SSA needs to better manage its IT systems, GAO says

The Social Security Administration left a few loose ends hanging when it did a major reorganization of its information technology investment management procedures last year, according to a new report from the Government Accountability Office.

In 2011, the SSA realigned its Office of the Chief Information Officer, consolidating functions with its Office of Systems, to oversee about $1.6 billion in IT investments per year. However, the changes were made “without adequate planning or updated guidance,” Valerie Melvin, director of information management and technology resources for the GAO, testified to a House subcommittee on May 9.

If the changes went into effect under the right conditions, the new structure would be fine, Melvin said. However, the SSA did not take all the necessary steps to ensure effectiveness, she added.

“We found in our review that the realignment was undertaken without the benefit of an analysis of the impact of this significant organizational change,” Melvin said.

SSA did not develop a management plan that identified potential bumps along the way. Nor did it specify time frames, resources, performance measures, and accountability measures needed to overcome anticipated challenges, Melvin added.

SSA managers also did not analyze the roles and responsibilities needed to support the changes in functions, GAO found.

“Without such an analysis, it cannot be determined whether the reassignment of staff that occurred as a result of the realignment represents an optimal allocation of resources,” Melvin said.

Finally, SSA has not updated its capital planning and investment control guidance to support the management change, and now parts of that guidance are obsolete, Melvin added.

SSA officials told the GAO that the guidance was being updated and would be reviewed internally, but they were not able to provide a schedule for those activities.

Melvin also found other shortcomings in the SSA’s management of IT systems.

For example, she said the SSA has not fully established performance measures or a review process to measure how far along it is in its modernization efforts.

Also, while the agency developed an IT strategic plan in 2007, that plan is now outdated and may not be aligned with the agency’s overall strategic plan, Melvin said.

She made four recommendations for improvements, including setting up performance measures, updating the strategic plan, defining roles and responsibilities for IT staff and establishing an enterprise architecture with key elements.

SSA officials did not agree or disagree with the recommendations, Melvin said in her remarks, which she made at a hearing of the House Ways and Means Subcommittee on Social Security.





About the Author

Alice Lipowicz is a staff writer covering government 2.0, homeland security and other IT policies for Federal Computer Week.

The Fed 100

Save the date for 28th annual Federal 100 Awards Gala.

Featured

  • Social network, census

    5 predictions for federal IT in 2017

    As the Trump team takes control, here's what the tech community can expect.

  • Rep. Gerald Connolly

    Connolly warns on workforce changes

    The ranking member of the House Oversight Committee's Government Operations panel warns that Congress will look to legislate changes to the federal workforce.

  • President Donald J. Trump delivers his inaugural address

    How will Trump lead on tech?

    The businessman turned reality star turned U.S. president clearly has mastered Twitter, but what will his administration mean for broader technology issues?

  • Login.gov moving ahead

    The bid to establish a single login for accessing government services is moving again on the last full day of the Obama presidency.

  • Shutterstock image (by Jirsak): customer care, relationship management, and leadership concept.

    Obama wraps up security clearance reforms

    In a last-minute executive order, President Obama institutes structural reforms to the security clearance process designed to create a more unified system across government agencies.

  • Shutterstock image: breached lock.

    What cyber can learn from counterterrorism

    The U.S. has to look at its experience in developing post-9/11 counterterrorism policies to inform efforts to formalize cybersecurity policies, says a senior official.

Reader comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

More from 1105 Public Sector Media Group