SSA ORGANIZATIONAL MANUAL

Chapter S4

OFFICE OF THE DEPUTY COMMISSIONER, SYSTEMS


  1. Mission

    The Office of the Deputy Commissioner, Systems (ODCS) directs the conduct of systems and operational integration and strategic planning processes, and the implementation of a comprehensive systems configuration management, database management and data administration program. Initiates software and hardware acquisition for SSA and oversees software and hardware acquisition procedures, policies and activities. Directs the development of operational and programmatic specifications for new and modified systems, and oversees development, validation and implementation phases. In addition, as the Chief Information Officer (CIO) participates as a member of the Federal CIO Council. The CIO is the focal point for SSA’s application of the Clinger-Cohen Act IT management reforms. Responsibility includes managing SSA’s IT investment process and assessing the performance of the agency’s major IT investments. Administers SSA’s records management program and serves as the liaison with the National Archives and Records Administration and General Services Administration on records issues. Manages and directs SSA’s overall information systems security program.
  2. Organization
    1. The Deputy Commissioner, Systems (S4)
    2. The Assistant Deputy Commissioners, Systems (S4)
    3. The Chief Technology Officer (S4)
    4. The Immediate Office of the Deputy Commissioner, Systems (S4C)
    5. The Office of Enterprise Information Systems (S4S)
    6. The Office of Systems Architecture (S4V)
    7. The Office of Benefit Information Systems (S4W)
    8. The Office of Disability Information Systems (S4X)
    9. The Office of IT Programmatic Business Support (S42)
    10. The Office of IT Enterprise Business Support (S43)
    11. The Office of IT Financial Management and Support (S44)
    12. The Office of Systems Operations (S45)
    13. The Office of Hardware Engineering (S46)
    14. The Office of Information Security (S47)
  3. Functions
    1. The Deputy Commissioner, Systems (S4) is directly responsible to the Commissioner for carrying out the ODCS mission and providing general supervision to the major components of ODCS. In addition the CIO is a member of the Federal CIO Council. The CIO is the focal point for SSA’s application of the Clinger-Cohen Act IT management reforms.
    2. The Assistant Deputy Commissioners, Systems (S4) assist the Deputy Commissioner in carrying out his/her responsibilities and perform other duties as the Deputy Commissioner may prescribe. The Assistant Deputy Commissioners serve as the Acting DCS/CIO in the absence of the DCS/CIO. In addition, the Assistant Deputy Commissioners are responsible for overseeing IT Business Support which works with the business community to capture business requirements and describe the software systems and services to meet these requirements; overseeing Software Engineering which focuses on developing and providing software systems and services the business community requires to provide first-class service to the American public; and overseeing Systems Operations and Hardware Engineering related to the agency’s IT infrastructure and network.
    3. The Chief Technology Officer (S4), who reports to the CIO, provides leadership and direction for developing an enterprise approach to how SSA explores, develops and integrates new technology and IT solutions and leads the agency strategy for technology direction, building a technology infrastructure roadmap to plan and design SSA technology platforms to support the agency’s 2025 vision. It directs the development of SSA’s Enterprise Architecture (EA) and assures that the associated standards and procedures are followed to improve the agency’s programmatic, administrative and management information systems environment.
    4. The Immediate Office of the Deputy Commissioner, Systems (S4C) provides the Deputy Commissioner, Systems and the Assistant Deputy Commissioners with management support on the full range of their responsibilities including human capital planning, IT succession, employee engagement, communications, management assistance, staffing/recruitment, performance management, classification/organization management, space/facilities/property management, travel management, labor relations, procurement/micropurchasing, assignment and correspondence tracking, etc.
    5. The Office of Enterprise Information Systems (OEIS) (S4S) designs, develops, and maintains SSA’s mission critical earnings, enumeration, administrative and customer information systems, enterprise services and applications. Responsibilities include the technical design, bimodal development and implementation of new systems and modifications to existing systems, including the procurement of commercial software products, as required by new legislation, regulations and SSA Policy directives. OEIS also evaluates the effect of proposed legislation, policies, regulations and management initiatives to determine the technical impact on these systems, and participates in post- implementation reviews. The broad systems areas for which OEIS is responsible include: enumeration (SSN) and verification, customer information, enterprise services, eGovernment solutions, earnings establishment, corrections and employer data, death processing, integrity review and audit, communications, business intelligence, financial processing and accounting, human resources and payroll, a variety of workload control and tracking applications, and internal and external data exchanges.
    6. The Office of Systems Architecture (OSA) (S4V) identifies the strategic information technology (IT) resources needed to support SSA business processes and operations and the transition processes for researching, demonstrating and implementing new technologies in response to the agency’s strategic vision. The office directs Data Administration/Data Management to help assure data quality and consistency across the agency’s programmatic, administrative and management information systems. Data Administration/Data Management develops and executes architectures, policies, practices and procedures that properly manage the full data lifecycle needs of the enterprise to assure data is shareable, reusable and described at the enterprise level. The office directs SSA’s database integration activities to improve the administration of the agency’s programmatic, administrative and management information databases and to implement modern database management systems technology. OSA promotes awareness and adoption of new practices in software development by playing an active role in the implementation and use of the Modern Development Environment, mentoring existing and new software developers, implementing best practices and methodologies and augmenting software development activities. OSA directs a comprehensive information technology architecture program to modernize the agency’s IT applications and infrastructure. The office designs, develops and implements the architectures used to manage the storage and routing of document images along with the retention information for these electronic images as they relate to official agency records. OSA plans and directs multi-platform enterprise software development facilities to support applications development and validation personnel. The office designs, develops, implements and maintains automated test methods, test data systems and test utilities used to provide test data management and batch execution services for software testing in the test environment. OSA directs the agency’s implementation and management of Service Oriented Architecture (SOA). OSA manages the Help Desk Initiatives Support Services (HDISS) contract. The HDISS contract provides technical resources and support for SSA’s standard desktop and laptop software to all SSA employees and contractors through the SSA Technology Assistance Center (STAC); desktop support and network administration to the Office of the Commissioner and various other executive-level offices; and technical assistance to the SSA developers in the design and development of applications using web-based software tools through Web Engineering Support Services.
    7. The Office of Benefit Information Systems (OBIS) (S4W) is responsible for programmatic and management information systems which support the Nation’s Retirement and Survivors Insurance (Title 2), Supplemental Security Income (Title 16) and Medicare (Title 18) initial claims, post-entitlement, payments, audit, integrity review, Treasury operations and notices. OBIS designs, develops, coordinates and implements new or redesigned software to meet SSA’s automation needs in the broad area of Title 2 and Title 16 programmatic processes for such areas as earnings, eligibility/entitlement, redeterminations, pay/computations and debt management/recovery. OBIS is also responsible for the design, development, implementation and maintenance of application software and services supporting the Medicare program (Title 18). OBIS evaluates the effect of proposed legislation, policies, regulations and management initiatives to determine the impact on the applications and services supported by the organization. OBIS collaborates with internal and external stakeholders across the business systems and contractor communities to deliver innovative information technology (IT). OBIS ensures compliance with applicable software development standards and actively strives to improve agility, working with the Chief Technology Officer and other stakeholders in adopting innovative technologies, methodologies and processes. OBIS supports the stakeholder community through effective communications, configuration control and release planning. The organization ensures timely notification of planned and unforeseen outages, responsiveness in restoring services and due diligence in addressing data anomalies in an automated fashion when practicable.
    8. The Office of Disability Information Systems (ODIS) (S4X) directs, develops, implements and maintains systems that support the agency’s new and modified Disability and health insurance programs. ODIS is also responsible for post-entitlement activities associated with the Disability Program. ODIS is responsible for the design and development phases of the systems development lifecycle. These responsibilities include determining automation solutions for user needs, analyzing existing computer applications, preparing recommendations (including costs and benefits of alternatives), designing and developing software, testing systems, implementing security standards, documenting systems, accepting systems on behalf of SSA's user community, implementing and installing new and modified systems and conducting post-installation evaluation. ODIS is responsible for long-range planning and analyses to define new and improved systems processes in support of agency needs and maintains a comprehensive, updated and integrated set of software programs. ODIS implements systems required by new legislation, regulations and SSA policy directives.
    9. The Office of IT Programmatic Business Support (OITPBS) (S42) is a customer-focused, service-oriented organization within the Office of Systems. OITPBS collaborates with business stakeholders to identify and understand business cases/needs and define system requirements. This office collaborates with agency business components and software engineering components within the Office of Systems to support the practical resolution of business needs through technology in a teamwork environment. OITPBS is primarily responsible for product/project management, documentation of business needs and development of systems requirements for SSA entitlement applications. The major areas of concentration for OITPBS are: business intelligence and analytics; data exchange with other entities and government organizations; disability analysis and case processing and documentation; data collection and support; debt management; representative payee systems; quality assurance; and programmatic support for Title II, Title XVI and Medicare. OITPBS ensures all of its processes maintain the highest standards of data integrity through accurate and efficient processing of taxpayer and beneficiary records in support of the Title II and Title XVI programs. OITPBS also manages supporting activities such as business intelligence and workload management systems. The office provides big data analytics to assist SSA in making business decisions by enabling users to analyze huge volumes of transaction data and other untapped data sources. OITPBS collaborates with the business community to evaluate the effect of proposed legislation, policies, regulations and management initiatives to determine the impact on these systems and develops requirements and procedures as they relate to legislation, regulations and SSA policy directives. OITPBS directs the coordination of user requirements with SSA central and regional operations to ensure it accurately captures and defines user needs. OITPBS works diligently to thoroughly validate software applications, supports and coordinates user acceptance testing activities, and conducts post-implementation reviews of new systems. Validation efforts include exercising manual scripts, running automated tests and coordinating user validation.
