Get CJIS v6.0 Ready with Planet

Understand new priority controls, monitoring requirements, and audit expectations.

Contact Planet

CJIS v6.0: New Standards for Protecting Criminal Justice Information

The FBI’s Criminal Justice Information Services (CJIS) Division manages critical law enforcement data, including fingerprints and criminal histories.

CJIS Security Policy v6.0, released in 2025, is the latest framework for handling CJI. It introduces key updates that all law enforcement and public safety agencies must address to remain compliant.

Non-compliance can block access to national criminal databases, disrupting operations. Following CJIS v6.0 not only ensures compliance, but also strengthens security, reducing the risk of data breaches.

Key Policy Changes

  • Priority-Based Controls (P1–P4): CJIS v6.0 builds on tiered control priorities. Agencies must map their current controls, identify gaps, and remediate P1 controls first with P2-P4 required by Sept 30, 2027.
  • Continuous Monitoring Requirements: Compliance is no longer a once-a-year exercise. Agencies must show ongoing, real-time validation of security controls through log analysis, SIEM, and active system monitoring.
  • Stronger Cloud & Vendor Requirement: Using non-compliant vendors risks loss of CJI access. All CJI-hosting cloud environments must be U.S.-based, vendor personnel must complete CJIS-level background checks (if managing encryption keys), and contracts must clearly assign CJIS responsibilities.
  • Tighter Identity & Access Controls: Organizations must strengthen IAM programs with Universal MFA, strict role-based access, immediate access removal, password complexity standards, and regular internal credential audits.
  • Audit Readiness & Documentation: CJIS v6.0 anticipates more frequent, independent audits. Agencies must maintain detailed evidence for every control—policies, configs, logs, training records—to demonstrate compliance at any time. 

Stay Ahead of CJIS v6.0 Compliance

Protect your data. Preserve your access.

Planet's Comprehensive Compliance Services

With Planet, you can confidently navigate CJIS v6.0 and focus on your public safety mission knowing your information systems are secure and compliant. We offer end-to-end CJIS compliance support services—and it’s not just consulting. Planet meets you where you are and is ready to engage regardless of where you are in your compliance journey.

 

  • Governance & Gap Assessment: Rapid workshops to assess compliance, identify gaps, and create actionable remediation plans.
  • Technical Implementation & Hardening: Implement required technical controls, optimize existing tools, and strengthen your security environment.
  • Continuous Monitoring & Managed Compliance: Real-time dashboards and tools validate controls, track credential hygiene, and support ongoing compliance through managed services.
  • Training & Personnel Support: CJIS Security Awareness Training and guidance on personnel screening, vendor requirements, and workforce readiness.
  • Vendor & Cloud Migrations: Update security tools and assist with secure migrations to CJIS-approved environments.
  • Identity & Access Management (IAM): Implementation of MFA, banned-password lists, credential monitoring, and onboarding/offboarding processes.
  • Audit Preparation & Support: Playbooks, evidence repositories, mock audits, and support to ensure complete documentation and zero findings.

Your CJIS v6.0 Compliance Partner

Stronger controls. Stricter timelines. Higher accountability.

Experts in Compliance

At Planet, we combine decades of public sector IT experience with specialized knowledge of CJIS and related compliance frameworks (like NIST and FedRAMP) to ensure your organization meets every requirement of the CJIS v6.0 Security Policy. 

Contact Planet
  • Unmatched NIST 800-53 Expertise: CJIS 6.0 maps closely to NIST SP 800-53 Rev. 5. Planet’s team has implemented countless NIST frameworks across federal, state, and local environments—making CJIS mapping faster, more accurate, and more cost-effective.
  • Proven Public Safety Experience: Planet has supported CJIS compliance efforts for state justice agencies and actively works with the FBI CJIS Division on IT initiatives. Our team also brings experience supporting 80+ FedRAMP ATOs.
  • Leaders in Microsoft: As a leading Microsoft partner with deep Azure Government and GCC High expertise (first to deploy solutions in Azure Government Secret Impact Level 6 for DOJ), we help agencies meet CJIS requirements using secure, compliant Microsoft platforms.
  • Holistic Security Approach: CJIS compliance is not treated as a checklist exercise. We design CJIS solutions that also strengthen alignment with CMMC, NIST 800-171, and broader cybersecurity frameworks.
  • Rapid, Low-Disruption Delivery: We recognize that law enforcement agencies can’t pause operations so we don’t either. Planet offers gap assessments in days and quick wins early without operational downtime.

Planet Standard

We don't just meet standards, we set them.

The “Planet Standard” is all about how we interact with our clients, employees and partners every day. This means providing a level of care and partnership that goes beyond traditional business relationships—we are always in your corner, ready to assist. Our first client, the Department of Energy, is still a customer 26 years later.

Learn More

Let's Talk

Solve your next business challenge leveraging the Microsoft tools and technology YOU ALREADY OWN.

Contact Us