Year 2000 Computing Crisis: Update on the Readiness of the Social
Security Administration (Testimony, 02/24/99, GAO/T-AIMD-99-90).

Pursuant to a congressional request, GAO discussed the readiness of
Social Security Administration's (SSA) computer systems that support key
benefits programs to function reliably in the next century, focusing on
GAO's previous report and recommendations.

GAO noted that: (1) a previous report and testimony noted that SSA had
made significant early progress in its efforts to become year 2000
compliant; (2) SSA initiated early awareness activities and made
significant progress in assessing and renovating mission-critical
mainframe software that enables it to provide social security benefits
and other assistance to the public; (3) while SSA deserves credit for
its leadership, GAO's earlier report and testimony pointed out that
three key areas of risk nonetheless threatened to disrupt its ability to
deliver benefits payments; (4) one major risk concerned year 2000
compliance of mission-critical systems used by the 54 state Disability
Determination Services (DDS) that provide vital support to SSA in
administering its disability programs; (5) a second major risk in SSA's
year 2000 program concerned the compliance of its data exchanges with
outside sources, such as other federal agencies, state agencies, and
private businesses; (6) third, the risks to SSA's year 2000 program were
compounded by the lack of contingency plans to ensure business
continuity in the event of systems failure; (7) SSA has enhanced its
monitoring and oversight of state DDSs by establishing a full-time DDS
project team, designating project managers and coordinators, and
requesting biweekly status reports; (8) among SSA's most critical data
exchanges are those with the Federal Reserve and the Financial
Management Service (FMS) for the disbursement of Title II and Title XVI
benefits checks and direct deposit payments; (9) SSA began working with
FMS in March 1998 to ensure the compliance of these exchanges, and
recently reported that the joint testing of check payment files and the
end-to-end testing from SSA, through FMS and the Federal Reserve for
direct deposit payments, had been successfully completed; (10) turning
to contingency planning, SSA has instituted a number of key elements in
accordance with GAO's business continuity and contingency planning
guidance; (11) SSA is now in the process of developing local contingency
plans to support its core business operations; (12) another key element
of a business continuity and contingency plan is the development of a
zero-day or day-one risk reduction strategy, and procedures for the
period between late December 1999 and early January 2000; (13) SSA has
developed such a strategy; (14) there has been significant continuing
progress in SSA's efforts to become year 2000 compliant; and (15) it is
important to note, however, that SSA still needs to effectively complete
certain critical tasks to better ensure the success of its efforts.

--------------------------- Indexing Terms -----------------------------

 REPORTNUM:  T-AIMD-99-90
     TITLE:  Year 2000 Computing Crisis: Update on the Readiness of the
	     Social Security Administration
      DATE:  02/24/99
   SUBJECT:  Y2K
	     Systems conversions
	     Information resources management
	     Information systems
	     Interagency relations
	     Federal social security programs
	     Computer software verification and validation
	     Computer software
	     Strategic information systems planning
	     Systems compatibility
IDENTIFIER:  Y2K
	     SSA Disability Determination Program
	     Old Age Survivors and Disability Insurance Program
	     Supplemental Security Income Program
	     SSA Year 2000 Program
	     SSI

******************************************************************
** This file contains an ASCII representation of the text of a  **
** GAO report.  This text was extracted from a PDF file.        **
** Delineations within the text indicating chapter titles,      **
** headings, and bullets have not been preserved, and in some   **
** cases heading text has been incorrectly merged into          **
** body text in the adjacent column.  Graphic images have       **
** not been reproduced, but figure captions are included.       **
** Tables are included, but column deliniations have not been   **
** preserved.                                                   **
**                                                              **
** Please see the PDF (Portable Document Format) file, when     **
** available, for a complete electronic file of the printed     **
** document's contents.                                         **
**                                                              **
** A printed copy of this report may be obtained from the GAO   **
** Document Distribution Center.  For further details, please   **
** send an e-mail message to:                                   **
**                                                              **
**                                            **
**                                                              **
** with the message 'info' in the body.                         **
******************************************************************
AI99090T.book GAO United States General Accounting Office

