January 24, 2022

News

News Network

Social Security Contracting: Relevant Guidance Should Be Revised to Reflect the Role of Contracting Personnel in Software Development

7 min read
<div>The approach followed by the Social Security Administration (SSA) in awarding and overseeing contracts generally aligns with the requirements GAO reviewed. For the 27 contracts and orders GAO reviewed, SSA varied its approach depending on the contract type used and the dollar value. For example, one of SSA's written acquisition plans acknowledged the risks to the government associated with time-and-materials contracts. From fiscal year 2015 through 2019, SSA obligated 22.7 percent of its contract dollars on time-and-material contracts compared with 10.5 percent at other civilian agencies. In addition, from fiscal year 2015 through 2019, the rate at which SSA used competitive award procedures to achieve the best value for the agency increased by nearly 20 percentage points. This increase was the result of the agency's increased use of competition in its contracting for information technology (IT). SSA relies heavily on IT resources to support the administration of its programs and related activities. During fiscal years 2015 through 2019, about 65 percent of the $8.3 billion in contract obligations were for IT goods and services compared with about 16 percent at other civilian agencies. The figure shows the percentage of obligations for IT goods and services at SSA. Percentage of Social Security Administration's Contract Obligations for Goods and Services during Fiscal Years 2015 through 2019 SSA adopted an Agile approach to software development for some of its critical IT programs in 2015. An Agile approach to software development involves incremental improvements to software rather than the more traditional single-track approach. Subsequently, SSA developed an IT modernization plan in 2017 that states SSA will use an Agile methodology. GAO's draft Agile Assessment Guide states that an organization's acquisition policies and guidance should support an Agile development approach and identify clear roles for contracting personnel, since this is a different approach than federal agencies previously used. However, GAO found SSA's acquisition handbook does not specifically identify a role for contracting personnel with respect to contracts and task orders involving Agile, which GAO has identified as a leading practice. Identifying a role for contracting personnel in the Agile process should better position SSA to achieve its IT modernization goals and provide appropriate levels of oversight. SSA is responsible for delivering services that touch the lives of virtually every American. To do so, SSA relies on a variety of products and services, including information technology (IT) systems. SSA obligates approximately $1.5 billion annually to procure goods and services, 65 percent of which are IT-related. GAO was asked to assess how SSA implements its contracting and acquisition processes. This report examines: (1) how SSA awards and oversees contracts for products and services, and (2) the extent to which SSA has updated its guidance regarding the role of contracting personnel in software development efforts. GAO reviewed SSA's acquisition policies, interviewed contracting officials, and reviewed a non-generalizable sample of 27 high- and lower value contracts and orders with dollars obligated in fiscal years 2014 through 2018. GAO also examined data from fiscal years 2015-2019 to determine what SSA contracted for and reviewed IT guidance. GAO compared SSA's practices to leading practices for Agile software development with respect to the roles of contracting personnel. GAO recommends that SSA revise relevant guidance to identify the roles of contracting personnel in Agile software development. SSA agreed with this recommendation. For more information, contact William Woods at (202) 512-4841 or woodsw@gao.gov.</div>

What GAO Found

The approach followed by the Social Security Administration (SSA) in awarding and overseeing contracts generally aligns with the requirements GAO reviewed. For the 27 contracts and orders GAO reviewed, SSA varied its approach depending on the contract type used and the dollar value. For example, one of SSA’s written acquisition plans acknowledged the risks to the government associated with time-and-materials contracts. From fiscal year 2015 through 2019, SSA obligated 22.7 percent of its contract dollars on time-and-material contracts compared with 10.5 percent at other civilian agencies. In addition, from fiscal year 2015 through 2019, the rate at which SSA used competitive award procedures to achieve the best value for the agency increased by nearly 20 percentage points. This increase was the result of the agency’s increased use of competition in its contracting for information technology (IT).

SSA relies heavily on IT resources to support the administration of its programs and related activities. During fiscal years 2015 through 2019, about 65 percent of the $8.3 billion in contract obligations were for IT goods and services compared with about 16 percent at other civilian agencies. The figure shows the percentage of obligations for IT goods and services at SSA.

