JTAC Meeting

1. JTAC Meeting Triennial Audits Triennial Auditing Procedures V2

2. Major Changes • Audits for PSP and JNET were changed from one audit every 2 years to 1 audit every 3 years. • PSP Changed that procedure last year, but JNET had already scheduled audits under the biennial schedule. • JNET is now moving to a 3 year schedule.

3. Audit considerations • Responsible parties • JNET Office • Executive Director • Security Administrator • JNET Auditor • Agencies / Counties • Agency / County Point of Contact • Primary Registrar (appointed by POC) • Agency / County JTAC Administrator • Agency JTAC s

4. Personnel involved in an audit • Mail-in and On-site Audit • JNET Auditor • POC – receives correspondence and selects a Primary Registrar • Primary Registrar • JTAC Administrator • Any other Registrar or JTAC with information that assists with the audit.

5. Audit Preparation • The JNET Auditor will send the POC the materials that need to be completed for the audit. • Do not send anything additional to the Auditor on a mail in audit. • The audit is not for the JNET Office to fix agency problems, but to review agency policies and procedures.

6. Dissemination logs • Only for PSP information from CLEAN which has been transferred to another person (who has been authorized under the CHRI Act to receive that information). • Must include the required information. • JNET users who do not share information will not have to create a log, unless the agency has a different policy.

7. Audit areas covered • Policies and procedures • Record Administration • Hit Confirmation • Information Security • Physical Security • CH training and Certification

8. Final Report • Auditor will complete a final report and forward it to POC for review and comment. • There is a 30 day window for comments.