The FBI requires both a business and technical security audit every three years.
Yes, however, due to the sometimes highly technical nature of the audit, it is recommended that someone with a good understanding of an agency’s Criminal Justice Information Systems (CJIS) and network architecture be the point of contact.
ABSOLUTELY! In fact, we encourage it. The TAC and the IT POC should be communicating on a regular basis and aware of changes that may affect each other.