    10. The Office of IT Enterprise Business Support (OITEBS) (S43) is a customer-focused, service-oriented organization within the Office of Systems. OITEBS collaborates with business stakeholders to identify and understand business cases/needs and define system requirements. This office collaborates with agency business components and software engineering components within the Office of Systems to support the practical resolution of business needs through technology in a teamwork environment. The office is primarily responsible for product/project management, documentation of business needs and development of systems requirements for SSA enterprise software and cross-cutting applications that support the agency’s core mission workloads. The major areas of concentration for OITEBS are: Enumeration and Earnings; Messaging and Communications; Online Customer Service; Administrative Systems; Online Validation and Testing; User Experience, Accessibility, Anti-Fraud, Integrity Review and Program and Project Management. OITEBS ensures that all of its processes maintain the highest standards of data integrity, accurate and efficient processing of taxpayer and beneficiary records, responsiveness to users with disabilities (Section 508), and the public in general. The office evaluates the effect of proposed legislation, policies, regulations and management initiatives to determine the impact on these systems. OITEBS collaborates with the business community to develop information requirements and procedures as they relate to legislation, regulations and SSA policy directives. The office directs the coordination of user requirements with SSA central and regional operations to ensure that it accurately captures and defines user needs. OITEBS leads the design and testing of user interface standards and delivers technical documentation of the agency’s modernized systems online screens. The office enhances the end-user experience of SSA’s systems by applying proven user-centered design methods. OITEBS works diligently to thoroughly validate the software applications, supports and coordinates user acceptance testing activities, and conducts post-implementation reviews of new systems. Validation efforts include exercising manual scripts, running automated tests, and coordinating user validation. OITEBS collaborates with the Office of Information Security (OIS) and other components to identify possible fraud scenarios and develop the requirements and software needed to track online transactions by employees and/or the public to detect, as well as prevent, the fraud, waste and abuse of SSA programs to ensure the integrity of our systems.
    11. The Office of IT Financial Management and Support (OITFMS) (S44) supports the Deputy Commissioner for Systems/Chief Information Officer (DCS/CIO) in planning and executing sound Information Technology (IT) investments for the agency, maximizing accountability, compliance, and value for the agency’s IT investments. OITFMS supports the DCS/CIO with the full range of his/her responsibilities as they relate to Capital Planning and Investment Control (CPIC) including IT planning, resource allocation, budget, cost/performance management, compliance, and reporting to higher-level monitoring authorities. The office supports the DCS/CIO in carrying out his/her financial and management activities. OITFMS provides overall management of the planning, development and execution of the IT Systems Budget for the agency and the Administrative Budget for the Office of Systems. The office develops policies and guidelines for the exercise of the DCS/CIO budget responsibility, and evaluates and appraises the manner in which DCS/CIO carries out these responsibilities. The office is responsible for IT training, internal controls, audits, contract management, software development lifecycle processes, Records Management and management of the Information Technology Investment Process. OITFMS supports development of the agency Information Resources Management (IRM) Strategic Plan and ensures that it aligns with the Agency Performance Plan. The office manages the development and implementation of standards, methods and procedures for software planning, tracking, requirements, design, development, validation and change control. It provides support for program/project management and control. OITFMS manages a comprehensive, technical and project management training program to ensure Systems staff can meet technological challenges and regulatory requirements. The office is responsible for providing oversight and guidance on audit programs directed at SSA, directs the DCS Executive Assurance program ensuring internal controls are in place to meet prescribed guidance, as well as developing and maintaining DCS Continuity of Operations Planning (COOP) documentation. OITFMS administers SSA’s Records Management program and serves as the liaison with the National Archives and Records Administration and General Services Administration on records issues. OITFMS provides a governance structure to implement, direct, and oversee implementation of the DCS Enterprise Risk Management (ERM) program in support of the agency ERM.
    12. The Office of Systems Operations (OSO) (S45) directs, manages, and coordinates the planning, implementation, operation, and maintenance of SSA’s computer systems operations, enterprise Information Technology (IT) infrastructure and application services. OSO monitors and provides 24x7 IT operations support for enterprise applications for the entire agency including DCO, Office of Hearings Operations (OHO), DDSs, OQP, OIG, OGC, etc. In addition, OSO monitors and maintains all computer storage and network assets and all electronic services residing at SSA’s data centers. OSO maintains infrastructure related to batch, integration testing, IT Security infrastructure, change management, database, print operations, Service Level Agreements (SLA) and infrastructure facility usage. The office performs governance activities associated with change and release management for applications and systems software, capacity planning, performance testing and the delivery of infrastructure services to “guarantee” a highly available environment (99.95% uptime) for Internet, SSN verification workloads, Business-to-Government and Government-to-Government data exchanges. OSO consists of seven divisions, the Network Operations Center (NOC), and six Remote Operations Communication Centers (ROCCs). It develops the specifications, executes the system implementation, and operates an in-house IT help desk to provide support, training and customer service to over 65,000 SSA employees, 30,000 DDS state employees, and 10,000 Industry Partners. The office is responsible for Continuity of Operations Planning (COOP) at the target failover site to include site-identification, planning, and restoration of permanent services from the failed center. OSO is responsible for execution of the Disaster Recovery Plan, failed site-damage assessment and recovery of assets. The office is accountable for 24x7 operations stability, availability and security of the agency’s IT infrastructure and environment.
    13. The Office of Hardware Engineering (OHE) (S46) provides reliable, secure, and efficient Information Technology (IT) engineering solutions that support SSA’s service delivery mission, its strategic business processes, and its core operational goals and requirements. OHE is accountable for planning, designing, building, testing, delivering, operating, and managing the enterprise IT environment which resides within the agency’s data centers, and which is comprised of the computing, network, telecommunications, storage infrastructures and service delivery platforms. OHE collaborates with other components within the agency (including other components within the Office of Systems) to identify the agency’s technology needs, to develop cost-effective data center hardware, software, and end-user technology solutions to meet those needs.
    14. The Office of Information Security (OIS) (S47) is responsible for developing, managing and directing SSA’s IT security program. OIS develops, manages and provides oversight of functions for agency-wide IT security policies and procedures. OIS’ robust IT security program includes: providing security and PII awareness training and serving as liaison to components and systems developers; protecting the confidentiality, integrity and availability of SSA’s computer systems and information; identifying and implementing risk-based security controls; conducting compliance reviews and tracking security metrics to gauge compliance and effectiveness. OIS is also responsible for analyzing risks, vulnerabilities and trends to identify threats; identifying solutions to mitigate threats; and identifying appropriate risk mitigation strategies to support SSA’s evolving technology and business processes. These processes include a comprehensive penetration-testing program of both internal- and external-facing systems, reviewing application code for vulnerabilities before it is released to the production environment; and reporting on vulnerabilities in previously deployed applications and infrastructure. OIS is further responsible for the agency’s Identity, Credential and Access Management program. In this role, OIS is tasked with the design, development and deployment of security software to protect SSA systems through the authorization of access requests and logical access to SSA systems. The office also serves as the central Security Administrator for access to mainframe systems as the centralized Component Security Officers for Office of Systems’ components. Additionally, OIS is responsible for reporting the agency’s IT security posture to higher monitoring authorities including the Office of Management and Budget (OMB), the Department of Homeland Security (DHS), the Government Accountability Office (GAO) and other outside oversight organizations. OIS prepares various internal reports for Executive review and oversight as well. The office also interprets new guidance and recommendations from OMB and the National Institute of Standards and Technology and other applicable guidance. OIS is responsible for assessing risk to IT systems and its Security Assessment and Authorization program, which conducts risk assessments and compliance reviews of both on-going operations and new applications. OIS is responsible for reengineering both the Audit Trail System and the Comprehensive Integrity Review Program system. The office is the SSA lead for the Continuous Diagnostic and Mitigation program, which is mandated by DHS to improve the security posture of all Federal Executive Departments and Agencies. OIS operates SSA’s Security Operations Center (SOC), which is responsible for monitoring the agency’s network of potential intrusions and other software and hardware vulnerabilities 24 hours a day, 7 days a week. The SOC investigates and coordinates the correction of found vulnerabilities in cooperation with local Systems Administrators. Finally, OIS serves as the overall agency lead for IT incident and breach response; in this role, the Chief Information Security Officer serves as the Incident Commander and coordinates SSA’s response to any IT incidents.