Percentage of Social Security Administration’s Contract Obligations for Goods and Services during Fiscal Years 2015 through 2019

SSA adopted an Agile approach to software development for some of its critical IT programs in 2015. An Agile approach to software development involves incremental improvements to software rather than the more traditional single-track approach. Subsequently, SSA developed an IT modernization plan in 2017 that states SSA will use an Agile methodology. GAO’s draft Agile Assessment Guide states that an organization’s acquisition policies and guidance should support an Agile development approach and identify clear roles for contracting personnel, since this is a different approach than federal agencies previously used. However, GAO found SSA’s acquisition handbook does not specifically identify a role for contracting personnel with respect to contracts and task orders involving Agile, which GAO has identified as a leading practice. Identifying a role for contracting personnel in the Agile process should better position SSA to achieve its IT modernization goals and provide appropriate levels of oversight.

Why GAO Did This Study

SSA is responsible for delivering services that touch the lives of virtually every American. To do so, SSA relies on a variety of products and services, including information technology (IT) systems. SSA obligates approximately $1.5 billion annually to procure goods and services, 65 percent of which are IT-related.

GAO was asked to assess how SSA implements its contracting and acquisition processes. This report examines: (1) how SSA awards and oversees contracts for products and services, and (2) the extent to which SSA has updated its guidance regarding the role of contracting personnel in software development efforts.

GAO reviewed SSA’s acquisition policies, interviewed contracting officials, and reviewed a non-generalizable sample of 27 high- and lower value contracts and orders with dollars obligated in fiscal years 2014 through 2018. GAO also examined data from fiscal years 2015-2019 to determine what SSA contracted for and reviewed IT guidance. GAO compared SSA’s practices to leading practices for Agile software development with respect to the roles of contracting personnel.

What GAO Recommends

GAO recommends that SSA revise relevant guidance to identify the roles of contracting personnel in Agile software development. SSA agreed with this recommendation.

For more information, contact William Woods at (202) 512-4841 or woodsw@gao.gov.

