DISS Frequently Asked Questions

New to DISS

What is the Defense Information System for Security?

DISS serves as the system of record for personnel security, suitability, and credential management of all DOD employees, military personnel, civilians, and DOD contractors. DISS also provides secure communications between Adjudicators, Security Officers, and Component Adjudicators in support of eligibility and access management.

How do I get a DISS account?

Please reach out to the following email,
dcsa.eastern.dcsa-dvd.mbx.diss-provisioning@mail.mil and provide them with your completed PSSAR form and required training certificates.

Please refer to the attached document named “2020 FAQ DISS JVS Industry PSAARs” for guidance on how to properly fill out the PSSAR.  Additional DISS processing information can be found on the DISS Resources website, https://www.dcsa.mil/is/diss/dissresources/

There are two options for obtaining Cyber Security Awareness/Information Assurance completion certificates:
1. Cyber Awareness Challenge ‐ https://public.cyber.mil/training/cyber‐awareness‐challenge/ (After you get to the DISA website you may need to click on Training and then click on Cyber Awareness Challenge).
2. Annual security training provided by the cleared service/company/agency.

There are two options for obtaining Personally Identifiable Information (PII) completion certificates:
1. https://public.cyber.mil/training/identifying‐and‐safeguarding‐personally‐identifiable‐information‐pii/
2. http://www.cdse.edu/catalog/elearning/DS‐IF101.html (you need a STEPP account)

Add a password to Adobe Acrobat (pdf)
Open the PDF and choose Tools > Protect > Encrypt > Encrypt with Password. If you receive a prompt, click Yes to change the security. Select Require a Password to Open the Document, then type the password in the corresponding field.

**Please email the password to the above-mentioned email address in a separate email. This will allow us to open and process the file.


What is required for access authorizations for DISS?

A minimum of interim secret eligibility is required to access DISS. Account Managers within each Component/Agency/Company will determine the specific DISS customer user base and assign user roles based on Component/Agency/Company guidance and responsibilities.

What are the Public Key Infrastructure (PKI) requirements for DISS?

Each DISS user will be required to have a DoD approved Public Key Infrastructure (PKI) certificate smartcard/token in the form of a Common Access Card (CAC), Personal Identity Verification (PIV) card, or authorized External Certificate Authority (ECA) certificate.

Will I need to register my CAC or PIV?

Yes, the registration process must be completed every time you get a new or replacement CAC or PIV. The Hierarchy/Account Manager or the DCSA CET will need to generate a new password. The pre-established registration user id and the newly generated password should be sent to the user. Thereafter, the user should re-register using the steps outlined below:

  1. Select their Certificate.
  2. Click on the login button and you will be redirected to the User Registration Page.
  3. Enter the pre-established user id and the newly generated password and click register.

The Hierarchy/Account Manager or the DCSA CET will need to generate a new password.

What are the web browser requirements for DISS?

Each DISS user will be required to have a Web browser with Microsoft Edge, Firefox 11 or above, or Google Chrome. Government approved encryption is required.

Using DISS

How can users identify if their DISS records are accurate?

Users should validate each agency/company employee record based on HR employee list.

How will DISS training be conducted?

DISS Training e-learning modules are provided online through DCSA and USA Learning websites. Also, Job Aids are provided on the DCSA website. Training will also be conducted via webinars.

How will Research, Recertify and Upgrade Requests (RRUs) be handled in DISS?

RRUs have become customer service requests (CSRs) in DISS. Customer Service Requests allow specific workflows to be sent to the DCSA VROC and DoD CAF for review and processing.

Where do I find information on DISS deployments, modifications, and other updates?

Users can find information on DISS by going to the DMDC DISS web page. Updates include alerts, notices, and release notes. User manuals will be provided within the landing page of the DISS application. The information should be posted on the “About JVS” tab on the DISS Homepage.

Who designates Hierarchy Managers?

Hierarchy Managers are designated by their Component/Agency/Company.

What is the DISS operational policy on printouts?

Personnel are granted access to DISS for the specific purpose of verifying eligibility and determining access to classified information of their service members/employees and/or visitors. There is NO AUTHORIZED USE OF DISS PRINTOUTS! Security Officers/Facility Security Officers should never print out any screen, screenshot, or provide DISS printouts to any agency or person.