 

SSA ORGANIZATION MANUAL

Subchapter S4S

OFFICE OF ENTERPRISE INFORMATION SYSTEMS

  1. Mission

    The Office of Enterprise Information Systems (OEIS) is responsible for the technical design, development, and maintenance of SSA’s mission critical earnings, enumeration, administrative and customer information systems, enterprise services and applications. Responsibilities include the technical design, bimodal development and implementation of new systems and modifications to existing systems, including the procurement of commercial software products. The office evaluates the effect of proposed legislation, policies, regulations and management initiatives to determine the technical impact on these systems, and participates in post-implementation reviews. OEIS collaborates with information technology business support and other software engineering components within the Office of Systems to support the practical resolution of business needs through technology in a teamwork environment. The broad systems areas for which OEIS is responsible include enumeration (SSN) and verification, customer information, enterprise services, eGovernment solutions, earnings establishment, corrections and employer data, death processing, integrity review and audit, authentication, business intelligence, communications, financial processing and accounting, human resources and payroll, a variety of workload control and tracking applications, and internal and external data exchanges.
  2. Organization
    1. The Associate Commissioner for Enterprise Information Systems (S4S)
    2. The Deputy Associate Commissioner for Enterprise Information Systems (S4S)
    3. The Immediate Office of the Associate Commissioner for Enterprise Information Systems (S4S)
    4. The Division of Enterprise Services, Authentication and Integrity Review (S4SA)
    5. The Division of Business Intelligence and Data (S4SB)
    6. The Division of Financial, Administrative and Communication Systems (S4SC)
    7. The Division of Enumeration, Customer Information and Data Exchange (S4SE)
    8. The Division of Earnings Systems (S4SG)
    9. The Division of Agile Enterprise Systems (S4SH)
  3. Functions
    1. The Associate Commissioner for Enterprise Information Systems (OEIS) (S4S) is directly responsible to the Assistant Deputy Commissioner for Systems (Software Engineering) for carrying out the OEIS mission and providing general supervision to the major components of OEIS.
    2. The Deputy Associate Commissioner for Enterprise Information Systems (OEIS) (S4S) assists the Associate Commissioner in carrying out his/her responsibilities and performs other duties as the Associate Commissioner may prescribe.
    3. The Immediate Office of the Associate Commissioner for Enterprise Information Systems (OEIS) (S4S) provides the Associate Commissioner and Deputy Associate Commissioner with administrative staff assistance, senior technical advice, planning and customer relations support on the full range of their responsibilities.
    4. The Division of Enterprise Services, Authentication and Integrity Review (S4SA)
      1. Designs, develops and implements new and redesigned software to meet SSA’s automated data processing needs in the broad areas of enterprise services, authentication, audit and internal controls, and integrity reviews.
      2. Designs, develops and maintains the software engineering architecture appropriate for delivering eGovernment services to SSA’s customers in accordance with the agency’s Electronic Service Delivery (ESD) Strategy.
      3. Designs, develops and maintains enterprise registration and authentication internet software integral to SSA’s eGovernment Internet Strategy.
      4. Defines technical specifications, designs, develops and maintains enterprise Internet, Intranet, Extranet and telephone applications to support Government-to-Government initiatives.
      5. Evaluates and reports the technical impact of legislative proposals, regulations and policy changes on existing enterprise services, authentication, audit and internal controls, integrity review software applications and architecture, and determines whether new development or modified software is required.
      6. Develops enterprise services, authentication, audit, internal controls, and integrity review software programs to satisfy user needs as defined in requirements documentation.
      7. Plans and conducts unit tests of newly-developed systems and modifications to existing systems against user defined requirements and performance criteria.
      8. Develops and maintains a comprehensive, updated and integrated set of technical documentation and systems flowcharts.
    5. The Division of Business Intelligence and Data (S4SB)
      1. Designs, develops, and implements new or redesigned systems in the broad areas of business intelligence, work measurement, and cost analysis.
      2. Responsible for the business intelligence architecture and data warehouse development and maintenance in support of agency systems.
      3. Maintains the business intelligence repository, which houses data definition, calculations, and transformation and business rules in support of business intelligence applications.
      4. Designs, develops and implements systems associated with office and organizational information and select enterprise web services.
      5. Evaluates and reports the technical impact of legislative proposals, regulations and policy changes on existing business intelligence, work measurement, and cost analysis software applications and architecture, and determines whether new development or modified software is required.
      6. Develops business intelligence, work measurement and cost analysis software programs to satisfy user needs as defined in requirements documentation.
      7. Plans and conducts unit tests of newly-developed business intelligence, work measurement and cost analysis systems and modifications to existing systems against user defined requirements and performance criteria.
      8. Develops and maintains a comprehensive, updated and integrated set of business intelligence, work measurement and cost analysis technical documentation and systems flowcharts.
      9. Provides technical support consultation and assistance to end-users and developers in the use of business intelligence reporting, extract transformation load (ETL), and mapping software. Directs the development of support procedures to monitor user problem resolution and the implementation of software upgrades.
      10. Provides technical support, consultation and assistance to end-users and developers in the use of Data Analytics and Big Data.
    6. The Division of Financial, Administrative and Communication Systems (S4SC)
      1. Designs, develops, and implements administrative application systems and enhancements to existing systems in the broad areas of financial/budget, human resources, communications, and payroll processes.
      2. Provides the communications architecture and programming to support the delivery of notices in various output formats (e.g., print, Braille, Data CD, Audio CD, Large Print, etc.).
      3. Develops and provides the technical infrastructure and software that support the formatting of automated SSA notices.
      4. Develops and provides the technical infrastructure and software to support the composition of Program Service Center and Field Office notice content.
      5. Develops and provides the technical infrastructure and software that supports the language maintenance activities and language search facility.
      6. Develops and provides the software that supports the automated mailing of SSA’s most frequently requested pamphlets to the public.
      7. Works with SSA technical staff to define current and future communications architecture.
      8. Maintains language repositories for notice language.
      9. Provides automated electronic solutions in support of payroll and human resource-related initiatives, including the Human Resource Portal.
      10. Designs, develops, implements and maintains software to support SSA’s financial and budgetary needs.
      11. Provides comprehensive automated solutions to support SSA’s administrative activities.
      12. Evaluates and reports the technical impact of legislative proposals, regulations and policy changes on existing financial/budget, human resources, communications and payroll software applications and architecture, and determines whether new development or modified software is required. Evaluates the potential application of Commercial-off-the-Shelf and Government-developed-off-the-Shelf software.
      13. Develops technical design specifications and software programs to satisfy user needs as defined in requirements documentation.
      14. Plans and conducts unit tests of newly-developed financial/budget, human resources, communications and payroll software applications systems and modifications to existing systems against user defined requirements and performance criteria.
      15. Develops and maintains a comprehensive, updated and integrated set of technical documentation and systems flowcharts.
    7. The Division of Enumeration, Customer Information and Data Exchange (S4SE)
      1. Designs, develops and implements new or redesigned software to meet SSA’s automated data processing needs in the broad areas of enumeration, customer information, death processing, and verifications and data exchanges.
      2. Designs, develops and implements software to issue Social Security Numbers (SSNs) and provide original and replacement SSN cards to eligible recipients.
      3. Develops enumeration management information application systems and enhancements to existing systems.
      4. Produces automated solutions to capture, process, and appropriately share death information.
      5. Designs, develops and implements queries and extract software to retrieve and display Master File and Database transactions and data in on-line and off-line environments.
      6. Designs, develops and implements software to meet the needs of the Visitor Intake Process (VIPr) and the Customer Help and Information Program (CHIP).
      7. Produces automated solutions that provide internal and external data exchanges and verifications.
      8. Evaluates and reports the technical impact of legislative proposals, regulations and policy changes on existing enumeration, customer information, death processing, verification and data exchange software applications and architecture, and determines whether new development or modified software is required.
      9. Develops enumeration, customer information, death processing, verification and data exchange software programs to satisfy user needs as defined in requirements documentation.
      10. Plans and conducts unit tests of newly-developed enumeration, customer information, death processing, verification and data exchange systems and modifications to existing systems against user defined requirements and performance criteria.
      11. Develops and maintains a comprehensive, updated and integrated set of enumeration, customer information, death processing, verification and data exchange technical documentation and systems flowcharts.
    8. The Division of Earnings Systems (S4SG)
      1. Designs, develops and implements new or redesigned systems to meet SSA’s automated data processing needs in the broad areas of employer wage reporting, wage data storage, earnings corrections, earnings maintenance, earnings use, and earnings management information.
      2. Designs, develops, implements and maintains software to capture and store annual wage reporting.
      3. Produces automated solutions to provide summarized and detailed earnings data to internal and external customers.
      4. Designs, develops, implements and maintains applications to correct earnings information and provide management information.
      5. Evaluates and reports the technical impact of legislative proposals, regulations and policy changes on existing earnings software applications and architecture, and determines whether new development or modified software is required.
      6. Develops earnings systems design specifications and systems to satisfy user needs as defined in requirements documentation.
      7. Plans and conducts unit tests of newly-developed earnings systems and modifications to existing systems against user defined requirements and performance criteria.
      8. Develops and maintains a comprehensive, updated and integrated set of earnings systems technical documentation and systems flowcharts.
      9. Captures a 1% sample of work history for all issued SSNs for use in statistical studies, trustee reports and SSA publications.
    9. The Division of Agile Enterprise Systems (S4SH)
      1. Designs, develops, and implements new or redesigned customer engagement and agile software to meet SSA’s automated data processing needs using agile, flexible processes.
      2. Designs, develops and implements customer engagement and agile software, systems and services using the latest technology and tools.
      3. Defines technical specifications, designs, develops and maintains enterprise customer-interactive products such as those included in Customer Engagement Tools.
      4. Evaluates and reports the technical impact of legislative proposals, regulations and policy changes on customer engagement and other agile software applications and architecture, and determines whether new development or modified software is required.
      5. Develops customer engagement and agile software programs to satisfy user needs as defined in requirements documentation.
      6. Plans and conducts unit tests of newly-developed customer engagement and agile systems and modifications to existing systems against user defined requirements and performance criteria.
      7. Develops and maintains a comprehensive, updated and integrated set of customer engagement and agile technical documentation and systems flowcharts.

 

