Official: SSA needs four ingredients for IT center's success

The Social Security Administration must concentrate on four things if it wants to replace its outdated data center with a new one: coordination, architecture, integration, and security, a Government Accountability Office official has said.

The economic stimulus law gives the agency $500 million to help replace its National Computer Center. The 30-year-old center houses the backbone of the agency’s automated operations, such as providing benefits to nearly 55 million people, issuing Social Security cards, and maintaining earnings records.

As work begins, SSA officials must set clear priorities for building the new information technology system and work to coordinate the different projects, Valeria Melvin, GAO's director of information and human capital issues, told the House Ways and Means Committee's  Social Security subcommittee April 28. It’s important to know which parts are dependent on each other and understand how they work together. Then the agency must manage the work with the interdependency in mind, Melvin said.

Melvin said SSA needs to construct an enterprise architecture that describes the changes from the old system to the new. She said the architecture helps officials avoid developing operations and systems that are duplicative, poorly integrated and unnecessarily costly to run.

Building this system affects numerous parts of the agency, Melvin said, and officials should choose where they invest their resources with the whole agency in mind. Allocating the resources so the agency can manage the replacement project well can avoid delaying the schedule and overstepping the budget, she said. The recovery act, a law based on transparency, includes accountability requirements that will underline the management problems if they occur.

“Security is vital for any organization that depends on information systems and networks to carry out its mission — especially for government agencies like SSA, where maintaining the public’s trust is essential,” Melvin said.

SSA must have contingency plans and continuity of operations, she said. Data centers are vulnerable to service disruptions, network failures, malfunctions and disasters. Agency officials need to know exactly what to do when it happens. Today, threats are domestic and international, operational and physical security are indispensable in keeping the data center safe and running smoothly daily, she added.

“For an effort as central to SSA’s mission as its planned new data center, effective practices in key IT management areas are essential,” she said.