Testimony Before the Committee on Ways and Means, House of
Representatives

For Release on Delivery Expected at 9 a. m. Wednesday, February
24, 1999

YEAR 2000 COMPUTING CRISIS

Update on the Readiness of the Social Security Administration
Statement of Joel C. Willemssen Director, Civil Agencies
Information Systems Accounting and Information Management Division

GAO/T-AIMD-99-90

  GAO/T-AIMD-99-90

Page 1 GAO/T-AIMD-99-90

Mr. Chairman and Members of the Committee: We appreciate the
opportunity to join in today's hearing and share updated
information on the readiness of computer systems that support key
benefits programs to function reliably in the next century. As you
know, successful Year 2000-- or Y2K-- conversion is critical if
programs such as Social Security are to provide accurate services
and benefits without interruption. Millions of Americans rely on
such monthly payments.

In a previous report and testimony, we described the efforts that
the Social Security Administration (SSA) was making to ensure that
its information systems are Year 2000 compliant. 1 This morning I
would like to briefly summarize our findings and recommendations
from that report, describe actions taken on those recommendations,
and provide our perspective on where SSA stands today.

Significant Early Progress Made, But Three Key Areas of Risk
Identified in SSA's Year 2000 Program

Our previous report and testimony noted that SSA had made
significant early progress in its efforts to become Year 2000
compliant. SSA first recognized the potential impact of the Year
2000 problem in 1989 and, in so doing, was able to launch an early
response to this challenge. SSA initiated early awareness
activities and made significant progress in assessing and
renovating mission- critical mainframe software that enables it to
provide Social Security benefits and other assistance to the
public. Because of the knowledge and experience gained through its
Year 2000 efforts, SSA is now a recognized federal leader in
addressing this issue. Among other

responsibilities, SSA's Assistant Deputy Commissioner for Systems
chairs the Chief Information Officers Council's Committee on the
Year 2000 and works with other federal agencies to address Year
2000 issues across government. While SSA deserves credit for its
leadership, our earlier report and testimony pointed out that
three key areas of risk nonetheless threatened to disrupt its
ability to deliver benefits payments. One major risk concerned
Year 2000 compliance of mission- critical systems used by 1 Social
Security Administration: Significant Progress Made in Year 2000
Effort, But Key Risks Remain (GAO/AIMD-98-6, October 22, 1997) and
Year 2000 Computing Crisis: Continuing Risks of Disruption to
Social Security, Medicare, and Treasury Programs (GAO/T-AIMD-98-
161, May 7, 1998).

Page 2 GAO/T-AIMD-99-90

the 54 2 state Disability Determination Services (DDS) that
provide vital support to SSA in administering its disability
programs. Specifically, SSA had not included these DDS systems in
its initial assessment of systems that it considered a priority
for correction. Without a complete agencywide

assessment that included the DDS systems, SSA could not fully
evaluate the extent of its Year 2000 problem or the level of
effort that would be required to correct it.

A second major risk in SSA's Year 2000 program concerned the
compliance of its data exchanges with outside sources, such as
other federal agencies, state agencies, and private businesses. In
addressing the Year 2000

problem, agencies need assurance that data received from other
organizations are accurate. Even if an agency has made its own
systems Year 2000 compliant, the data in those systems can still
be contaminated by incorrect data entering from external sources.
SSA has thousands of data exchanges with other organizations,
including the Department of the

Treasury, the Internal Revenue Service, and the states. For
example, each month SSA relies on its data exchange with
Treasury's Financial Management Service (FMS) to process and
disburse 50 million benefits payments totaling approximately $31
billion. Other exchanges may involve data reported on individuals'
tax- withholding forms or pertaining to state wages and
unemployment compensation. Unless SSA is able to ensure that data
received are Year 2000 compliant, program benefits and eligibility
computations that are derived from the data provided through these

exchanges may be compromised and SSA's databases corrupted. Third,
the risks to SSA's Year 2000 program were compounded by the lack
of contingency plans to ensure business continuity in the event of
systems failure. Business continuity and contingency plans are
essential. Without such plans, agencies will not have well-
defined responses and may not have enough time to develop and test
alternatives when unpredicted failures occur. Federal agencies
depend on data provided by their business partners as well as on
services provided by the public infrastructure. One

weak link anywhere in the chain of critical dependencies can cause
major disruptions to business operations. Given these
interdependencies, it is imperative that contingency plans be
developed for all critical core business processes and supporting
systems, regardless of whether these systems are owned by the
agency. At the time of our October 1997 review, 2 We sent a survey
to the 50 states, the District of Columbia, and the three
territories (Guam, Puerto Rico, and the Virgin Islands).

