SSA Year 2000 Continuity of Operations (COOP) Plan

Table of Contents

1 Introduction *
1.1 Purpose *
1.2 Use and Scope *
1.3 Assumptions *
1.4 Methodology *
 2 Organization *
2.1 Business Continuity Strategy *
2.2 `Roles and Responsibilities *
 3 SSA Core Business Processes *
3.1 Description of Core Business Processes *
3.1.1 Enumeration *
3.1.2 Earnings *
3.1.3 Claims *
3.1.4 Postentitlement *
3.1.5 Informing The Public *
3.2 Key Support Processes *
3.2.1 Administrative and Management Information Systems *
3.2.2 Information Technology Infrastructure *
3.3 Dependencies *
 4 Matrices *
4.1 Core Business Process: Enumeration *
4.2 Core Business Process: Earnings *
4.3 Core Business Process: Claims *
4.3.1 Title II *
4.3.2 Title XVI *
4.4 Core Business Process: Postentitlement *
4.4.1 Title II *
4.4.2 Title XVI *
4.5 Core Business Process: Informing the Public *
4.6 Administrative and Management Information Systems *
4.7 Major Infrastructure Systems *
 5 Contingency Plan Testing *
5.1 Test Guidelines and Environment *
5.1.1 Review *
5.1.2 Rehearsal *
5.1.3 Audit *
 6 Contingency Plan Management *
6.1 Plan Monitoring and Tracking *
6.2 Process for Plan Updates *
 7 Definitions *

 

SSA’s Year-2000 Business Continuity and Contingency Plan

 

 1 Introduction

Since the earliest days of electronic data processing, calendar years were identified by only the last two digits. As a result, the information technology (IT) industry now faces a problem that is unique in the history of computer processing C a change of century. Every aspect of the Social Security Administration’s (SSA) mission in some way depends on IT. Because of this, every one of the Agency’s automated processes is at risk of failure on January 1, 2000 unless action is taken to avert the problem. Simply stated, all in-house and vendor software, all hardware, telecommunications, facilities, embedded chips, i.e., the entire IT infrastructure, must be examined for year-2000 compliance. The challenge is unique in that its scope is majo r and its due date unalterable. The scope is so pervasive that, by definition, it carries unusually high risks. SSA needs to identify all potential risks and threats to the continuity of its business, develop actions to mitigate those risks, and develop c ontingency plans to continue business if failures do occur.

The risk of failure is not limited to SSA’s internal information systems. The Agency depends on data provided by its business partnersC including other Federal agencies, States, the Disability Determination Services, and third parties. SSA also depends on vendors from which telecommunications, software and other IT goods and services are provided. Finally SSA, like every organization, dep ends on services provided by the public infrastructureC including power, water, transportation, and voice and data telecommunications.

SSA is not alone in this challenge. Every Federal, State and local government agency and every business within the private sector face similar risks. That SSA’s customer base includes virtually every American citizen, legal aliens and many foreign nati onals living abroad, makes it incumbent on the Agency to prepare itself to continue its business uninterrupted into the year 2000.

1.1 Purpose

The purpose of this Plan is to ensure the continuity of SSA’s core business processes by identifying, assessing, managing and mitigating year-2000 risks. SSA’s Year-2000 Business Continuity and Contingency Plan (BCCP) will prepare the Agency to avoid a crisis that could result if its automated systems are unable to recognize year-2000 dates. Resources critical to operating SSA’s core business processes and key support processes, defined later in this document, are identified so that a basic level of services can be provided to SSA’s customers until the normal level of services can be restored. The BCCP identifies risks and threats, establishes mitigation strategies for the identified risks and threats, and provides contingencies in th e event risk mitigation efforts fail.

SSA has a Year-2000 program, with dedicated resources in place, to ensure that its automated systems function correctly beginning January 2000. Detailed procedures have been developed and implemented for formal certification of SSA’s systems. The certi fication is comprised of baseline testing, simulated forward-date testing and forward-date integration testing. In addition, the Agency will re-certify Year-2000 certified software that changes during 1999 due to legislation, cyclical or Agency requiremen ts. Further, SSA has imposed a moratorium on discretionary changes to SSA systems between September 1, 1999 and March 31, 2000.

Although these efforts greatly reduce the chance of a systems failure, there are no guarantees that automated systems will not be adversely affected. SSA has numerous data exchanges with external trading partners and also relies on external sources to provide basic services such as electric power and telecommunications. While SSA is working closely with external organizations and expects these systems and services to be available, the BCCP will ensure that business processes can continue in the event o f an unexpected failure.

1.2 Use and Scope

The successful operation of the Agency’s core business processes depends heavily on complex information systems, a wide range of internal and external products and services, and on the uninterrupted operations of the major information techno logy infrastructure. The BCCP will be used to ensure that SSA’s core business processes and key support processes remain the central focus in preparing its automated systems for the year 2000. This high level plan identifies broad areas of risk and genera l mitigation strategies and contingencies. For each core business process and key support process, risk mitigation strategies and contingency plans will work together to ensure that processes continue uninterrupted. As risk mitigation strategies are in pl ace, the degree of risk decreases and the chance for needing to implement the contingency plan are reduced. The BCCP will also be used to identify areas where more detailed plans are needed.

The scope of the BCCP is broad and comprehensive. It covers the enterprise-wide infrastructure that supports business operations at the national and local levels. From a business perspective, potential risks and threats are identified along with risk-m itigation strategies. Contingencies are also provided in the event risks and threats are not successfully mitigated. An interruption in the infrastructure could affect SSA’s ability to provide services to its customers. The plan outlines SSA’s core busine ss processes, and discusses the strategies to provide for the continuation of services.

1.3 Assumptions

In developing the BCCP the following assumptions were made:

 1.4 Methodology

A team, composed of representatives from SSA components responsible for the conduct of core business processes, was convened for the purpose of formulating a Business Continuity and Contingency Plan for the Agency. The team analyzed the core business processes and supporting infrastructure to identify risks or threats to providing uninterrupted service to SSA’s customers. It also developed contingency plans to be activated should a failure occur. The contingency plans describe the steps SSA would take, to ensure the continuity of the core business processes in the event of a year-2000-induced system failure. In some instances, the contingency refers to business continuity plans developed at the local level. The heart of the BCCP is the Risk Mitigation and Contingency Planning matrix that is found in section 4. The following describes how the team developed the elements of the matrix.

For each core business process, the team determined what aspects of core processes would be at risk in the event of a system failure. These determinations became the risks and threats. The major systems supporting the processes were also identified. Fo r example, SSA will not be able to issue new or replacement Social Security Number cards through the Enumeration process if the Modernized Enumeration System does not function.

The team next identified the time horizon to failure; i.e., the date when the core business process would not operate because of a year-2000 related problem. In many instances that date is the first day or the first business day of 2000.

The business priority is used to determine the most critical areas to which resources should be applied to prepare for a potential failure. It is represented as a numerical score; the highest number reflects the highest priority. The business priority itself was derived from two factors, the risk assessment and impact of a failure on SSA’s ability to continue to do business. Risk assessment is the probability that the risk or threat will occur, and is expressed numerically, on a scale of 0.1 to 1.0. Th e following factors were considered in determining the risk assessment:

 Because factors such as the status of renovation and testing will change as time progresses, it is possible that the business priority will change as the year 2000 nears. Thus, the BCCP is a dynamic document, and will be updated quarterly to reflect ne w or changed information.

Impact is expressed as a numeric value ranging from 1 to 10. The value reflects the effect on SSA’s ability to deliver service to its customers if the risk or threat occurs. The greater the value, the more negative the impact on service delivery. Facto rs contributing to determining the degree of impact are:

 The Risk Mitigation Strategy includes a statement of the action to eliminate the risk or threat, the date by which the action is to be completed, and the component responsible for the action. These were developed from the Year-2000 Project management i nformation as well as actions identified by the BCCP team.

The Contingency and Triggers element of the matrix identifies the events that set the contingency plan in motion. Referred to are detailed existing plans and plans under development at the local level. The described actions maximize the available funct ionality and trigger the activities needed to resume normal operations.

 

 2 Organization

 2.1 Business Continuity Strategy

SSA’s strategy for ensuring systems readiness for the year 2000 centers around the core business processes and the key supporting processes. Planning for business continuity provides a prudent response to critical business risks that cannot be put to rest until all mission-dependent computer systems have been shown to be operationally stable and free of year-2000 problems.

