Overview of Administrative Roles
Overview of Administrative Roles
1.0 Document Purpose
The purpose of this document is to provide criminal justice agencies with an informational overview of the N-DEx system administrative roles.
2.0 Administrative Roles
To administer sharing policies, modify user access, audit the usage/dissemination of agency data and records, and configure automatic processing of notifications/alerts, the agency’s executive management must identify persons to serve in several key N-DEx system administrative roles. One person within the respective criminal justice agency may be assigned multiple roles. The following administrative roles have been established within the N-DEx system:
User Administrator (one primary and one secondary): The criminal justice agency must designate someone to administer user permissions. The user adminstrator is provided with the capability to set user roles, modify user accounts, and assign data sources; therefore, the user administrator should be an individual who has knowledge of agency personnel and the privileges each user should have. The User Admin tab is only available to the person(s) assigned the user administrator role and provides access to the user administration screens. The N-DEx Program Office enables the user administrator capability within the system.
Source Data Administrator (one primary and one secondary): The criminal justice agency must designate someone within their agency to administer data and manage the agency’s data sharing rules. The N-DEx Program Office enables the source data administrator capability within the system.
The responsibilities of the source data administrator include:
- Providing the N-DEx liaison specialist with a list of all data owner agency names and ORIs prior to initial data submission. This list must be updated as new agencies begin submitting data;
- Submitting source data to N-DEx for the agency’s ORI or on behalf of the ORIs within the agency’s regional initiative;
- Managing data sharing rules for data submitted to N-DEx from the agency’s ORI or on behalf of the ORIs within the agency’s regional initiative;
- Maintaining data (view/modify/delete) submitted to N-DEx for the agency’s ORI or on behalf of the ORIs within the agency’s regional initiative;
- Establishing and managing sharing groups to enable access to the agency’s otherwise restricted data (i.e., yellow and red records);
- Managing the agency’s National Incident-Based Reporting System (NIBRS) extract (if applicable); and
- Reviewing the Data Submission Summary Report. After the agency’s data is ingested, the Data Submission Summary Report will be generated detailing the total number of successful and failed submissions the agency had for the time period in which the report was created. It is the responsibility of the source data administrator to review the report and make necessary fixes to correct the noted failed data submissions.
Auditor/Security Administrator: The user administrator must designate someone within their agency to perform audit modification procedures through the N-DEx portal. The agency can decide whether to assign one or both roles (the user auditor and data auditor) to the same person. The user auditor and data auditor may be a member of the agency that owns the submitted data or a member of an agency that submits on behalf of another agency. Additionally, the user auditor and data auditor can be a member of an organization that has audit authority over an agency or group of agencies, but may not be a member of those agencies (e.g., the CJIS systems officer (CSO) and CJIS Audit Unit). The N-DEx Program Office enables the security administrator capability within the system.
- Data Auditor—authorized to audit the dissemination of data and records within the agency and to other criminal justice agencies. The data auditor can generate, download, rename, and delete audit reports. The data auditor requests audit reports that are based on data, but is not permitted to request audits of a user’s actions.
- User Auditor—authorized to audit the actions of all users within the agency, such as searches performed, collaboration postings/retrievals completed, logon/off attempts, and reports created. The user auditor can generate, download, rename, and delete audit reports. The user auditor requests audit reports on user action, but is not permitted to request audits based solely on data.
- CSO Auditor—authorized to audit the actions of only those users/agencies over which the CSO has been given user audit responsibility. The CSO auditor can request audit reports on all data and user actions.
Audit Responsibility When an Owning Agency Uses a Data-Submitting Agency
Audit responsibility can be assigned or performed at the state/regional submitting agency level or delegated to the data owner. For example, the data owner agency can:
- Delegate its audit authority to the submitting agency (i.e., only the submitting agency will perform audits; the owning agency will not) if the submitting agency agrees to the delegation.
- Retain its audit authority (i.e., the submitting agency will have no ability to audit the owning agency’s data or users).
- Share its audit authority with the submitting agency.
In the sharing situation, the data owner agency may choose to either partially share or completely share the audit authority. The partial sharing can take the form of either both agencies having the data auditor AND user auditor roles or one agency having the data auditor role and the other agency having the user auditor role.
Automated Processing Administrator: The criminal justice agency’s user administrator must designate someone within their agency to manage the automated processing notifications. This person will provide the user with the capability to receive N-DEx automated reports that reflect correlations that may result in matching record entities within a user’s own agency and across agencies. The N-DEx Program Office enables the automated processing manager capability within the system.
Training Administrator: The criminal justice agency should designate someone to manage N-DEx training for all users within his or her assigned ORI(s). The training administrator assures assigned users have completed applicable training, recommends specific computer-based yraining (CBT) module(s) to be completed by the user, generates reports, and may retain user certificate(s) for record keeping and/or audit purposes.
3.0 Recommended Administrator Training Modules
The user administrator, source data administrator, analytical reporter, auditor/security administrator, and the automated processing manager should take the following CBTs:
- User Overview (30 minutes)
- Data Management (30 minutes)
- Administrator Role (30 minutes)
- Data Sharing (30 minutes)
Note: It is recommended the user administrator and source data administrator take all available CBT modules. The user administrator and source data administrator should take the appropriate CBT modules prior to having their roles established within N-DEx. The user administrator and source data administrator training certificate should be printed and maintained at their respective law enforcement agency for auditing purposes.
4.0 Required Administrator Form
Submit completed N-DEx Administrator Form to the N-DEx liaison specialist. After initial submission of the N-DEx Administrator Form, any changes may be made to the N-DEx liaison specialist via e-mail, fax, or letter.