Social Security Administration

Agency Affected	Recommendation	Status
Social Security Administration	The Commissioner of the Social Security Administration should direct the CIO to establish a plan and time frame for completing the covered IoT inventory, as directed by OMB. (Recommendation 10)	Open When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.

IT Portfolio Management: OMB and Agencies Are Not Fully Addressing Selected Statutory Requirements

GAO-25-107041

Nov 14, 2024

Show

1 Open Recommendations

Agency Affected	Recommendation	Status
Social Security Administration	The Commissioner of the Social Security Administration should direct its agency CIO to work with OMB to ensure that annual reviews of their IT portfolio are conducted in conjunction with the Federal CIO and the Chief Operating Officer or Deputy Secretary (or equivalent), as prescribed by FITARA. (Recommendation 44)	Open When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.

Cloud Computing: Selected Agencies Need to Implement Updated Guidance for Managing Restrictive Licenses

GAO-25-107114

Nov 13, 2024

Show

1 Open Recommendations

Agency Affected	Recommendation	Status
Social Security Administration	The Commissioner of the Social Security Administration should update and implement guidance to fully address identifying, analyzing, and mitigating the impacts of restrictive software licensing practices on cloud computing efforts. (Recommendation 11)	Open When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.

Cloud Computing: Selected Agencies Need to Implement Updated Guidance for Managing Restrictive Licenses

GAO-25-107114

Nov 13, 2024

Show

1 Open Recommendations

Agency Affected	Recommendation	Status
Social Security Administration	The Commissioner of the Social Security Administration should assign and document responsibility for identifying and managing potential impacts of restrictive software licensing practices across the agency. (Recommendation 12)	Open When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.

Federal Workforce: Actions Needed to Improve Recruitment and Retention in Alaska, Hawaii, and U.S. Territories

GAO-25-106527

Oct 15, 2024

Show

1 Open Recommendations

Agency Affected	Recommendation	Status
Social Security Administration	The Commissioner of the Social Security Administration should ensure that employees in offices that are outside of the Eastern time zone are able to access live training at a reasonable time, that includes the opportunity to interact with the instructor(s) and peers. (Recommendation 12)	Open The Social Security Administration (SSA) concurred with this recommendation. SSA described actions they plan to take to address this recommendation. We will update the status of this recommendation when we receive additional information from the agency.

Federal Workforce: Actions Needed to Improve Recruitment and Retention in Alaska, Hawaii, and U.S. Territories

GAO-25-106527

Oct 15, 2024

Show

1 Open Recommendations

Agency Affected	Recommendation	Status
Social Security Administration	The Commissioner of the Social Security Administration should evaluate the agency's current recruitment strategies and efforts to identify opportunities to broaden the pool of qualified local candidates across all hard-to-fill noncontiguous areas. (Recommendation 9)	Open The Social Security Administration (SSA) concurred with this recommendation. SSA described actions they are taking and plan to take to address this recommendation. We will update the status of this recommendation when we receive additional information from the agency.

Social Security Administration: Actions Needed to Help Ensure Success of Electronic Verification Service

GAO-24-106770

Oct 10, 2024

Show

1 Open Recommendations

Agency Affected	Recommendation	Status
Social Security Administration	The SSA Commissioner should ensure that the Associate Commissioner of the Office of Data Exchange, Policy Publications and International Negotiations includes in relevant Federal Register or other public notices a detailed explanation of any changes to eCBSV user fees, such as by describing cost recovery methodologies and assumptions, recent and projected costs, and user-fee collections. (Recommendation 4)	Open When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.

Social Security Administration: Actions Needed to Help Ensure Success of Electronic Verification Service

GAO-24-106770

Oct 10, 2024

Show

2 Open Recommendations

Agency Affected	Recommendation	Status
Social Security Administration	The SSA Commissioner should ensure that the Associate Commissioner of IT Financial Management and Support implements appropriate controls to ensure all significant IT investments follow the Information Technology Investment Process. (Recommendation 2)	Open When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.
Social Security Administration	The SSA Commissioner should ensure that the Associate Commissioner of Data Exchange, Policy Publications and International Negotiations establishes performance measures and related goals for use of eCBSV. (Recommendation 7)	Open When we confirm what actions the agency has taken in response to this recommendation, we will provide updated information.

Cloud Computing: Agencies Need to Address Key OMB Procurement Requirements

GAO-24-106137

Sep 20, 2024

Show

1 Open Recommendations

Agency Affected	Recommendation	Status
Social Security Administration	The Commissioner of SSA should ensure that the CIO of SSA updates guidance to put a cloud SLA in place with every vendor when a cloud solution is deployed. The guidance should include language that addresses OMB's required elements for SLAs, including: clear performance metrics and remediation plans for non-compliance. (Recommendation 45)	Open The Social Security Administration (SSA) has not yet taken any actions to implement our recommendation. We will continue to monitor SSA's progress in implementing this recommendation.

View More Recommendations

Social Security Administration

Recent Reports

Open Recommendations (35 total)

Internet of Things: Federal Actions Needed to Address Legislative Requirements

IT Portfolio Management: OMB and Agencies Are Not Fully Addressing Selected Statutory Requirements

Cloud Computing: Selected Agencies Need to Implement Updated Guidance for Managing Restrictive Licenses

Cloud Computing: Selected Agencies Need to Implement Updated Guidance for Managing Restrictive Licenses

Federal Workforce: Actions Needed to Improve Recruitment and Retention in Alaska, Hawaii, and U.S. Territories

Federal Workforce: Actions Needed to Improve Recruitment and Retention in Alaska, Hawaii, and U.S. Territories

Social Security Administration: Actions Needed to Help Ensure Success of Electronic Verification Service

Social Security Administration: Actions Needed to Help Ensure Success of Electronic Verification Service

Cloud Computing: Agencies Need to Address Key OMB Procurement Requirements

America's Money Matters - Understanding the Nation's Long-Term Fiscal Health

Retirement Security Challenges

How Can We Fix Social Security?

The Federal Government Collects Large Amounts of Personal Data. But How Is It Protected?

How Prepared Was the Federal Government to Use Telework During the Pandemic?

America's Fiscal Health Update

Interactive Graphic

GAO’s Information Technology & Cybersecurity Team

What Can You Do After a Data Breach?

Recent Reports

Open Recommendations (35 total)

Related Pages

America's Money Matters - Understanding the Nation's Long-Term Fiscal Health

Retirement Security Challenges

How Can We Fix Social Security?

Thumbnail

Interactive Graphic

GAO’s Information Technology & Cybersecurity Team

What Can You Do After a Data Breach?