United States General Accounting Office GAO Testimony Before the Committee on Ways and Means, House of Representatives For Release on Delivery Expected at 9 a.m. YEAR 2000 COMPUTING Wednesday, February 24, 1999 CRISIS Update on the Readiness of the Social Security Administration Statement of Joel C. Willemssen Director, Civil Agencies Information Systems Accounting and Information Management Division GAO/T-AIMD-99-90 Mr. Chairman and Members of the Committee: We appreciate the opportunity to join in today's hearing and share updated information on the readiness of computer systems that support key benefits programs to function reliably in the next century. As you know, successful Year 2000--or Y2K--conversion is critical if programs such as Social Security are to provide accurate services and benefits without interruption. Millions of Americans rely on such monthly payments. In a previous report and testimony, we described the efforts that the Social Security Administration (SSA) was making to ensure that its information systems are Year 2000 compliant.1 This morning I would like to briefly summarize our findings and recommendations from that report, describe actions taken on those recommendations, and provide our perspective on where SSA stands today. Significant Early Our previous report and testimony noted that SSA had made significant early progress in its efforts to become Year 2000 compliant. SSA first Progress Made, But recognized the potential impact of the Year 2000 problem in 1989 and, in so Three Key Areas of doing, was able to launch an early response to this challenge. SSA initiated early awareness activities and made significant progress in assessing and Risk Identified in SSA’s renovating mission-critical mainframe software that enables it to provide Year 2000 Program Social Security benefits and other assistance to the public. Because of the knowledge and experience gained through its Year 2000 efforts, SSA is now a recognized federal leader in addressing this issue. Among other responsibilities, SSA’s Assistant Deputy Commissioner for Systems chairs the Chief Information Officers Council’s Committee on the Year 2000 and works with other federal agencies to address Year 2000 issues across government. While SSA deserves credit for its leadership, our earlier report and testimony pointed out that three key areas of risk nonetheless threatened to disrupt its ability to deliver benefits payments. One major risk concerned Year 2000 compliance of mission-critical systems used by 1 Social Security Administration: Significant Progress Made in Year 2000 Effort, But Key Risks Remain (GAO/AIMD-98-6, October 22, 1997) and Year 2000 Computing Crisis: Continuing Risks of Disruption to Social Security, Medicare, and Treasury Programs (GAO/T-AIMD-98-161, May 7, 1998). Page 1 GAO/T-AIMD-99-90 the 542 state Disability Determination Services (DDS) that provide vital support to SSA in administering its disability programs. Specifically, SSA had not included these DDS systems in its initial assessment of systems that it considered a priority for correction. Without a complete agencywide assessment that included the DDS systems, SSA could not fully evaluate the extent of its Year 2000 problem or the level of effort that would be required to correct it. A second major risk in SSA’s Year 2000 program concerned the compliance of its data exchanges with outside sources, such as other federal agencies, state agencies, and private businesses. In addressing the Year 2000 problem, agencies need assurance that data received from other organizations are accurate. Even if an agency has made its own systems Year 2000 compliant, the data in those systems can still be contaminated by incorrect data entering from external sources. SSA has thousands of data exchanges with other organizations, including the Department of the Treasury, the Internal Revenue Service, and the states. For example, each month SSA relies on its data exchange with Treasury’s Financial Management Service (FMS) to process and disburse 50 million benefits payments totaling approximately $31 billion. Other exchanges may involve data reported on individuals’ tax-withholding forms or pertaining to state wages and unemployment compensation. Unless SSA is able to ensure that data received are Year 2000 compliant, program benefits and eligibility computations that are derived from the data provided through these exchanges may be compromised and SSA’s databases corrupted. Third, the risks to SSA’s Year 2000 program were compounded by the lack of contingency plans to ensure business continuity in the event of systems failure. Business continuity and contingency plans are essential. Without such plans, agencies will not have well-defined responses and may not have enough time to develop and test alternatives when unpredicted failures occur. Federal agencies depend on data provided by their business partners as well as on services provided by the public infrastructure. One weak link anywhere in the chain of critical dependencies can cause major disruptions to business operations. Given these interdependencies, it