Page 3 GAO/T-AIMD-99-90

SSA officials acknowledged the importance of contingency planning,
but had not developed specific plans to address how the agency
would continue to support its core business processes if its Year
2000 conversion activities experienced unforeseen disruptions. We
recommended that SSA take several specific actions to mitigate the
risks to its Year 2000 program. These included (1) strengthening
the monitoring and oversight of state DDS Year 2000 activities,
(2) expeditiously completing the assessment of mission- critical
systems at DDS offices and using those results to establish
specific plans of action,

(3) discussing the status of DDS Year 2000 activities in SSA's
quarterly reports to the Office of Management and Budget (OMB),
(4) quickly completing SSA's Year 2000 compliance coordination
with all data exchange partners, and (5) developing specific
contingency plans that articulate clear strategies for ensuring
the continuity of core business functions.

Actions Being Taken to Mitigate Year 2000 Risks At the request of
this Committee's Subcommittee on Social Security and the

Senate Special Committee on Aging, we are currently monitoring
SSA's implementation of our recommendations and additional actions
it is taking to achieve Year 2000 compliance. SSA agreed with all
of our earlier recommendations, and efforts to implement them have
either been taken or are underway. Testing of systems to ensure
Year 2000 compliance is vital, and we are continuing to evaluate
the effectiveness of the agency's efforts in this area. SSA has
enhanced its monitoring and oversight of state DDSs by
establishing a full- time DDS project team, designating project
managers and coordinators, and requesting biweekly status reports.
The agency also obtained from each DDS a plan identifying the
specific milestones, resources, and schedules for completing Year
2000 conversion tasks. Further, in accordance with our
recommendation, SSA in November 1997 began including information
on the status of DDS Year 2000 compliance activities in its
quarterly reports to OMB. SSA reported in its most recent
quarterly report (February 1999) that all automated DDS systems
had been renovated, tested, implemented, and certified Year 2000
compliant as of January 31, 1999. In another critical area, data
exchanges, SSA has identified its external exchanges and has
coordinated with all its partners about the schedule and format
for making them Year 2000 compliant. As of January 31, 1999, SSA

Page 4 GAO/T-AIMD-99-90

reported that 98 percent of all of its external data exchanges had
been made compliant and implemented, and that it was either in the
process of testing those exchanges that remained noncompliant or
was waiting for its partners to make the exchanges compliant.
Among SSA's most critical data exchanges are those with FMS and
the Federal Reserve for the disbursement of Title II (Old Age,
Survivors, and Disability Insurance program) and Title XVI
(Supplemental Security

Income program) benefits checks and direct deposit payments. SSA
began working with FMS in March 1998 to ensure the compliance of
these exchanges, and recently reported that the joint testing of
check payment files and the end- to- end testing from SSA, through
FMS and the Federal Reserve for direct deposit payments, had been
successfully completed. Further, SSA stated that it began
generating and issuing Title II and Title XVI benefits payments
using the Year 2000 compliant software at SSA and FMS in October
1998.

Turning to contingency planning, SSA has instituted a number of
key elements, in accordance with our business continuity and
contingency planning guidance. 3 It initially developed an overall
framework for business continuity that presented an effective
high- level strategy for mitigating risks associated with the Year
2000. For example, the plan identified SSA's core business
functions that must be supported if Year 2000

conversion activities experience unforeseen disruptions; potential
risks to business processes and ways to mitigate those risks; and
milestones, target dates, and responsible components for
developing local contingency plans and procedures for SSA's
operating components. SSA is now in the process of developing
local contingency plans to support its core business operations.
It has also received contingency plans for all state DDSs. Among
the plans that SSA reports as being completed at this time is the
Benefits Payment Delivery Year 2000 Contingency Plan, developed in
conjunction with Treasury and the Federal Reserve to ensure the
continuation of operations supporting Title II and Title XVI
benefits payments. SSA is scheduled to complete the development of
all of its contingency plans by April 30, 1999, and to complete
the testing of all plans by June 30 of this year.