Will the back button and exit lock your account?

No, the exit screen and back button will not lock your account. The user will have to login again upon exiting, however.

Is there an indication that a save took place after I click Save?

Yes, there are indications throughout DISS when a save takes place. You will see a window in the upper right side of the screen for a few brief seconds showing that something saved or submitted.

How do I access e-QIP?

https://nbib.opm.gov/e-qip-background-investigations The applicant's Security Officer must have first initiated the Investigation Request and provided access information, such as initial username and password

Can I view the applicant's personnel security questionnaire through DISS?

Yes, the information can be viewed with either the Security Manager or Security Officer role, only if you are an industry SMO user.*Once the applicant submits the SF86/eQIP/applicant’s personnel security questionnaire form the FSO will need to claim the task in DISS in the task inbox. Then they will review the investigation request to either approve or reject the investigation request. Please reference section (Review Investigation Request) in the JVS User Manual

Why does DISS require me to go to a SMO task inbox?

Task inbox is where RFA come through. Users go to the Task inbox to view/work assigned task. Please reference section in the JVS User Manual, View Task Inbox. The Task Inbox is accessible by Security Officers, Security Officer Administrators, Hierarchy Managers, Security Managers, and Component Adjudicators. The Task Inbox includes sub-tabs for Assigned Tasks and Unassigned Tasks. Users view tasks that they have claimed in the Assigned Tasks sub-tab and work the task to process the request. They can view and claim tasks from the Unassigned Tasks sub-tab. After claiming or completing a task, the data in the Task Inbox will not automatically update. Users must refresh the data in the Task Inbox by clicking on Task Inbox in the Communications control panel.

How do I submit a subject’s foreign contact or foreign travel information?

Security Officers can add information about the subject’s relationships with foreign individuals in the Subject Details tab. The Security Officer must have the Manage Foreign Relationships permission as well as an owning or servicing relationship with the subject in order to add or update a foreign relative/contact. -Users with the appropriate permission can update a subject’s foreign contact manually (see directions below), or the contacts may be updated by the e-ingest of SF forms or other case documents -Please see Add Foreign Contact or Relative, Edit Foreign Contact(s) and Relative(s) Information in the JVS User Manual. -The Foreign Travel sub-tab allows Security Officers to create new foreign travel records, including foreign contacts and countries visited, as well as edit existing foreign travel records, including removing countries or contacts. The Security Officer is also able to cancel or debrief the subject’s foreign travel records. -A Security Officer can edit a subject's foreign travel record, but only if it is in the Initial or Draft status. Records that are Debriefed or Canceled cannot be edited; the Security Officer can only add a comment to the foreign travel record. -Please see View Foreign Travel, Create Foreign Travel, Edit Foreign Travel-Edit Foreign Travel Detail, Edit Foreign Travel-Add Foreign Travel Countries, Edit Foreign Travel-Edit Foreign Travel Countries, Edit Foreign Travel-Delete Foreign Travel Countries, Edit Foreign Travel-Add Foreign Contacts, Edit Foreign Travel- Delete Foreign Contacts, Edit Foreign Travel-Foreign Travel Comments, Cancel Foreign Travel, Debrief Foreign Travel of the JVS User Manual.

Will existing JPAS accounts work within DISS?

No, DISS will require new system access for each user. The minimum requirements for system access are a completed Personnel Security System Access Request (PSSAR) form, Personal Identifying Information (PII) and cyber awareness training certificate. At this time, system training certificates are not required for system access. Once provisioned, the Hierarchy and/or Account Manager can provision users within their Component/Agency/Company.

Will information be migrated into DISS from JPAS?

Yes, all JPAS data will be migrated to DISS upon full deployment. We understood from Monday’s DCSA Working group meeting that certain information (RFIs and other communications to the CAF) would not migrate. The user would have to submit a request for that information.

Who determines the access authorizations for DISS?

A minimum of interim secret eligibility is required to access DISS. Account Managers within each Component/Agency/Company will determine the specific DISS customer user base and assign user roles based on Component/Agency/Company guidance and responsibilities.