is imperative that contingency plans be developed for all critical core business processes and supporting systems, regardless of whether these systems are owned by the agency. At the time of our October 1997 review, 2 Wesent a survey to the 50 states, the District of Columbia, and the three territories (Guam, Puerto Rico, and the Virgin Islands). Page 2 GAO/T-AIMD-99-90 SSA officials acknowledged the importance of contingency planning, but had not developed specific plans to address how the agency would continue to support its core business processes if its Year 2000 conversion activities experienced unforeseen disruptions. We recommended that SSA take several specific actions to mitigate the risks to its Year 2000 program. These included (1) strengthening the monitoring and oversight of state DDS Year 2000 activities, (2) expeditiously completing the assessment of mission-critical systems at DDS offices and using those results to establish specific plans of action, (3) discussing the status of DDS Year 2000 activities in SSA’s quarterly reports to the Office of Management and Budget (OMB), (4) quickly completing SSA’s Year 2000 compliance coordination with all data exchange partners, and (5) developing specific contingency plans that articulate clear strategies for ensuring the continuity of core business functions. Actions Being Taken to At the request of this Committee’s Subcommittee on Social Security and the Senate Special Committee on Aging, we are currently monitoring SSA’s Mitigate Year 2000 implementation of our recommendations and additional actions it is taking Risks to achieve Year 2000 compliance. SSA agreed with all of our earlier recommendations, and efforts to implement them have either been taken or are underway. Testing of systems to ensure Year 2000 compliance is vital, and we are continuing to evaluate the effectiveness of the agency’s efforts in this area. SSA has enhanced its monitoring and oversight of state DDSs by establishing a full-time DDS project team, designating project managers and coordinators, and requesting biweekly status reports. The agency also obtained from each DDS a plan identifying the specific milestones, resources, and schedules for completing Year 2000 conversion tasks. Further, in accordance with our recommendation, SSA in November 1997 began including information on the status of DDS Year 2000 compliance activities in its quarterly reports to OMB. SSA reported in its most recent quarterly report (February 1999) that all automated DDS systems had been renovated, tested, implemented, and certified Year 2000 compliant as of January 31, 1999. In another critical area, data exchanges, SSA has identified its external exchanges and has coordinated with all its partners about the schedule and format for making them Year 2000 compliant. As of January 31, 1999, SSA Page 3 GAO/T-AIMD-99-90 reported that 98 percent of all of its external data exchanges had been made compliant and implemented, and that it was either in the process of testing those exchanges that remained noncompliant or was waiting for its partners to make the exchanges compliant. Among SSA’s most critical data exchanges are those with FMS and the Federal Reserve for the disbursement of Title II (Old Age, Survivors, and Disability Insurance program) and Title XVI (Supplemental Security Income program) benefits checks and direct deposit payments. SSA began working with FMS in March 1998 to ensure the compliance of these exchanges, and recently reported that the joint testing of check payment files and the end-to-end testing from SSA, through FMS and the Federal Reserve for direct deposit payments, had been successfully completed. Further, SSA stated that it began generating and issuing Title II and Title XVI benefits payments using the Year 2000 compliant software at SSA and FMS in October 1998. Turning to contingency planning, SSA has instituted a number of key elements, in accordance with our business continuity and contingency planning guidance.3 It initially developed an overall framework for business continuity that presented an effective high-level strategy for mitigating risks associated with the Year 2000. For example, the plan identified SSA’s core business functions that must be supported if Year 2000 conversion activities experience unforeseen disruptions; potential risks to business processes and ways to mitigate those risks; and milestones, target dates, and responsible components for developing local contingency plans and procedures for SSA’s operating components. SSA is now in the process of developing local contingency plans to support its core business operations. It has also received contingency plans for all state DDSs. Among the plans that SSA reports as being completed at this time is the Benefits Payment Delivery Year 2000 Contingency Plan, developed in conjunction with Treasury and the Federal Reserve to ensure the continuation of operations supporting Title II and Title XVI benefits payments. SSA is scheduled to complete the development of all of its contingency plans by April 30, 1999, and to complete the testing of all plans by