SUPPORTING STATEMENT - PART A
Defense Information System for Security (DISS) – 0704-0573
Summary of Changes from Previously Approved Collection
|
1. Need for the Information Collection
50 U.S.C. 401, Congressional declaration of purpose; 50 U.S.C. 435, Purposes; DoD 5200.2R, Department of Defense Personnel Security Program Regulation; DoD 5105.21-M-1, Sensitive Compartment Information Administrative Security Manual; E.O. 10450, Security Requirements for Government Employment; E.O. 10865, Safeguarding Classified Information Within Industry; E.O. 12333, United States Intelligence Activities; E.O. 12829, National Industrial Security Program; DoD 5220.22-M; and E.O. 12968, Access to Classified Information.
The Defense Information System for Security (DISS) is a United States Department of Defense (DoD) automated system for personnel security, providing a common, comprehensive medium to record, document, and identify personal security actions within the Department including submitting adverse information, verification of security clearance status, requesting investigations, and supporting Continuous Evaluation activities. DISS requires personal data collection to facilitate the initiation, investigation and adjudication of information relevant to DoD security clearances and employment suitability determinations for active duty military, civilian employees and contractors seeking such credentials.
DoD 5200.2R establishes regulations for personnel security that are mandatory for use by all DoD components. E.O. 12829, National Industrial Security Program (NISP) establishes the Department of Defense as the Executive Agent for NISP, and the Cognizant Security Agency (CSA) for DoD and non-CSA agencies, and lays out the responsibility for the CSA to maintain a system of eligibility and access determinations of contractor personnel. DoD 5220.22-M states that “When the CSA has designated a database as the system of record for contractor eligibility and access, the contractor shall be responsible for annotating and maintaining the accuracy of their employees’ access records.” The aforementioned authorities and DoD regulations designate DISS as that system: a personnel security system serving as the authoritative source for clearance information resulting in access determinations to sensitive or classified information and facilities.
2. Use of the Information
The respondents for this information collection are 45,377 Facility Security Officers (FSOs) working in industry companies, who are responsible for the regular servicing and updating of the DISS records of individuals with an industry person category. The specific purpose of this information collection is for FSOs to update the DISS records of contractor personnel within their company and Security Management Office (SMO) to facilitate DoD Adjudicators and Security Managers obtaining accurate up-to-date eligibility and access information on contractor personnel. Respondent electronically collects, updates, and complete the collection directly into the DISS application.
This submission addresses the aforementioned public information collection, but does not cover the entirety of information contained in DISS, which is obtained from the following: individual persons; DoD personnel systems; Case Adjudication Tracking System (CATS); Continuous Evaluation Records; DoD and federal adjudicative facilities/organizations; DoD and Non-DoD agencies; and security managers, security officers, or other officials requesting and/or sponsoring the security eligibility or suitability determination or visitation of facility. Additional information may be obtained from other sources such as personnel security investigations, security representatives, subject's personal financial records, military service records, medical records, and unsolicited sources. Information collected from the individual, using Standard Form (SF) 85 is cleared under OMB Control Number 3206-0261. Information collected from the individual, using SF-86/85/85P is cleared under OMB Control Number 3206-0005.
DISS limits the use of the information it contains to a specific population of authorized FSOs, Adjudicators and Security Managers who are required to maintain a minimum clearance of DoD Secret in order to maintain access privileges. Privacy disclosures visible to DISS users are displayed in an accompanying screenshot to this submission. The means of access to DISS is via secure web portal (https://www.dcsa.mil/is/diss/). Primary communication to respondents is through the DCSA website, (https://www.dcsa.mil/is/diss). Direction communications is through emails and meetings.
3. Use of Information Technology
100% of responses are collected electronically.
4. Non-duplication
No similar information or verification procedure exists that can be used to collect this information. Data collected in DISS is not collected again unless there is a gap in service large enough to facilitate a reinvestigation. No culmination of data from other sources would provide the necessary information to facilitate the initiation, investigation and adjudication of information relevant to DoD security clearances and employment suitability determinations for contractors.
If clearances are properly maintained / reinvestigated (every 10 years for Secret and 5 years for Top Secret), then there is no requirement to collect redundant information. If the aforementioned timelines are exceeded, the information required to initiate and complete a background investigation will need to be reproduced. As referenced in Section 2, information collected from the individual using SF-86/85/85P is cleared under OMB Control Number 3206-0005.