Hosting/Requesting Visits

What's the definition of Visit Request Status?

  • Created means the visit template was built by a user. Users in both the hosting and creating SMOs can modify the visit location and add/cancel personnel to the visit
  • Active means the visit is ongoing, only the hosting SMO can modify the visit location in this status. Personnel can still be added/cancelled from the visit while active
  • Cancelled means that visit request is no longer active and cannot be reactivated/modified/deleted
  • Archived means the visit was completed and it can no longer be reactivated/modified/deleted

Where do I see visits?

  • The following roles will have access to all Hosting and Visiting SMO Requests via the "View SMO Visits" selection on the SMO menu: Security Officer, Security Officer Admin, Security Officer Visit Admin, Security Manager, Physical Access Control Personnel, Help Desk and Application Admin with View Visit permission
  • For visits associated only to a specific subject, users can view those visits on the Subject Detail screen under the "Accesses" tab
  • For all Visit Requests associated with your SMO, the Hosting Visit and Outgoing Visit reports are available in the Reporting Module

Can I create a visit on behalf of another SMO to my facility?

Yes, DISS allows for users to create a "Hosting" visit. The visiting SMO will receive a notification and can add/cancel visitors from the visit as well as modify the visit location while the Visit is in the "Created" status.

Can I add personnel to a visit without a relationship to my SMO?

Yes, users can add personnel that have a relationship with another SMO. If the subject has a relationship with a SMO, they can be added to a visit.

Will I get a notification if one of my employees is added to a visit?

Yes, the visit will also be added to the subject’s record as well as found in the Visit Report in the reporting module.

Will I get a task to approve a Security Manager adding my employee to a visit?

No, but you will receive a notification that the subject was added. As the visiting/hosting SMO, the Security Manager/Officer can "Cancel" their employee from the visit at any time.

How long do visits last in the system?

Visits will be historically indexed in DISS until the last day of the visit. According to Privacy Policies, once the visit has been completed/archived it will be removed from display.

Can I extend a visit or modify the dates and location?

Yes, both SMOs can modify the visit while in a "Created" status. Once active however, only the Hosting SMO can modify the visit date and location.

Can I create a visit for my SMO to another facility?

Yes, using the "Find Hosting SMO" establishes your SMO to visit another SMO. When your SMO visit is created, the hosting SMO will receive a notification. The hosting SMO can cancel the visit if it's not approved.

DISS Misuse

What do I do if I witness a misuse of DISS?

Please call the DMDC Contact Center (724)794-7765 to report any potential misuses of DISS you may have observed.

What happens in the event of an alleged DISS misuse?

As the Cognizant Security Agent (CSA) for DISS, when DMDC is made aware of an alleged misuse of DISS, the system must be protected from loss of data confidentiality, integrity, and availability. As a result, the user(s) account(s) are administratively locked and placed in administrative review, preventing any access to DISS during the review. This practice limits risk to the system and its data. During an administrative review:

  1. The alleged will receive an Incident Notification Letter and any DISS accounts connected to the incident are locked.
  2. Once the relevant data surrounding the incident is gathered, the DISS Program Manager (along with government counsel when necessary) decide as to whether the incident occurred:
    1. If it is determined that the incident occurred, the user may have their account terminated and be permanently barred from receiving another DISS (or future replacement system) account. A misuse of technology security incident will also be placed on the user’s DISS record for the DoD CAF to adjudicate.
    2. If it is determined that the incident did not take place the user account may be unlocked.
  3. When an administrative review is complete, the user will receive an Outcome Notification Letter, outlining the decision and any subsequent actions.

What are consequences related to misuse of DISS, and is there an appeals process?

If it is determined that a misuse has occurred, the user is at risk of losing their DISS account as well as being barred from reapplying for a DISS account PERMANENTLY. A misuse of technology incident will be placed on the user’s DISS record for eventual adjudication by the CAF. An appeals process does exist; however, only new, and relevant evidence may be presented to be considered for an appeal.

I have received a DISS incident notification letter, what should I do?