The business risks to SSA stem from the potential failure of both internal and external information and systems. For example, the enumeration process issues original Social Security numbers and replacement Social Security cards. The automated system th at supports this process is the Modernized Enumeration System. If the system does not work as expected, the card will not be produced. In terms of external systems, SSA receives death information from States and other Federal agencies. If these systems ar e not year-2000 compliant, SSA cannot process the information, with the possibility that overpayments would result.

SSA has analyzed its core business processes to identify the risks or threats to providing uninterrupted service, and has devised plans to be activated should a failure occur. The risks and threats along with contingency planning measures are presented in section 4 of the BCCP.

2.2 Roles and Responsibilities

SSA’s Year-2000 Program Manager and staff in the office of the Deputy Commissioner for Systems have developed a comprehensive year-2000 strategy for the Agency that is being closely monitored for progress and achievement. In addition, a busi ness continuity and contingency intercomponent planning team was established to develop contingency plans for continuing SSA’s business operations in the event of a year-2000 related disruption. This team developed the BCCP by identifying and defining the risks and threats within each core business process and designating the component responsible for dealing with the contingency. It developed risk mitigation strategies and milestones and developed plans for return to normal operations. As team discussion s proceeded, it became apparent that local contingency plans needed to be developed and put in place for those components performing a critical role in the core business processes.

SSA Component Component Contingency Planning Responsibility
Office of Operations Develop the local business continuity and contingency plans for field offices, teleservice centers, program service centers and central operations components; which comprise standard procedures to be followed throughout the nation’s operations structur e.
Office of Policy and Programs Develop a local business continuity and contingency plan for Office of Hearings and Appeals and the Office of Disability; and coordinate Disability Determination Services contingency operations.
Office of Finance, Assessment and Management Develop business continuity and contingency plan for Agency facilities and infrastructure; and develop the Agency payment delivery contingency plan for title II and title XVI benefit payments.
Office of Systems Develop, monitor and maintain Agency-level Year-2000 Business Continuity and Contingency Plan, develop contingency plans for the Business Resumption Teams, and develop Day 1 Plans.
Office of Communications Develop business continuity and contingency plan for communicating to SSA’s employees, customers and general public any matter of interest concerning Agency operations affected by a year-2000 contingency.

In addition, the Deputy Commissioner for Systems will establish Business Resumption Teams to be activated in the event of a system failure. Each team will be responsible for a particular system’s core business area and for carrying out a previously dev eloped action plan.

 

 3 SSA Core Business Processes

 SSA’s core business processes depend on a complex infrastructure that is crucial to its ongoing operations. Power, data and voice telecommunications, along with the Agency’s computer operations hardware and software, are essential to ensurin g that SSA’s business processes are able to continue uninterrupted. These automated systems are the means by which SSA is able to provide service on demand to the public, the Agency client population, other government entities, and large and small corpora tions and individual businesses.

3.1 Description of Core Business Processes

Agency planning documents describe five core business processes:

 3.1.1 Enumeration

Enumeration is the process by which SSA assigns Social Security numbers (SSN) to identify workers and beneficiaries, issues replacement cards to people with existing numbers, and verifies SSNs for employers and other government agencies.

The SSN is used to record earnings covered by Social Security and/or Medicare and to process and pay claims for Social Security and Supplemental Security Income benefits. An SSN may be needed to report other income to the Internal Revenue Service (IRS) , and is required by IRS for any individual claimed as a dependent on a tax return. Countless other organizations, both public and private, also use the SSN for identification and administrative purposes.

An SSN is obtained by submitting an application and documentary evidence of age, identity and U.S. citizenship or legal alien status. Local offices are the primary points for accepting applications because of the need to examine documents to verify ide ntity. Parents may apply for SSNs for their newborns at the time they register the birth at the hospital. Hospitals forward the data needed to assign SSNs to State vital statistics offices, which in turn key and transmit the data to SSA. Before a new SSN is assigned, the applicant’s identifying data is compared to the existing database to ensure that the individual previously had not been issued an SSN.

As a service to the public, SSA verifies the validity of SSNs (that the name, date of birth and number match existing records) for employers for payroll purposes, and for government agencies to ensure the accuracy of information used in other Federal a nd State benefit programs. SSA also offers SSN verification service to State Motor Vehicle Administrations for purposes of verifying information used to issue drivers licenses or identification cards. In small numbers, SSNs may be verified by calling SSA’ s 800 number or local office. There is also a paper process for handling verification requests of 250 or less. Large volume requests are mailed to SSA on magnetic tape for batch processing or transmitted electronically to SSA through automated data exchan ge systems.

Through the Enumeration process, SSA handles 16 million requests a year for new and replacement Social Security cards.

3.1.2 Earnings

Social Security benefits are based on an individual’s earnings as reported to SSA. Reports of earnings are submitted annually by every employer liable for Social Security and Medicare taxes, including self-employed workers. Through the earnings pro cess, SSA establishes and maintains records of individuals’ lifetime earnings. The Agency uses this data to determine work history (i.e., insured status) for entitlement to retirement, survivors, disability and health insurance benefits, and to calculate benefit payment amounts.

Employers submit wage reports to SSA on paper, electronic or magnetic media. The process for recording wages is an annual operation. Paper submissions (i.e., W-2 forms) are processed primarily in SSA’s Office of Central Records Operations’ Wilkes-Barre , Pa. data operations center where they are electronically scanned. The data is transmitted to central office where, along with the reports submitted on electronic and magnetic media, it is validated further and updated to the master earnings file. To ens ure completeness of earnings data, wage items are matched yearly against tax data reported to IRS.

Workers, employers, or the IRS may request corrections to an earnings record. Individuals contact SSA in person, by telephone, through mail or the Internet. Local offices and processing centers are typically involved in the more complicated correction cases, as well as in those identified in connection with claims for benefits.

SSA’s Earnings process handles 240 million earnings items annually from employers and self-employed persons.

In addition, since 1988 SSA has offered a Personal Earnings and Benefit Estimate Statement (PEBES) on request to members of the public. A PEBES contains a worker’s earned quarters of coverage and an estimate of benefits earned based on past work histor y. Beginning in FY 2000, SSA will mail an estimated 123 million statements annually to all eligible individuals.

3.1.3 Claims

To become entitled to benefits (i.e., payments) under the Social Security or SSI program, an individual files an application and submits certain proofs of eligibility. The Claims process comprises the actions that SSA takes to determine an individu al’s eligibility for benefits. It begins with an individual’s initial contact with SSA and carries through payment effectuation, or the three levels of administrative appeal that a claimant may request.

Thc process for determining eligibility for benefits involves certain basic functions that are consistent across each program: outreach and information, intake, evidence collection, determination of eligibility, notification of award or denial, initial payment and the appeals process. Eligibility requirements vary considerably by program and type of benefit, but all require access to the SSN and earnings databases both to determine eligibility and to compute a benefit amount.

With regard to disability claims for both Social Security and SSI, in addition to being eligible for the program, the applicant must be determined to be disabled. These medical determinations are made by Disability Determinations Services (DDS). There are 50 State DDSs as well as DDSs in Puerto Rico, Guam, the Virgin Islands, District of Columbia and the Federal DDS in Baltimore.

Finally, any claimant has the right to appeal the decision made on an individual’s claim for benefits. This usually occurs when the Agency decision on the claim is unfavorable to the claimant, i.e., benefits are denied. If pursued after a local reconsi deration process, an appeal is handled through SSA’s Office of Hearings and Appeals (OHA). OHA maintains an independent structure of hearings offices throughout the country. Through these offices claims are readjudicated and can result in reversing an ear lier denial of benefits or affirming the original decision.

In FY 1998, over 6 million RSDI and SSI claims were processed.

