The Social Security Administration’s CIO said Thursday the agency’s IT modernization plan will make significant progress in reducing its reliance on legacy systems — but don’t expect them to be completely gone by 2022.
“I think it’s going to be substantially gone in five years, but it won’t be 100 percent gone in five years,” Rajive Mathur told the House Ways and Means Committee in a Thursday hearing about the SSA’s IT environment. “Because in some cases, it may not make sense for us to migrate an old legacy technology [system]. It may not make business sense.”
Mathur detailed the progress the agency has made on its year-old IT modernization plan, which is projected to cost $691 million and includes the continued rollout of its updated Disability Case Processing System, or DCPS2.
DCPS2 aims to provide state disability determination services with a superior IT product after the agency was forced to shutter a beta version of the system in 2015. SSA debuted an initial rollout of DCPS2 in January to select states before pausing its deployment to add more user-based functionality. Mathur said by leveraging agile-based development, the agency plans to expand its use of the system.
“We have regularly added functionality to DCPS2 as we have expanded it to 10 states, with four more joining soon and 34 others that are scheduled for deployment,” he said. “We are delivering products on time, our systems are available to users 99.96 percent of the time and we’ve reduced the number of IT outages.”
The CIO also said SSA will debut a new system in mid-fiscal 2019 to assist its frontline employees with a more efficient processing of Supplemental Security Income benefit claims by providing a user-centered version of a beneficiary’s file.
Officials from both the SSA’s inspector general and the Government Accountability Office praised the progress the agency has made with its IT modernization plans but also called for Mathur and others to continue to address SSA’s IT project management practices for future projects.
“As the agency moves forward with its IT modernization, it is imperative that it also give proper attention to cybersecurity,” said Gale Stallworth Stone, acting SSA inspector general. “In our most recent annual audit of SSA’s information security program, we identified a number of control deficiencies that may limit the agency’s ability to protect its systems. SSA needs to make addressing these deficiencies a priority.”
Carol Harris, GAO’s director of IT management, also commended Mathur and SSA for implementing 14 of the 15 recommendations it has made to the agency since 2011 to improve IT management. She also called for a continued focus on issues like IT workforce management and strategic planning for IT projects.
Mathur said because the IT modernization plan is built around user-centered technology strategies and driving value from new solutions, the agency will be able to tackle more of its IT challenges by continually assessing their progress and remaining flexible in its approaches.
“If you are remodeling your kitchen and your contractor said, ‘Come back to me in a year, and I’ll let you know what it looks like,’ you’re probably not going to get what you want,” he said. “But if you are able to look at it every day, every week, you can probably tweak the direction. That’s the model we are using when it comes to modernization.”