Follow all instructions as outlined in the incident notification letter. DISS General FAQ If a user receives a DISS incident notification letter, they may choose to directly respond with a personal statement addressing the incident. Note that the user(s) account(s) under administrative review will not be accessible, so please make appropriate coordination with other FSOs/AFSOs/SOs in your organization regarding your DISS workload/tasks. All communication regarding a DISS incident and/or administrative review should be directed to the email address provided in the notification letter.

How long do administrative reviews take to complete?

Administrative reviews have no defined timeframe. Factors such as the severity of the misuse, the number of individuals involved, third party investigations/input, government counsel involvement, and size of audit files, among other factors can all vary from incident to incident.

What happens to my account in the event of an administrative review?

To protect the confidentiality, integrity, and availability of the data in DISS, the user’s account will be locked and will not be accessible during the entire period of the administrative review.

In the rare circumstance where the integrity of an entire cleared organization/SMO is in question, all associated DISS user accounts may be locked. Appropriate investigative agencies may also be informed (e.g., Defense Criminal Investigative Service (DCIS), DoD Inspector General (DoDIG), etc.) dependent on circumstances and severity of the alleged incident. DISS audit logs are reviewed by program leadership to determine exactly what actions were performed/taken by the subject inside of the system, to include every screen viewed and every action taken in DISS. Note that your account will not be deleted/removed due to inactivity during an administrative review.

Will a subject’s record turn red in DISS with the submission of an Incident Report?

No, subject records will not turn red in DISS. Only the submitting office can view the incident report, however, all offices can view whether an incident flag exists. Under Subject Summary you will see a “YES” within the Incident block.

How are incident reports submitted in DISS?

Users report incident by selecting the Report Incident link on the Person Summary page, or through the Subject’s Details link, select report incident (NOTE: User must have an Owning/Servicing relationship with the Subject, to use the Subject’s Details link)

Can I logon to DISS using someone else’s username/password or PKI certificate?

NO! It is against DoD policies to share username/password, any approved active Public Key Infrastructure (PKI) hardware or allow an individual to access another person’s DISS account or certificate in any manner or form. Only the authorized account and certificate holder is permitted to access/use his/her account. Examples of Approved Active PKI hardware include Common Access Cards (CAC), Personal Identity Verification (PIV) cards, approved corporate badges, and External Certificate Authority (ECA) cards/tokens, among others.

Technical Support

I am having issues navigating throughout DISS. What should I do?
What is the help desk number for DISS?

You may utilize the Help manual in DISS which is found once you are logged into DISS. The Help button can be found in the upper left-hand corner beside the DISS logo, by click the word Help a new window appears with the DISS Help manual. You may search for any key words using ctrl+f and typing in the key words for any subject in question. If you need assistance, contact the Customer Engagements Team (CET), from 6 am – 6 pm Eastern Time. The CET team provides support for DISS, DCII, and SWFT systems. Telephone: 724-794-7765 Email: dcsa.ncr.nbis.mbx.contact-center@mail.mil NOTE: Do not send any Personally Identifiable Information (PII) or other sensitive data via email. Please note that marking the emails containing PII as ‘private,’ does nothing to protect sensitive information, and may prevent the CET from receiving the email


1. Relating to visit management, how do you find a visit request that was submitted.


  1.  Host needs to search the visiting Subject. Take a relationship (recommend servicing).
  2. Find the visit under the access tab after opening subject details.
  3. They can then open the visit and see all other subjects.

2. Why can't I archive a visit any longer?

A: With recent update to DISS, the visit must be cancelled before the archive option will become active to select. As a reminder if you cancel a visit, it will send a notification out to the creating SMO notifying them know that the visit was canceled, and it will remove the visit.

3. Without the ability to archive the visit, how will I manage the SMO visits to know if a visit has been read or completed?

A: Until 13.7 is released, recommend adding a word such as "Received" or "Worked" in the Visit Name. This will provide a way to sort your visits by the key word added.

4. What is the new clone visit feature added to the visit actions drop down?

A: This feature allows you to easily copy an existing visit details as well as a quick check box to add all of the existing approved subject (visitors) to the newly cloned visit.

5. Can a visit request be submitted for a full calendar year?

A: Yes, select the full date range from the calendar.

6. Can a visit request be submitted for multiple SMOs for a one-day visit?

A: No. When a visit request is created, it is created only for a single SMO.

