|
Comment: |
The General Accounting Office reported in November that the extra 33 million lines of code discovered at the state level constitutes a major threat to Social Security's compliance.
Social Security still maintains that it is 80% finished on its repair of 30+ million lines because these extra 33 million are not "mission critical."
See if that's the sense of the matter provided by the GAO. Especially pointed are these remarks: "because SSA must rely on the hundreds of federal and state agencies and the thousands of businesses with which it exchanges files to make their systems compliant, SSA faces a definite risk that inaccurate data will be introduced into its databases; and (12) that risk could be magnified if SSA does not develop contingency plans to ensure the continuity of its critical systems and activities should systems not be corrected in time."
* * * * * * *
Social Security Administration: Significant Progress Made in Year 2000 Effort, But Key Risks Remain (Letter Report, 10/22/97, GAO/AIMD-98-6).
Pursuant to a congressional request, GAO reviewed the Social Security Administration's (SSA) actions to achieve Year 2000 information systems compliance, focusing on the adequacy of steps taken by SSA to ensure that computing problems related to the year 2000 are fully addressed, including its oversight of state disability determinations services' (DDS) Year 2000 program activities.
GAO noted that: (1) SSA first recognized the potential impact of the Year 2000 problem almost a decade ago, and was able to launch an early response to this challenge; (2) it initiated early awareness activity and has made significant progress in assessing and renovating mission-critical mainframe software that enables it to provide Social Security benefits and other assistance to the public; (3) because of the knowledge and experience gained through its early Year 2000 efforts, SSA has come to be regarded as a federal leader in addressing this issue; (4) SSA's Assistant Deputy Commissioner for Systems chairs the Chief Information Officers Council's Subcommittee on the Year 2000 and works with other federal agencies to address Year 2000 issues across government; (5) while SSA deserves credit for its leadership, the agency remains at risk that not all of its mission-critical systems--those necessary to prevent the disruption of benefits -- will be corrected before January 1, 2000; (6) at particular risk are the systems that have not yet been assessed for the 54 state DDSs that provide vital support to SSA in administering its disability insurance programs; (7) private contractors SSA hired to make 42 of the 54 state DDS systems Year 2000 compliant reported that these offices had at least 33 million additional lines of software code that must be assessed and, where necessary, renovated; (8) given the potential magnitude of this undertaking, SSA could face major disruptions in its ability to process initial disability claims for millions of individuals throughout the country if these systems are not addressed in time for corrective action to be completed before the change of century; (9) SSA also faces the challenge of ensuring that its critical data exchanges with federal and state agencies and other businesses are Year 2000 compliant; (10) it has taken a number of positive steps in this direction, such as identifying incoming and outgoing file exchanges with the external business community and developing a database to maintain information on the status of compliance activities; (11) however,Social Security Administration: Significant Progress Made in Year 2000 Effort, But Key Risks Remain (Letter Report, 10/22/97, GAO/AIMD-98-6).
Pursuant to a congressional request, GAO reviewed the Social Security Administration's (SSA) actions to achieve Year 2000 information systems compliance, focusing on the adequacy of steps taken by SSA to ensure that computing problems related to the year 2000 are fully addressed, including its oversight of state disability determinations services' (DDS) Year 2000 program activities.
GAO noted that: (1) SSA first recognized the potential impact of the Year 2000 problem almost a decade ago, and was able to launch an early response to this challenge; (2) it initiated early awareness activity and has made significant progress in assessing and renovating mission-critical mainframe software that enables it to provide Social Security benefits and other assistance to the public; (3) because of the knowledge and experience gained through its early Year 2000 efforts, SSA has come to be regarded as a federal leader in addressing this issue; (4) SSA's Assistant Deputy Commissioner for Systems chairs the Chief Information Officers Council's Subcommittee on the Year 2000 and works with other federal agencies to address Year 2000 issues across government; (5) while SSA deserves credit for its leadership, the agency remains at risk that not all of its mission-critical systems--those necessary to prevent the disruption of benefits--will be corrected before January 1, 2000; (6) at particular risk are the systems that have not yet been assessed for the 54 state DDSs that provide vital support to SSA in administering its disability insurance programs; (7) private contractors SSA hired to make 42 of the 54 state DDS systems Year 2000 compliant reported that these offices had at least 33 million additional lines of software code that must be assessed and, where necessary, renovated; (8) given the potential magnitude of this undertaking, SSA could face major disruptions in its ability to process initial disability claims for millions of individuals throughout the country if these systems are not addressed in time for corrective action to be completed before the change of century; (9) SSA also faces the challenge of ensuring that its critical data exchanges with federal and state agencies and other businesses are Year 2000 compliant; (10) it has taken a number of positive steps in this direction, such as identifying incoming and outgoing file exchanges with the external business community and developing a database to maintain information on the status of compliance activities; (11) however, because SSA must rely on the hundreds of federal and state agencies and the thousands of businesses with which it exchanges files to make their systems compliant, SSA faces a definite risk that inaccurate data will be introduced into its databases; and (12) that risk could be magnified if SSA does not develop contingency plans to ensure the continuity of its critical systems and activities should systems not be corrected in time.
|