3.1.4 Postentitlement

Once an individual becomes entitled to Social Security or SSI benefits, any change in circumstances that affect the amount or continuation of payment needs to be reflected in SSA’s records. The postentitlement (PE) process encompasses the actions t hat SSA takes after an RSDI or SSI claim is processed. The process is designed to ensure continuing eligibility and timely and correct benefit payment. Examples of PE activity include processing changes of address, non-receipts of payment, changes of paye e and reviews of payee accounting information, benefit recomputations, overpayment recovery, changes in relationship such as divorce or remarriage, benefit-terminating events such as death, certain age attainments, and reviews of continuing eligibility. PE activity is initiated by customers and third-parties, and is generated from internal processes based on existing Agency database information. Employees throughout SSA—in local offices, teleservice centers and central records operations—and in the St ate DDSs are involved in various aspects of the PE process. As in the claims process, should a beneficiary or recipient be dissatisfied with SSA’s action on the individual’s benefits, and appeal can be initiated through the Office of Hearings and Appeals.

Nearly 101 million postentitlement actions were processed in FY 1998.

3.1.5 Informing The Public

This business process involves SSA’s extensive public information activities as well as the statistical and other program data SSA provides to support research and policymaking throughout the Government and in the private sector. Most activities fa lling within this core business process relate to or are derived from one of the other programmatic-related processes.

3.2 Key Support Processes

Key support processes fall under two major categoriesC Administrative and Management Information Systems, and Information Technology Infrastructure.

3.2.1 Administrative and Management Information Systems

In addition to SSA’s core processes, the Agency relies on a variety of administrative processes to ensure the continuity of its operations. Such support processes include, but are not limited to, payroll operations (i.e., the time and attendance sy stem), workload tracking and control systems, financial operations including procurements and bill paying, employee health and safety services, building operations, and any number of other systems and processes having to do with continuing operations.

3.2.2 Information Technology Infrastructure

SSA relies on an information technology infrastructure to support virtually all of its programmatic, administrative and management information processes. The infrastructure comprises the Agency’s processors (hardware), systems software and telecomm unications system, as well as its facilities, transportation, uninterruptable power supply (UPS) services, and general business continuity (backup and recovery) processes that exist independent of year-2000 issues.

3.3 Dependencies

Given full year-2000 compliance of SSA’s core processes and key support processes, the Agency will still rely on the compliance of other Federal, State and local agencies as well as the private sector. All commercial-off-the-shelf software m ust be certified to be year-2000 compliant, and data exchanges outside the Agency need to be compliant. For example, the U.S. Treasury, Federal Reserve and Automated Clearing House (ACH) are responsible for making all of the $33.8 billion in benefit payme nts each month by printed check and electronic funds transfer. The large employers that submit wage reports electronically or on magnetic media need to use software and systems that are year-2000 compliant to generate the data. The same holds true for the States that provide vital statistics information and the other government agencies that regularly exchange data with SSAC the U.S. Postal Service, the Federal Reserve Bank, the Internal Revenue Service, Immigration and Naturalization Service, the Selective Service System to name a few.

In addition, the number of common devices that have an impact on day-to-day operations is enormous. These devices rely on embedded chips that may or may not be affected by the year-2000 change. Some of these are as basic as the chip that controls a tra ffic light, or as complicated as a computer-based system that controls the heating, ventilation and power in a large office building within which SSA rents office space.

Public utilities, over which the Agency has no control, are vital to continued operations. These include electrical power that feeds all SSA facilities, and telephone lines, which are basic to providing voice and data communication services. Year-2000 compliance of these utilities is no less important than the year-2000 compliance of SSA’s internal systems.

 4 Matrices

The following matrices represent the core of the BCCP. The manner of their development is described in section 1.4, Methodology.

 

4.1 Core Business Process: Enumeration

4.1 Core Business Process: Enumeration Version 5 ■ 3/31/1999

Risk/Threat Time Horizon To Failure Business Priority

Risk Impact Score Assessment

Risk Mitigation Strategy

Mitigation Strategy

Milestone

Dates

Action Component

 Contingency and Triggers
4.1.1 SSA is unable to issue new or replacement Social Security cards, verify SSNs, make changes to SSN holders’ personal information, or access enumeration data due to Year 2000 related problems with automated systems. The Modernized Enu meration System (MES), NUMIDENT, ALPHIDENT, Enumeration Verification System (EVS) and MULTX are the major automated systems supporting Enumeration processes.

 

Jan 3, 2000

.2

10

2.0
  1. Complete renovations of all Enumeration software and related systems.
  2. Complete forward date, integration testing of all Enumeration and related systems.
  3. Develop local Y2k contingency plan.
  4. Provide refresher training on manual forms.
  5. Establish the Business Resumption Team for the Enumeration Process.

Complete

Complete

Complete

Nov 1999

Complete

DCS

DCS

DCO

DCO

DCS
  1. In the event that MES and other systems are unable to provide automated support to the Enumeration process due to critical Year 2000 date problems, the Business Resumption Team for the Enumeration Process will analyze the problem, make co rrections and retest immediately.
  2. Automated processing of Enumeration systems will be suspended until corrections are made.
  3. Operations components will implement the DCO Y2k Contingency Plan.
4.1.2 SSA is unable to enumerate newborns due to corrupted or non-receipt of critical Enumeration at Birth (EAB) inputs from the States. SSA receives critical data inputs from each State’s Bureau of Vital Statistics.

 

Jan 3, 2000

.1

7

.7

 Record formats for EAB critical data exchanges were made Year 2000 compliant in the early 1990’s.

Complete

DCS
  1. In the event critical inputs are unavailable or corrupted, SSA will contact the input agency to assist in making corrections to inputs as early as possible.
  2. As corrupted critical outside agency inputs are detected, the inputs will be removed from processing and SSA will make corrections to the data where possible.
  3. After 10 business days, DCFAM will notify IRS, INS, the States, and any other sharing partners that SSA is unable to issue SSNs until further notice.
  4. Operations components will implement the DCO Y2k Contingency Plan.

4.2 Core Business Process: Earnings Version 5 ■ 3/31/1999

 Risk/Threat Time Horizon To Failure Business Priority

Risk Impact Score

Assessment

Risk Mitigation Strategy

Mitigation Strategy

Milestone

Dates

Action Component

 Contingency and Triggers
4.2.1 SSA is unable to post earnings (W-2s), make corrections to Earnings records, or access Earnings data due to Year 2000 related problems with automated systems. Earnings processes are supported by automated systems such as Annual Wag e Reporting (AWR), the Modernized OCRO System (MOS), Item Correction (ICOR), Detailed Earnings Query (DEQY), Summary Earnings Query (SEQY) and Employer Identification system (EIF).

 

 

Jan 3, 2000

 

.1

 

8

 

.8
  1. Complete renovations of all Earnings software and related systems.
  2. Complete forward date, integration testing of all Earnings and related Systems.
  3. Develop local Y2k contingency plan.
  4. Provide refresher training on use of manual forms.
  5. Replace non-compliant COTS and infrastructure at WBDOC, and complete testing of application software, COTS and infrastructure for AWR.
  6. Establish the Business Resumption Team for the Earnings Process.

Complete

Complete

Complete

Nov 1999

Jun 1999

 

Complete

DCS

DCS

DCO

DCO

DCS

 

DCS
  1. In the event that AWR, MOS, ICOR, DEQY, SEQY, EIF and other earnings systems are unable to provide automated support to the Earnings process due to critical Year 2000 date problems, the Business Resumption Team for the Earnings Process wi ll analyze the problem, make corrections and retest immediately.
  2. Automated processing of Earnings systems will be suspended until corrections are made.
  3. Operations components will implement the DCO Y2k Contingency Plan.
  4. Paper, electronic and magnetic media earnings submissions will be held for posting until automated systems are available.
4.2.2 SSA is unable to post earnings and make corrections to Earnings records due to the non-receipt of earnings data or due to the receipt of corrupted earnings data from employers via paper, electronic and magnetic media. SSA also recei ves earnings for self-employed individuals from the Internal Revenue Service.

 

 

Jan 3, 2000

 

.1

 

8

 

.8

 Magnetic media inputs from employers have been Year 2000 compliant since the implementation of Annual Wage Reporting for tax year 1978. Data exchange operations for paper processes at WBDOC and IRS critical inputs has been Year 2000 compli ant since the implementation of tax year 1997.

Complete

DCS
  1. In the event that critical inputs are unavailable or corrupted, SSA will contact the input agency or submitter to assist in making corrections to inputs as early as possible.
  2. If corrupted employer submissions or critical outside agency inputs are detected, the inputs will be removed from processing and SSA will make corrections to the data where possible.
  3. Operations components will implement the DCO Y2k Contingency Plan.
 

