The Criminal Justice Information Services (CJIS) Security Policy version 5.2 was approved by the Advisory Policy Board (APB) in August, 2013, and subsequently approved by the Director, FBI, in August, 2013. 

The essential premise of the CJIS Security Policy is to provide appropriate controls to protect the full lifecycle of Criminal Justice Information (CJI), whether at rest or in transit. The CJIS Security Policy provides the guidance for the creation, viewing, modification, transmission, dissemination, storage, and destruction of CJI data. This policy applies to every individual - contractor, private entity, noncriminal justice agency representative, or member of a criminal justice entity - with access to, or who operate in support of, criminal justice services and information.

The CJIS Security Policy provides a secure framework of laws, standards, and elements of published and vetted policies for accomplishing the mission across the broad spectrum of the criminal justice and noncriminal justice communities. 

Please click here pdf format of FBI CJIS Security Policy v. 5.1
file size 1MB to review the FBI CJIS Security Policy 5.2