social security: a-44-05-25111
TRANSCRIPT
8/14/2019 Social Security: A-44-05-25111
http://slidepdf.com/reader/full/social-security-a-44-05-25111 1/12
SOCIAL SECURITY
MEMORANDUM
Date: November 10, 2004 Refer To:
To: The Commissioner
From: Acting Inspector General
Subject: Top Issues Facing Social Security Administration Management—Fiscal Year 2005
The Reports Consolidation Act of 2000 requires that we summarize for inclusion in the SocialSecurity Administration’s (SSA) Performance and Accountability Report, our perspective on themost serious management and performance challenges facing SSA. The top management issuesfacing SSA in Fiscal Year 2005, as determined by the Office of the Inspector General, are:Social Security Number Protection, Management of the Disability Process, Improper Payments,Internal Control Environment and Performance Measures, Critical Infrastructure Protection andSystems Security, and Service Delivery.
These areas are dynamic, so we encourage continuous feedback and additional areas to evaluate.Our summary of SSA’s progress in addressing these management issues will be included in theFiscal Year 2005 Performance and Accountability Report.
If you have any questions or need additional information, please call me or have your staff contact Steven L. Schaeffer, Assistant Inspector General for Audit, at (410) 965-9700.
Patrick P. O’Carroll, Jr.
Attachment
cc:James B. LockhartLarry DyeLarry Love
S
8/14/2019 Social Security: A-44-05-25111
http://slidepdf.com/reader/full/social-security-a-44-05-25111 2/12
op Issues Facingocial Security Administration
Management
Fiscal Year 2005
8/14/2019 Social Security: A-44-05-25111
http://slidepdf.com/reader/full/social-security-a-44-05-25111 3/12
Top Management Challenges1
The Reports Consolidation Act of 2000 1 requiresthat we summarize, for inclusion in the SocialSecurity Administration’s (SSA) Performanceand Accountability Report, our perspective on
the most serious management and performancechallenges facing SSA. Since 1997, we have provided our perspective on these managementchallenges to Congress, SSA and other keydecisionmakers. In developing this year’s list,we considered
the four initiatives the Commissioner hasidentified as priorities: Service, Stewardship,Solvency, and Staff;
the most significant issues as outlined in thePresident’s Management Agenda (PMA);
SSA’s progress in responding to the Officeof Management and Budget’s (OMB)Scorecard;
the Inspector General’s Strategic Plan;
the high-risk list prepared by the GovernmentAccountability Office (GAO); andour body of audit and investigative work.
Finally, we prepared a crosswalk to ensure therewas no disconnect or gap among those reviewingSSA’s programs and operations.
Crosswalk of PMA to Commissioner Priorities, OIG Management Challenges, Social SecurityAdvisory Board, and GAO Challenges
PMA CommissionerPriorities
OIG MajorManagement
Challenges
Social SecurityAdvisory Board
GAO Performance andAccountability Challenges
ExpandedElectronicGovernment
Service Service Delivery
Management of theDisability Process
Service to the Public
Disability Reform
Service Delivery
Improve the DisabilityDetermination ServiceProcess and Return to Work
Disability Insurance— High Risk
ImprovedFinancialPerformance
CompetitiveSourcing
Budget andPerformanceIntegration
Stewardship
Solvency
Improper Payments
Critical InfrastructureProtection and SystemsSecurity
SSN Protection
Internal ControlEnvironment and
Performance Measures
SSN Case HandlingQuality
SSN Misuse
Supplemental SecurityIncome
Information Security
StrategicManagementof HumanCapital
Staff Service Delivery StaffingHiringTrainingManagementWork Measurement
Human Capital
1 Pub. L. No. 106-531.
8/14/2019 Social Security: A-44-05-25111
http://slidepdf.com/reader/full/social-security-a-44-05-25111 4/12
Top Management Challenges2
S OCIAL S ECURITY N UMBER
P ROTECTION
The SSN is the single most widely used identifier for Federal and State
governments, as well as the private sector.
In FY 2003, SSA issued over 17.6 millionoriginal and replacement Social Securitynumber (SSN) cards, and SSA receivedapproximately $533 billion in employmenttaxes related to earnings under assignedSSNs. Protecting the SSN and properly
posting the wages reported under SSNs arecritical to ensuring eligible individuals receivethe full benefits due them.