 

 

4.3

4.3 Core Business Process: Claims

4.3.1 Title II Version 5 ■ 3/31/1999

 Risk/Threat Time Horizon To Failure Business Priority

Risk Impact Score

Assessment

Risk Mitigation Strategy

Mitigation Strategy

Milestone

Dates

Action Component

 Contingency and Triggers
4.3.1.1 SSA field offices are unable to process title II claims for Retirement, Survivors, and Disability Insurance benefits due to Year 2000 related problems with automated systems. Title II claims processes are supported by automated syst ems such as the Modernized Claims System (MCS), Manual Adjustment, Credit and Award Data Entry (MACADE), NUMIDENT, ALPHIDENT, Earnings, and National Disability Determination Services System (NDDSS).

 

 

Jan 3, 2000

 

.2

 

10

 

2.0
  1. Complete renovations of all title II claims software and related systems.
  2. Complete forward year, integration testing of all title II claims and related systems.
  3. Develop local Y2k contingency plans for operations components.
  4. Provide refresher training on use of manual forms.
  5. Establish the Business Resumption Team for the title II claims process.

Complete

Complete

Complete

Nov 1999

Complete

DCS

DCS

DCO

DCO

DCS
  1. In the event that MCS, NDDSS, MACADE, NUMIDENT, ALPHIDENT, Earnings systems, and other systems are unable to provide automated support to title II claims processes due to critical Year 2000 date problems, the Business Resumption Team for the title II claims process will analyze the problem, make corrections and retest immediately.
  2. Automated processing of title II claims systems will be suspended until corrections are made.
  3. Operations components will implement the DCO Y2k Contingency Plan.
4.3.1.2 SSA field offices are unable to process title II claims due to Year 2000 related problems with critical inputs from outside agencies. SSA receives critical outside agency inputs from the Railroad Retirement Board, Veterans Affairs, HCFA, and the States.

 

 

Jan 3, 2000

 

 

.2

 

9

 

1.8
  1. Secure agreements with outside trading partners regarding the implementation of Year 2000 compliant record formats.
  2. Monitor the implementation of Year 2000 compliant inputs from outside agencies to ensure that all implementations remain on schedule.
  3. Utilize filters in SSA software if critical inputs are not ready by December 1998.
  4. Develop local Y2k contingency plans.
  5. Provide refresher training on use of manual forms.

Complete

 

Complete

 

Complete

Complete

Nov 1999

DCS

 

DCS

 

DCS

DCO

DCO
  1. In the event that critical inputs are unavailable or corrupted, SSA will contact the input agency to assist in making corrections to inputs as early as possible.
  2. If corrupted critical outside agency inputs are detected, the inputs will be removed from processing and SSA will make corrections to the data where possible.
  3. In the event that automated systems are unable to provide support to the title II claims process due to the absence of critical inputs, operations components will implement the DCO Y2k Contingency Plan.
4.3 Core Business Process: Claims

4.3.2 Title XVI Version 5 ■ 3/31/1999

 Risk/Threat Time Horizon To Failure Business Priority

Risk Impact Score

Assessment

Risk Mitigation Strategy

Mitigation Strategy

Milestone

Dates

Action Component

 Contingency and Triggers
4.3.2.1 SSA field offices are unable to process title XVI claims for Supplemental Security Income Aged and Disability benefits due to Year 2000 related problems with automated systems. Title XVI claims processes are supported with automated systems such as the Modernized Supplemental Security Income Claims System (MSSICS), National Disability Determination Services System (NDDSS), the Representative Payee System (RPS), NUMIDENT, ALPHIDENT, and Modernized Enumeration System (MES).

 

 

Jan 3, 2000

 

.2

 

10

 

2.0
  1. Complete renovations of all title XVI software and related systems.
  2. Complete forward date, integration testing of all title XVI claims and related systems.
  3. Develop local Y2k contingency plans for operations components.
  4. Provide refresher training on use of manual forms.
  5. Establish the Business Resumption Team for the title XVI claims process.

Complete

Complete

Complete

Nov 1999

Complete

DCS

DCS

DCO

DCO

DCS
  1. In the event that MSSICS, NDDSS, RPS and other title XVI systems are unable to provide automated support to title XVI claims processes due to critical Year 2000 date problems, the Business Resumption Team for the title XVI claims process will analyze the problem, make corrections and retest immediately.
  2. Automated processing of title XVI claims systems will be suspended until corrections are made.
  3. Operations components will implement the DCO Y2k Contingency Plan.
4.3.2.2 OHA is unable to process appeals for title XVI claims decisions due to Year 2000 related problems with automated systems. The appeals process is supported by the OHA tracking systems such as the Hearing Office Tracking System (HOTS) Appeals Council Automated Processing System (ACAPS), and other related systems.

 

 

Jan 3, 2000

 

.2

 

10

 

2.0
  1. Complete renovations of HOTS, ACAPS and other related systems.
  2. Complete forward date, integration testing of all title XVI claims and related systems.
  3. Develop local Y2k contingency plans for hearings and appeals components.
  4. Establish the Business Resumption Team for the title XVI claims process.

Complete

Complete

Complete

Complete

DCS

DCS

DCDISP

DCS
  1. In the event that HOTS, ACAPS and other systems are unable to provide automated support to title XVI claims processes due to critical Year 2000 date problems, the Business Resumption Team for the title XVI claims process will analyze the problem, make corrections and retest immediately.
  2. Automated processing of title XVI claims systems will be suspended until corrections are made.
  3. DCDISP will implement the OHA Y2k Contingency Plan.
 

 

4.3 Core Business Process: Claims

4.3.2 Title XVI (Cont’d.) Version 5 ■ 3/31/1999

 Risk/Threat Time Horizon To Failure Business Priority

Risk Impact Score

Assessment

Risk Mitigation Strategy

Mitigation Strategy

Milestone

Dates

Action Component

 Contingency and Triggers
4.3.2.3 State Disability Determination Services (DDSs) are unable to process title XVI disability claims (disability determinations) due to Year 2000 related problems with access to SSA’s automated systems. DDSs are supported with automated systems such as the Modernized Claims System (MCS), Modernized Supplemental Security Income Claims System (MSSICS), and National Disability Determination Services System (NDDSS).

 

 

Jan 3, 2000

 

.2

 

8

 

1.6
  1. Complete renovations of all title XVI claims software and related systems.
  2. Complete forward year, integration testing of all title XVI claims and related systems.
  3. Develop high-level Y2k contingency plan for Disability Operations.
  4. Develop local DDS Y2k contingency plans.

Complete

Complete

Complete

Complete

DCS

DCS

OD

DCS, DDS
  1. In the event that MCS, NDDSS, MSSICS and other systems are unable to provide automated support to DDS disability claims processes due to critical Year 2000 date problems, the Business Resumption Team for the title XVI claims process will analyze the problem, make corrections and retest immediately.
  2. Automated processing of affected title XVI claims systems will be suspended until corrections are made.
  3. State DDSs will implement the local DDS contingency plans if NDDSS is unable to provide automated support for disability operations.
4.3.2.4 A State Disability Determination Service (DDS) is unable to process title XVI disability claims (disability determinations) due to Year 2000 related problems with internal automated systems. DDSs are supported with automated ap plications and processes for events such as Case Assignment, Medical Evidence of Record (MER), Consultative Examinations, Determinations, Transfer of Data to State Fiscal System, Case Closure, and Case Development Worksheets.

 

 

Jan 3, 2000

 

.1

 

7

 

0.7
  1. Complete renovations of all State systems.
  2. Complete forward-year testing of all State systems.
  3. Develop high-level Y2k contingency plan for Disability Operations.
  4. Develop local DDS Y2k contingency plans.

Complete

Complete

Complete

Complete

DCS, DDS

DCS, DDS

DCS, DDS

OD
  1. In the event that a DDS is unable to process title XVI claims due to Year 2000 related problems with internal automated systems, the DDS will implement its local Y2k Contingency Plan.
  2. ODISP/OD will evaluate the situation and determine whether the OD Y2k contingency plan for redistribution should be implemented.
  3. State DDSs will implement the local DDS contingency plans if NDDSS is unable to provide automated support for disability operations.
  4. The SSA Business Resumption Team for the title II claims process will assist the DDS to analyze the problem, make corrections and retest the system.
 