News Network

  • Equatorial Guinea National Day
    In Crime Control and Security News
    Antony J. Blinken, [Read More…]
  • Drug Pricing Program: HHS Uses Multiple Mechanisms to Help Ensure Compliance with 340B Requirements
    In U.S GAO News
    The 340B Drug Pricing Program (340B Program) requires drug manufacturers to sell outpatient drugs at a discount to covered entities—eligible hospitals and other entities participating in the program—in order for their drugs to be covered by Medicaid. Participation in the 340B Program has grown from nearly 9,700 covered entities in 2010 to 12,700 in 2020. The Department of Health and Human Services' (HHS) Health Resources and Services Administration (HRSA) administers the program and oversees covered entities' compliance with 340B Program requirements through annual audits, among other efforts. If audits identify noncompliance with program requirements, HRSA issues findings to covered entities and requires them to take corrective action to continue participating in the 340B Program (see table). Audit Findings Issued to Covered Entities by the Health Resources and Services Administration (HRSA) for Fiscal Years 2012-2019, as of September 2020 340B Program findings of noncompliance Number Eligibility of covered entities. Failure to maintain eligibility-related requirements (e.g., covered entities' oversight of their contract pharmacies). 561 Diversion of 340B drugs to ineligible patients. 340B drugs distributed to individuals who are not eligible patients of a covered entity (e.g., patients' health records are not maintained by the covered entity). 546 Duplicate discounts. Prescribed drugs that may have been subject to both the 340B price and a Medicaid rebate. 429 Total 1,536 Source: GAO analysis of information received from HRSA. | GAO-21-107 HRSA officials told GAO that, beginning in fall 2019, the agency started issuing findings only when audit information presents a clear and direct violation of the requirements outlined in the 340B Program statute. HRSA officials explained that guidance, which is used to interpret provisions of the 340B statute for the purposes of promoting program compliance among covered entities, does not provide the agency with appropriate enforcement capability. For example, HRSA officials reported that there were instances among fiscal year 2019 audits in which the agency did not issue findings for a failure to comply with guidance related to contract pharmacies in part because the 340B statute does not address contract pharmacy use and, therefore, there may not have been a clear statutory violation. In addition to audits, HRSA provides education to covered entities about 340B Program requirements and has implemented other efforts to identify noncompliance. For example, HRSA requires all covered entities to recertify their eligibility to participate in the 340B Program annually (e.g., self-attesting to compliance); and uses a self-disclosure process through which covered entities can disclose and correct self-identified instances of noncompliance. Covered entities can realize substantial savings through 340B Program price discounts, enabling them to stretch federal resources to reach more eligible patients and provide more comprehensive services. GAO was asked to provide information on HRSA's efforts to oversee covered entities' compliance with 340B Program requirements. This report describes (1) the audit findings that HRSA issued to address covered entity noncompliance with 340B Program requirements; and (2) other efforts HRSA uses to help ensure that covered entities comply with 340B Program requirements. GAO reviewed documentation, including relevant federal laws and regulations and HRSA's policies, procedures, and guidance, related to 340B Program oversight. GAO also reviewed HRSA data on the number and type of audit findings made from audits finalized during fiscal years 2012 through 2019 as of September 2020—the latest data available at the time of the audit. GAO also interviewed officials from HRSA, agency contractors, and 340B Program stakeholders. GAO provided a draft of this report to HHS for review. The agency provided written and technical comments on the draft, both of which were incorporated as appropriate. For more information, contact Debra A. Draper at (202) 512-7114 or draperd@gao.gov.
    [Read More…]
  • Attorney General William P. Barr Honors Department of Justice Employees and Others for the 68th Annual Attorney General’s Awards
    In Crime News
    Today, Attorney General [Read More…]
  • Managers of New York Fish Dealer Plead Guilty to Fishing Fraud Conspiracy
    In Crime News
    Bryan Gosman and Asa Gosman, both of Montauk, New York, pleaded guilty today in federal court in Central Islip, New York, to one felony count of criminal conspiracy for their role in a scheme to purchase illegal summer flounder and black sea bass from a local fisherman. In addition, the company which they partially own, Bob Gosman Co. Inc., a federally-licensed fish dealer also located in Montauk, pleaded guilty to two counts of misdemeanor Lacey Act Fish Trafficking.
    [Read More…]
  • Justice Department Launches Investigation of the Mount Vernon Police Department
    In Crime News
    Assistant Attorney General Kristen Clarke for the Justice Department’s Civil Rights Division and U.S. Attorney Damian Williams for the Southern District of New York (SDNY) announced today that the Justice Department has opened a pattern or practice investigation into the Mount Vernon Police Department (MVPD).
    [Read More…]
  • Secretary Blinken’s Call with NATO Secretary General Stoltenberg
    In Crime Control and Security News
    Office of the [Read More…]
