Criminal Justice Information Services (CJIS) Audit and Assessments; we are ready when you are! Call +1 (888) 896-7580 today.

Lazarus Alliance Proactive Cyber Security® services minimize performance and operational risks with our industry-leading, innovative, and cost effective
Criminal Justice Information Services (CJIS) focused services.

The professionals at Lazarus Alliance are completely committed to you and your business’ Criminal Justice Information Services (CJIS) focused audit success.

Regardless of whether you represent the private sector or the public sector, we stand ready to partner with your organizations. Our competition may want to keep you and your employees in the dark where security, risk, privacy and governance are concerned hoping to conceal their methodology and expertise. We don’t prescribe to that philosophy. We believe the best approach is transparent and built on a partnership developed on trust and credibility creating sustainability within your organization.

Just the facts ...

The CJIS Security Policy and Requirements ("Policy") reflects the shared responsibility between FBI CJIS, CJIS Systems Agency (CSA), and the State Identification Bureaus (SIB) of the lawful use and appropriate protection of Criminal Justice Information ("CJI”). The Policy provides a baseline of security requirements for current and planned services and establishing sets a minimum standard for new initiatives.

Find out more by calling +1 (888) 896-7580 today.

Criminal Justice Information Services (CJIS) is right for you if you are a:

Criminal Justice Agency

Is your organization representing a local, state, or federal public safety agency? Does your organization regularly process, accesses, and or store Criminal Justice Information Services (CJIS) data? You need to be proactive about compliance and preparing for the Criminal Justice Information Services (CJIS) audit. Lazarus Alliance Criminal Justice Information Services (CJIS) expert Cybervisors™ will lead the way giving you peace of mind while reducing organizational costs.

Vendor Providing Products and Services

If your organization offers Criminal Justice Information Services (CJIS) related products or services to criminal justice organizations, you are required to be compliant. You will want to demonstrate You want to demonstrate Criminal Justice Information Services (CJIS) proactively to avoid losing your customers’ trust, and consequently, losing business. Lazarus Alliance Criminal Justice Information Services (CJIS) Cybervisors™ are the seasoned professionals who will help you engage your clients confidently with our "work smarter not harder" Criminal Justice Information Services (CJIS) services.

Organization Performing Background Checks

Is your organization one that performs Fingerprint-based background checks on employees, volunteers, or licensees? Non-criminal justice agencies like yours will be audited to make sure you comply with the CJIS Security Policy. Regardless of whether this is your initial assessment or you are sustaining your compliance, our Criminal Justice Information Services (CJIS) delivered by our industry-leading Cybervisors™ and award-winning Continuum GRC ITAM technology will help get you compliant and stay that way.

We Have What It Takes!

Lazarus Alliance's primary purpose is to help organizations attain, maintain, and demonstrate compliance and information security excellence – in any jurisdiction. Lazarus Alliance specializes in IT security, risk, privacy, governance, cyberspace law, and Criminal Justice Information Services (CJIS) compliance leadership solutions and is fully dedicated to global success in these disciplines. We can help your organization too! Our client’s come from all business sectors across the world.

Buyer Beware!

The Criminal Justice Information Services (CJIS) is based on the NIST SP 800-53 compliance framework which is complex and extensive in scope. Very few providers out there are actually qualified to properly conduct a Criminal Justice Information Services (CJIS) assessment. Lazarus Alliance is an A2LA ISO/IEC 17020 accredited organization and our certification number is 3822.01 which means we are. Don't bet your business on firms not qualified and accredited themselves.

Comprehensive Criminal Justice Information Services (CJIS) Compliance Audit Services Checklist

Once a company has made the decision to enlist a third party to provide Criminal Justice Information Services (CJIS) based compliance audit services, they want assurances that those services will be provided timely, accurately and securely. A Criminal Justice Information Services (CJIS) based compliance audit shows your commitment to maintaining a sound control environment that protects your client’s data and confidential information.

You gain many strategic business advantages by offering market differentiation and leadership showing others credible evidence of good practice. In addition to risk avoidance, a Lazarus Alliance Criminal Justice Information Service (CJIS) compliance audit will demonstrate due diligence in the event of legal action or matters of business insurability.


Achieve success with the industry’s most proactive and innovative third-party assessment organization. Rely on our industry-leading Cybervisors™ who know the technical rigor and scrutiny you can expect during Criminal Justice Information Services (CJIS) based assessments.