 

 

4.4 Core Business Process: Postentitlement

4.4.1 Title II Version 5 ■ 3/31/1999

 Risk/Threat Time Horizon To Failure Business Priority

Risk Impact Score

Assessment

Risk Mitigation Strategy

Mitigation Strategy

Milestone

Dates

Action Component

 Contingency and Triggers
4.4.1.1 SSA field offices are unable to process title II postentitlement events such as changes to address and other personal data, re-computations, date of death, and overpayments due to Year 2000 related problems with automated systems. Title II postentitlement is supported with the Postentitlement Online System (POS), Processing Center Action Control System (PCACS), Recovery of Overpayments, Accounting and Remittance System (ROAR), Critical Payment System (CPS), Continuing Disability R eview System (CDR), and Representative Payee System (RPS).

 

 

Jan 3, 2000

 

.1

 

10

 

1.0
  1. Complete renovations of all title II PE software and related systems.
  2. Complete forward date, integration testing of all title II postentitlement and related systems.
  3. Develop local Y2k Contingency Plan.
  4. Provide Refresher training on use of manual forms.
  5. Establish the Business Resumption Team for the title II postentitlement process.

Complete

Complete

Complete

Nov 1999

Complete

DCS

DCS

DCO

DCO

DCS
  1. In the event POS, PCACS, ROAR, CPS, CDR, and RPS, are unable to provide automated support to the title II postentitlement process due to critical Year 2000 date problems, the Business Resumption Team for the title II postentitlement proce ss will analyze the problem, make corrections and retest immediately.
  2. Automated processing of title II postentitlement systems will be suspended until corrections are made.
  3. Operations components will implement the DCO Y2k Contingency Plan.
4.4.1.2 SSA field offices are unable to issue RSDI Entitlement payments due to Year 2000 related problems with automated support. The payment delivery system is comprised of multiple federal agencies including SSA, Department of Treasury, t he Federal Reserve, and ACH. Private enterprises such as local banks and the U.S. Postal Service are also vital to payment delivery.

 

 

Jan 3, 2000

 

.1

 

10

 

1.0
  1. Complete renovations of all title II software and related systems.
  2. Complete forward date, integration testing of all title II postentitlement and related systems including interagency testing of the check and direct deposit payment systems.
  3. Develop local Y2k Contingency Plan.
  4. Develop Ensuring Continuing Payments Plan.

Complete

Complete

 

 

Complete

Complete

DCS

DCS

 

 

DCO

DCFAM
  1. In the event problems are encountered with the payment delivery system due to Year 2000 related problems, DCFAM will coordinate SSA actions with Department of Treasury to address the problem.
  2. In the event it is known that private enterprises such as local banks and the U.S. Postal Service are not ready to make delivery of payments in early January 2000 due to year-2000 related problems, SSA will consider plans to issue payments early.
4.4.1.3 SSA field offices are unable to process title II postentitlement events due to Year 2000 related problems with critical inputs from outside agencies. SSA receives critical outside agency inputs from the Railroad Retirement Board, Ve terans Affairs, HCFA, and the States.

 

 

Jan 3, 2000

 

 

.2

 

8

 

1.6
  1. Secure agreements with outside trading partners regarding the implementation of Year 2000 compliant record formats.
  2. Monitor the implementation of Year 2000 compliant inputs from outside agencies to ensure that all implementations remain on schedule.
  3. Utilize filters in SSA software if critical inputs are not ready by September 1998.
  4. Develop software to detect corrupted data where needed.
  5. Install software in selected critical applications to detect corrupted data.

Complete

 

Complete

 

Complete

Complete

Aug 1999

DCS

 

DCS

 

DCS

DCS

DCS
  1. In the event critical inputs are unavailable or corrupted, SSA will contact the input agency to assist in making corrections to inputs as early as possible.
  2. As corrupted critical outside agency inputs are detected, the inputs will be removed from processing and SSA will make corrections to the data where possible.
  3. Operations components will implement the DCO Y2k Contingency Plan.
 

 

 

4.4 Core Business Process: Postentitlement

4.4.1 Title II (Cont’d.) Version 5 ■ 3/31/1999

 Risk/Threat Time Horizon To Failure Business Priority

Risk Impact Score

Assessment

Risk Mitigation Strategy

Mitigation Strategy

Milestone

Dates

Action Component

 Contingency and Triggers
4.4.1.4 State Disability Determination Services (DDSs) are unable to process title II Continuing Disability Reviews due to Year 2000 related problems with access to SSA’s automated systems.

 

 

Jan 3, 2000

 

.2

 

8

 

1.6
  1. Complete renovations of all title II PE software and related systems.
  2. Complete forward date, integration testing of all title II postentitlement and related systems.
  3. Develop high-level Y2k contingency plan for Disability Operations.
  4. Develop local Y2k DDS contingency plans.
  5. Provide refresher training on use of manual forms.
  6. Establish the Business Resumption Team for the title II postentitlement process.

Complete

Complete

Complete

Complete

Nov 1999

Complete

DCS

DCS

OD

DCS, DDS

OD

DCS
  1. In the event needed systems are unable to provide automated support to the title II postentitlement process due to critical Year 2000 date problems, the Business Resumption Team for the title II postentitlement process will analyze the pr oblem, make corrections and retest immediately.
  2. Automated processing of title II postentitlement systems will be suspended until corrections are made.
  3. State DDSs will implement the local DDS contingency plans if NDDSS is unable to provide automated support for disability operations.
4.4.1.5 A State Disability Determination Service (DDS) is unable to process title II Continuing Disability Reviews due to Year 2000 related problems with internal automated systems. DDSs are supported with automated applications and processes for events such as Case Assignment, Medical Evidence of Record (MER), Consultative Examinations, Determinations, Transfer of Data to State Fiscal System, Case Closure, and Case Development Worksheets.

 

 

Jan 3, 2000

 

.1

 

7

 

0.7
  1. Complete renovations of all State systems.
  2. Complete forward-year testing of all State systems.
  3. Develop high-level Y2k contingency plan for Disability Operations.
  4. Develop local Y2k DDS contingency plans.

Complete

Complete

Complete

Complete

DCS, DDS

DCS, DDS

OD

DCS, DDS
  1. In the event that a DDS is unable to process title II claims due to Year 2000 related problems with internal automated systems, the DDS will implement its local Y2k Contingency Plan.
  2. ODISP/OD will evaluate the situation and determine whether the OD Y2k contingency plan for redistribution should be implemented.
  3. State DDSs will implement the local DDS contingency plans if NDDSS is unable to provide automated support for disability operations.
  4. The SSA Business Resumption Team for the title II claims process will assist the DDS to analyze the problem, make corrections and retest the system.
 

 

 

 

4.4 Core Business Process: Postentitlement

4.4.2 Title XVI Version 5 ■ 3/31/1999

 Risk/Threat Time Horizon To Failure Business Priority

Risk Impact Score

Assessment

Risk Mitigation Strategy

Mitigation Strategy

Milestone

Dates

Action Component

 Contingency and Triggers
4.4.2.1 SSA field offices are unable to process title XVI postentitlement events such as changes to address and other personal data, re-computations, date of death, and overpayments due to Year 2000 related problems with automated support. Title XVI postentitlement is supported with the Modernized Supplemental Security Income Claims System (MSSICS), Supplemental Security Income Postentitlement (SSIPE), Critical Payment System (CPS), Continuing Disability Review System (CDR), and Representat ive Payee System (RPS).

 

 

Jan 3, 2000

 

 

.1

 

10

 

1.0
  1. Complete renovations of all title XVI software and related systems.
  2. Complete forward date, integration testing of all title XVI postentitlement and related systems.
  3. Develop local Y2k Contingency Plan.
  4. Provide Refresher training on use of manual forms.
  5. Establish the Business Resumption Team for the title XVI postentitlement process.