Efforts to Protect the SSN
The SSN has become a key to social, legal,and financial assimilation in this country.Because the SSN is so heavily relied on as anidentifier, it is also valuable as an illegalcommodity. Criminals improperly obtainSSNs by (1) presenting false documentation;(2) stealing another person’s SSN;(3) purchasing an SSN on the black market;(4) using the SSN of a deceased individual; or (5) creating a nine-digit number out of thinair.
To ensure SSN integrity, SSA must employeffective front-end controls in its enumeration
process. To effectively combat SSN misuse,we believe SSA should
establish a reasonable threshold for thenumber of replacement SSN cards anindividual may obtain during a year andover a lifetime,
continue to address identified weaknessesin its information security environment to
better safeguard SSNs, and
consider revising its policies to requirethat field offices obtain independentverification of the birth records for U.S. citizens under age 1 before SSNassignment.
SSA has taken steps to improve controlswithin its enumeration process, includingestablishing the Enumeration Response Team.As a result of the Team’s efforts, SSA now
performs full collateral verification of allimmigration documents before assigningSSNs to noncitizens. SSA requiresmandatory interviews for all applicants for original SSNs who are over age 12 (loweredfrom age 18) and requires evidence of identity
for all children, regardless of age. In addition,SSA has established an Enumeration Center in Brooklyn, New York, that focusesexclusively on assigning SSNs and issuingSSN cards. SSA has also created an IdentityTheft Workgroup in which we participate.
The SSN and Reported Earnings
Properly posting earnings ensures eligibleindividuals receive the full retirement,
survivor and/or disability benefits due them.If earnings information is reported incorrectlyor not reported at all, SSA cannot ensure alleligible individuals are receiving the correct
payment amounts. In addition, SSA’sdisability programs depend on earningsinformation to determine whether anindividual is eligible for benefits and tocalculate the amount of benefit payments.
SSA spends scarce resources correctingearnings data when incorrect information isreported. The Earnings Suspense File (ESF)is the Agency’s record of annual wage reportsfor which wage earners’ names and SSNs failto match SSA’s records. As of October 2003,
8/14/2019 Social Security: A-44-05-25111
http://slidepdf.com/reader/full/social-security-a-44-05-25111 5/12
Top Management Challenges3
SSA had posted 9.6 million wage items to itsESF for Tax Year 2001, representing about$56 billion in wages. This was before some
planned edits, which may have further reduced this number.
While SSA has limited control over thefactors that cause the volume of erroneouswage reports submitted each year, there arestill areas where the Agency can improve its
processes. SSA can improve wage reporting by educating employers on reporting criteria,identifying and resolving employer reporting
problems, and encouraging greater use of theAgency’s SSN verification programs. SSAalso needs to coordinate with other Federal
agencies with separate, yet related, mandates.For example, the Agency now collaborateswith the Internal Revenue Service to achievemore accurate wage reporting.
SSA has taken steps to reduce the size andgrowth of the ESF. For example, SSA hasexpanded its Employee Verification Service
by piloting an on-line service called the SocialSecurity Number Verification Service, whichallows employers to verify the names and
SSNs of employees before reporting their wages to SSA. The Agency has also modifiedits automated processes to better identify thenumberholder related to suspended items.Whereas previous internal edits used only thename and SSN related to the suspended wage,SSA stated the new processes would useinformation stored on the earnings and
benefits records.
The SSN and Unauthorized Work
SSA also assigns nonwork SSNs tononcitizens who are (1) in the United States
but are not authorized to work and (2) are not present in the United States but are entitled toa federally-financed benefit that requires anSSN. In recent years, SSA has strictly limitedthe assignment of such numbers.
Furthermore, SSA monitors noncitizens whoshow earnings under a nonwork SSN andreports this information to the Department of Homeland Security (DHS). Nonetheless, our audits have noted a number of issues relatedto nonwork SSNs, including (1) the type of
evidence provided to obtain a nonwork SSN,(2) the reliability of nonwork SSNinformation in SSA’s records, (3) thesignificant volume of wages reported under nonwork SSNs, and (4) the payment of
benefits to noncitizens who qualified for their benefits while working in the country without proper authorization.
