While finding the Asheville Police Department in compliance with most of the criteria for participating in a national criminal-information network, the Federal Bureau of Investigation, in a newly published review, documented shortcomings in the APD’s online data security involving key elements of the program.
The FBI’s audit of APD’s information technology systems was conducted in May 2013 and published last week by Cryptome, an online library of once-secret materials that is run by anti-secrecy activists.
The document doesn’t say why the audit was initiated. Coincidentally or not, the FBI was involved in the recent federal prosecution of the APD’s former evidence manager, who pled guilty to stealing drugs from an evidence room rife with record-keeping problems.
It does reveal the few but significant areas where the APD was found lacking in standards for participation in Criminal Justice Information Services, an FBI-run online network that is “the world’s largest repository of criminal fingerprints and history records,” which is used “to catch crooks and terrorists,” as the bureau puts it.
The audit is below, with annotations noting problems identified by the FBI, including the APD’s breaches of protocols instituted to keep certain law enforcement information secure. Click the “Notes” tab to go directly to those excerpts.FBI IT Audit of APD (PDF)
FBI IT Audit of APD (Text)
WLOS-TV reports on the audit. This story may be found here and is published by Carolina Public Press through a content-sharing partnership with WLOS-TV.