Cybervisor™ Consultations

A significant differentiator you will immediately appreciate is our Proactive Cyber Security™ Criminal Justice Information Services (CJIS) compliance audit methodology which take a continuous audit approach rather than the end of reporting period Audit Anarchy approach by other firms. We will also utilize the award-winning Continuum GRC ITAM technology to set you up for success. The IT Audit Machine is a full-featured and highly collaborative assessment and reporting tool only available from Continuum GRC.

Lazarus Alliance Cybervisors™ assist with Criminal Justice Information Services (CJIS) documentation development, including System Security Plan (SSP), Contingency Plan (CP), Incident Response Plan (IRP), Configuration Management Plan (CMP), Privacy Impact Assessment (PIA), and Federal Information Processing Standard Publication 199 (FIPS 199) Security Categorization, Policies, Procedures and more.

Working Smarter Not Harder

Lazarus Alliance creates sustainable Criminal Justice Information Services (CJIS) based compliance partnerships with our clients. We have a proven methodology and project plan that helps our clients achieve compliance on budget and on schedule. You will come to appreciate our Service, Integrity and Reliability which will be apparent to you from the very first call.

It’s Complicated!

Applicable Criminal Justice Information Services (CJIS) Audit Laws

  • Computer Fraud and Abuse Act [PL 99-474, 18 USC 1030]
  • E-Authentication Guidance for Federal Agencies [OMB M-04-04]
  • Federal Information Security Management Act (FISMA) of 2002 [Title III, PL 107-347]
  • Freedom of Information Act As Amended in 2002 [PL 104-232, 5 USC 552]
  • Guidance on Inter-Agency Sharing of Personal Data . Protecting Personal Privacy [OMB M-01-05]
  • Homeland Security Presidential Directive-7, Critical Infrastructure Identification, Prioritization, and Protection [HSPD-7]
  • Internal Control Systems [OMB Circular A-123]
  • Management of Federal Information Resources [OMB Circular A-130]
  • Management.s Responsibility for Internal Control [OMB Circular A-123, Revised 12/21/2004]
  • Privacy Act of 1974 as amended [5 USC 552a]
  • Protection of Sensitive Agency Information [OMB M-06-16]
  • Records Management by Federal Agencies [44 USC 31]
  • Responsibilities for the Maintenance of Records About Individuals by Federal Agencies [OMB Circular A-108, as amended]
  • Security of Federal Automated Information Systems [OMB Circular A-130, Appendix III]
  • Applicable Standards and Guidance

Applicable Criminal Justice Information Services (CJIS) Audit Standards

  • Computer Security Incident Handling Guide [NIST SP 800.61, Revision 1]
  • Contingency Planning Guide for Federal Information Systems [NIST SP 800-34, Revision 1]
  • Engineering Principles for Information Technology Security (A Baseline for Achieving Security) [NIST SP 800-27, Revision A]
  • Guide for Assessing the Security Controls in Federal Information Systems [NIST SP 800-53A]
  • Guide for Developing Security Plans for Federal Information Systems [NIST SP 800-18, Revision 1]
  • Guide for Developing the Risk Management Framework to Federal Information Systems: A Security Life Cycle Approach [NIST SP 800-37, Revision 1]
  • Guide for Mapping Types of Information and Information Systems to Security Categories [NISP SP 800-60, Revision 1]
  • Guide for Security-Focused Configuration Management of Information Systems [NIST SP 800-128]
  • Information Security Continuous Monitoring for Federal Information Systems and Organizations [NIST SP 800-137]
  • Minimum Security Requirements for Federal Information and Information Systems [FIPS Publication 200]
  • Personal Identity Verification (PIV) of Federal Employees and Contractors [FIPS Publication 201-1]
  • Recommended Security Controls for Federal Information Systems [NIST SP 800-53, Revision 4]
  • Risk Management Guide for Information Technology Systems [NIST SP 800-30]
  • Security Considerations in the System Development Life Cycle [NIST SP 800-64, Revision 2]

Leveraging the Continuum GRC IT Audit Machine, our Proactive Cyber Security® methodology, and the Policy Machine, Lazarus Alliance provides international standards that are recognized as “Best Practices” for developing organizational security standards and controls that support Criminal Justice Information Services (CJIS) based compliance audit certifications and assessments.

We want to be your partner and Criminal Justice Information Services (CJIS) compliance audit assessor of choice! For additional information please contact us using the form to the right or calling +1 (888) 896-7580.