Complete

Complete

Complete

Nov 1999

Complete

DCS

DCS

DCO

DCO

DCS
  1. In the event MSSICS, SSIPE, CPS, CDR, and RPS, are unable to provide automated support to title XVI postentitlement due to critical Year 2000 date problems, the Business Resumption Team for the title XVI postentitlement process will analy ze the problem, make corrections and retest immediately.
  2. Automated processing of title XVI postentitlement systems will be suspended until corrections are made.
  3. Operations components will implement DCO Y2k Contingency Plan.
4.4.2.2 SSA field offices are unable to issue title XVI postentitlement payments due to Year 2000 related problems with automated support. The payment delivery system is comprised of multiple federal agencies including SSA, Department of Tr easury, The Federal Reserve, and ACH. Private enterprises such as local banks and the U.S. Postal Service are also vital to payment delivery.

 

 

Jan 3, 2000

 

.1

 

10

 

1.0
  1. Complete renovations of all title XVI software and related systems.
  2. Complete forward date, integration testing of all title XVI postentitlement and related systems including interagency testing of the check and direct deposit payment systems.
  3. Develop local Y2k Contingency Plan.
  4. Develop Ensuring Continuing Payments Plan.

Complete

Complete

 

 

Complete

Complete

DCS

DCS

 

 

DCO

DCFAM
  1. In the event problems are encountered with the payment delivery system due to Year 2000 related problems, DCFAM will coordinate SSA actions with Department of Treasury to address the problem.
  2. In the event it is known by December 1999 that private enterprises such as local banks and the U.S. Postal Service are not ready to make delivery of payments in early January 2000 due to year-2000 related problems, SSA will consider plans to issue pay ments early.
4.4.2.3 SSA field offices are unable to process title XVI postentitlement events due to Year 2000 related problems with critical inputs from outside agencies. SSA receives critical outside agency inputs from Department of Treasury, Office o f Personnel Management, Veterans, and Railroad Retirement Board.

 

 

Jan 3, 2000

 

 

.2

 

8

 

1.6
  1. Secure agreements with input agency(s) to renovate and test software.
  2. Monitor critical data exchanges to ensure corrections and testing are completed.
  3. Utilize filters in SSA software if critical inputs are not ready by September 1998.

Complete

Complete

Complete

DCS

DCS

DCS
  1. In the event critical inputs are unavailable or corrupted, SSA will contact the input agency to assist in making corrections to inputs as early as possible.
  2. As corrupted critical outside agency inputs are detected, the inputs will be removed from processing and SSA will make corrections to the data where possible.
  3. Operations components will implement DCO Y2k Contingency Plan.
 

 

 

4.4 Core Business Process: Postentitlement

4.4.2 Title XVI (Cont’d.) Version 5 ■ 3/31/1999

 Risk/Threat Time Horizon To Failure Business Priority

Risk Impact Score

Assessment

Risk Mitigation Strategy

Mitigation Strategy

Milestone

Dates

Action Component

 Contingency and Triggers
4.4.2.4 State Disability Determination Services (DDSs) are unable to process title XVI Continuing Disability Reviews due to Year 2000 related problems with access to SSA’s automated systems.

 

 

Jan 3, 2000

 

.2

 

8

 

1.6
  1. Complete renovations of all title XVI claims software and related systems.
  2. Complete forward year, integration testing of all title XVI claims and related systems.
  3. Develop high-level Y2k contingency plan for Disability Operations.
  4. Develop local Y2k DDS contingency plans.

Complete

Complete

Complete

Complete

DCS

DCS

OD

DCS, DDS
  1. In the event that MCS, NDDSS, MSSICS and other systems are unable to provide automated support to DDS disability claims processes due to critical Year 2000 date problems, the Business Resumption Team for the title XVI claims process will analyze the problem, make corrections and retest immediately.
  2. Automated processing of affected title XVI claims systems will be suspended until corrections are made.
  3. State DDSs will implement the local contingency plans if NDDSS is unable to provide automated support for disability operations.
4.4.2.5 A State Disability Determination Service (DDS) is unable to process title XVI Continuing Disability Reviews due to Year 2000 related problems with internal automated systems. DDSs are often supported with automated applicatio ns and processes for events such as Case Assignment, Medical Evidence of Record (MER), Consultative Examinations, Determinations, Transfer of Data to State Fiscal System, Case Closure, and Case Development Worksheets.

 

 

Jan 3, 2000

 

.1

 

7

 

0.7
  1. Complete renovations of all State systems.
  2. Complete forward-year integration testing of all State systems.
  3. Develop high-level Y2k contingency plan for Disability Operations
  4. Develop local Y2k DDS contingency plans.

Complete

Complete

Complete

Complete

OD, DDS

OD, DDS

OD

DCS, DDS
  1. In the event that a DDS is unable to process title XVI claims due to Year 2000 related problems with internal automated systems, the DDS will implement its local Y2k Contingency Plan.
  2. ODISP/OD will evaluate the situation and determine whether the OD Y2k Contingency Plan for redistribution should be implemented.
  3. State DDSs will implement the local contingency plans if NDDSS is unable to provide automated support for disability operations.
  4. The SSA Business Resumption Team for the title XIV Claims Process will assist the DDS to analyze the problem, make corrections and retest the system.
 

 

 

4.5 Core Business Process: Informing The Public Version 5 ■ 3/31/1999

 Risk/Threat Time Horizon To Failure Business Priority

Risk Impact Score

Assessment

Risk Mitigation Strategy

Mitigation Strategy

Milestone

Dates

Action Component

 Contingency and Triggers
4.5.1 SSA is unable to inform the public concerning earnings, benefits, and 1099s due to Year 2000 related problems with automated system. The process of Informing the Public is supported with the Personal Earnings and Benefit Estimate St atement (PEBES) and other automated systems.

 

 

Jan 3, 2000

 

.2

 

3

 

.6
  1. Complete renovations of all software used to inform the public.
  2. Complete forward date, integration testing of systems used to inform the public.
  3. Ensure Y2k compliance language exists in all PEBES printing RFPs and contracts.
  4. Establish the Business Resumption Team for the Informing The Public Process.

Complete

Complete

Complete

Complete

DCS

DCS

DCFAM

DCS
  1. In the event PEBES or other related systems are unable to provide automated support to the process of Informing the Public due to critical Year 2000 date problems, the Business Resumption Team for the Informing The Public Process will an alyze the problem, make corrections and retest immediately.
  2. Automated processing with systems supporting Informing The Public will be suspended until corrections are made.
 

 

 

4.6 Administrative and Management Information Systems Version 5 ■ 3/31/1999

 Risk/Threat Time Horizon To Failure Business Priority

Risk Impact Score

Assessment

 Risk Mitigation Strategy

Mitigation Strategy

Milestone

Dates

Action Component

 Contingency and Triggers
4.6.1 SSA automated systems for administrative functions such as; payroll and personnel, acquisitions, supply, budget, operations, and finance are inoperable due to Year 2000 related problems with automated system. The Financial Accountin g System (FACTS), Human Resources Management Information System (HRMIS), and the Department of Interior Payroll System are examples of major automated systems supporting administrative processes.

 

 

Jan 3, 2000

 

.2

 

10

 

2.0
  1. Complete renovations of all administrative systems software.
  2. Confirm Year 2000 compliance of vendor software products utilized in automated administrative systems.
  3. Complete forward date, integration testing of all administrative automated systems.
  4. Develop Agency-wide contingency plans to address administrative functions, which include payroll contingencies.
    5.  

  5. Establish the Business Resumption Team for the Administrative Systems Processes.
  6. Conduct end-to-end testing of SSA’s payroll system with the Department of Interior.

Complete

Complete

Complete

Complete

 

 

 

Complete

Aug 1999

DCS

DCFAM, DCHR

DCS

DCHR, DCFAM, DCO, DCS, DCDISP

DCS

DCHR, DCS
  1. In the event automated administrative systems are unable to provide critical support due to Year 2000 date problems, the Business Resumption Team for the Administrative Systems Processes will analyze the problem, make corrections, and ret est immediately, or invoke backup payroll procedures.
  2. Automated processing of administrative systems will be suspended as appropriate until corrections are made.
4.6.2 SSA management information (MI) systems are inoperable due to Year 2000 related problems. Each core business process has corresponding MI and case processing systems such as the Workload Management System (WMS).

 

 

Jan 3, 2000

 

.1

 

6

 

0.6
  1. Complete renovations of all administrative systems software.
  2. Confirm Year 2000 compliance of vendor software products utilized in management information automated systems.
  3. Complete forward date, integration testing of all administrative automated systems.
  4. Establish the Business Resumption Team for the Management Information Process.