Recent legislation (Pub. L. 108-203, Social Security Protection Act of 2004 ) prohibits the
payment of Title II benefits based on theearnings of any individual who is not aU.S. citizen or national and who has never
been issued an SSN to work in the UnitedStates. SSA’s implementation of this newlaw will require increased coordination withDHS to ensure SSA has the correct work status information in its systems.
8/14/2019 Social Security: A-44-05-25111
http://slidepdf.com/reader/full/social-security-a-44-05-25111 6/12
Top Management Challenges4
M ANAGEMENT OF THE
D ISABILITY P ROCESS
In FY 2003, DDSs processed over 2.5 million initial disability claims, and
the average processing time was 97 days.
SSA administers the Disability Insurance (DI)and Supplemental Security Income (SSI)
programs, which provide benefits based ondisability. Most disability claims are initially
processed through a network of SocialSecurity field offices and State DisabilityDetermination Services (DDS). SSArepresentatives in the field offices areresponsible for obtaining applications for
disability benefits, disability report forms andauthorization for disclosure of informationforms as well as verifying non-medicaleligibility requirements, which may includeage, employment, marital status, or SocialSecurity coverage information. After initial
processing, the field office sends the case to aDDS to develop medical evidence andevaluate disability.
Once SSA establishes an individual is eligible
for disability benefits under either the DI or SSI program, the Agency turns its effortstoward ensuring the individual continues toreceive benefits only as long as SSA’seligibility criteria are met. For example, acontinuing disability review (CDR) may showthe individual no longer meets SSA’sdisability criteria or has demonstrated medicalimprovement.
If an individual disagrees with the Agency’sdecision on his/her claim or CDR, theclaimant can appeal to SSA’s Office of Hearings and Appeals (OHA). OHA’s fieldstructure consists of 10 regional offices and140 hearing offices. OHA’s administrativelaw judges hold hearings and issue decisions.In FY 2003, hearing offices processed571,928 cases. OHA’s average processing
time has increased significantly from274 days in FY 2000 to 344 days in FY 2003.Further, the pending workload was591,562 cases on September 30, 2003,whereas it was 346,756 cases on
September 30, 2000. We have focused our attention on weaknesses within OHA—suchas the backlog of cases, safeguards for sensitive information in case files, andshredding documents.
GAO added modernizing Federal disability programs—including SSA’s—to its 2003high-risk list due, in part, to outmodedconcepts of disability, lengthy processingtimes, and decisional inconsistencies. InSeptember 2003, the Commissioner of SocialSecurity proposed a new approach toimproving the disability determination
process, which includes several initiatives thatemphasize timely and accurate disabilitydecisions. For example, a quick-decision stepwould initially sort claims based oninformation provided by claimants to identify
people who are obviously disabled.Additionally, the Commissioner proposed anin-line quality review process and acentralized quality control unit. TheCommissioner views her September 2003
proposal as the first step in a collaborative process eventually leading to a final plan for disability improvements.
In addition to her long-term proposal, theCommissioner has accelerated the Agency’stransition to the electronic disability folder.The electronic disability folder will allow for disability claims information to be storedelectronically and transmitted electronically
between field offices, DDSs, and OHA.
8/14/2019 Social Security: A-44-05-25111
http://slidepdf.com/reader/full/social-security-a-44-05-25111 7/12
Top Management Challenges5
Disability Fraud
Fraud is an inherent risk in SSA’s disability programs. Some unscrupulous people viewSSA’s disability benefits as money waiting to
be taken. A key risk factor in the disability program is individuals who feign or exaggerate symptoms to become eligible for disability benefits. Another key risk factor isthe monitoring of medical improvements for disabled individuals to ensure thoseindividuals who are no longer disabled areremoved from the disability rolls.
We are working with SSA to address theintegrity of the disability programs through
the Cooperative Disability Investigation(CDI) program. The CDI program’s missionis to obtain evidence that can resolvequestions of fraud in SSA’s disability
programs. The CDI program is managed in acooperative effort between SSA’s Office of Operations, the Office of the Inspector General, and the Office of DisabilityPrograms. There are 18 CDI units operatingin 17 States. In the first half of FY 2004, theCDI units saved SSA almost $64 million by
identifying fraud and abuse related to initialand continuing claims within the disability program.
I MPROPER P AYMENTS
In FY 2003, SSA issued over $500 billion in benefit payments to about
50 million beneficiaries.