3 Year 2000 Computing Crisis: Business Continuity and Contingency
Planning (GAO/ AIMD- 10. 1. 19, March 1998 [exposure draft],
August 1998[ final]).

Page 5 GAO/T-AIMD-99-90

As noted in our guide, another key element of a business
continuity and contingency plan is the development of a zero- day
or day- one risk reduction strategy, and procedures for the period
between late December 1999 and early January 2000. SSA has
developed such a strategy. Among the features of this strategy is
a moratorium on software changes, except for those mandated by
law. SSA plans to minimize changes to its systems that have been
certified as Year 2000 compliant by not allowing discretionary
changes to be made. The moratorium will be in effect for
commercial- off- the- shelf and mainframe products between July 1,
1999, and March 31, 2000, and for programmatic applications
between

September 1, 1999, and March 31, 2000. Such a Year 2000 change
management policy will significantly reduce the chance that errors
will be introduced into systems that are already compliant.

Other aspects of SSA's day- one strategy are the implementation of
(1) an integrated control center, whose purposes include the
internal dissemination of critical data and problem management and
(2) a timeline that details the hours in which certain events will
occur (such as when workloads will be placed in the queue and
backup generators started) during the late December and early
January rollover period.

SSA is also planning to address the personnel issue with respect
to the rollover. For example, it plans to obtain a commitment from
key staff to be available during the rollover period and establish
a Year 2000 leave policy. Such a strategy, developed well in
advance of the turn of the century, should help SSA manage the
risks associated with the actual rollover and better position it
to address disruptions if they occur.

SSA Well- Positioned for the Year 2000, But Some Work Remains
Overall, we have seen significant continuing progress in SSA's
efforts to become Year 2000 compliant. The agency reported that,
as of January 31, 1999, it had completed the renovation of all
mission- critical systems so targeted, and implemented them in
production. The actions that SSA has taken to mitigate risk to its
Year 2000 program have demonstrated a sense

of urgency and commitment to achieving readiness for the change of
century, and will no doubt better position SSA to meet the
challenge. Moreover, several of SSA's actions such as its
implementation of a dayone strategy constitute a best practice
that we believe should be followed governmentwide. It is important
to note, however, that SSA still needs to effectively complete
certain critical tasks to better ensure the success of its
efforts. For

Page 6 GAO/T-AIMD-99-90

example, SSA must ensure that all of its data exchanges are made
compliant and tested. It must also complete the development and
testing of contingency plans supporting its core business
processes. In addition, where the agency may be required to modify
compliant software in accordance with legislative mandates, these
modifications will have to be retested and recertified. Our
ongoing review of SSA's Year 2000 actions shows that the agency
has established deadlines for completing its remaining tasks, and
is actively monitoring its progress.

Mr. Chairman, that concludes my statement. I would be pleased to
respond to any questions that you or other members of the
Committee may have at this time. (511722) Let t er

Ordering Information The first copy of each GAO report and
testimony is free. Additional copies are $2 each. Orders should be
sent to the following address, accompanied by a check or money
order made out to the Superintendent of Documents, when necessary,
VISA and

MasterCard credit cards are accepted, also. Orders for 100 or more
copies to be mailed to a single address are discounted 25 percent.

Orders by mail: U. S. General Accounting Office P. O. Box 37050
Washington, DC 20013

or visit: Room 1100 700 4th St. NW (corner of 4th and G Sts. NW)
U. S. General Accounting Office Washington, DC

Orders may also be placed by calling (202) 512- 6000 or by using
fax number (202) 512- 6061, or TDD (202) 512- 2537.

Each day, GAO issues a list of newly available reports and
testimony. To receive facsimile copies of the daily list or any
list from the past 30 days, please call (202) 512- 6000 using a
touchtone phone. A recorded menu will provide information on how
to obtain these lists. For information on how to access GAO
reports on the INTERNET, send an e- mail message with info in the
body to:

info@ www. gao. gov or visit GAO's World Wide Web Home Page at:
http:// www. gao. gov

United States General Accounting Office Washington, D. C. 20548-
0001

Official Business Penalty for Private Use $300

Address Correction Requested Bulk Rate

Postage & Fees Paid GAO Permit No. GI00

*** End of document. ***