The FBI implemented CODIS as a database with hierarchical levels that enables Federal, State, and local crime laboratories to compare DNA profiles electronically. The hierarchy consists of three distinct levels that flow upward from the local level to the State level, and then, if allowable, to the national level. The National DNA Index System (NDIS) is the highest level in the hierarchy, containing DNA profiles uploaded by law enforcement agencies across the United States; NDIS enables laboratories participating in CODIS to electronically compare DNA profiles on a national level. This audit, which covered the period from January 2009 through December 2010, determined whether the SFPD Laboratory was in compliance with NDIS participation requirements. The audit found that the SFPD Laboratory was in compliance with NDIS requirements for updated training for Laboratory personnel, the maintenance of training and qualification records, and the timeliness of NDIS matches; however, it has not complied with NDIS Security Requirements regarding server back-ups being transported monthly off-site. It has complied with the Quality Assurance Standards (QAS) regarding the completion of periodic internal and external QAS reviews, implementation of corrective actions presented by internal and external reviews, and retention of preventing access by unauthorized personnel. Of the 100 forensic profiles sampled 93 profiles were found to be complete, accurate, and allowable for inclusion in NDIS, but 7 profiles were unallowable. Recommendations are offered. Appended audit objectives, scope, and methodology, as well as audit criteria