SSA needs to better manage its IT systems, GAO says

The Social Security Administration left a few loose ends hanging when it did a major reorganization of its information technology investment management procedures last year, according to a new report from the Government Accountability Office.

In 2011, the SSA realigned its Office of the Chief Information Officer, consolidating functions with its Office of Systems, to oversee about $1.6 billion in IT investments per year. However, the changes were made “without adequate planning or updated guidance,” Valerie Melvin, director of information management and technology resources for the GAO, testified to a House subcommittee on May 9.

If the changes went into effect under the right conditions, the new structure would be fine, Melvin said. However, the SSA did not take all the necessary steps to ensure effectiveness, she added.

“We found in our review that the realignment was undertaken without the benefit of an analysis of the impact of this significant organizational change,” Melvin said.

SSA did not develop a management plan that identified potential bumps along the way. Nor did it specify time frames, resources, performance measures, and accountability measures needed to overcome anticipated challenges, Melvin added.

SSA managers also did not analyze the roles and responsibilities needed to support the changes in functions, GAO found.

“Without such an analysis, it cannot be determined whether the reassignment of staff that occurred as a result of the realignment represents an optimal allocation of resources,” Melvin said.

Finally, SSA has not updated its capital planning and investment control guidance to support the management change, and now parts of that guidance are obsolete, Melvin added.

SSA officials told the GAO that the guidance was being updated and would be reviewed internally, but they were not able to provide a schedule for those activities.

Melvin also found other shortcomings in the SSA’s management of IT systems.

For example, she said the SSA has not fully established performance measures or a review process to measure how far along it is in its modernization efforts.

Also, while the agency developed an IT strategic plan in 2007, that plan is now outdated and may not be aligned with the agency’s overall strategic plan, Melvin said.

She made four recommendations for improvements, including setting up performance measures, updating the strategic plan, defining roles and responsibilities for IT staff and establishing an enterprise architecture with key elements.

SSA officials did not agree or disagree with the recommendations, Melvin said in her remarks, which she made at a hearing of the House Ways and Means Subcommittee on Social Security.





About the Author

Alice Lipowicz is a staff writer covering government 2.0, homeland security and other IT policies for Federal Computer Week.

Rising Stars

Meet 21 early-career leaders who are doing great things in federal IT.

Featured

  • SEC Chairman Jay Clayton

    SEC owns up to 2016 breach

    A key database of financial information was breached in 2016, possibly in support of insider trading, said the Securities and Exchange Commission.

  • Image from Shutterstock.com

    DOD looks to get aggressive about cloud adoption

    Defense leaders and Congress are looking to encourage more aggressive cloud policies and prod reluctant agencies to embrace experimentation and risk-taking.

  • Shutterstock / Pictofigo

    The next big thing in IT procurement

    Steve Kelman talks to the agencies that have embraced tech demos in their acquisition efforts -- and urges others in government to give it a try.

  • broken lock

    DHS bans Kaspersky from federal systems

    The Department of Homeland Security banned the Russian cybersecurity company Kaspersky Lab’s products from federal agencies in a new binding operational directive.

  • man planning layoffs

    USDA looks to cut CIOs as part of reorg

    The Department of Agriculture is looking to cut down on the number of agency CIOs in the name of efficiency and better communication across mission areas.

  • What's next for agency cyber efforts?

    Ninety days after the Trump administration's executive order, FCW sat down with agency cyber leaders to discuss what’s changing.

Reader comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

More from 1105 Public Sector Media Group