IT Security Self- & Risk-Assessment Tool

it-securityThe SEARCH IT Security Self- and Risk-Assessment Tool is a companion resource to The Law Enforcement Tech Guide for Information Technology Security: How to Assess Risk and Establish Effective Policies, which SEARCH developed for the Office of Community Oriented Policing Services (COPS), U.S. Department of Justice.

The tool is a Microsoft Excel 2003 spreadsheet containing worksheets that guides you through a detailed assessment of your agency’s IT system in three categories:ManagementOrganizational, and Technicaland a fourth category, State and Local Law Enforcement-Specific IT Security Controls, which assists with recording information on additional state and local government issues.

The Assessment Tool allows your policy development team to walk through the process and record their answers in one location. It—

  • offers a simple and concise methodology by which to assess your systems and their potential risk
  • gives a graphical view of the systems assessed and their current status, based on the team’s input

Because of the graphical nature of the tool, it is immediately obvious where important issues need to be addressed. The answers can give managers a roadmap to their response to the risk and offer guidance on funding requirements for their systems. 

Downloads

Detailed description of Assessment Tool
SEARCH IT Security Self- and Risk-Assessment Tool

tech-guide-itsecurityThe IT Security Tech Guide provides strategies, best practices, recommendations, and ideas for developing and implementing IT security policies. It offers a straightforward approach to help law enforcement agencies through an often complex process and provides a framework to gauge the performance and effectiveness of these policies.

Karen Lissy

Ms. Karen Lissy is a Justice Information Services Specialist for the Law and Policy Program of SEARCH, The National Consortium for Justice Information and Statistics. In this position, she provides assistance to state and local justice and public safety agencies to collect, curate, and use National Incident-Based Reporting System (NIBRS) data and computerized criminal history record (CCH/CHRI) information for policy analysis and development.

She also guides justice and related organizations in how to craft and implement laws, policies, practices, and technology applications to effectively collect and use CCH and related justice/public safety data; address legal, policy, and regulatory issues associated with CCH data; better manage and operate criminal justice information and identification systems; and develop security and privacy policies that protect justice information sharing systems.

Ms. Lissy has nearly two decades of research and data analysis experience, having led projects and tasks in support of two agencies within the U.S. Department of Justice’s Office of Justice Programs (the Bureau of Justice Statistics and National Institute of Justice), as well as the Centers of Disease Control and Prevention, and multiple foundations, including Ford, Annie E. Casey, and Hewlett. Prior to joining SEARCH in October 2020, Ms. Lissy served as a Social Science Researcher at RTI International, as a regional Crime Analyst for the Redmond (WA) Police Department, and as Director of a research program with the Harvard Center for Risk Analysis. Beginning in 2012, Ms. Lissy’s work has focused on improving data in law enforcement to answer policy questions and improve community/police relations.

Ms. Lissy earned a Bachelor’s degree in Public Policy from Duke University, and a Master’s in Public Health from the University of North Carolina at Chapel Hill.

×
Michael Mackay

Mr. Michael Mackay is an Information Sharing Developer for SEARCH, The National Consortium for Justice Information and Statistics. As part of the Software and Data Engineering Program (SDEP) team, he plans, develops, implements, and deploys information sharing systems on behalf of SEARCH clients in local, state, tribal, and Federal government settings. He also provides programming, configuration, and testing assistance, and consults on implementation architecture and design with clients. 

Mr. Mackay supports justice, public safety, and homeland security information sharing nationwide through SDEP services that include software architecture and systems design, application development, deployment and support, data management services, and direct technical assistance and training. These services offer capabilities that include federated query, authentication access/control, subscription/notification, process/workflow automation, data analysis, and more. 

Prior to joining SEARCH in 2021, Mr. Mackay worked as a Software Engineering Intern for TDM Business Toole Suite, where he provided software development support using Java frameworks, implemented relational database models using MySQL, and designed GUI components using NetBeans. 

Mr. Mackay will work in an Agile development environment, a methodology that SEARCH embraces that focuses on incremental development and delivery, collaboration in a team approach, and rapid and flexible response to change throughout the development cycle. 

Mr. Mackay earned a bachelor’s degree in Computer Science and Applied Mathematics and Statistics from Stony Brook University, New York. 

×