CIIS security policies

Great care and consideration are put into assuring the security of the CIIS. The CIIS Security Policies and Procedures comply with the security standards defined by the following agencies:
  • U.S. Department of Health and Human Services
  • International Organization for Standardization
  • American National Standards Institute
  • National Institute of Standards and Technology
  • National Infrastructure Protection Center
  • Crisis Emergency Response Team
CIIS security measures include:
  • User authentication
  • Individual passwords changed every 90 days
  • Extensive audit trail records
CIIS revises its Security Policies and Procedures as industry standards are updated.