Information Security:

Software Change Controls at the Social Security Administration

AIMD-00-198R: Published: Jun 30, 2000. Publicly Released: Jun 30, 2000.

Contact:

Joel C. Willemssen
(202) 512-6253
contact@gao.gov

 

Office of Public Affairs
(202) 512-4800
youngc1@gao.gov

Pursuant to a congressional request, GAO reviewed the software change controls at the Social Security Administration (SSA), focusing on: (1) whether key controls as described in agency policies and procedures regarding software change authorization, testing, and approval complied with federal guidance; and (2) the extent to which agencies contracted for year 2000 remediation of mission-critical systems and involved foreign nationals in these efforts.

GAO noted that: (1) in January 1998, GAO reported that SSA had established a goal to achieve a level 2, or repeatable, software process maturity based on the Carnegie Mellon University Software Engineering Institute's Capability Maturity Model for Software as part of its initiative to improve software processes; and (2) SSA's software process improvement initiatives include several activities related to improving software change controls: (a) the software maintenance activity process will be improved; (b) a process for assessment and implementation of software tools to manage software through its life cycle and control movement of program code will be established; and (c) a Configuration Control Board process and procedures will be developed.

Jul 17, 2014

Jun 25, 2014

May 30, 2014

Apr 17, 2014

Apr 2, 2014

Jan 28, 2014

Jan 8, 2014

Sep 26, 2013

Feb 20, 2013

Feb 1, 2013

Looking for more? Browse all our products here