SSA ORGANIZATION MANUAL

Subchapter S4V

OFFICE OF SYSTEMS ARCHITECTURE

  1. Mission

    The Office of Systems Architecture (OSA) (S4V) identifies the strategic information technology (IT) resources needed to support SSA business processes and operations and the transition processes for researching, demonstrating and implementing new technologies in response to the agency’s strategic vision. The office directs Data Administration/Data Management to help assure data quality and consistency across the agency’s programmatic, administrative and management information systems. Data Administration/Data Management develops and executes architectures, policies, practices and procedures that properly manage the full data lifecycle needs of the enterprise to assure data is shareable, reusable and described at the enterprise level. The office directs SSA’s database integration activities to improve the administration of the agency’s programmatic, administrative and management information databases and to implement modern database management systems technology. OSA promotes awareness and adoption of new practices in software development by playing an active role in the implementation and use of the Modern Development Environment, mentoring existing and new software developers, implementing best practices and methodologies and augmenting software development activities. OSA directs a comprehensive modern software support program focused on evaluating, teaching and implementing modern software development technologies, architectures and practices within the Office of Systems. The office designs, develops and implements the architectures used to manage the storage and routing of document images along with the retention information for these electronic images as they relate to official agency records. OSA plans and directs multi-platform enterprise software development facilities to support applications development and validation personnel. The office designs, develops, implements and maintains automated test methods, test data systems and test utilities used to provide test data management and batch execution services for software testing in the test environment. OSA directs the agency’s implementation and management of Service Oriented Architecture (SOA). OSA manages the Help Desk Initiatives Support Services (HDISS) contract. The HDISS contract provides technical resources and support for SSA’s standard desktop and laptop software to all SSA employees and contractors through the SSA Technology Assistance Center (STAC); desktop support and network administration to the Office of the Commissioner and various other executive-level offices; and technical assistance to the SSA developers in the design and development of applications using web-based software tools through Web Engineering Support Services.
  2. Organization
    1. The Associate Commissioner for Systems Architecture (S4V)
    2. The Deputy Associate Commissioners for Systems Architecture (S4V)
    3. The Immediate Office of the Associate Commissioner for Systems Architecture (S4V)
    4. The Division of Enterprise Architecture and Data Administration (S4VA)
    5. The Division of Database Systems (S4VB)
    6. The Division of Enterprise Software Engineering Infrastructure (S4VC)
    7. The Division of Testing Services (S4VH)
    8. The Division of Enterprise Software Architecture (S4VK)
  3. Functions
    1. The Associate Commissioner for Systems Architecture (S4V) is directly responsible to the Assistant Deputy Commissioner for Systems (Software Engineering), for carrying out the OSA mission and providing general supervision to the major components of OSA.
    2. The Deputy Associate Commissioners for Systems Architecture (S4V) assist the Associate Commissioner in carrying out his/her responsibilities and perform other duties as the Associate Commissioner may prescribe.
    3. The Immediate Office of the Associate Commissioner for Systems Architecture (S4V) provides the Associate Commissioner and Deputy Associate Commissioners with senior technical support; management assistance; technology leadership and planning; resource oversight and management; support for legislation and other initiatives on the full range of their responsibilities; and develops, directs and maintains the OSA COOP program, including periodic testing and training.
    4. The Division of Enterprise Architecture and Data Administration (S4VA)
      1. Works with SSA technical staff to define application, data and infrastructure architectures.
      2. Develops and maintains enterprise data models and other documentation that define SSA’s existing and planned (target) data architectures.
      3. Provides guidance to SSA IT projects and proposals to ensure their alignment with the Enterprise Data Architecture.
      4. Reviews higher monitoring authority reporting requirements and directs the development and maintenance of documentation to respond to those requirements.
      5. Provides technical support, oversight and automation for SSA’s technology Software Governance and Compliance initiatives including Enterprise Software Engineering Tools (ESET) Management activities and SharePoint.
      6. Works with business components to identify and coordinate enterprise-wide technology and data architectural needs.
      7. Directs the development of Systems-wide data administration policies, procedures and standards for the specific phases of the lifecycle development process and development of methods to assure the quality of systems products.
      8. Directs the integration of data and process models, as well as software designs. Tests new ideas in a laboratory environment and offers potential solutions to the agency for implementation.
      9. Directs the development of requirements for standardizing data collection, storage and use across application areas.
      10. Provides data administration program expertise, management direction and oversight for crosscutting segments for all SSA systems initiatives, legislative initiatives or projects involving the initiation, interpretation and/or the implementation of programmatic, administrative and management information systems.
      11. Provides data administration and services as well as a variety of high-level coordinative, analytical, consultative and advisory services to SSA as a whole relative to highly visible and complex systems initiatives.
      12. Develops and maintains the Data Management architecture, including the Data Resources Management System and other components of the official enterprise repository of data and metadata for SSA systems.
      13. Directs the establishment of automated documentation products and analytical products to support software engineering and database integration.
      14. Provides direction in identifying techniques and tools that support data resource management as well as evaluating new data resource technology to the SSA environment.
      15. Oversees the suite of software engineering tools that must be controlled and supported by centralized mechanisms, the Enterprise Software Engineering Tools (ESET) Management Board. While any tool used to produce software can be described as a software engineering tool, only those tools determined to need central support are Enterprise Software Engineering Tools. One of the most important tasks controlled by this process is making those determinations.
      16. Provides Global Reference Table (GRT) support which includes maintaining the GRT Architecture, GRT Portal, GRT Registration Process and value set tables as defined by policy owners/sponsors and directs development of access services for reuse and to ensure accurate use of GRTs.
      17. Supports the Source Code Process which generates code that provides access to SSA’s programmatic master files and IDMS databases, maintains data integrity of IDMS databases and provides CICS screen mapping for SSA programmatic application areas.
      18. Supports enterprise SharePoint governance, administration and user support.
      19. Supports enterprise Web Content Management System (WCMS) Governance.
    5. The Division of Database Systems (S4VB)
      1. Develops and maintains the Master Data Access Method (MADAM) and DB2 software that manages SSA’s major Master Files, providing overall management to those files.
      2. Develops and maintains the Application Programming Interface (API) to the major Master Files.
      3. Performs database design, database administration, and technical support of the major Master Files, SSA’s enterprise databases and other enterprise persistent data stores using commercial and open source database management systems and other data storage and retrieval products.
      4. Serves as systems architects in the design, construction and implementation of enterprise database and enterprise persistent data infrastructures.
      5. Performs the backup and recovery of SSA’s enterprise databases, ensuring compliance with SSA’s Database Backup and Recovery Executive Assurance/Internal Control.
      6. Configures and provides ongoing operational support to ensure the high availability and disaster recovery of SSA’s enterprise database infrastructures.
      7. Implements, maintains and provides operational support for SSA’s enterprise data acquisition infrastructure.
      8. Provides direct support for the acquisition, validation and configuration of database management systems and database administration support software.
      9. Directs the design and development of new or modified software for accessing SSA databases and files used in information technology processes; and directs the selection and implementation of commercial packages for this purpose.
      10. Provides Procedural Database Administrator (DBA) support as experts in database and SQL tuning.
      11. Provides direction in the design, development and implementation of applications support software to the extent it facilitates interaction between databases and applications software.
      12. Directs the development of project plans reflecting the tasks, schedules and resource requirements necessary to implement database management and enterprise persistent data stores as designated by SSA’s software development standards and best practices.
      13. Conducts assessment activities to identify vulnerabilities with SSA’s enterprise data store infrastructures; and ensures that these infrastructures comply with appropriate secure configuration guidelines such as US Government Compliance Baselines (USGCB).
      14. Provides 24x7 365-day emergency on call support for SSA’s production enterprise databases.
    6. The Division of Enterprise Software Engineering Infrastructure (S4VC)
      1. Manages the multi-platform Enterprise Software Engineering Facility (ESEF) environment which includes Mainframe, Client Server/Web (Internet/Intranet) platforms, Server/Workstation and mobile computing configurations, transaction processing software configurations (e.g., CICS, WMQ), multi-platform source code management, WebSphere (z/OS and Solaris) to provide an integrated set of automated tools, techniques and services in support of SSA’s application development and validation community.
      2. Administers and maintains software engineering facilities which provide a wide range of hardware and software platforms for developers and validators of Client/Server and Web-based (Internet/Intranet) applications. For Windows-based systems, facilities include development and validation environments and a walk-in testing center, the Windows Development Facility (WDF). For UNIX, facilities include development and validation environments housed in the UNIX Testing Center (UTC). For both Windows and UNIX, provides tools environments including software development and validation tools. For mainframe systems (z/OS – CICS, Batch, WebSphere, WMQ), facilities include development and validation environments with required tools/services.
      3. Administers and maintains ESEF environment servers, workstations, and mobile devices for the software engineering components in Systems. This includes both hardware and software configurations used by application software engineers and their management. Provides centralized Site LAN Coordinator (SLC) services, training and governance to the ESEF SLC community. Coordinates the management of electronic mail for the Systems community.
      4. Manages the Help Desk Initiatives Support Services (HDISS) contract. The HDISS contract provides technical resources and support for SSA’s standard desktop and laptop software to all SSA employees and contractors through the SSA Technology Assistance Center (STAC); desktop support and network administration to the Office of the Commissioner and various other executive level offices; and technical assistance to the SSA developers in the design and development of applications using web-based software tools through Web Engineering Support Services.
      5. Provides technical guidance for developers of multi-platform programmatic and management information applications throughout each phase of the systems development lifecycle including design, development, validation, integration, production and maintenance and provides infrastructure support for development and validation.
      6. Provides automated software code management facilities including configuration management, quality control and library migration for all ESEF multi-platform software development and validation activities.
      7. Provides assistance to users of the ESEF environment by staffing a Help Desk that performs real time monitoring, automated call tracking, and technical assistance in the use of the ESEF software/hardware infrastructure. Disseminates technical information relative to the ESEF software/hardware infrastructure and chairs a quarterly ESEF User Group Meeting attended by software developers and validators.
      8. Serves as liaison between the ESEF user community and the staffs managing and operating the ESEF mainframe facilities to ensure that user needs are being met and that all operating system and vendor software is fully tested before implementation to avoid adverse impact on ESEF users.
      9. Conducts performance evaluation, monitoring and capacity planning for ESEF environment hardware and software to ensure that appropriate service levels are continuously maintained. Projects future capacity needs to meet software development goals and projects.
      10. Conducts testing and performance impact analysis of new or upgraded mainframe software engineering tools before they are installed in the ESEF environment to ensure optimum ESEF performance.
      11. Manages the ESEF multi-platform storage environment (tape, DASD on distributed platform and mainframe). Manages SAN storage and backup for UNIX and Windows.
      12. Coordinates and conducts multi-platform disaster recovery testing of the ESEF.
      13. Administers and maintains a multi-platform WebSphere infrastructure to support the development and validation stages of the lifecycle.
      14. Provides Windows development, validation, and tools environments to support a managed lifecycle for Windows-based software.
      15. Designs, develops, maintains and oversees automated software migration methods to ensure segregation of duties in the software development, validation, integration and production stages of the lifecycle, under the Federal Financial Management Improvement Act of 1996 (FFMIA).
      16. Installs, tests, implements and, sometimes procures, third party productivity tools to support the multi-platform development and validation stages of the software development lifecycle. Manages the maintenance of this software to ensure that it is up to date. Assists users to utilize the tools effectively.
      17. Administers and maintains an infrastructure for an External Testing Environment (ETE) for testing other agency and vendor applications that interact with production applications.
      18. Supports Proofs-of-Concepts (POCs).
    7. The Division of Testing Services (S4VH)
      1. Designs, develops, implements and maintains automated test methods, techniques and procedures, test files, test databases, and tester productivity tools used in the systems-level functional and user acceptance testing of SSA’s programmatic, administrative, and management information systems.
      2. Builds test systems that simulate the target production system within the parameters of SSA’s Enterprise Software Engineering Facility using in-house and commercially available software development tools and products.
      3. Executes and controls systems-level functional tests of programmatic, administrative, and management information systems; ensures that the correct software versions are under test; and provides appropriate test output for evaluation and systems acceptance and certification.
      4. Designs, develops, implements and maintains automated test case design tools for regression testing of mainframe and web-based (Intranet) applications.
      5. Develops and manages the environment in which functional testing occurs.
      6. Acts as the Business Owner of the Validation Planning System to support the mandatory requirement to create Validation Plans for SSA-developed software.
      7. Develops and maintains a Validation Database (VDB) and the Enterprise Test Data Management System (ETDMS) which provide a coordinated collection of data selected from production records, sanitized and used as test cases to fill specific testing requirements.
      8. Develops and maintains software that sanitizes incoming Federal Tax Information and Personally Identifiable Information (FTI/PII) stored in the ETDMS and VDB.
      9. Develops, executes and monitors software and processes to enable the coordinated backup, restore, conversion and accretion of Validation test data.
      10. Develops and maintains JUDGE (i.e., JAWS Using a Data Generated Environment), a utility that makes CICS screens compatible with the JAWS screen reader, used by the visually impaired staff. This provides an alternative to expensive screen redesign and application changes.
    8. The Division of Enterprise Software Architecture (S4VK)
      1. Serves as the agency focal point for technologies related to document imaging, electronic document management and records management.
      2. Manages the repositories responsible for housing unstructured data such as images, documents, digital recordings plus other types of multimedia.
      3. Provides the capability to view and/or manipulate documents housed in image repositories supported by SSA.
      4. Provides the capability to capture and index scanned or faxed documents for storage into an image repository.
      5. Directs the design and implementation of the architectures needed to efficiently manage and provide access to document images.
      6. Provides direction in the design, development and implementation of applications that support software to facilitate interaction between document imaging and applications software.
      7. Develops the infrastructure to support the architecture for management of the agency’s official electronic records.
      8. Designs and develops the software needed to place any official agency electronic record under the control of a records management system.
      9. Responsible for the strategic direction for OS Service-Oriented Architecture (SOA).
      10. Develops, communicates and executes SOA governance activities and standards.
      11. Responsible for coordination of activities necessary to support and integrate SOA activities throughout OS.
      12. Provides SOA-related consulting support to OS projects, offering practical assistance and guidance in applying SOA best practices, processes and utilizing SOA tools.
      13. Responsible for development of select enterprise services.
      14. Responsible for the implementation of enhancements to the SOA design.
      15. Responsible for the OS Framework.
      16. Responsible for the development activities for the User Experience Framework (UEF).
      17. Responsible for the development of Enterprise Services and Application Programming Interfaces using Mode-2/modern techniques.
      18. Responsible for evaluating, teaching and implementing modern software development technologies, architectures and practices within the Office of Systems.
      19. Promotes use of Modern Development Environment by mentoring existing and new software developers, implementing best practices and methodologies, and augmenting software development activities.
      20. Responsible for introducing new technology and practices to improve Systems’ overall ability to perform software engineering with the goal of reducing the overhead and bloat associated with releasing software.
      21. Responsible for providing enterprise-level guidance on modern Software Engineering Architectures to provide a best practices approach for developing software applications at SSA.

