FOR CJIS SECURITY AWARENESS TRAINING & TESTING
NAVIGATING THE CJIS ONLINE SITE Walking you through the CJIS Online system: Logging in as an agency administrator Setting up user accounts Modifying user accounts: Inactivating users Resetting login credentials Relaying user login credentials & testing instructions Generating & reviewing test activity reports.
CJIS ONLINE IS FOR YOUR LEVEL 1 & 3 USERS It is your agency s responsibility to maintain CJIS Security Awareness training documentation. CJIS Online is the minimum basic security awareness training required for all individuals who view or handle Criminal Justice Information (CJI), which includes Criminal History Record Information (CHRI). All authorized personnel must complete this training within six months of hire or becoming authorized to view or handle CHRI, and then every two years thereafter. All noncriminal justice agencies must keep a current list of authorized employees who are allowed access to CHRI. Authorized employees of the NCJA will need to be entered into CJIS Online: Level 1: Physical Access Level 3: Personnel with Information Technology roles Agencies can maintain their records online using the CJIS Online Portal.
ACCESS DEFINED Question: What is access? Answer: The physical or logical (electronic) ability, right, or privilege to view, modify, or make use of Criminal Justice Information. ( As defined by the Criminal Justice Information Services (CJIS) Security Policy Version 5.2) Agencies should define who is authorized to access CHRI. Access to CHRI should be limited to agency personnel who are authorized to receive, view, handle, disseminate, store, retrieve, or dispose of CHRI. Security precautions should be taken within the agency to ensure access to CHRI is restricted to only those individuals authorized.
AUTHORIZED PERSONNEL Examples of types of personnel an agency may want to authorize include: Administrative personnel who open the agency's mail, have filing duties, or perform functions which give them trusted access to locked/secured areas or access to unsealed CHRI Personnel involved in employment/position suitability determinations Human Resources personnel Directors Supervisors Appeals board members Interviewers Information technology personnel (if CHRI is stored electronically) State agency auditors reviewing files for licensing purposes
LEVEL 1 SECURITY AWARENESS TRAINING Question: Who takes Level 1 Security Awareness Training? Answer: All authorized personnel within the NCJA with physical access to CJI/CHRI must take Level 1 Security Awareness Training within six months of assignment and every two years thereafter.
LEVEL 3 SECURITY AWARENESS TRAINING Question: Who takes Level 3 Security Awareness Training? Answer: If CJI/CHRI is stored electronically, all authorized personnel with IT roles must take Level 3 security awareness training within six months of assignment and every two years thereafter.
LOGIN TO THE CJIS ONLINE Login to CJIS Online as the Local Agency Admin: https://www.cjisonline.com/ If you cannot login, call or email Jaime Fisher to set your password: 515-725-6002 or jfisher@dps.state.ia.us Agencies can set only one admin for CJIS online.
LOGIN TO THE CJIS ONLINE Your login credentials are unique to you and your agency: The ORI is your OCA + Xs to fill 9 spaces. OCA = TEST2 ORI = TEST2XXXX
CJIS ONLINE AGENCY OPTIONS This is your agency home screen, which lists all the options available to you in order to administrate your agency, add users, and run reports.
SETTING UP NEW CJIS ONLINE USERS To add new users, go to IT & Agency User Admin:
SETTING UP NEW CJIS ONLINE USERS Your existing users will be listed alphabetically. You will need to add all authorized personnel, including yourself. You can add new users by clicking on the Add New IT or Agency Employee button:
SETTING UP NEW CJIS ONLINE USERS You will need to provide the below information for new users. The fields with an asterisk are the only required fields. You will be asked to assign the user with either level 1 or 3 level training. Please ignore Finger Print Information area of the screen. You can set the password to any secure password appropriate for your agency. Please do not use personal identifying information. Make a note of the employee s login credentials you will be relaying them so they can start the training process.
IF THE NEW ACCOUNT IS REJECTED If you get an error message saying this is a duplicate record, this means this user has already been created by another agency. Do not create duplicate user accounts. Please call or email Jaime Fisher at 515-725-6002 or jfisher@dps.state.ia.us
SETTING UP NEW CJIS ONLINE USERS Your newly added employee will now be listed in your IT & Agency Employees list. You may click on the magnifying glass to view their record, edit their credentials, or inactivate them.
EMAIL THE NEW CJIS USER AND RELAY THEIR LOGIN CREDENTIALS SAMPLE
LEVEL 1 & LEVEL 3 USERS WILL LOGIN AS IT & AGENCY USERS https://www.cjisonline.com
COMPLETION OF TRAINING & TESTING As directed in your email, after logging in the users will first complete the training modules, then complete their test. Users must score at least 70% to pass the test and will have 1 hour to answer 25 randomly selected questions. If they do not pass the test they must wait 3 hours before trying again.
COMPLETION OF TRAINING & TESTING Upon successful completion (70% or better) of the CJIS Online testing the user will get a certificate of completion. This user is now certified for two (2) years. Upon expiration, the user will need to complete the training and testing process all over again.
MONITORING TESTING ACTIVITY By logging in as a Local Agency Admin, you can also run reports to monitor your agency s testing activity.
MONITORING TESTING ACTIVITY Regularly reviewing your certification expiration report gives you an agency-wide perspective of your upcoming expiration dates. Be proactive and administer training & testing reminders 60 days in advance to give your users plenty of time to complete the testing process.
MONITORING TESTING ACTIVITY This command will generate a list of all the expiration dates for your entire agency, including active employees with no training history.
QUESTIONS? Jaime Fisher, NCJA Auditor Iowa Division of Criminal Investigation jfisher@dps.state.ia.us 515-725-6002 Information regarding additional requirements for access to CHRI may be found at: https://www.cjisportal.com/ia/noncrim/launchpad/