SSA issues benefit payments under the
Old-Age, Survivors and Disability Insurance(OASDI) and SSI programs. Since SSA isresponsible for issuing timely benefit
payments for complex entitlement programsto about 50 million individuals, even theslightest error in the overall process can resultin millions of dollars in over- or underpayments.
Improper payments are defined as paymentsthat should not have been made or were madefor incorrect amounts. Examples of improper
payments include inadvertent errors, payments for unsupported or inadequately
supported claims, or payments to ineligible beneficiaries. Furthermore, the risk of improper payments increases in programswith
a significant volume of transactions,
complex criteria for computing payments,and
an overemphasis on expediting payments.
The President and Congress have expressedinterest in measuring the universe of improper
payments within the Government. In August2001, OMB published the FY 2002 PMA,which included a Government-wide initiativefor improving financial performance. In
November 2002, the Improper Payments Information Act of 2002 was enacted, andOMB issued guidance in May 2003 onimplementing this law.
Under the Act, agencies that administer programs where the risk of improper payments is significant must estimate their annual amount of improper payments andreport this information in their AnnualPerformance and Accountability Reports.OMB works with each agency to establishgoals for reducing improper payments for each program.
SSA and the Office of the Inspector General
have had discussions on such issues asdetected versus undetected improper payments and avoidable versus unavoidableoverpayments that are outside the Agency’scontrol and a cost of doing business. InAugust 2003, OMB issued specific guidanceto SSA to only include avoidableoverpayments in its improper payment
8/14/2019 Social Security: A-44-05-25111
http://slidepdf.com/reader/full/social-security-a-44-05-25111 8/12
Top Management Challenges6
estimate because these payments could bereduced through changes in administrativeactions. Unavoidable overpayments thatresult from legal or policy requirements arenot included in SSA’s improper payment
estimate.SSA has been working to improve its abilityto prevent over- and underpayments byobtaining beneficiary information fromindependent sources sooner and/or usingtechnology more effectively. For example,the Agency is continuing its efforts to preventimproper payments after a beneficiary diesthrough the use of Electronic Death
Registration information. Also, the Agency’sCDR process identifies and prevents
payments to beneficiaries who are no longer disabled.
In FY 2004, we focused on improper payments that go undetected by SSA’s normal processes. For instance, in one review of disabled beneficiaries who work, we foundthat SSA had assessed about $1.78 billion inoverpayments for about 117,320 individuals.However, we estimated the Agency did notdetect about $1.37 billion in overpayments toabout 63,000 beneficiaries. SSA isimplementing eWork, a new initiative tostrengthen controls in this area.
Working with SSA, we have made greatstrides in reducing benefit payments to
prisoners and SSI payments to fugitive felons,and these efforts continue. However, our work has shown that improper payments— such as those related to workers’compensation—continue to diminish theSocial Security trust funds. Additionally,with the passage of the Social Security
Protection Act of 2004 , SSA faces newchallenges in preventing and recoveringimproper payments—such as OASDI benefitsto fugitives.
I NTERNAL C ONTROL
E NVIRONMENT AND
P ERFORMANCE M EASURES
Assessing the control environment over DDSs and SSA’s performance measures helps ensure the Agency is properly
managing its resources to meet it mission.
Internal control comprises the plans, methods,and procedures used to meet missions, goals,and objectives. Internal controls helpsafeguard assets and prevent and detect errorsand fraud. Assessing the internal controlenvironment is important since internalcontrol is a critical part of performance-basedmanagement. SSA’s internal controlenvironment helps its managers achievedesired results through effective stewardshipof public resources.
SSA is responsible for implementing policiesfor the development of disability claims under the DI and SSI programs. Disabilitydeterminations under both DI and SSI are
performed by DDSs in each State inaccordance with Federal regulations. Incarrying out its obligation, each DDS isresponsible for determining claimants’disabilities and ensuring adequate evidence isavailable to support its determinations. Toassist in making proper disabilitydeterminations, each DDS is authorized to
purchase medical examinations, x-rays, andlaboratory tests on a consultative basis tosupplement evidence obtained from theclaimants’ physicians or other treatingsources. There are 52 DDSs located in each
of the 50 States, the District of Columbia, andPuerto Rico. SSA reimburses the DDS for 100 percent of allowable expenditures up toits approved funding authorization. In FY2003, SSA allocated over $1.6 billion to fundDDS operations.