7. Is there an easier way to find visits in DISS?

A: Run a visit report (permission based). Use View SMO Visits to view all visits for the selected SMO. Pull up individual subject to view their visits (with Owning Relationship).

8. What does the Activate Visit button do, and didn't it get taken off the list?

A: When you create a visit you can use the “Activate Visit” button to make the visit active prior to adding subjects/visitors to the visit request. Once subjects/visitors are added the option to use the “Activate Visit” button will be grayed out and no longer available for selection. To search for visits that have been created but not activated use the View SMO Visits, find visit status and select “created” then Find Visits and you will see a list meeting that criteria.

9. Does DISS automatically remove visits whose end date has passed or does the user have to manually remove them from the active list?

A: You will need to manually cancel or archive each visit to move it from the active list.

10. Can you touch on activating a visit please? Activating a visit request, it showed the first time, wasn’t an option the next 2 times.

A: As you are creating a visit request, if you complete it but don’t add subjects as visitors you will still be able to see the Activate request button, once you add subjects the visit becomes Active and the Activate Visit button is unavailable or grayed out.

11. If I go through the confirmation without subjects, I have to activate a request, but if I add subjects before confirmation, will it activate it automatically?

A: You can use the Activate Visit button to make a visit active without adding subjects. Once you add subjects, the visit is Active and you can no longer access the Activate Visit button, it is grayed out.

12. Is it possible to edit an Archived Visit Request? Meaning, if we created a group visit and then need to remove someone who should no longer be included, can you do that? It was possible with JPAS, but I cannot find a way with DISS

A. No, you cannot edit an Archived Visit.

13. When the hosting SMO archives/completes the visit request before the visit happens, is that what they’re supposed to do?

A. No, a visit request should not be Archived before the end date of the visit

14. There has been a previous problem with the Visit Requests in which some military installations are archiving once they enter it in their system, which makes it more complicated to review current visits. Have they been instructed yet to leave as active in DISS?

A: DCSA is currently working with stakeholders to address this issue; the military will be advised that all visits should remain active in the system.


1. How can we get a subject's name corrected (input error) or updated (name change)? We have been unsuccessful utilizing both a CSR and calling DCSA.

A: Users with the Update PII permission (must have Security Manager or Officer Role) may update subject last name, birth country, birth state, birth date, and citizenship.

2. When attempting to transfer a subject, I have been unable to transfer individual subjects, it has only allowed me to do it in mass. Any update to that feature or process?

A: DISS allows to transfer individuals and/or multiple subjects using the mass transfer functions unless certain actions on the subjects prevent it. If not working in mass function, debrief and add in new SMO.

3. When gaining personnel, do I have to add category organizations under SMO Relationships or is that optional?

A: All required fields are indicated with an asterisk (*). Category Organizations is an optional field.

4. Is there a way in DISS to add a subject without the need to grant access? For example, uncleared personnel that require investigation for a CAC.

A: Yes, if you have the proper role and permissions you can create a subject and establish relationship without granting access.

5. Is there any way to change servicing to owning permissions without terminating an actual employee?

A: You don’t need to terminate the employee, you can add an owning relationship with the individual from the SMO Relationship tab, then delete the servicing relationship.

6. If a subject has break in service. Where can I find this information?

A: With Trusted Workforce, the hiring of new personnel and initiating an investigation is based on the current eligibility in DISS and the date of last investigation. If no eligibility is showing in DISS, initiate new (initial) investigation. If eligibility is showing in DISS, Security Manager (SM) can brief subject in access based on level supported, then SM should determine need for investigation based on date of last investigation and initiate PR if the investigation is no longer in scope. SM should work with VROC to enroll subject in Continuous Evaluation. Note: Reciprocity can be used if information is provided to VROC and DoD CAF for validation.

7. Do we document foreign travel in DISS?

A: Yes, the function is available.

8. How do you change servicing to owning, you did not answer the actual question?

A: You cannot change the SMO relationship from servicing to owning. You must add a new relationship and then delete the previous relationship that no longer applies.

9. What is the way to service a subject without granting access?

A: There is currently no way to add a servicing relationship without a subject first having an owning relationship.

