AWS Security Blog

AWS Offers Criminal Justice Information Services (CJIS) Workbook

Amazon Web Services (AWS) recognizes that when law enforcement agencies place information in the cloud, they require timely and secure access to that information. AWS architecture provides a highly scalable and reliable platform that enables AWS customers to deploy applications and data quickly and securely in support of a wide variety of security and regulatory requirements, including those related to criminal justice.

In the spirit of the AWS Shared Responsibility Model, AWS has created a Criminal Justice Information Services (CJIS) Workbook in a security plan template format aligned to the CJIS Policy Areas. AWS customers who use this workbook will be able to manage regulatory CJIS workloads according to the CJIS Security Policy.

The workbook is intended to support AWS partners in the process of documenting their alignment posture with respect to CJIS security requirements. Furthermore, the security plan template provides AWS partner law enforcement agencies a systematic approach to documenting their implementation of CJIS security requirements for review and authorization. Finally, the workbook provides an overview of CJIS, AWS and AWS services, and the AWS/customer applicability of CJIS requirements.

This document is releasable under an AWS Non-Disclosure Agreement (NDA). Please contact your AWS point of contact for more details, or submit a request for more information to AWS Sales and Business Development.

Author

Chad Woolf

Chad joined Amazon in 2010 and built the AWS compliance functions from the ground up, including audit and certifications, privacy, contract compliance, control automation engineering and security process monitoring. Chad’s work also includes enabling public sector and regulated industry adoption of the AWS cloud, compliance with complex privacy regulations such as GDPR and operating a trade and product compliance team in conjunction with global region expansion. Prior to joining AWS, Chad spent 12 years with Ernst & Young as a Senior Manager working directly with Fortune 100 companies consulting on IT process, security, risk, and vendor management advisory work, as well as designing and deploying global security and assurance software solutions. Chad holds a Masters of Information Systems Management and a Bachelors of Accounting from Brigham Young University, Utah. Follow Chad on Twitter.