5. Burden on Small Business
This information collection does not impose a significant economic impact on a substantial number of small businesses or entities.
6. Less Frequent Collection
If collection occurred less frequently, the ability to make suitability determinations for employment and access to classified information by contractors would be negatively impacted.
7. Paperwork Reduction Act Guidelines
This collection of information does not require collection to be conducted in a manner inconsistent with the guidelines delineated in 5 CFR 1320.5(d)(2).
8. Consultation and Public Comments
Part A: PUBLIC NOTICE
A 60-Day Federal Register Notice (FRN) for the collection published on Monday, May 17, 2021. The 60-Day FRN citation is 86 FR 26708.
No comments were received during the 60-Day Comment Period.
A 30-Day Federal Register Notice for the collection published on Tuesday, July 20, 2021. The 30-Day FRN citation is 86 FR 38320.
Part B: CONSULTATION
Defense Counterintelligence and Security Agency (DCSA) regularly consults with stakeholders on the topic of FSO usage of DISS, including the clarity and ease-of-use of the system, availability of system functionality and the continued importance of the DISS information collection mechanism to the Federal personnel security enterprise. These stakeholders include, but are not limited to, the Office of the Under Secretary of Defense for Intelligence and Security (OUSD-I&S), Accessions and Personnel centers of the Military Services, WHS 4th Estate agencies, the Department of Defense Central Adjudicative Facility (CAF), Department of Defense Intelligence Community, and applicable Federal Services Agencies.
9. Gifts or Payment
No payments or gifts are offered to respondents as an incentive to participate in the collection.
10. Confidentiality
DISS provides a Privacy Act Advisory advising users that they are accessing a system that contains Privacy Act information. Screenshots of the privacy advisory are provided with the OMB submission package for this collection. Regarding Personally Identifiable Information (PII), respondents are advised that their data is for OFFICIAL USE ONLY and that PII will be maintained and used in strict confidence in accordance with Federal law. All personal information provided by the subject and stored by DISS falls under the Privacy Act of 1974.
The System of Records Notice (SORN) associated with this collection of information in the Defense Information System for Security (DUSDI 02-DoD, Personnel Vetting Records System) can be found at the following link: https://dpcld.defense.gov/Portals/49/Documents/Privacy/SORNs/OSDJS/DUSDI-02-DoD.pdf
A draft copy of the Privacy Impact Assessment (PIA), NBIS Defense Information System for Security (DISS) Version 2, has been provided with this package for OMB’s review.
Records are maintained in secure, limited access, or monitored areas. Physical entry by unauthorized persons is restricted through the use of locks, passwords, or other administrative procedures. Access to personal information is limited to those individuals who make account access determinations, update user records, verify access and eligibility information, and to perform their official assigned duties. The Retention and Disposal Schedule for this collection, as listed on the SORN, is that “Records are destroyed no later than 15 continuous years after termination of affiliation with the DoD.”
11. Sensitive Questions
Background investigations are ingested and stored in DISS, also. DISS does not directly collect information of this nature; however, it does store investigation results and corresponding adjudication information. Dependent upon type of background investigation being conducted, some or all of this sensitive information might be collected to verify that the individual in question is suitable to handle information related to national security.
Social Security Number (SSN) is requested to ensure accuracy of data involving the specified individual applicant or FSO. The SSN is obtained and stored in the initial record for proofing, vetting, and maintaining unambiguous identity for U.S. persons. As the primary method of personal identification in major DoD human resource systems (personnel, finance, and medical), the SSN remains the only unique identifier that ensures accuracy across all such systems for proper data retrieval. A copy of the SSN Justification Memorandum is included with the OMB submission package for this collection.
12. Respondent Burden, and its Labor Costs
Part A: ESTIMATION OF RESPONDENT BURDEN
There are 45,377 Facility Security Officers (FSOs) which are responsible for 22 to 23 DISS records with an Industry person category, and there are 1,250,944 such person records in DISS.
FSOs typically update each person record they service in DISS an average of 2 times per year, taking about 20 minutes each time, resulting in approximately one million annual responses.