10. How do you create a relationship with uncleared personnel? Every time that I try to add uncleared personnel, DISS always want to assigned classified access.

A: You can add an owning relationship to an uncleared person without granting access.

11. If you do not in-process or establish a relationship with suitability or HSPD-12 personnel does this have an impact on the favorable adjudication for their Tier 1. I don't in-process any suitability or HSPD-12 folks.

A: If an individual, who only requires suitability or HSPD-12 credentialing, belongs to your organization you should have an owning relationship in JVS with that subject. Defer to your agency policy for this action.

12. What is the contact info for the "help desk" for name change?

A: Phone Number 1-800-467-5526, Customer Service Hours: 8:00 a.m. – 8:00 p.m. ET, Monday – Friday (excluding Federal Holidays). Security Manager and Security Officer with the Update PII permission can edit subject’s PII.

13. Could you please cover foreign contacts listed in an individual's record? I have an employee whose family members are not listed correctly.

A: Go to the Subject Details, click the Other Subject Details tab, scroll down to Foreign contacts and relatives information block, find the family members that you need to edit and click the pencil icon under the options, that should allow you to edit the record.

14. How do we get updated information added to the HSPD-12 and Suitability Determinations (1) tab. New SACs for example.

A: Contact Servicing CAF or Component Adjudicator.

15. Will we ever see if a person is SCI briefed like we could in JPAS?

A: You must have the appropriate permission(s): Manage SCI Access or View SCI Access

16. In JPAS you were able to look someone up by last name, DOB & DoD ID number. Will this ability be a future capability in DISS or will it remain SSN lookup only? Or is this available now and I'm just missing it?

A: The way I have seen a by name look up is if you go to View Subjects, you will see a list of Subjects associated with your agency then type in name and click ‘search’. If you are not associated with the subject, go to search subject to search using only the SSN. DoD ID number is not supported in DISS.

17. How can you separate & debrief an individual in DISS? Maybe this can be addressed in the next training session.

A: In short, you can do the debrief and removing all owning and servicing relationships then that subject won’t show up under your SMO. Please refer to the JVS User Manuel under the help hyperlink in JVS.

18. How do we request reciprocity for a subject from another agency in DISS?

A: User complete and submit a CSR/Request Reciprocity in the Subject Action drop down in JVS.

SMO Management

1.Where do I find a SMO Name Index for an AF unit?

A: DCSA leaves the naming of SMOs to the individual agency. Use the “Search SMO” function to find a particular SMO. Narrow search using drop-down menus.

2. Is there a quick way to transfer members from the parent SMO to a child SMO vs. name by name?

A: Use the “Mass Subject Transfer” option in the Subject control panel.

3. What is the reasoning for having multiple owners under one SMO?

A: One SMO doesn’t have multiple owners, however, one subject can be owned by multiple SMOs under the SMO relationship tab, usually if the subject has more than one category (i.e. reserve, industry, civilian employee, etc.).

4. When creating a SMO, what is the SMO Name Index?

A: The SMO Name Index is Numeric Characters, where this Code comes from or how a Security Manager or Security Officer is notified of this Code. Reference the JVS User Manual Create SMO, item 5, on page 89.

5. Will DISS start showing the level a SMO Code is (Level 6, 4, 3 or 2)?

A: DISS JVS is not set up to show SMO JPAS levels. DISS JVS permission levels provide the users the ability to manage and view specific access levels. All subjects can be managed from one SMO instead of the many levels that were used in JPAS.

6. When DISS was created and pulled SMOs from JPAS, there were multiple SMOs (level 4-non SCI and level 3-SCI) that were pulled. Since DISS allows for provisioning a single SMO to be able to handle both SCI functions and non-sci functions depending on the person doing the provisioning into the SMO. How does a unit go about requesting a SMO that is in DISS to be deleted now that it is no longer needed?

A: Send a Hierarchy Change Request (HCR) to the following email address stating the need remove the SMO: dcsa.dcsa-northern.dcsa-dvd.mbx.diss-provisioning@mail.mil

7. I have subjects that are "owned" by organizations that have no relationship to the subject or our company. How do I get these organizations that should not own our employees removed in DISS?