June 30 of this year. 3 Year 2000 Computing Crisis: Business Continuity and Contingency Planning (GAO/AIMD-10.1.19, March 1998 [exposure draft], August 1998[final]). Page 4 GAO/T-AIMD-99-90 As noted in our guide, another key element of a business continuity and contingency plan is the development of a zero-day or day-one risk reduction strategy, and procedures for the period between late December 1999 and early January 2000. SSA has developed such a strategy. Among the features of this strategy is a moratorium on software changes, except for those mandated by law. SSA plans to minimize changes to its systems that have been certified as Year 2000 compliant by not allowing discretionary changes to be made. The moratorium will be in effect for commercial-off-the-shelf and mainframe products between July 1, 1999, and March 31, 2000, and for programmatic applications between September 1, 1999, and March 31, 2000. Such a Year 2000 change management policy will significantly reduce the chance that errors will be introduced into systems that are already compliant. Other aspects of SSA’s day-one strategy are the implementation of (1) an integrated control center, whose purposes include the internal dissemination of critical data and problem management and (2) a timeline that details the hours in which certain events will occur (such as when workloads will be placed in the queue and backup generators started) during the late December and early January rollover period. SSA is also planning to address the personnel issue with respect to the rollover. For example, it plans to obtain a commitment from key staff to be available during the rollover period and establish a Year 2000 leave policy. Such a strategy, developed well in advance of the turn of the century, should help SSA manage the risks associated with the actual rollover and better position it to address disruptions if they occur. SSA Well-Positioned Overall, we have seen significant continuing progress in SSA’s efforts to become Year 2000 compliant. The agency reported that, as of January 31, for the Year 2000, But 1999, it had completed the renovation of all mission-critical systems so Some Work Remains targeted, and implemented them in production. The actions that SSA has taken to mitigate risk to its Year 2000 program have demonstrated a sense of urgency and commitment to achieving readiness for the change of century, and will no doubt better position SSA to meet the challenge. Moreover, several of SSA’s actions—such as its implementation of a day- one strategy—constitute a best practice that we believe should be followed governmentwide. It is important to note, however, that SSA still needs to effectively complete certain critical tasks to better ensure the success of its efforts. For Page 5 GAO/T-AIMD-99-90 example, SSA must ensure that all of its data exchanges are made compliant and tested. It must also complete the development and testing of contingency plans supporting its core business processes. In addition, where the agency may be required to modify compliant software in accordance with legislative mandates, these modifications will have to be retested and recertified. Our ongoing review of SSA’s Year 2000 actions shows that the agency has established deadlines for completing its remaining tasks, and is actively monitoring its progress. Mr. Chairman, that concludes my statement. I would be pleased to respond to any questions that you or other members of the Committee may have at this time. (511722) Leter Page 6 GAO/T-AIMD-99-90 Ordering Information The first copy of each GAO report and testimony is free. Additional copies are $2 each. Orders should be sent to the following address, accompanied by a check or money order made out to the Superintendent of Documents, when necessary, VISA and MasterCard credit cards are accepted, also. Orders for 100 or more copies to be mailed to a single address are discounted 25 percent. Orders by mail: U.S. General Accounting Office P.O. Box 37050 Washington, DC 20013 or visit: Room 1100 700 4th St. NW (corner of 4th and G Sts. NW) U.S. General Accounting Office Washington, DC Orders may also be placed by calling (202) 512-6000 or by using fax number (202) 512-6061, or TDD (202) 512-2537. Each day, GAO issues a list of newly available reports and testimony. To receive facsimile copies of the daily list or any list from the past 30 days, please call (202) 512-6000 using a touchtone phone. A recorded menu will provide information on how to obtain these lists. For information on how to access GAO reports on the INTERNET, send an e-mail message with “info” in the body to: email@example.com or visit GAO’s World Wide Web Home Page at: http://www.gao.gov United States Bulk Rate General Accounting Office Postage & Fees Paid Washington, D.C. 20548-0001 GAO Permit No. GI00 Official Business Penalty for Private Use $300 Address Correction Requested
Year 2000 Computing Crisis: Update on the Readiness of the Social Security Administration
Published by the Government Accountability Office on 1999-02-24.
Below is a raw (and likely hideous) rendition of the original report. (PDF)