 

SSA ORGANIZATION MANUAL

Subchapter S4W

OFFICE OF BENEFIT INFORMATION SYSTEMS

  1. Mission

    The Office of Benefit Information Systems (OBIS) is responsible for programmatic and management information systems which support the Nation’s Retirement and Survivors Insurance (Title 2), Supplemental Security Income (Title 16) and Medicare (Title 18) initial claims, post-entitlement, payments, audit, integrity review, Treasury operations and notices. OBIS designs, develops, coordinates and implements new or redesigned software to meet SSA’s automation needs in the broad area of Title 2 and Title 16 programmatic processes for such areas as earnings, eligibility/entitlement, redeterminations, pay/computations and debt management/recovery. OBIS is also responsible for the design, development, implementation and maintenance of application software and services supporting the Medicare program (Title 18). OBIS evaluates the effect of proposed legislation, policies, regulations and management initiatives to determine the impact on the applications and services supported by the organization. OBIS collaborates with internal and external stakeholders across the business systems and contractor communities to deliver innovative information technology (IT). OBIS ensures compliance with applicable software development standards and actively strives to improve agility, working with the Chief Technology Officer and other stakeholders in adopting innovative technologies, methodologies and processes. OBIS supports the stakeholder community through effective communications, configuration control and release planning. The organization ensures timely notification of planned and unforeseen outages, responsiveness in restoring services and due diligence in addressing data anomalies in an automated fashion when practicable.
  2. Organization
    1. The Associate Commissioner for Benefit Information Systems (S4W)
    2. The Deputy Associate Commissioner for Benefit Information Systems (S4W)
    3. The Immediate Office of the Associate Commissioner for Benefit Information Systems (S4W)
    4. The Division of Infrastructure, Notices and Exchanges (S4WA)
    5. The Division of Payments, Debt Recovery and Rep-Payee Processing (S4WB)
    6. The Division of Claims, Medicare and External Customer Experiences (S4WC)
    7. The Division of Eligibility, Computations and Cyclicals (S4WE)
    8. The Division of Workload Management and Information Systems (S4WG)
    9. The Division of Solution Architecture (S4WH)
  3. Functions
    1. The Associate Commissioner for Benefit Information Systems (S4W) is directly responsible to the Deputy Commissioner for Systems (Software Engineering) for carrying out the OBIS mission and providing general supervision to the major components of OBIS.
    2. The Deputy Associate Commissioner for Benefit Information Systems (S4W) assists the Associate Commissioner in carrying out his/her responsibilities and performs other duties as the Associate Commissioner may prescribe.
    3. The Immediate Office of the Associate Commissioner for Benefit Information Systems (S4W) provides the Associate Commissioner and Deputy Associate Commissioner with administrative staff assistance, technology leadership, planning and customer relations support on the full range of their responsibilities.
    4. The Division of Infrastructure, Notices and Exchanges (S4WA)
      1. Responsible for design, development, testing, implementation and maintenance of software and services for Title 2 and Title 16 programs.
      2. Designs, develops, coordinates and implements new or redesigned software to meet SSA’s automated data processing needs in the broad area of specialized support for Notices.
      3. Provides support for notice language development and maintenance, notice generation and formatting, manual notice processing and notice storage and retrieval.
      4. Supports the Title 2 and Title 16 business processes by facilitating the collection as well as standardization of input data, accurate association and processing of the data with Title 2 and Title16 beneficiaries, statistical analysis, accountability, interface and exchange with SSA programmatic systems and outside agencies and Field/PSC access to Title 2 and Title 16 data via Query and Local Programming support as well as the maintenance and proper disposition of mission critical Title 2 and Title 16 processing data.
      5. Coordinates release software migration through the development testing, validation, training and integration environments and supports post-implementation review with Systems partners.
      6. With the use of existing software engineering testing practices, provides automated testing support and plans/conducts unit tests of newly-developed systems and modifications to existing systems against user-defined requirements and performance criteria.
    5. The Division of Payments, Debt Recovery and Rep-Payee Processing (S4WB)
      1. Designs, develops, coordinates, maintains and implements new or revised software to meet SSA’s automated data processing needs in the area of data gathering, database establishment and maintenance for programmatic initial claims and post-entitlement actions.
      2. Designs, develops, implements and maintains software to edit transactions, produce payment information and benefit statements, assign Rep Payees and provide Treasury data.
      3. Designs, develops and implements new or revised software to control and prioritize transactions for the nightly update operation.
      4. Designs, develops, and implements new or redesigned software required to support Title 2 and Title 16 record updates for Payments and Accounting, Post-Payment activities, Debt Management and Rep-Payee processing.
      5. Facilitates the electronic receipt and processing of individual auto-enrollments and mass direct deposit changes from the Department of Treasury on behalf of financial institutions.
      6. Performs user needs analysis and develops detailed functional requirements for SSA’s Title 2 mainframe systems. Participates in liaison activities with other SSA components and Federal agencies to determine feasibility of solutions and determine development and implementation activities.
    6. The Division of Claims, Medicare and External Customer Experiences (S4WC)
      1. Designs, develops, tests, coordinates, maintains and implements software and services for Title 2 (RSI) initial claims and post-entitlement and Title 18 (Medicare) systems processing including the broad areas of specialized support for data collection/intake, claims processing (including manual processing of exceptions) and software to facilitate entitlement to Title 2 and Medicare benefits. This further includes events related to the Income Related Monthly Adjusted Amounts (IRMAA) and supporting data exchanges.
      2. Plans and conducts unit tests of newly developed Title 2 and Title18 systems software and modifications to existing systems software against user-defined requirements and performance criteria.
      3. Participates in the development, maintenance and coordination of the overall approved SSA plans for fulfilling short-term and long-range programmatic system development (Information Technology Investment Process (ITIP) Plans) as they relate to Title 2 initial claims and post-entitlement, Title 18 (Medicare) and benefit related internet government-to-citizen systems. This includes determining, classifying and ranking systems needs of all SSA components, and recommending final priorities for approval.
      4. Collaborates with the IT Business Support staff to evaluate legislative proposals, regulations, and policy changes affecting the Title 2 initial claims and post-entitlement, Title 18 Medicare and benefit related eServices systems.
      5. Designs, develops and maintains software to deliver eGovernment services to SSA's customers in accordance with the Agency's Strategic Plan (ASP).
      6. Serves as liaison with Federal and State IT partners (e.g., Centers for Medicare and Medicaid Services, Railroad Retirement Board, Veterans Administration, etc.) to plan the development, data exchanges and software necessary to implement programmatic changes.
    7. The Division of Eligibility, Computations and Cyclicals (S4WE)
      1. Designs, develops, coordinates and implements new or redesigned software to meet SSA's automated data processing needs in the broad area of Title 2 (Retirement and Survivors) programmatic processes for such areas as earnings eligibility/entitlement and pay/computations.
      2. Provides the software to process the annual Cost of Living Adjustment for Title 2 and Title 16 benefit recipients, the automated earnings reappraisal operations (AERO) and the earnings enforcement operations (EEO).
      3. Performs programmatic support for automated data processing services for Title 2 initial claims and post-entitlement systems. Prepares and performs service impact assessments and software development plans for Title 2 post-entitlement systems.
      4. Provides support for the process that identifies and effectuates the changes to the Primary Insurance Amount.
      5. Provides programmatic support for Web-based applications that support Title 16 initial claim, post-entitlement activity, payment computation, access to financial institutions, and Title 16 data access services.
    8. The Division of Workload Management and Information Systems (S4WG)
      1. Responsible for design, development, testing, implementation and maintenance software and services for Title 2 and Title 16 programs.
      2. Responsible for design, development, testing, implementation and maintenance in conformance with SSA’s software engineering environment for Title 16 and Title 8 Special Veterans Benefits (SVB) Management Information Systems, Business Intelligence and processes including income payment, internal and external interfaces, due process, queries, folder control and redetermination operations. This includes updates to and selections from the Supplemental Security Income Record (SSR).
      3. Participates in the development, maintenance and coordination of the overall approved SSA plans for fulfilling short-term and long-range programmatic system development (Information Technology Investment Process (ITIP)) as they relate to Title 2 and Title 16 initial claims, post-entitlement, Business Intelligence, Management Information systems, and Title 2 and Title 16 programmatic initiatives for Initial Claims and Post-entitlement updates.
      4. Designs, develops, coordinates and implements new or redesigned software to meet SSA’s automated data processing needs in the broad areas of specialized support for Title 2 and Title 16 Management Information systems. This includes development and maintenance of workload control listings, reports, and queries for both initial claims and post-entitlement, the capturing and distribution of work measurement and processing time information, and the integrity of the Title 2 and Title 16 Management Information data.
      5. Provides support for Field/PSC Workload Management and Control.
      6. Designs, develops, coordinates and implements new or redesigned software to meet SSA’s automated data processing needs in the area of various data exchanges and external interfaces with partner agencies.
    9. The Division of Solution Architecture (S4WH)
      1. Serves as the focal point for the development of strategic plans for legacy software modernization.
      2. Reviews, consults and directs legacy software modernization initiatives.
      3. Serves as the OBIS focal point for technology innovation.
      4. Serves as liaison with the Chief Technology Officer and other Systems stakeholders on matters concerning technology research, evaluation and deployment.
      5. Works with the OBIS Senior Solution Architects, serving as the focal point for determining design strategies appropriate to approved initiatives, driving innovation and a long-term software engineering vision.
      6. Assists and consults OBIS projects by being a fungible resource to priority projects, fulfilling project roles such as architect, technical lead or developer.
      7. Designs, develops, tests, and implements application software and services using Mode 2 methodologies/development environments such as: Agile, Modern Development Environment, open source and cloud technologies in support of Title 2, Title 16 and Title 18.
      8. Leads efforts to promulgate both an understanding and the use of Mode 2 practices throughout OBIS.