Complete

Complete

 

 

Complete

Complete

DCS

DCFAM, DCHR, DCO, DCDISP

DCS

DCS
  1. In the event automated systems such as WMS are unable to provide support to MI systems due to critical Year 2000 date problems, the Business Resumption Team for the Management Information Process will analyze the problem, make corrections and retest immediately.
  2. Automated processing of MI systems will be suspended as appropriate until corrections are made.
 

 

 

4.7 Major Infrastructure Systems Version 5 ■ 3/31/1999

Risk/Threat Time Horizon To Failure Business Priority

Risk Impact Score Assessment

Risk Mitigation Strategy

Mitigation Strategy

Milestone

Dates

Action Component

 Contingency and Triggers
4.7.1 Utility Outage - SSA automated systems are not functional without water, electrical or natural gas generated power. Widespread water, electrical or natural gas outages must be corrected before other contingencies can be addressed. C urrent plans address only local utility outages.

 

 

Jan 1, 2000

 

.2

 

10

 

2.0
  1. Review local plans to ensure local contingency plans for local utility outages are current and enforceable.
  2. Check and test backup power systems.
  3. Determine length of time SSA facilities can operate on backup systems.
  4. Develop OCOMM plan for informing the public.
  5. Initiate Day One Strategy.

Complete

 

Jun 1999

Complete

Complete

June 1999

DCFAM

 

DCFAM

DCFAM

DCC

DCS
  1. If SSA experiences utility outages at the local level, implement the DCO Y2k contingency plan.
  2. DCDISP will implement the OHA Y2k Contingency Plan.
  3. OD and State DDSs will implement the OD Y2k Contingency Plan and local DDS contingency plans.
  4. If regional or national level outages are experienced, suspend SSA activities at locations without backup power systems until utilities are restored.
  5. Implement OCOMM plan.
4.7.2 Voice Telecommunications Outage - SSA automated systems are not functional without voice telecommunications. Widespread outages must be corrected before core business can be fully processed.

 

 

Jan 1, 2000

 

.2

 

10

 

2.0
  1. Review local plans to address actions for local voice telecommunications outages to ensure they are current and enforceable.
  2. Check and test backup systems.
  3. Initiate Day One Strategy.

Complete

 

Jun 1999

June 1999

DCS

 

DCS

DCS
  1. If SSA experiences voice telecommunications outages at the local level, implement the DCO Y2k Contingency Plan.
  2. DCDISP will implement the OHA Y2k Contingency Plan.
  3. OD and State DDSs will implement the OD Y2k Contingency Plan and local DDS contingency plans.
  4. If regional or national-level voice telecommunications outages are experienced, conduct manual processes as appropriate and hold until voice telecommunications are restored.
  5. OCOMM will develop a contingency plan for informing the public.
 

 

 

4.7 Major Infrastructure Systems (Cont’d.) Version 5 ■ 3/31/1999

Risk/Threat Time Horizon To Failure Business Priority

Risk Impact Score Assessment

Risk Mitigation Strategy

Mitigation Strategy

Milestone

Dates

Action Component

 Contingency and Triggers
4.7.3 Data Telecommunications Outage - SSA automated systems are not functional without data telecommunications. Widespread outages must be corrected before core business can be fully processed.

 

 

Jan 1, 2000

 

.2

 

10

 

2.0
  1. Review local plans to address actions for local data telecommunications outages to ensure they are current and enforceable.
  2. Test on Jan 1 and Jan 2, 2000.

Complete

 

Jan 2000

DCS

 

DCS
  1. If SSA experiences data telecommunications outages at the local level, implement the DCO Y2k contingency plan to route workloads to another service center.
  2. DCDISP will implement the OHA Y2k Contingency Plan to route workloads to another service center.
  3. OD and State DDSs will implement the OD Y2k Contingency Plan and local DDS contingency plans to route workloads to another service center.
  4. If national-level data telecommunications outages are experienced, conduct manual processes as appropriate and hold until data telecommunications are restored. For regional failures, workloads will be transferred from the Regional Operation Center (RO C) to the NCC.
4.7.4 SSA’s National Computer Center (NCC) is not operational - SSA relies on the NCC to process its various business functions. Without the NCC or its backup facility (COMDISCO), SSA’s automated systems are not functional. Problems with this system must be corrected before core businesses can be fully processed.

 

 

Jan 1, 2000

 

.2

 

10

 

2.0
  1. Review the Backup and Recovery Plan to ensure it is current and enforceable. The NCC has a backup and recovery plan to guide the agency in the event of a major outage. This plan, updated annually, defines the steps necessary to re-establi sh SSA’s critical data processing and telecommunications capabilities at a commercial backup facility (COMDISCO).
  2. Check and test backup systems.
  3. Monitor telecommunications lines via Network Monitoring Software in SSA’s Information Control Center (ICC). The Network Monitoring Software identifies specific device failures.
  4. Develop Day One Strategy.
  5. Initiate Day One Strategy.

Complete

 

 

 

 

 

Jul 1999

Ongoing

 

 

Apr 1999

June 1999

DCS

 

 

 

 

 

DCS

DCS

 

 

DCS

DCS
  1. If SSA experiences an extended outage at the NCC, implement the Backup and Recovery Plan.
  2. If outages are experienced at both the NCC and its backup facility (COMDISCO), implement the DCO Y2k Contingency Plan and hold data until one of the facilities are restored.
  3. DCDISP will implement the OHA Y2k Contingency Plan and hold data until one of the facilities are restored.
  4. OD and State DDSs will implement the OD Y2k Contingency Plan and local DDS contingency plans and hold data until one of the facilities are restored.
  5. In the event of line failure, DCS will re-route telecommunication lines.
 

 

 

4.7 Major Infrastructure Systems (Cont’d.) Version 5 ■ 3/31/1999

 Risk/Threat Time Horizon To Failure Business Priority

Risk Impact Score Assessment

Risk Mitigation Strategy

Mitigation Strategy

Milestone

Dates

  

Action Component

 Contingency and Triggers
4.7.5 Facility infrastructure is inoperable due to systems not being Year 2000 compliant -Many if not all SSA buildings utilize automated systems for such things as security, environmental control, and elevators, etc. Date sensitive syste ms not made Year 2000 compliant risk being inoperable January 1, 2000.

 

 

Jan 1, 2000

 

.2

 

10

 

2.0
  1. Complete GSA facility surveys.
  2. Complete assessment of the GSA facility surveys including identifying buildings at significant risk.
  3. Participate with GSA to use vendor supplied information to check status of vendor products supporting automated infrastructure systems.
  4. Develop contingency plans for headquarters buildings, Mega-TSCs, PSCs, and DOCs.
  5. Identify manual overrides or alternative systems for building infrastructure systems as part of assessment and certification.
  6. Establish point of contact at each SSA location for manual overrides of applicable systems at the site.
  7. Test infrastructure systems January 1, 2000 to resolve any problems prior to opening for business January 3, 2000.

Mar 1999

Apr 1999

 

Ongoing

 

Complete

Complete

 

Complete

Jan 2000

DCFAM, DCO

DCFAM

 

DCFAM

 

DCFAM

DCFAM

 

DCFAM, DCO

DCFAM, DCO
  1. In the event of a building infrastructure system failure, manual overrides will be applied until system corrections can be made.
  2. ODCFAM will divert resources to ensure corrections are made as soon as possible.
4.7.6 Certain classes of SSA field office, OHA and DDS personal computers are identified as being non-Year-2000 compliant

 

Jan 1, 2000

.1

2

0.2

 Replace all non-compliant personal computers.

Jun 1999

DCS

If all replacements have not been made by June 1, 1999, pursue acquisition of software to make any remaining personal computers compliant.

 

 

 

 

5 Contingency Plan Testing

 The objective of business continuity testing is to evaluate whether individual contingency plans are capable of providing the desired level of support to the Agency’s core business processes. Testing will also validate whether a given plan c an be implemented within a specified time period, and will provide an opportunity to make necessary adjustments to the plan and to the environment within which the plan is testedC e.g., readiness of the facility to deliver service during a contingency. Finally, testing allows the opportunity for a detailed assessment of the cost of operating under a contingency.

