Unauthorized Disclosure Toolkit

As a cleared individual, you have an obligation to protect classified information. Failure to do so can result in damage to national security and the warfighter. There are approved channels to report fraud, waste or other abuse through existing whistle blower or inspector general channels. There are also approved channels for the release and review of DOD information.

This toolkit will help you learn the difference, where and how to report both unauthorized disclosure and questionable government behavior and activities, and more. Unauthorized disclosure is not whistleblowing, it’s a crime. Select the links below to:

  • Learn more about your responsibilities for safeguarding classified information
  • Locate relevant policies and guidance
  • Discover awareness materials
  • Learn about prepublication procedures
  • Appropriately report both unauthorized disclosure and questionable activities
  • Properly respond to unauthorized disclosure events.

Videos (no certificate provided)


Job Aids


Case Studies

National Policy

Whistleblower Policies and Rights

DOD Policy

Unauthorized Disclosure Case Studies

Unauthorized Disclosure General Awareness

Unauthorized Disclosure Posters

Prepublication Review

The Defense Office of Prepublication and Security Review (DOPSR)  is responsible for managing the Department of Defense security review program, reviewing written materials both for public and controlled release. This includes official government and defense industry work products, as well as materials submitted by cleared or formerly cleared individuals pursuant to their voluntary non-disclosure agreement obligations. DOPSR also coordinates official work products with Defense enterprise stakeholders to ensure that information being released is both accurate and represents the Department's official position.


Security Awareness Games

Reporting Unauthorized Disclosure

With diligent reporting, the consequences of unauthorized disclosure can be mitigated. If you see or suspect unauthorized disclosure, first take steps to protect the classified information. Then report to your organization's security officer. If you are a DOD employee, report the incident to your security manager. If you are a cleared contractor, report the incident to your Facility Security Officer (FSO) who will, in turn, report it to your company's Defense Counterintelligence and Security Agency Industrial Security Representative (DCSA IS Rep).

Consider the following resources for more information on reporting unauthorized disclosure or attempts to solicit classified information:

For Security Managers and other responsible authorities within the components, the CMIS Security Incident Database is the Department of Defense System of Record for the tracking and oversight of all UD's and Serious Security Incidents. It is located on SIPR at: https://ousdi.csd.disa/smil.mil. Accounts for the system are created and managed by the DITMAC UD PMO. CMIS allows you to:

  • Track incidents
  • Get examples of reporting formats
  • Easily download charts for statistics
  • Can be used by components to track other security incidents

Unauthorized Disclosures can be emailed to the DITMAC UD PMO via group accounts:

.SIPR: dss.quantico.dss-hq.mbx.ditmac-unauthorized-disclosure@mail.smil.mil
.JWICS: DITMAC.UD@dss.ic.gov

Access the DITMAC UD intelink site for more information: https://intelshare.intelink.gov/sites/ousdi/hcis/sec/icdirect/ud/default.aspx/ External Link Icon

Reporting Questionable Government Activities

The Whistleblower Protection Act (PPD-19) protects employees from direct retaliation for acts of reporting protected disclosures. It does NOT protect employees who unlawfully disclose classified information. Report questionable government activity to your supervisor or your organization's security officer. If you are not comfortable reporting to these sources, other avenues are available including the DOD Senior Intelligence Oversight Official, the DOD Inspector General, the US Attorney General, and the DOD Hotline.

Consider these resources for more information:

General Workforce

Security Personnel and Other Authorities

Toolkit feedback/suggestions? Email dcsa.cdsetraining@mail.mil.