Skip to main content

Social Security Administration: Technology Modernization Needs Improved Planning and Performance Measures

GAO-12-723T Published: May 09, 2012. Publicly Released: May 09, 2012.
Jump To:
Skip to Highlights


What GAO Found

Since 2001, SSA has reported spending more than $5 billion on the development, modernization, and enhancement of its IT systems and capabilities. SSA officials identified 120 initiatives undertaken from 2001 to 2011 that the agency considered to be key investments in modernization. These comprise a subset of the hundreds of projects and modernization activities SSA undertakes yearly, which vary greatly in level of effort, scope, and cost. These initiatives affected all of the agency’s main program areas:

  • According to managers within SSA’s Office of Disability Systems, in an effort to reduce backlogs of disability hearings, the agency implemented a process for creating electronic “folders” for each applicant, to replace the existing paper-based process. This initiative included capabilities for electronically viewing an applicant’s folder, electronic screening for faster disability determinations, and Internet access to information on disability hearings and determinations.

  • The Office of Retirement and Survivors Insurance Systems took steps to improve outdated legacy systems and respond to legislation or other mandates requiring new system functionality. These efforts included integrating stand-alone “post-entitlement” processes, facilitating online application for benefits, and conversion of a key database to a more modern, industry-standard one.

  • Managers from the Office of Applications and Supplemental Security Income described initiatives to modernize large legacy databases and facilitate data sharing to streamline the claims process. These included enhancements to the electronic death registration process and the development of a Web application enabling access to data from multiple systems.

  • SSA officials described initiatives in the area of electronically exchanging data with external partners, including states and private-sector partners such as banks and credit bureaus.

  • SSA also noted efforts to streamline the process for administering Social Security cards, such as introducing safeguards against counterfeiting and replacing its legacy printers.

Comprehensive strategic planning is essential for successfully carrying out large-scale efforts such as SSA’s IT modernizations. Key elements of such planning include developing an IT strategic plan and an enterprise architecture that, together, outline modernization goals, measures, and timelines.

An IT strategic plan serves as an agency’s vision and helps align its information resources with its business strategies and investment decisions. As such, it provides a high-level perspective of the agency’s goals and objectives, enabling the agency to prioritize how it allocates resources; proactively respond to changes; and communicate its vision and goals to management, oversight bodies, and external parties. The enterprise architecture helps to implement the strategic vision by providing a focused “blueprint” of the organization’s business processes and technology that supports them. It includes descriptions of how the organization operates today, how it intends to operate in the future, and a plan for transitioning to the target state. It further helps coordinate the concurrent development of IT systems to limit unnecessary duplication and increase the likelihood that these systems will inter-operate.

SSA developed an IT strategic plan in 2007 to guide its modernization efforts; however, the plan is outdated and may not be aligned with the agency’s overall strategic plan. Specifically, because it has not been updated since 2007, the plan contains elements that are no longer relevant to SSA’s ongoing modernization efforts.

As mentioned earlier, in 2011, SSA realigned the functions of its Office of the CIO, consolidating major responsibilities for the management and oversight of IT in its Office of Systems. Federal law, specifically the Clinger-Cohen Act of 1996, requires the heads of executive branch agencies to designate a CIO with key responsibilities for managing an agency’s IT resources. As we have previously reported, to carry out these responsibilities effectively, CIOs require sufficient control over IT investments, including control over the IT budget and workforce.

Under the realignment, key responsibilities of the CIO and Deputy Commissioner for Systems were merged into the Office of Systems. Specifically, this arrangement gave the Office for Systems responsibility for, among other things,

  • oversight and management of IT budget formulation;

  • systems acquisition, development, and integration;

  • the IT capital planning and investment control process;

  • workforce planning and allocation of resources to IT projects;

  • IT strategic planning;

  • enterprise architecture;

  • IT security; and

  • IT operations.

Why GAO Did This Study

This hearing is on the Social Security Administration’s (SSA) efforts to modernize its information technology (IT) systems and environment. As you know, SSA is responsible for delivering services that touch the lives of virtually every American, and the agency relies heavily on IT to do so. Its computerized information systems support a range of activities, from the processing of Disability Insurance and Supplemental Security Income payments to the calculation and withholding of Medicare premiums, and the issuance of Social Security numbers and cards. Last fiscal year, the agency spent nearly $1.6 billion on IT.

As SSA’s systems have aged and its workload has increased, the agency has committed to investing in the capacity and modern technologies needed to update its strained IT infrastructure. In addition, the agency has recently undertaken a realignment of its IT governance structure, including the responsibilities of its Chief Information Officer (CIO).

At your request, over the past year, we have been examining SSA’s modernization efforts. The specific objectives of our study were to (1) determine SSA’s progress in modernizing its IT systems and capabilities; (2) evaluate the effectiveness of SSA’s plans and strategy for modernizing its systems and capabilities; and (3) assess whether the realignment of the agency’s CIO responsibilities allows for effective oversight and management of the systems modernization efforts.

For more information, please contact Valerie C. Melvin at (202) 512-6304 or

Full Report

GAO Contacts

Office of Public Affairs


Chief information officersStrategic planPerformance measurementBusiness systems modernizationEnterprise architectureIT investmentsInformation systemsBudgetsIT projectsDisabilities