Each responsible component will comprehensively test their plan or plans. While emphasis will be placed on those risks carrying the higher business impact scores, all plans will be sufficiently tested to demonstrate their ability to allow business to b e conducted during a contingency.

5.1 Test Guidelines and Environment

In order to ensure their validity, each plan will be reviewed and tested within the guidelines set forth in the GAO’s February 1998 Exposure Draft, Year 2000 Computing Crisis: Business Continuity and Contingency Planning. These guidel ines include provisions for three levels: review, rehearsal and audit. Each of SSA’s local plans will be reviewed and tested by September 30, 1999.

5.1.1 Review

The BCCP will undergo SSA Executive Staff review, and the local contingency plans will be subject to the following review process.

At the local level, managers and specially convened workgroups will develop local contingency plans that ensure that Agency core business processes will continue, to the extent possible, during a year-2000 triggered interruption. The iterative nature o f the local plan development process ensures that optimum functionality and cost-beneficial alternatives are developed and selected. At each stage of development, the ability to provide acceptable levels of service delivery under various systems failure s cenarios will be considered.

On completion, plans will be reviewed by the BCCP team to see that all necessary elements are provided. These elements include, but are not limited to, provisions for staff training, availability of supplies such as forms to be used when reverting to a manual process, availability of backup facilities, availability of procedures, and triggers for return to normal operations.

5.1.2 Rehearsal

There are two types of rehearsal—the desktop exercise and simulation.

5.1.2.1 Desktop Exercise

In the desktop exercise, the manager responsible for implementing a contingency plan will be advised of a hypothetical contingency situation. The manager, or his designee, will then use the plan to work out a response to the situation. The manager will answer questions that relate to the availability of trained staff, adequacy of the facilities, adequacy of the machines, and whether necessary forms and supplies are on hand. Adjustments will be made either to the plan or to the particular environmen t during this phase should any part of the plan fall short of its objective.

 5.1.2.2 Simulation

 Actual simulation takes the desktop exercise a step further. In actual simulation testing, a component or office (or part of an office) will conduct real business as if in a contingency situation. An example of this would be a field office required to process an SSI claim without having access to MSSICS, the automated SSI claims system. The simulation will be thorough enough to assure the component manager that on-site personnel can handle the work, the necessary training has been carried out or sc heduled, needed supplies are available, and that the facility can be adapted to the contingency. At this point, any inadequacy in the plan or the office’s preparation will be remedied in advance of an actual contingency situation.

 5.1.3 Audit

To ensure objectivity in assessing the Agency’s year-2000 contingency plans, SSA contracted with Lockheed Martin to conduct an independent verification and validation (IV&V) of the year-2000 readiness process. The IV&V assessed the adequacy , feasibility, and accuracy of SSA’s year-2000 plans, methodology, metrics and management information reports. These activities were carried out independent of SSA’s Year-2000 Project Management Team. The final report was submitted to the Deputy Commissio ner for Systems on October 21, 1998.

 

 6 Contingency Plan Management

 6.1 Plan Monitoring and Tracking

The team that initially developed the BCCP continues to meet regularly. It comprises staff-level representation from each Deputy Commissioner component having responsibility for SSA’s core business processes. The team holds monthly status me etings to discuss overall progress in developing and testing local plans. The team discusses and resolves issues that crosscut individual local plans, as well as any problems and solutions regarding local plans that are of interest to the team as a whole.

Additionally, SSA has developed the BCCP Local Plan Tracking Report. The tracking system provides the current status of each local plan’s development. In addition, where necessary, it allows for coordination of the individual plans with each other and with the higher level BCCP. The Deputy Commissioners monitor this tracking plan.

The aggressive tracking of local plans is considered vital to the success of the BCCP. Because of the high degree of interdependency among local plans, a failure or shortcoming in one plan could negate the effects of another plan. For example, no matte r how well the post-entitlement process operates, it is dependent on the check issuance process to be completely successful.

Finally, each Deputy Commissioner involved in Year-2000 contingency planning has made firm commitments with regard to staff and other resources to develop and test the local plans under their responsibility.

 

6.2 Process for Plan Updates

The BCCP is updated quarterly. The quarterly revisions reflect plan changes that have occurred as a result of changes in status of mitigation efforts, review of individual plans, and needed adjustments stemming from contingency plan testing.

All plan changes and updates to the printed Plan are made by the BCCP team and coordinated through the Year-2000 Project Manager.

 

 7 Definitions

 Architecture - A description of all functional activities to be performed to achieve the desired mission, the system elements needed to perform the functions, and the designation of performance levels of those system elements. An arch itecture also includes information on the technologies, interfaces, and location of functions and is considered an evolving description of an approach to achieving a desired mission.

Business Architecture - A description of the systems, databases, and interactions between systems and databases that will be needed to fulfill business requirements.

Business Continuity - The sum of an organization’s businesses. It includes all of the core business functions which define the organization.

Business Continuity Plan - In the context of the year-2000 program, the overall plan, including risk mitigation strategy, contingencies, and recovery, to ensure the organization’s core business processes continue in spite of disruptions t o infrastructure and/or support systems.

Business Function - A group of logically related tasks that are performed together to accomplish an objective.

Business Priority - A score derived by multiplying Risk Assessment and Impact ranging from 0.1 (low) to 10 (high). The score can help the organization determine areas of emphasis and where resources will be employed when it becomes obviou s not all risks/threats can be mitigated.

Business Resumption Team - Team comprised of application system expertise and business analysts. This is a quick action team that will pinpoint the computer-related problem and bring subject matter experts in to correct the problem.

Contingency - Planned action(s) to eliminate or reduce the Impact of a risk/threat at or after the Time Horizon to Failure.

Contingency Plan - In the context of the year-2000 program, a plan for responding to the loss or degradation of essential services due to a year-2000 problem in an automated system. In general, a contingency plan describes the steps the e nterprise would takeC including the activation of manual or contract processesC to ensure the continuity of its core business processes in the event of a year-2000-induced system failure.

Day One Strategy - A risk-reduction strategy and procedures for the period between mid-November 1999 and mid-January 2000 that will be documented in a detailed Day 1 Plan.

Impact - The degree of effect on a whole number scale of zero (low) to 10 (high) that a risk/threat will have on the organization if it is not mitigated.

Infrastructure - The facilities, equipment, installations, and support systems needed for the functioning of a system.

Interface - A boundary across which two systems communicate. An interface might be a hardware connector used to link to other devices, or it might be a convention used to allow communication between two software systems.

Magnetic Media - Tape, cartridges and floppy disks used for storing data.

Mission-Critical System - A system supporting a core business process.

Risk Analysis - A combination of risk assessment and risk evaluation, performed at a particular point in time.

Risk Assessment - An activity performed to identify risks and estimate their probability and the impact of their occurrence; it is used during system development to provide an estimate of damage, loss, or harm that could result from a fai lure to successfully develop individual system components.

Risk Evaluation - The process of determining the acceptability of risks.

Risk Management - A management approach designed to prevent and reduce risks, including system development risks, and lessen the impact of their occurrence.

Risk Mitigation - Action(s) taken to eliminate or reduce the Impact or Likelihood of a risk/threat prior to the Time Horizon to Failure.

Risk/Threat - Event or non-event having a negative impact on or endangering a core business function or critical system of the organization.

Strategic Plan - A long-term, high-level plan that identifies broad business goals and provides a roadmap for their achievement.

System Infrastructure - The computer and communication hardware, software, databases, people, and policies supporting the enterprise’s information management functions.

Test - The process of exercising a product to identify differences between the expected and actual behavior.

Test Facility - A computer system isolated from the production environment dedicated to the testing and validation of applications and system components.

Time Horizon to Failure - Date when the risk/threat will first have impact.

Trigger - The event or events that cause a contingency plan to be implemented.

Validation - The process of evaluating a system or component during or at the end of the development process to determine whether it satisfies specified requirements.

Year-2000 Compliant - " ... with respect to information technology, … the information technology accurately processes date/time data (including, but not limited to, calculating, comparing, and sequencing) from, into, and between the twentieth and twenty-first centuries, and the years 1999 and 2000 and leap year calculations, to the extent that other information technology, used in combination with the information technology being acquired, properly exchanges date/time data with it.&q uot; (48 CFR Part 39.002)