  • Floridians Charged and Convicted in Connection with International Enterprise that Operated Sexually Exploitive ‘Child Modeling’ Websites
    In Crime News
    A series of charges and convictions were announced today in connection with an international enterprise based in Florida that operated subscription-based sexually exploitive “child modeling” websites.
    [Read More…]
  • Facial Recognition: CBP and TSA are Taking Steps to Implement Programs, but CBP Should Address Privacy and System Performance Issues
    In U.S GAO News
    U.S. Customs and Border Protection (CBP) has made progress testing and deploying facial recognition technology (FRT) at ports of entry to create entry-exit records for foreign nationals as part of its Biometric Entry-Exit Program. As of May 2020, CBP, in partnership with airlines, had deployed FRT to 27 airports to biometrically confirm travelers' identities as they depart the United States (air exit) and was in the early stages of assessing FRT at sea and land ports of entry. Facial Recognition Technology in Use at an Airport CBP has taken steps to incorporate some privacy principles in its program, such as publishing the legislative authorities used to implement its program, but has not consistently provided complete information in privacy notices or ensured notices were posted and visible to travelers. Ensuring that privacy notices contain complete information and are consistently available would help give travelers the opportunity to decline to participate, if appropriate. Further, CBP requires its commercial partners, such as airlines, to follow CBP's privacy requirements and can audit partners to assess compliance. However, as of May 2020, CBP had audited only one of its more than 20 airline partners and did not have a plan to ensure all partners are audited. Until CBP develops and implements an audit plan, it cannot ensure that traveler information is appropriately safeguarded. CBP has assessed the accuracy and performance of air exit FRT capabilities through operational testing. Testing found that air exit exceeded its accuracy goals—for example, identifying over 90 percent of travelers correctly—but did not meet a performance goal to capture 97 percent of traveler photos because airlines did not consistently photograph all travelers. A plan to improve the photo capture rate would help CBP better fulfill the program's mission of creating biometrically confirmed traveler departure records. Further, while CBP monitors air exit's performance, officials are not alerted when performance falls short of minimum requirements. The Transportation Security Administration (TSA) has conducted pilot tests to assess the feasibility of using FRT but, given the limited nature of these tests, it is too early to fully assess TSA's compliance with privacy protection principles. Within the Department of Homeland Security (DHS), CBP is charged with the dual mission of facilitating legitimate travel and securing U.S. borders, and TSA is responsible for protecting the nation's transportation system. For both CBP and TSA, part of their inspection and screening responsibilities includes reviewing travel identification documents and verifying traveler identities. Beginning in 1996, a series of federal laws were enacted to develop and implement an entry-exit data system, which is to integrate biographic and, since 2004, biometric records for foreign nationals. This report addresses (1) the status of CBP's deployment of FRT, (2) the extent to which CBP has incorporated privacy protection principles, (3) the extent to which CBP has assessed the accuracy and performance of its FRT, and (4) the status of TSA's testing and deployment of FRT and how TSA has incorporated privacy protection principles. GAO conducted site visits to observe CBP's and TSA's use of FRT, which were selected to include all three travel environments—air, land, and sea; reviewed program documents; and interviewed DHS officials. GAO is making five recommendations to CBP to (1) ensure privacy notices are complete, (2) ensure notices are available at locations using FRT, (3) develop and implement a plan to audit its program partners for privacy compliance, (4) develop and implement a plan to capture required traveler photos at air exit, and (5) ensure it is alerted when air exit performance falls below established thresholds. DHS concurred with the recommendations. For more information, contact Rebecca Gambler at (202) 512-8777 or gamblerr@gao.gov.
    [Read More…]
  • Forced Labor Imports: DHS Increased Resources and Enforcement Efforts, but Needs to Improve Workforce Planning and Monitoring
    In U.S GAO News
    Since 2016, U.S. Customs and Border Protection (CBP), within the Department of Homeland Security (DHS), has increased its resources to enforce a prohibition on importing goods made with forced labor, but has not determined its workforce needs. CBP formed the Forced Labor Division in 2018 to lead its efforts, and increased expenditures for the division from roughly $1 million in fiscal year 2018 to $1.4 million in fiscal year 2019. However, CBP has not assessed and documented the staffing levels or skills needed for the Forced Labor Division. For example, the division suspended some ongoing investigations due to a staff shortage and has plans to expand and train its workforce; however, the division has not assessed the number, type, locations, or specialized skills of positions it needs to achieve programmatic results. Without assessing its workforce needs, the division lacks reasonable assurance that it has the right number of people, with the right skills, in the right places. CBP has increased forced labor investigations and civil enforcement actions, but