 

SSA ORGANIZATION MANUAL

Subchapter S4X

OFFICE OF DISABILITY INFORMATION SYSTEMS

  1. Mission

    The Office of Disability Information Systems (ODIS) is responsible for the design, development, PROD Support, and maintenance of information technology requirements to meet SSA’s Disability Program needs including the electronic Disability process, the hearings/appeals process, and post-entitlement activities associated with the Disability Program. ODIS directs, develops, coordinates and implements new or redesigned software to meet SSA’s automation needs for such areas as Electronic Disability Collection System, ODAR Case Processing and Management System, Continuing Disability Reviews, Integrated Disability Management System, National and State Disability Determination Services, electronic forms, Health Information Technology (HIT) and Electronic Claims Analysis. ODIS is responsible for the design and development phases in the systems development lifecycle. These responsibilities include determining automated solutions for user needs, analyzing existing computer applications, preparing recommendations (including costs and benefits of alternatives), software design and development, testing systems, and implementing security standards. ODIS is responsible for long-range planning and analyses to define new and improved systems processes in support of agency needs and maintains a comprehensive, updated and integrated set of software programs. ODIS implements systems required by new legislation, regulations and SSA policy directives.
  2. Organization
    1. The Associate Commissioner for Disability Information Systems (S4X)
    2. The Deputy Associate Commissioner for Disability Information Systems (S4X)
    3. The Immediate Office of the Associate Commissioner for Disability Information Systems (S4X)
      1. Budget and Administrative Staff (S4X-1)
      2. Project and Contract Support Staff (S4X-3)
    4. The Division of Disability Intake and Interface Systems (S4XA)
    5. The Division of Disability Health Information, Modernization and Assurance (S4XC)
    6. The Division of Disability Appeals Processing and Notices (S4XE)
    7. The Division of Case and Management Information Processing (S4XG)
    8. The Division of Disability Management Information and Services (S4XH)
  3. Functions
    1. The Associate Commissioner for Disability Information Systems (ODIS) (S4X) is directly responsible to the Assistant Deputy Commissioner for Systems (Software Engineering) for carrying out the ODIS mission and providing general supervision to the major components of ODIS.
    2. The Deputy Associate Commissioner for Disability Information Systems (S4X) assists the Associate Commissioner in carrying out his/her responsibilities and performs other duties as the Associate Commissioner may prescribe.
    3. The Immediate Office of the Associate Commissioner for Disability Information Systems (S4X) provides the Associate Commissioner and Deputy Associate Commissioner with administrative staff assistance, planning and customer relations support on the full range of their responsibilities, oversight of the Information Technology (IT) budget and management of Federal IT contracts that support the State Disability Determination Services.
      1. Budget and Administrative Staff (S4X-1) directs the planning, development and execution of the administrative (non-ITS) budget for the Office of Disability Information Systems; and provides support on various administrative management matters such as personnel management, space and facilities management, safety management, procurement, travel, training, printing, awards and website support for the Office of Disability Information Systems.
      2. Project and Contract Support Staff (S4X-3) provides IT Planning and customer support across ODIS. PCSS coordinates ODIS input to agency and DCS planning processes; develops plans and provides reports related to ODIS portfolios, programs, and projects; and communicates standards, procedures, and management directives related to Systems project management to ODIS Project Managers.

        PCSS is also responsible for coordinating with DCS, where appropriate, for the acquisition and management of major Information Technology (IT) contracts for hardware, software and contractor consulting services that directly support the State Disability Determinations Services. Directs the planning, development and execution of the IT budget for ODIS and is responsible for the technical and business review of all IT acquisitions requiring approval of the Associate Commissioner for ODIS.

        Also, PCSS is responsible for LAN Support; hardware and software issues including laptop replacement, printers, blackberry and other IT equipment; provides crash sites, lab sites, ODIS Conference Room PC set ups, including audio and visual equipment, and projectors; and assists with testing and implementation for new projects related to LAN support for developers and conducts ODIS-Wide Hardware and Operating System Rollouts.
    4. The Division of Disability Intake and Interface Systems (S4XA)
      1. Plans, analyzes, designs, develops, unit tests and implements new or redesigned software to meet SSA Disability Program needs. Also, evaluates programmatic information and data requirements, writes functional specifications, procedures, instructions and standards (including security and fraud detection) for the Disability Program.
      2. With the technical assistance of other Office of Systems components, plans and conducts unit tests of newly-developed systems and modifications to existing systems against user-defined requirements and performance criteria. Certifies that the changes are in conformance with functional specifications and with agency regulations, policies, and procedures.
      3. Participates in the development, maintenance and coordination of the overall approved SSA plans for fulfilling short-term and long-range programmatic system development as they relate to Disability.
      4. Develops and maintains a comprehensive, updated and integrated set of system documentation, source code for programmatic software and requirements specifications of systems changes against user requirements and performance criteria.
      5. Resolves systems discrepancies and performance issues for all SSA and DDS offices, Federal and State. The State DDS systems interface with SSA central systems. The division is responsible for unit testing of applications software that exchanges the required Disability data between the offices involved.
      6. Builds software in accordance with agency and Federal standards including CMM and Section 508 compliancy.
      7. Plans and creates integrated, automated functional validation test scripts for new Disability systems as well as modifications to existing systems against user-defined requirements and performance criteria.
      8. Certifies system changes are in conformance with functional specifications and agency regulations, policies, and procedures.
    5. The Division of Disability Health Information, Modernization and Assurance (S4XC)
      1. Plans, analyzes, designs, develops, implements and evaluates programmatic systems data requirements, functional specifications, procedures, instructions and standards (including security and fraud detection) in conformance with SSA’s software engineering environment for Health IT (HIT), Disability Quality Reviews (DQR), Electronic Quality Assurance (eQA), Electronic Case Analysis (eCAT), and the Modernized Integrated Disability Adjudicative System (MIDAS).
      2. Plans and conducts unit tests of newly-developed systems and modifications to existing systems against user-defined requirements and performance criteria. This relies on user-defined requirements conforming with agency regulations, policies, and procedures.
      3. Develops and maintains a comprehensive, updated and integrated set of system documentation and source code for programmatic software.
      4. Performs development, maintenance and coordination of the overall approved SSA plans for fulfilling short-term and long-range programmatic system development as they relate to Health IT, electronic case analysis, quality assurance and sampling.
      5. Evaluates legislative proposals, regulations and policy changes affecting Disability. Reports on the impact to those processes as well as on the short- and long-range plans.
      6. Resolves systems discrepancies and performance issues for all users of the supported Disability systems.
      7. Plans, creates and conducts integrated, end-to-end, regression and system-wide automated and manual testing for new Disability systems as well as modifications to existing systems against user-defined requirements and performance criteria.
      8. Certifies system changes are in conformance with functional specifications and agency regulations, policies, and procedures.
    6. The Division of Disability Appeals Processing and Notices (S4XE)
      1. Plans, analyzes, designs, develops, unit tests, implements and evaluates programmatic data requirements, functional specifications, procedures, instructions and standards (including security and fraud detection) in conformance with SSA’s software engineering environment for Hearings, Appeals, Litigation, and Disability.
      2. Plans and conducts unit testing of newly-developed systems and modifications to existing systems against user-defined requirements and performance criteria.
      3. Participates in the development, maintenance and coordination of the overall approved SSA plans for fulfilling short-term and long-range programmatic system development as they relate to Hearings, Appeals, Litigation, and Disability. This includes determining, classifying and ranking systems needs of all SSA components, and recommending final priorities for approval.
      4. Evaluates legislative proposals, regulations and policy changes affecting Hearings, Appeals, Litigation, and Disability software. Reports on the impact to those processes as well as on the short- and long-range plans.
      5. Works with representatives of other Office of Systems components to resolve system discrepancies and errors reported by users related to existing Hearings, Appeals, Litigation and Disability processes.
      6. Plans and creates integrated, automated functional validation test scripts for new Disability systems as well as modifications to existing systems against user-defined requirements and performance criteria.
      7. Certifies system changes are in conformance with functional specifications and agency regulations, policies, and procedures.
    7. The Division of Case and Management Information Processing (S4XG)
      1. Evaluates infrastructure and programmatic data requirements to develop and execute validation and master test plans in support of the Disability Case Processing System (DCPS).
      2. Plans and conducts integrated, end-to-end, regression and system-wide automated and manual functional validation tests for new Disability systems as well as modifications to existing systems against user-defined requirements and performance criteria.
      3. Certifies system changes are in conformance with functional specifications and agency regulations, policies, and procedures.
      4. Plans, analyzes, designs, develops, implements and evaluates programmatic data requirements, functional specifications, procedures, instructions and standards (including security and fraud detection) in conformance with SSA’s software engineering environment.
      5. Plans and conducts unit tests of newly-developed systems and modifications to existing systems against user-defined requirements and performance criteria for DCPS. This relies on user-defined requirements conforming with agency regulations, policies, and procedures.
      6. Develops and maintains a comprehensive, updated and integrated set of system documentation, source code for programmatic software and requirements specifications.
      7. Plans, analyzes, designs, implements and evaluates programmatic information and data requirements, functional specifications, procedures, instructions and standards (including security and fraud detection) in conformance with SSA’s DCPS engineering environment.
      8. Plans, analyzes, designs, and implements new or redesigned software to meet DCPS needs. Also, evaluates programmatic information and data requirements, writes functional specifications, procedures, instructions and standards (including security and fraud detection) for the Disability program, including service to the Disability case processing sites.
      9. Plans and conducts unit testing of newly-developed systems and modifications to existing systems against user-defined requirements and performance criteria for DCPS.
      10. Participates in the development, maintenance and coordination of the overall approved SSA plans for fulfilling short-term and long-range programmatic system development as they relate to Disability Program case processing. This includes determining, classifying and ranking systems needs of SSA components and recommending final priorities for approval.
      11. Supports individual State Disability Determination Service Disability case processing offices by developing user test plans and providing direct assistance during the testing and production phases for DCPS. Also, evaluates DDS site development requests with the objective of integrating site efforts into overall SSA automation plans.
      12. Evaluates legislative proposals, regulations and policy changes affecting Disability software. Reports on the impact to those processes as well as on the short- and long-range plans.
      13. Works with representatives of other Office of Systems components to resolve system discrepancies and errors reported by users related to existing Hearings, Appeals, Litigation and Disability processes.
      14. Evaluates infrastructure and programmatic data requirements to develop and execute validation and master test plans in support of the Disability Program.
      15. Plans and conducts integrated, end-to-end, regression and system-wide automated and manual functional validation tests for new Disability systems as well as modifications to existing systems against user-defined requirements and performance criteria.
      16. Certifies system changes are in conformance with functional specifications and agency regulations, policies, and procedures.
    8. The Division of Disability Management Information and Services (S4XH)
      1. Plans, analyzes, designs, develops, unit tests, implements and evaluates programmatic data requirements, functional specifications, procedures, instructions and standards (including security and fraud detection) in conformance with SSA’s software engineering environment for Disability and Appeals Business Intelligence and Continuing Disability Review systems.
      2. Plans and conducts unit testing of newly-developed systems and modifications to existing systems against user-defined requirements and performance criteria.
      3. Produces automated solutions that provide Business Intelligence supporting the agency’s Disability Insurance Program. Designs, develops and maintains computer systems that collect, process and distribute Disability Business Intelligence.
      4. Performs programmatic support for automated data processing services for Continuing Disability Review.
      5. Participates in the development, maintenance and coordination of the overall approved SSA plans for fulfilling short-term and long-range programmatic system development as they relate to Disability and Appeals Business Intelligence and Continuing Disability Review. This includes determining, classifying and ranking systems needs of all SSA components, and recommending final priorities for approval.
      6. Develops and maintains a comprehensive, updated and integrated set of system documentation and requirements specifications of systems changes against user requirements and performance criteria and certifies that changes are in conformance with specifications for assigned areas of responsibility.
      7. Evaluates legislative proposals, regulations and policy changes affecting Disability and Appeals Business Intelligence and Continuing Disability Review software. Reports on the impact to those processes as well as on the short- and long-range plans.
      8. Works with representatives of other Office of Systems components to resolve system discrepancies and errors reported by users related to the existing Hearings, Appeals, Litigation and Disability processes.
      9. Certifies system changes are in conformance with functional specifications and agency regulations, policies, and procedures.

