DPAS SCR: 02059



  • SCR Number
    02059
  • Title
    Addition to Role Request Form
  • DPAS Module
    Enterprise
  • Reporting Organization
    AF
  • State
    New
  • History
    08/02/2024
  • Description
    Change Request: Process Improvement

    Description:
    Role Request forms for all modules do not include a supervisor signature block. This means that without supervisor validation the Information Officer or Authorizing Official has no way to confirm that the user is truly authorized to request the role or Unit Identification Code (UIC). This lack of validation raises the risk of Segregation of Duties violations as well as the possibility of users gaining access to roles and locations that they should not have access to. It is important to ensure that proper authorization processes are in place to prevent these risks.  The Air Force is facing a challenge as it centralizes IO/AIO processes in the new DAF DPAS FMO. When it comes to initial access packages the DD2875 requires supervisor approval to proceed. However for Role Updates only the Role Request form is submitted leaving no clear method to show supervisor approval for the user to obtain the requested role/UIC. This lack of clarity in the approval process could potentially cause delays and confusion within the system.
     
    Recommended:
    In order for a user to possess the roles/UIC update requested it is necessary to add a Supervisor signature block for approval. This can be done on an AF-specific RR form and the supervisor information does not need to be included in the User Review Inquiry information. This step ensures that the appropriate authority has reviewed and approved the request before any changes are made.
     
    Mission Critical:
    Per DPAS IO Guide 2024 Responsibility of IOs/AIOs.  "You will verify that roles being assigned to the user do not conflict with other duties or actions in DPAS or other systems per Separation of Duties (SOD)."
     
    Benefits:
    In order to reduce the chances of Segregation of Duties violations it is important to make sure that users only have access to roles and locations that are appropriate for their responsibilities. This will help maintain data integrity within the Air Force communities using DPAS. By implementing these measures we can also improve the accuracy of the annual user audit ensuring that only authorized individuals have access to sensitive information.
     
    Frequency: Daily
     
    Users:

    Impacts all AF users, potentially all DPAS users.