A: Please send the information through the help desk and the DISS will research for removal.

8. My facility has about eight (8) employees who are owned in DISS by one of our predecessor companies -- this company no longer exists. I was advised to create an account for the old/non-existent company and remove them. Is that correct?

A: No, that is incorrect. Provide SMO name and send request to have subjects removed and SMO deleted to the HCR email address: dcsa.dcsa-northern.dcsa-dvd.mbx.diss-provisioning@mail.mil

9. Will inactivated (unwanted) SMOs, viewed in the tree, go away or are there steps to take to remove from tree view. I am a hierarchy manager?

A: Currently, the SMO continues to display in the SMO Tree, but with a red “no” symbol on top that indicates it has been deactivated. As a hierarchy manger you can deactivate SMO within your tree. If unable to deactivate, send a Hierarchy Change Request (HCR) to the following email address stating the need to remove the SMO: dcsa.dcsa-northern.dcsa-dvd.mbx.diss-provisioning@mail.mil

10. Who changes the SMO if it is incorrect? I noticed my SMO UIC is wrong. Do I submit a change to DCSA Hierarchy?

A: Submit a Hierarchy Change Request to: dcsa.dcsa-northern.dcsa-dvd.mbx.diss-provisioning@mail.mil


1. Can we upload an SF312 debrief form when SUBJ retires? Currently, the operation does not exist in the debrief

A: There is no requirement to submit SF312 for debrief actions.

2. Does the Transfer In Status of accesses option work. I've used it and out-processed an individual and it removed their accesses from DISS.

A: What type of access were you attempting to transfer. Collateral access should be removed at the time the individual out-processes.

3. Do we have the capability to view uploaded documents? Can we get rid of local hard copy documents from personnel security file?

A: Yes. You must consult your Agency policy on destroying hardcopy of documents.

4. Is it required to upload a proper NDA if no upload is evident? Several profiles do have a date but no upload.

A: If there is a date, the information transferred when the individual’s record transferred from JPAS so in theory an NDA was completed previously. A date will also populate when a new Sf312 is uploaded.

5. After creating a member’s foreign travel in their DISS record, attempts to then upload the post foreign travel debriefing form have been unsuccessful. What I am experiencing is a message that says it cannot be uploaded because of white space. How can we correct this issue to upload the FT debrief form?

A: Submit a ticket with help desk.

6. Uploading has been an issue. The document appears to be uploading but then no "submit" button appears.

A: Select document type which will open a new window. From there click the ‘Add Document’ button at the bottom and it should upload from there.


1. What do I need to do to be able to view SCI accesses on personnel assigned to my SMO?

A: You must have the “View SCI Access” optional permission granted by your Account Manager and given to you as a JVS User (Security Officer/Security Manager Role) within JVS.

2. How do we make name changes? That block is grayed out for editing.

A: You must have the “Update PII” optional permission granted by your Account Manager and given to you as a JVS User (Security Officer/Security Manager Role) within JVS.

3. Can contractors now submit SCI VARs in DISS?

A: Yes. Please work this process with your supporting government agency.

4. My current role does not allow me to see SCI tickets...can my role be upgraded?

A: Yes, you will need to submit a PSSAR with the optional permissions of view SCI Access checked (your Account Manager, who must have “Manage SCI DISS User” permissions, will provide you with that permission if your agency policy allows).

5. Is there anything permitting a certain org from granting SCI view only, who can do this and does it have to be at the SSO level or MAJCOM can it be an account manager or Hierarchy manager?

A: The Account Manager or Hierarchy Manager who gives access to JVS can grant this permission, however this would be an internal agency policy determining who, within the organization determines who is granted the “manage or view SCI access”.


1. Do you know of any issue with the grant access button missing? For example, if you are trying to grant S and there is no S to choose from in the list - this is random and infrequent.

A: If there is nothing to select from and you have an owning relationship, it is highly likely that the citizenship field is blank. Security Manager and Security with the Update PII permission can update the citizenship. Also check the investigation is scheduled.

2. How do we Indoc' NATO?

A: First consider internal agency rules within your organization. Within JVS go to Access and select Access level from drop down screen to add to the individual.

