The History of DISS and the Future of Clearance Reform

After more than a decade of preparation, the Defense Counterintelligence and Security Agency (DCSA) finally rolled out the Defense Information System for Security (DISS) this March. Fulfilling a major goal of the Trusted Workforce 2.0 initiative, DISS has risen to replace the Joint Personnel Adjudication System (JPAS) as the Defense Department’s security clearance and access database, solving many problems along the way.
Getting here was not an easy task: from the first DISS trials until now, the system has suffered from multiple delays and setbacks. After announcing that it would replace JPAS by the end of December 2020, the DCSA delayed the rollout once more, and following the March 2021 release there were still issues that needed to be resolved.
However, the DCSA has held its course, and – after receiving two major updates over a period of seven months – the new database has finally achieved a greater level of stability than JPAS ever did. Looking back, it’s worth reflecting on the history of DISS, how it has improved the DoD’s clearance process, and what comes next for the Trusted Workforce 2.0 reforms.
The Ambitions of DISS
When DISS was proposed in the late 2000s, the DoD had been depending on JPAS for many years. But as a system of record developed in the 1990s, JPAS was beginning to show signs of its age, and directly contributed to the pile-up of background investigations that reached an all-time high of 725,000 cases in April 2018.
In April 2019, DISS became a key component of Trusted Workforce 2.0, a plan by the newly-formed DCSA to reduce the clearance backlog and modernize the background investigation process. In addition to supporting a continuous evaluation (CE) model for cleared personnel, DISS would support:
- Role-based information access
- Better security features and fewer vulnerabilities
- Automatic notifications and alerts
- Improved documentation
And many other features are missing from JPAS. It was an ambitious vision – but ingenuity and problem-solving would be required to achieve it.
A Bumpy Road
When it was first trialed several years back, DISS was still a prototype that suffered from some of the same issues as its predecessor, pushing back its official rollout. For a while the two systems co-existed, leading to occasional conflicts: for instance, DoD contractors with Top Secret clearance at one agency could lose that clearance if their SCI access was revoked by a separate agency.
In 2020, the new rollout date (December 31st) was pushed back once more, with a determination that: “not all functionality required for full transition from JPAS has been established in DISS”. In February 2021, the DCSA worked diligently to improve the database, eliminating “known concerns” such as error messages and compatibility issues with some web browsers.
Fulfilled Promises
Ultimately, the DCSA’s hard work has paid off: DISS has achieved stable performance, successfully replacing JPAS and delivering on many of its promises along the way. Here are just a few:
- Continuous evaluation – nearly all DoD clearance holders have been transitioned to the continuous evaluation model, which has many advantages: not only will it cut down on time-consuming, periodic reinvestigations, but it will also increase standards of security for cleared personnel while helping to eliminate insider threats based on early warning signs.
- Reduction of clearance backlog – thanks to the cumulative efficiencies of DISS and all the time saved by continuous evaluation, the clearance backlog has been practically eliminated as of this year, ensuring that the government can process new clearances in a timely manner.
- Modernization – the implementation of DISS has driven government agencies to replace aging technologies and consolidate information systems, leading to improved security against cyber threats. While there is still progress to be made, it’s a step in the right direction.
The Future of Trusted Workforce
While important, DISS is only one piece of a larger project: Trusted Workforce 2.0 will not be considered fully implemented until 2023, by which time the Pentagon will expand its categories of data gathered during background checks to include terrorism, foreign travel, financial activity, criminal activity, credit reports, public records and agency-specific eligibility criteria.
By that time, the DCSA also plans to integrate all clearances into a single information system that will make it easier for agencies to check personnel-vetting data rapidly. During a time of increased risk from insider threats and foreign cyber actors, these are reforms the U.S needs to increase its security standards and protect classified information. With the successful implementation of DISS, we’re on the right path forward.
Keep your organization up-to-date with MathCraft’s Enterprise Security Suite, the industry’s most fully-featured software solution for security compliance in cleared organizations. With modules for insider threat management, continuous evaluation (CE), foreign travel and much more, it is always on the cutting edge of federal security standards and evolving threats. Contact us to learn more.