Guide: DoD DTS Best Practices April 01, 2024
Defense Travel Management Office 8 travel.dod.mil
Chapter 3: DTS Permission Levels, Access, and Roles
3.1 Permission Levels
DTS safeguards data through controlled access called permission levels which contribute to internal
management controls and prevent unauthorized access.
To review the permission levels, accesses, and roles provided to personnel in your organization, run the View
Person Lists > Basic Traveler Info List report from the DTA Maintenance Tool on a routine basis. Coordinate with
your Component’s DTS Program Office or consult with your DTS Business Rules to determine how your local
business rules define a “routine basis.”
Only provide personnel the minimum permissions and access levels needed to perform their DTS-related duties.
When assigning someone the role of Authorizing Official (AO) (permission level 2 and assigned to a DTS routing
list), ensure those individuals have completed the required Certifying Officers Legislation (COL) training and have
a documented DD Form 577 “Appointment/Termination Record – Authorized Signature” appointment on file.
To better control AO assignments within DTS, organizations should consider identifying a DTA to monitor
Accountable Official profiles. One option is to allow a DTA with permission level 5 who accesses the DTA
Maintenance Tool, People and Routing List tables to have permission level 2 as well. Organizations could allow
the DTA permission level 2 for the specific purpose of granting or removing access/permissions on the AO’s
profile and updating the necessary routing lists. The DTA could perform a review monthly or review as needed
depending on the AO turnover in the organization. By limiting when a DTA has permission level 2, organizations
can ensure a separation of duties from the DTA role and the ability to perform an Authorizing Official role.
➢ Each organization must establish procedures ensuring all required certifications and appointments
are complete and on file, and that personnel have only the access and permission levels necessary to
perform their official duties. Organizations must review documentation along with access and
permissions on a recurring basis.
3.2 In and Out Processing for DTS
Upon arrival at a new organization, the DTA receives the individual’s profile into DTS allowing access to the
system. Based upon local business rules determine if the individual requires specialized access or permission
levels and assign appropriately in the profile. When a person departs the organization, the DTA detaches the
profile from the system terminating access. Profile detachment removes permissions, organization/group
accesses, and AO Delegated Authority.
➢ The organization should establish local procedures for DTS in and out processing.
3.3 Authority to Appoint
Per the DoD FMR, Vol. 5, Ch. 5, par. 0201, the DoD Directive 5118.03 delegates the authority to appoint AOs to
DoD Component Heads, who may further re-delegate that authority. The appointee may not serve as both a
DAO and Certifying Officer for the same types of payments.
Per the DoD FMR, Vol. 5, Ch. 5, par. 020101 based on the separation of duties principles which are cited in
Chapter 1, DOs, their deputies, and agents may neither be appointed as, nor appoint COs for payments they will
eventually make.