Menu Search Account

LegiStorm

Get LegiStorm App Visit Product Demo Website
» Get LegiStorm App
» Get LegiStorm Pro Free Demo

Information Security: Software Change Controls at the Social Security Administration

  Premium   Download PDF Now (2 pages)
Report Type Reports and Testimonies
Report Date June 30, 2000
Report No. AIMD-00-198R
Subject
Summary:

Pursuant to a congressional request, GAO reviewed the software change controls at the Social Security Administration (SSA), focusing on: (1) whether key controls as described in agency policies and procedures regarding software change authorization, testing, and approval complied with federal guidance; and (2) the extent to which agencies contracted for year 2000 remediation of mission-critical systems and involved foreign nationals in these efforts.

GAO noted that: (1) in January 1998, GAO reported that SSA had established a goal to achieve a level 2, or repeatable, software process maturity based on the Carnegie Mellon University Software Engineering Institute's Capability Maturity Model for Software as part of its initiative to improve software processes; and (2) SSA's software process improvement initiatives include several activities related to improving software change controls: (a) the software maintenance activity process will be improved; (b) a process for assessment and implementation of software tools to manage software through its life cycle and control movement of program code will be established; and (c) a Configuration Control Board process and procedures will be developed.

« Return to search Government Accountability Office reports