3. If a T3 investigation states "FSO Reviewed", am I complete with process of releasing the investigation?

A: Yes, it has been submitted to VROC.

4. How does one add IT levels and where are the IT levels located within DISS?

A: IT levels are no longer supported by policy and not in DISS for use.

5. In line with the individual's question about volunteers, how does DISS account for federal employees that require favorable T1 suitability, but not requiring classified access?

A: Servicing CAF or Component Adjudicator with Suitability and HSPD-12 Adjudication permissions grants the Suitability Eligibility.


1. For messages in DISS, we cannot delete after taking action as we could with JPAS. Will this function be added to DISS?

A: DISS Team is in the process of creating a way to archive the messages while also trying to bring back the message capability to DISS to enhance communication within the system.

2. When an incident was reported, we are not receiving notifications in DISS, why not? JPAS used to put their name red this is a problem.

A: The red highlight notification is not a feature in DISS. You can refer to the Task Inbox for updates/changes/notifications.


1. Is there an issue with some of the reporting features? When running a KMP report, it comes back blank, the periodic reinvestigation report does the same.

A: Please provide the information to your assigned Industrial Security Representative (ISR), who can notify the DISS Team will collaborate with the NISS and DISS developers for a resolution. Additionally, please include some examples to the help desk so the DISS Team can verify the SMO is tied to your organization as identified in NISS.

2. When doing monthly report in DISS JVS some names are not populating in the report. Anybody having the same problem?

A: Subjects owned or serviced by your SMO should populate in the Subject Report, if not please contact the help desk with examples so the DISS Team can troubleshoot.

3. Who is responsible for granting permission to manage SCI access and how is this accomplished?

A: The Account Manager who gives you access to JVS can grant this permission (as long as they also have “Manage SCI DISS User”), however this would be an internal agency policy determining who is granted this permission.

4. I have a person showing up in my Subject Report who I debriefed in Sept 2020. How do I correct that?

A: Contact help desk. Additionally, confirm that you removed all accesses or relationships from the subject.

5. I can never print an SCI access report for personnel we service and own.

A: You must have the manage SCI access or view SCI access permission for the SCI report.

Agency Policy

1. Do we still have to mail in NDA for Air Force? Seems to be a duplication of work now.

A: Contact your Agency for this policy information.

2. Do NDAs still need to be added to employees eOPFs?

A: Contact your Agency for this policy information.

3. If the NDA is pulled from JPAS, it didn’t include the document when the conversion to DISS happened. Do we need to create a new NDA for the subjects that do not have an attached document?

A: JPAS did not have the capability to upload documents. The annotation that an NDA was completed with the completion date stored in JPAS will eventually be transitioned to DISS. All NDA dates from JPAS will be transferred to DISS – JVS.

4. Same rules apply as JPAS, where person summary pages should never be printed correct?

A: Yes, you should not print material from DISS for sharing with other parties. Non-DoD agencies can submit a PSSAR to gain access to DISS-JVS to validate a subjects’ eligibility and access to include owning industry SMO.

5. Is foreign travel for personal vacation required to be entered in DISS?

A: Yes, based on SEAD 3 requirements.


1. When will DISS show investigating agency?

A: You can see the investigating agency now if you own or service the individual and you click on the subject details link, then scroll down to the Investigation History table and click the investigation you are interested in, an Investigation Detail window opens up and shows information about that investigation including the investigating agency. Currently, not visible from the Subject Summary page

2. Do we have the capability to search for subject by DoD EDIP?

A: No, you can only search by SSN/PSSN or within your subject view by Last name and/or First name

3. Is there a report that can be pulled to see all member's who have signed NdA's or do we have to go through each record in DISS?

A: This is not a report type.

4. The merger did not transfer all PSIs in DISS causing eligibility pending and removal of interims or loss of jurisdiction. What is being done to correct this? Contractors are now having to re-submit SF-86s for those impacted and causing support issues with our customers for those who were once interim cleared.

A: There was a mapping issue with data involving eligibility from JPAS to DISS; clean-up was completed. If you continue to identify issues, please send an email to the Vetting Risk Operations Center (VROC) or submit a DISS Customer Service Request (CSR).