8/14/2019 Social Security: A-44-05-25111
http://slidepdf.com/reader/full/social-security-a-44-05-25111 9/12
Top Management Challenges7
During FYs 2000 through 2003, weconducted 15 DDS administrative cost audits.In 13 of the 15 audits, internal controlweaknesses were identified. For example, wereported that improvements were needed to
ensure Federal funds were properly drawnand payments to medical providers were inaccordance with Federal regulations. Thelack of effective internal controls can result inthe mismanagement of Federal resources andincrease the risk of fraud.
In 6 of the 15 DDS administrative cost audits,we reported unallowable indirect coststotaling about $12.3 million. As a result, weinitiated a separate review of SSA’s oversightof indirect costs. We reported that SSAneeded to improve its oversight of indirectcosts claimed by DDSs to ensure SSA fundsobligated by DDSs through the indirect cost
process benefited SSA’s disability programsand the costs were equitably distributed to its
programs.
Congress, external interested parties, and thegeneral public need sound data to monitor andevaluate SSA’s performance. SSA relies
primarily on internally generated data tomanage the information it uses to administer its programs and report to Congress and the
public. The necessity for good internal dataGovernment wide has resulted in the passageof several laws, including the GovernmentPerformance and Results Act. In addition tothe legislation calling for greater accountability within the Government, thePMA has focused on the integration of the
budget and performance measurement processes. The PMA calls for agencies to,over time, identify high quality outcomemeasures, accurately monitor the performanceof programs, and begin integrating this
presentation with associated costs.
SSA sets forth its mission and strategic goalsin strategic plans, establishes yearly targets inits annual performance plan, and reports on its
performance annually. Each year, we conductaudits to assess the internal controlenvironment over SSA’s performancemeasures. The objective of this work is toassess the reliability of SSA’s performancedata and evaluate the extent to which SSA’s
performance measures describe its plannedand actual performance meaningfully.
Assessing the control environment over DDSsand SSA’s performance measures helpsensure the Agency is properly managing itsresources to meet its mission.
C RITICAL I NFRASTRUCTURE
P ROTECTION AND S YSTEMS
S ECURITY
The information technology revolution has changed the way government and
business operate.
Today, the growth in computer interconnectivity brings a heightened risk of disrupting or sabotaging critical operations,reading or copying sensitive data, andtampering with critical processes. Those whowish to disrupt or sabotage critical operationshave more tools than ever. The United Statesworks to protect the people, economy,essential services, and national security byensuring that any disruptions are infrequent,manageable, of minimal duration, and causethe least damage possible. The Governmentmust continually strive to secure informationsystems for critical infrastructures. Protectionof these systems is essential totelecommunications, energy, financialservices, manufacturing, water, transportation,health care, and emergency services.
8/14/2019 Social Security: A-44-05-25111
http://slidepdf.com/reader/full/social-security-a-44-05-25111 10/12
Top Management Challenges8
SSA’s information security challenge is tounderstand and mitigate systemvulnerabilities. At SSA, this means ensuringthe security of its critical informationinfrastructure, such as access to the Internet
and its networks. By improving systemssecurity and controls, SSA will be able to usecurrent and future technology moreeffectively to fulfill the public’s needs. The
public will not use electronic access to SSAservices if it does not believe those systemsare secure. SSA addresses criticalinformation infrastructure and systemssecurity in a variety of ways. For example, ithas created a Critical Infrastructure Protectionwork group that works toward compliance
with various directives, such as the HomelandSecurity Presidential Directives and the Federal Information Security Management Act of 2002 . SSA has several other components throughout the organization thathandle systems security, including the Officeof Information Technology Security Policywithin the Office of the Chief InformationOfficer.
Homeland Security Presidential Directive 7requires that all Federal departments andagency heads identify, prioritize, assess,remediate, and protect their respective criticalinfrastructure and key resources. OMB
provided guidance to Federal departments andagencies on how to prepare plans to protect
physical and cyber critical infrastructure andkey resources and to complete these plans byJuly 31, 2004. We have worked closely withSSA to help meet these requirements. TheAgency plans must address identification,
prioritization, protection, and contingency planning, including the recovery andreconstitution of essential capabilities.