 

SSA ORGANIZATION MANUAL

Chapter S42

OFFICE OF IT PROGRAMMATIC BUSINESS SUPPORT

  1. Mission

    The Office of IT Programmatic Business Support (OITPBS) is a customer-focused, service-oriented organization within the Office of Systems. OITPBS collaborates with business stakeholders to identify and understand business cases/needs and define system requirements. This office collaborates with agency business components and software engineering components within the Office of Systems to support the practical resolution of business needs through technology in a teamwork environment. OITPBS is primarily responsible for product/project management, documentation of business needs and development of systems requirements for SSA entitlement applications.

    The major areas of concentration for OITPBS are: business intelligence and analytics; data exchange with other entities and government organizations; disability analysis and case processing and documentation; data collection and support; debt management; representative payee systems; quality assurance; and programmatic support for Title II, Title XVI and Medicare.

    OITPBS ensures all of its processes maintain the highest standards of data integrity through accurate and efficient processing of taxpayer and beneficiary records in support of the Title II and Title XVI programs. OITPBS also manages supporting activities such as business intelligence and workload management systems. The office provides big data analytics to assist SSA in making business decisions by enabling users to analyze huge volumes of transaction data and other untapped data sources.

    OITPBS collaborates with the business community to evaluate the effect of proposed legislation, policies, regulations and management initiatives to determine the impact on these systems and develops requirements and procedures as they relate to legislation, regulations and SSA policy directives. OITPBS directs the coordination of user requirements with SSA central and regional operations to ensure it accurately captures and defines user needs.

    OITPBS works diligently to thoroughly validate software applications, supports and coordinates user acceptance testing activities, and conducts post-implementation reviews of new systems. Validation efforts include exercising manual scripts, running automated tests and coordinating user validation. The office validates software to assure that it meets user requirements and conducts post-implementation reviews of new systems.
  2. Organization
    1. The Associate Commissioner for IT Programmatic Business Support (S42)
    2. The Deputy Associate Commissioner for IT Programmatic Business Support (S42)
    3. The Immediate Office of the Associate Commissioner for IT Programmatic Business Support (S42)
    4. The Division of Business Intelligence, Analytics and Exchange (S42A)
    5. The Division of Title II and Medicare Analysis (S42B)
    6. The Division of Disability Analysis, Case Processing and Documentation (S42C)
    7. The Division of Disability Data Collection and Support (S42E)
    8. The Division of SSI, Debt Management, Rep Payee and Quality (S42G)
    9. The Division of Program and Project Management (S42H)
  3. Functions
    1. The Associate Commissioner for IT Programmatic Business Support (S42) is directly responsible to the Assistant Deputy Commissioner for Systems (Business Support) for carrying out the OITPBS mission and providing general supervision to the major components of OITPBS.
    2. The Deputy Associate Commissioner for IT Programmatic Business Support (S42) assists the Associate Commissioner in carrying out his/her responsibilities and performs other duties as the Associate Commissioner may prescribe.
    3. The Immediate Office of the Associate Commissioner for IT Programmatic Business Support (S42) provides the Associate Commissioner and Deputy Associate Commissioner with management support on the full range of their responsibilities including personnel management, financial/budget management, Continuity of Operations Planning, IT planning, project planning, administrative management, senior technical support, etc.
    4. The Division of Business Intelligence, Analytics and Exchange (S42A)
      1. Manages, analyzes, elicits and captures requirements and validates and responds to information requests/controls related to the applications and processes associated with:
        1. Business Intelligence (BI)
        2. Data Analytics
        3. Verification and Data Exchanges
        4. Earnings
        5. Enumeration
        6. Death
        7. Title II Initial Claims, Post-Entitlement, and Medicare
        8. Disability and Appeals and Disability and Measurement
      2. Responds to Business Intelligence (BI), data analytics, and management information (MI) requests (using data from SSA Master Files and Enterprise data sources) at the Executive, Congressional, Programmatic and Administrative levels.
      3. Administers new and ongoing Social Security Number (SSN) verification and data exchange requests from private organizations, employers, prisons, and law enforcement agencies, as well as State, Federal and international agencies for:
        1. SSN
        2. Name
        3. Date of Birth
        4. Death
        5. Citizenship
        6. Income
        7. Resource
        8. Beneficiary
        9. Incarceration
      4. Provides Business Intelligence (BI) solutions to facilitate data-driven decisions through advanced data analytics.
      5. Provides Management Information (MI) solutions, data capture and reporting across SSA business lines.
    5. The Division of Title II and Medicare Analysis (S42B)
      1. Serves as User Liaisons for Retirement, Survivors and Medicare workloads such as Title II Payments and Accounting, Medicare eligibility, entitlement and premium collection, initial claims and post-entitlement processing, and management of the appointed representative services.
      2. Provides analytical support for critical SSA processes such as the delivery of monthly Title II benefit payments, Automatic Earnings Reappraisal Operation (AERO), Benefit Rate Increase (BRI), and the generation of SSA-1099/1042 Benefit Statements.
      3. Leads and participates in Planning and Analysis elicitation sessions, documents user and detailed functional systems requirements, develops validation test plans, scenarios and scripts and performs comprehensive validation in support of the Title II and Medicare processes.
      4. Networks with several SSA partners including the Centers for Medicare/Medicaid Services, Office of Treasury, Railroad Retirement Board and Internal Revenue Service to plan the implementation of changes impacting each agency.
    6. The Division of Disability Analysis, Case Processing and Documentation (S42C)
      1. Collaborates with the business community to develop information requirements and procedures and serves as the liaison for Disability-related workloads related to legal case processing, appeals processing, legal automated workflow and the national docketing and management information system. Works with users on other projects related to Electronic Bench Book, Digital Recording Acquisition and Electronic Claims Analysis Tool, among others.
      2. Leads and participates in Planning and Analysis, documents user requirements and systems specifications, develops and maintains a comprehensive set of validation test scenarios that cover system changes against user-defined requirements.
      3. Uses manual and automated test scripts for validation, coordinates across components and, with development teams, manages/incorporates Information Technology Support Services Contract (ITSSC) contractors.
    7. The Division of Disability Data Collection and Support (S42E)
      1. Collaborates with the business community to develop information requirements and procedures and serves as the liaison for Disability-related workloads relating to the following projects: Electronic Disability Claim System (EDCS), eVIEW, EFI, UniForms, eForms, National Disability and Determination Services System (NDDSS), eWork, Compassionate Allowances (CAL)/Quick Disability Determinations (QDD), Predictive Model, Medical Evidence Gathering and Analysis through Health Information Technology (MegaHIT), Disability Control File, iTOPPS, VRRMS and BOND.
      2. Develops workyear estimates for government staff and contractors assigned to DDCS projects, leads and participates in Planning and Analysis, documents user requirements and systems specifications, and plans/executes and facilitates user validation.
      3. Uses manual and automated test scripts for validation, coordinates across components and, with development teams, manages/incorporates ITSSC contractors.
      4. Supports Disability Determination Services users for acceptance testing and implementation activities for legacy systems and the Disability Claims Processing System.
      5. Provides State Account Managers (SAMs), who serve as single points of contact, to liaison between the disability communities, the legacy system vendors and headquarters components in resolving systems-related issues. Creates test cases for disability user testing, and serves as project leads for the New York and Nebraska legacy systems and Health Information Technology (HIT). Provides support in capturing requirements for Natural Language Processing requirements.
      6. Supports the HIT Program Office, serves as the focal point, and leads the initiative to enable the electronic exchange of health information to improve the disability determination process. Holds discussions with counterparts at other Federal agencies including Health and Human Services, Office of Management and Budget, Veterans Affairs and Department of Defense, as well as private sector healthcare organizations and provides oversight and governance, which involves various SSA components such as Systems, Operations, Policy, OGC and Communications.
    8. The Division of SSI, Debt Management, Rep Payee and Quality (S42G)
      1. Plans, analyzes, elicits and documents user requirements and functional specifications, develops software procedures, validates, and provides ongoing production support for the applications and processes associated with:
        1. Title XVI (SSI)
        2. Title VIII Special Veterans Benefits (SVB)
        3. Title II and Title XVI Debt Management
        4. Representative Payee
        5. Title XVI, Title II and Disability Quality Assurance Processes
      2. Serves as customer liaison for SSI, SVB, Debt Management, Representative Payee and Quality Assurance systems and workloads.
      3. Evaluates and determines impact of legislative proposals, regulations, and policy changes affecting SSI, SVB, Debt Management, Representative Payee and Quality Assurance processes.
      4. Responds and provides Business Intelligence information to satisfy a variety of requests and customers for SSI and Representative Payee.
      5. Provides validation coordination across components and facilitates the development and execution of automated test scripts for SSI applications.
    9. The Division of Program and Project Management (S42H)
      1. Project Managers serve as the central point of contact for stakeholders as well as other Systems components.
      2. Provides project management leadership for OITPBS projects. Coordinates project efforts with OITPBS Divisions, OITEBS, OSE, OIS and OSO/OHE; leads analysts, developers and testers through the System Development Lifecycle (SDLC).
      3. Provides program management (OMB 300) oversight. Coordinates OITPBS Planning activities, support for project managers with the Investment Management Tool (IMT), estimating and other Customer Relationship Representative (CRR) functions.
      4. Serves as the Contracting Officer Technical Representative (COTR) for OITPBS; coordinates the Contracting Officer Representative (COR) and Task Management activities for the organization.
      5. Provides audit management.
      6. Provides Software Process Improvement (SPI) services for OITPBS.

