Skip Navigation

Defense Health Agency

"On October 1, 2013, the Department of Defense established the Defense Health Agency (DHA) to manage the activities of the Military Health System. These activities include those previously managed by TRICARE Management Activity (TMA), which was disestablished on the same date. During the next several months, all TMA websites will change to reflect the new DHA. We appreciate your patience during this transition."

Personnel Security Branch

ADP/IT REQUIREMENTS

An ADP/IT position category applies to unclassified DoD information systems; it is a designator that indicates the level of IT access required to fulfill the responsibilities of the position based on the potential for an individual assigned to the position to adversely impact DoD missions or functions. The term IT Position and Automated Data Processing (ADP) Position are the same, with ADP being the older term of the two. Investigative levels for ADP/IT position category is defined in DoD 5200.2-R or as revised.

ADP/IT position category for contractor personnel working under a TMA contract is specified in the approved contract. Please contact the Contracting Officer Representative (COR) of the contract, if you are unsure of the ADP/IT position category of the contractor personnel assigned to the contract.

Instructions for Contractor Access to DoD IT Systems

Copy the entire instruction (hyperlink above) and insert it as an attachment to the task order requirements package whenever a contract requires access to the HA/TMA Network and/or other DoD systems.

ADP/IT Position Category

ADP/IT-I: Critical Sensitive Position. A position where the individual is responsible for the development and administration of MHS IS/network security programs and the direction and control of risk analysis and/or threat assessment. The required investigation is a Single-Scope Background Investigation (SSBI) or equivalent. Responsibilities include:

  • Significant involvement in life-critical or mission-critical systems.
  • Responsibility for the preparation or approval of data for input into a system, which does not necessarily involve personal access to the system, but with relatively high risk for effecting severe damage to persons, properties or systems, or realizing significant personal gain.
  • Relatively high risk assignments associated with or directly involving the accounting, disbursement, or authorization for disbursement from systems of:
    • Dollar amounts of $10 million per year or greater, or
    • Lesser amounts if the activities of the individuals are not subject to technical review by higher authority in the ADP/IT-I category to insure the integrity of the system
  • Positions involving major responsibility for the direction, planning, design, testing, maintenance, operation, monitoring and or management of systems hardware and software
  • Other positions as designated by the Designated Approving Authority (DAA) that involve a relatively high risk for causing severe damage to persons, property or systems, or potential for realizing a significant personal gain

ADP/IT-II: Non-critical-Sensitive Position. A position where an individual is responsible for systems design, operation, testing, maintenance, and/or monitoring that is carried out under technical review of higher authority in the ADP/IT-I category. The required investigation is a National Agency Check with Law Enforcement and Credit (NACLC) or equivalent. Responsibilities include but is not limited to:

  • Access to and/or processing of proprietary data, information requiring protection under the Privacy Act of 1974, or Government-developed privileged information involving the award of contracts.
  • Accounting, disbursement, or authorization for disbursement from systems of dollar amounts less than $10 million per year.
  • Other positions are designated by the DAA that involve a degree of access to a system that creates a significant potential for damage or personal gain less than that in ADP/IT-I positions.

Procedure for Requesting ADP/IT-I Level Investigation or Investigation for Access to Classified Information

ALL TMA contracting companies requiring an ADP/IT-I level investigation or an investigation for access to classified information for their personnel are required to provide TMA PSB a copy of the written request and justification, approved and signed by the Contracting Officer Representative of the contract. TMA contracting companies are not allowed to directly request an ADP/IT-I level investigation or an investigation for access to classified Information with OPM or DISCO unless specifically authorized by TMA PSB.

Foreign Nationals/(Non) US Citizens

DoD 5200.2-R, Personnel Security Program, dated January 1987, does not mention ADP/IT levels of trust for non-US citizen contractor employees. As a result, in the past DoD offices did not follow one consistent procedure for ensuring that non-US citizen contractor employees had received the appropriate background checks before gaining access to DoD information systems.

DoD policies state that the required investigation must be completed and favorably adjudicated prior to authorizing ADP/IT access to DoD systems/networks. Interim approvals are not authorized to non-US citizen contractor employees for access to DoD systems/networks. In communication with the Office of the Under Secretary of Defense for Intelligence (OUSDI), non-US citizen contractor employees are not currently being adjudicated for Trustworthiness Determinations, and therefore not being approved for Trustworthiness positions.

Please contact TMA PSB for further information on ADP/IT level of investigation, PSB continues to work with OUSDI and OPM to streamline and simplify this process.