One important issue in systems security isrestricting physical access to the Agency’ssystems and data. We reported on physicalsecurity problems at several hearing officesand noted that non-SSA employees were
allowed inappropriate access to secured areas.Though the managers at these sites took
prompt action to remedy the security breaches, we believe the same securityconcerns may be present at other hearing
offices. However, because our observationswere limited to only a few offices, we do notknow how pervasive these security breachesmay be. We plan to better assess OHA’svulnerabilities in this area.
In addition, under the Federal InformationSecurity Management Act , we independentlyevaluate SSA’s security program. We alsomonitor the Agency’s efforts and progress onthe Expanded Electronic Governmentinitiative of the PMA. Systems security is akey component of this initiative, and we areworking with the Agency to resolveoutstanding issues so it can get to “green” onthe Electronic Government Scorecard.
S ERVICE D ELIVERY
Given the complexity of Agency programs,the billions of dollars in payments at
stake, and the millions of citizens who rely on SSA, we must ensure that quality,
timely, and appropriate services are consistently provided to the public-at-
large.
One of SSA’s goals is to deliver high-quality,“citizen-centered” service. This goalencompasses traditional and electronicservices to applicants for benefits,
beneficiaries and the general public. Itincludes services to and from States, other agencies, third parties, employers, and other
organizations, including financial institutionsand medical providers. This area includes basic operational services, and two of thegreatest challenges in the area are therepresentative payee process and managinghuman capital.
8/14/2019 Social Security: A-44-05-25111
http://slidepdf.com/reader/full/social-security-a-44-05-25111 11/12
Top Management Challenges9
Representative Payee Challenges
When SSA determines a beneficiary cannotmanage his/her benefits, SSA selects arepresentative payee who must use the
payments for the beneficiary’s needs. Thereare about 5.4 million representative payeeswho manage benefit payments for 6.8 million
beneficiaries. While representative payees provide a valuable service for beneficiaries,SSA must provide appropriate safeguards toensure they meet their responsibilities to the
beneficiaries they serve.
We have completed several audits of representative payees. Our audits have
identifieddeficiencies with the accounting for
benefit receipts and disbursements,
vulnerabilities in the safeguarding of beneficiary payments,
poor monitoring and reporting to SSA of changes in beneficiary circumstances,
inappropriate handling of beneficiary-conserved funds, and
improper charging of fees.
In March 2004, the President signed into lawthe Social Security Protection Act of 2004 .This Act provides several new safeguards for those individuals who need a representative
payee. In addition, it presents significantchallenges to SSA to ensure representative
payees meet beneficiaries’ needs. For
example, it requires that SSA conduct periodic on-site reviews of representative payees and a statistically valid survey todetermine how payments made torepresentative payees are being used. It alsoauthorizes SSA to impose civil monetary
penalties for offenses involving misuse of benefits received by a representative payee.
Human Capital Challenges
SSA, like many other Federal agencies, is being challenged to address its human capitalshortfalls. In January 2001, GAO added
strategic human capital management to its listof high-risk Federal programs and operations.In addition, Strategic Management of HumanCapital is one of five Government-wideinitiatives contained in the PMA.
By the end of 2012, SSA projects its DI andOld-Age and Survivors Insurance benefit rollswill increase by 35 percent and 18 percent,respectively. At the same time, 59 percent of SSA’s employees will be eligible to retire.
This retirement wave will result in a loss of institutional knowledge that will affect SSA’sability to deliver quality service to the public.
Along with the workload increase, theincredible pace of technological change willhave a profound impact on both the public’sexpectations and SSA’s ability to meet thoseexpectations. In the face of these challenges,technology is essential to achievingefficiencies and enabling employees to deliver the kind of service every claimant, beneficiaryand citizen needs and deserves.
The critical loss of institutional skills andknowledge, combined with greatly increasedworkloads at a time when the baby-boomgeneration will require its services, must beaddressed by succession planning, strongrecruitment efforts, and the effective use of technology.
SSA continues to score “green” in “Progressin Implementing the President’s ManagementAgenda” on the OMB Scorecard and, in July2004, improved its rating in “Status” from“yellow” to “green.”
8/14/2019 Social Security: A-44-05-25111
http://slidepdf.com/reader/full/social-security-a-44-05-25111 12/12