The figure for “Number of Responses per Respondent” is drawn from the fact that each FSO works on between 22 and 23 DISS records annually (an average of 22.5), and each record is serviced twice annually on average (22.5 x 2 = 45 responses per respondent).
Collection Instrument(s)
Servicing DISS records in the application by Facility Security Officers (FSOs)
Number of Respondents: 45,377
Number of Responses Per Respondent: 45
Number of Total Annual Responses: 2,041,965
Response Time: 20 minutes
Respondent Burden Hours: 680,655 hours
Total Submission Burden (Summation or average based on collection)
Total Number of Respondents: 45,377
Total Number of Annual Responses: 2,041,965
Total Respondent Burden Hours: 680,655 hours
Part B: LABOR COST OF RESPONDENT BURDEN
Collection Instrument(s)
Servicing DISS records in the application by Facility Security Officers (FSOs)
Number of Total Annual Responses: 2,041,965
Response Time: 20 minutes
Respondent Hourly Wage: $17.00
Labor Burden per Response: $5.67
Total Labor Burden: $11,571,135.00
Overall Labor Burden
Total Number of Annual Responses: 2,041,965
Total Labor Burden: $11,571,135.00
The Respondent hourly wage estimate for FSOs determined by using the United States Department of Labor, Bureau of Labor Statistics Occupational Employment Statistics webpage titled “33-9099 Protective Service Workers, All Other” (https://www.bls.gov/oes/current/oes339098.htm)
13. Respondent Costs Other Than Burden Hour Costs
It costs approximately $100 per Industry user to obtain PKI credentials if not approved for a Common Access Card (CAC) to access the DISS system.
$100/card X 45,377 Industry Users = $4,537,700 in additional respondent costs (triennial)
14. Cost to the Federal Government
Part A: LABOR COST TO THE FEDERAL GOVERNMENT
Collection Instrument(s)
Servicing DISS records in the application by Facility Security Officers (FSOs)
Number of Total Annual Responses: 2,041,965
Processing Time per Response: 0 hours
Hourly Wage of Worker(s) Processing Responses: $0
Cost to Process Each Response: $0
Total Cost to Process Responses: $0
Overall Labor Burden to the Federal Government
Total Number of Annual Responses: 0
Total Labor Burden: $0
Part B: OPERATIONAL AND MAINTENANCE COSTS
Cost Categories
Equipment: $0
Printing: $0
Postage: $0
Software Purchases: $0
Licensing Costs: $0
Other: $0
Total Operational and Maintenance Cost: $0
DISS is an enterprise-wide system for personnel security within the Department of Defense, and the processing of FSO responses is automated by the system, consuming miniscule amounts of system resources for operational and maintenance costs. Additionally, as the process of receiving FSO responses is automated, the labor cost to the Federal government is zero. Hence, the total cost to the Federal government of owning FSO responses as well as servicing and updating DISS records is zero.
15. Reasons for Change in Burden
This collection was previously owned by Defense Manpower Data Center (DMDC) under the Office of Under Secretary of Defense for Personnel & Readiness (USD (P&R) and recently transitioned to DCSA. The burden estimate differs from original submission due to increase in the number of FSO respondents under DCSA as part of the transition of users from legacy JPAS to DISS.
DISS is the replacement system to the now-defunct Joint Personnel Adjudication System (JPAS), previously approved under OMB Control Number 0704-0496 which was discontinued 3/20/2021.
Previous JPAS submissions covered the time burden on respondents of completing the DMDC system access request form, the DD Form 2962, which is, as of November 2015, covered under a separate OMB Control Number, 0704-0542, expiration 9/30/2018. The burden estimates associated with JPAS/DISS users completing and submitting the DD 2962 to request system access is no longer included.
16. Publication of Results
The results of this information collection will not be published.
17. Non-Display of OMB Expiration Date
We are not seeking approval to omit the display of the expiration date of the OMB approval on the collection instrument.
18. Exceptions to "Certification for Paperwork Reduction Submissions"
We are not requesting any exemptions to the provisions stated in 5 CFR 1320.9.
| File Type | application/vnd.openxmlformats-officedocument.wordprocessingml.document |
| Author | Patricia Toppings |
| File Modified | 0000-00-00 |
| File Created | 2021-07-21 |