managers lack complete and consistent data summarizing cases. CBP detained shipments under 13 Withhold Release Orders (WRO) from 2016 through 2019, as shown in the figure below. However, the Forced Labor Division uses incomplete and inconsistent summary data to monitor its investigations. For example, data were missing on the sources of evidence collected for almost all active cases. Incomplete and inconsistent summary data on the characteristics and status of cases may hinder managers' effective monitoring of case progress and enforcement efforts. Figure: U.S. Customs and Border Protection (CBP) Forced Labor Withhold Release Orders, 2016 through 2019 With regard to criminal violations, DHS's U.S. Immigration and Customs Enforcement (ICE) has increased its resources to investigate allegations of forced labor, including those related to U.S. imports. ICE coordinates criminal investigations of forced labor, conducted in the U.S. and abroad. ICE reported spending about $40 million on forced labor investigations in fiscal year 2019, an increase of over 50 percent since 2016. Forced labor investigations often involve a range of criminal violations, including violations that are not related to the importation of goods. As such, reported expenditures include costs for cases on related issues, such as human trafficking. Forced labor is a global problem in which individuals are exploited to perform labor or services. The International Labour Organization estimates that forced labor generates profits of $150 billion a year globally. CBP is responsible for enforcing Section 307 of the Tariff Act of 1930, which prohibits the importation of goods made with forced labor. CBP has authority to detain shipments when information indicates that forced labor produced the goods. ICE is responsible for investigating potential crimes related to forced labor, and importers may be subject to prosecution. GAO was asked to review the status of DHS resources for implementing the Section 307 prohibition on forced labor imports, following an amendment of the law in 2016. This report examines (1) the extent to which CBP assessed agency needs for the enforcement of the prohibition on forced labor imports, (2) the outcome of CBP enforcement activities and monitoring of such efforts, and (3) ICE resources for investigations on forced labor. GAO reviewed CBP and ICE documents and data, and interviewed agency officials. This is a public version of a sensitive report GAO issued in July 2020. Information that CBP deemed sensitive has been omitted. GAO is making three recommendations, including that CBP assess the workforce needs of the Forced Labor Division, and improve its forced labor summary case data. CBP concurred with all three recommendations. For more information, contact Kimberly Gianopoulos at (202) 512-8612 or gianopoulosk@gao.gov.
    [Read More…]
  • Arkansas Man Charged in $100 Million COVID-19 Health Care Fraud Scheme
    In Crime News
    A federal grand jury in the Western District of Arkansas returned an indictment yesterday charging an Arkansas man who owned or managed numerous diagnostic testing laboratories with health care fraud in connection with over $100 million dollars in false billings for urine drug testing, COVID-19 testing, and other clinical laboratory services.
    [Read More…]
  • Secretary Antony J. Blinken Virtual Discussion with Students on Ice
    In Crime Control and Security News
    Antony J. Blinken, [Read More…]
  • Deputy Secretary Sherman’s Meeting with Pakistani National Security Advisor Yusuf
    In Crime Control and Security News
    Office of the [Read More…]
  • Harnessing Technology to Address Loneliness and Social Isolation
    In Human Health, Resources and Services
    Physical distancing has [Read More…]
  • Assistant Attorney General Beth A. Williams Commends the Administrative Office of the U.S. Courts for New Website Enhancing Access to Justice
    In Crime News
    Assistant Attorney General Beth A. Williams issued the following statement today on the efforts by the Administrative Office of the U.S. Courts to enhance public and litigant access to electronic court records. This year, as part of its access to justice efforts, the Office of Legal Policy at the Department of Justice partnered with the Administrative Office of the U.S. Courts to improve transparency regarding fee exemptions for access to court records in the Public Access to Court Electronic Records (PACER) system. As part of that partnership, the Administrative Office of the U.S. Courts announced an enhanced PACER website that makes it easier for indigent individuals, as well as pro bono attorneys, academic researchers, and non-profit organizations, to understand how they may access court records for free.
    [Read More…]
  • Judges Focus on Diversity in Clerkship, Internship Hiring
    In U.S Courts
    Federal judges are working to make highly sought-after law clerkships and judicial internships more accessible to a diverse pool of law students.
    [Read More…]
  • Nauru Travel Advisory
    In Travel
    Reconsider travel to [Read More…]
  • Secretary Pompeo Participates in the Geneva Consensus Declaration Signing Ceremony
    In Crime Control and Security News
    Office of the [Read More…]
  • Secretary Blinken’s Participation in the APEC Ministerial Meeting
    In Crime Control and Security News
    Office of the [Read More…]
  • Follow Sentinel-6 Michael Freilich in Real Time As It Orbits Earth
    In Space
    With NASA’s Eyes [Read More…]
  • Celebrating National Disability Employment Awareness Month 
    In Crime Control and Security News
    Office of the [Read More…]

Crime

Network News © 2005 Area.Control.Network™ All rights reserved.