 

SSA ORGANIZATION MANUAL

Chapter S43

OFFICE OF IT ENTERPRISE BUSINESS SUPPORT

  1. Mission

    The Office of IT Enterprise Business Support (OITEBS) is a customer-focused, service-oriented organization within the Office of Systems. OITEBS collaborates with business stakeholders to identify and understand business cases/needs and define system requirements. This office collaborates with agency business components and software engineering components within the Office of Systems to support the practical resolution of business needs through technology in a teamwork environment. The office is primarily responsible for product/project management, documentation of business needs and development of systems requirements for SSA enterprise software and cross-cutting applications that support the agency’s core mission workloads.

    The major areas of concentration for OITEBS are: Enumeration and Earnings; Messaging and Communications; Online Customer Service; Administrative Systems; Online Validation and Testing; User Experience, Accessibility, Anti-Fraud, Integrity Review and Program and Project Management.

    OITEBS ensures that all of its processes maintain the highest standards of data integrity, accurate and efficient processing of taxpayer and beneficiary records, responsiveness to users with disabilities (Section 508), and the public in general. The office evaluates the effect of proposed legislation, policies, regulations and management initiatives to determine the impact on these systems.

    OITEBS collaborates with the business community to develop information requirements and procedures as they relate to legislation, regulations and SSA policy directives. The office directs the coordination of user requirements with SSA central and regional operations to ensure that it accurately captures and defines user needs. OITEBS leads the design and testing of user interface standards and delivers technical documentation of the agency’s modernized systems online screens. The office enhances the end-user experience of SSA’s systems by applying proven user-centered design methods. OITEBS works diligently to thoroughly validate the software applications, supports and coordinates user acceptance testing activities, and conducts post-implementation reviews of new systems. Validation efforts include exercising manual scripts, running automated tests, and coordinating user validation. The office validates software to assure that it meets user requirements and conducts post-implementation reviews of new systems.

    OITEBS collaborates with the Office of Information Security (OIS) and other components to identify possible fraud scenarios and develop the requirements and software needed to track online transactions by employees and/or the public to detect, as well as prevent, the fraud, waste and abuse of SSA programs to ensure the integrity of our systems.
  2. Organization
    1. The Associate Commissioner for IT Enterprise Business Support (S43)
    2. The Deputy Associate Commissioner for IT Enterprise Business Support (S43)
    3. The Immediate Office of the Associate Commissioner for IT Enterprise Business Support (S43)
    4. The Division of Enumeration, Earnings and Death (S43A)
    5. The Division of Messaging and Communication (S43B)
    6. The Division of Customer Services and Administrative Systems (S43C)
    7. The Division of Online Validation Services (S43E)
    8. The Division of User Experience, Accessibility and Anti-Fraud (S43G)
    9. The Division of Program and Project Management (S43H)
  3. Functions
    1. The Associate Commissioner for IT Enterprise Business Support (S43) is directly responsible to the Assistant Deputy Commissioner for Systems (Business Support) for carrying out the OITEBS mission and providing general supervision to the major components of OITEBS.
    2. The Deputy Associate Commissioner for IT Enterprise Business Support (S43) assists the Associate Commissioner in carrying out his/her responsibilities and performs other duties as the Associate Commissioner may prescribe.
    3. The Immediate Office of the Associate Commissioner for IT Enterprise Business Support (S43) provides the Associate Commissioner and Deputy Associate Commissioner with management support on the full range of their responsibilities including program, product and project management, investment management, personnel management, recruitment, financial/budget management, planning, administrative, Continuity of Operations Planning, senior technical support, etc.
    4. The Division of Enumeration, Earnings and Death (S43A)
      1. Analyzes user requests, develops requirements, validates and responds to information requests/controls for earnings projects.
      2. Defines user needs and requirements for automated data processing services pertaining to annual employer wage reporting.
      3. Evaluates legislative proposals, regulations, and policy changes and reports on the impact to existing processes and systems and, if applicable, evaluates the need to develop new software.
      4. Analyzes user requests and develops requirements for new software or enhancements to existing software.
      5. Defines SSA-approved user needs and requirements for automated data processing services pertaining to enumeration.
    5. The Division of Messaging and Communication (S43B)
      1. Develops notices relating to a beneficiary’s eligibility and entitlement to benefits under Title II (Disability Insurance Program) and Title XVI (Supplemental Security Income) of the Social Security Act. Supports agency notice initiatives including Special Notice Option (SNO) and the Document Processing System (DPS).
      2. Determines the automation solutions for user needs; develops software requirements; conducts post-implementation reviews; and maintains a comprehensive, updated and integrated set of systems requirements, user procedures, and instructions.
      3. Evaluates legislative proposals, regulations and policy changes to Title II and Title XVI processes as changes relate to communications; reports on the impact to Title II and Title XVI processes, as well as on short- and long-range plans.
      4. Intercedes on behalf of the users with other Office of Systems components to resolve Title II, Title XVI, and Title XVIII system discrepancies related to notice processes.
      5. Coordinates with our business partners in SSA central and field offices and with other Federal and State agencies to ensure the efficiency and effectiveness of program information needs and overall systems support.
      6. Supports the Customer Help and Information Program (CHIP), an intranet application used by the National 800# to respond to inquiries by the public. Supports the Visitor Intake Program (VIPr) and 800# system, also related to public inquiries and intake in teleservice centers and field offices respectively.
      7. Supports the Employer Customer Help and Information Program (ER-CHIP) which provides quick access to SSA records, facts, policies, procedures and reference material in response to telephone inquiries from employers and their representatives and from the business community on earnings correction issues.
      8. Analyzes and supports document imaging, electronic document management and electronic document workflow technologies related to document imaging, electronic document management and electronic workflow processes that enable SSA to operate without relying on information stored in paper files.
      9. Provides long-range planning and analyses to define new improved processes that meet the requirements of pending legislation, policies and regulations.
      10. Supports analytical, business design, requirements and validation for viewing and/or manipulating documents housed in image repositories as well as the capture and indexing of scanned or faxed documents for storage into an image repository.
      11. Directs the design and implementation of an architecture that will sufficiently meet NARA guidelines for proper management of the agency’s official electronic records.
      12. Supports all Paperless applications that provide an electronic means of viewing, tracking, routing (workflow) and transferring action-related documents throughout the enterprise.
    6. The Division of Customer Services and Administrative Systems (S43C)
      1. Elicits user and business requirements and provides analysis for Online and Administrative applications and interfaces.
      2. Documents the functional requirements for Online and Administrative applications and interfaces.
      3. Provides analysis support to various enterprise-wide Electronic Service Delivery Applications including Internet, Intranet, Telephone and Web Services as well as Administrative Applications including Financial, Human Resources, Travel, Labor Relations, Union, Time and Attendance and Facility Management systems.
      4. Performs project management, testing, and validation functions for the various Administrative applications (Resource and Asset Management Branch only).
    7. The Division of Online Validation Services (S43E)
      1. Performs testing and validation activities for new development of DCS Internet, Intranet, mobile, telephone, and Web Service applications to ensure correct functionality and conformance to requirements as well as maintenance activities including database conversions; architecture component changes; emergency releases; regression tests for upgrades; and OMB re-certifications.
      2. Analyzes applications to determine the appropriate level of testing effort and test classes/types to apply to an application during the Validation effort based on a risk-based evaluation.
      3. Develops and maintains the standard test methodology for validation efforts. This fully documented methodology is composed of three distinct phases: Pre-Validation, Validation and Post-Validation activities.
      4. Develops and maintains test artifacts for all validation activities including writing test scripts, loading and linking requirements to test cases, documenting test execution status and recording and tracking defects through the entire process. These artifacts are stored and maintained in the Application Lifecycle Management (ALM) tool that helps to provide a project status.
      5. Identifies, develops and maintains test tools and techniques that are applied to Applications Under Test (AUT) or used as labor-saving devices throughout the Validation phase. Some examples include the Selenium Plus automation testing framework used for automated testing where appropriate, database manipulation tools and a variety of testing utilities that save testers time and effort while managing the Validation process.
      6. Maintains testing tools and environments to ensure everything is in place for complete Validation. The division coordinates with other components to ensure that the Validation region is ready for testing and the eServices Lab is available and stocked with systems that have the appropriate combinations of operating systems, browsers and mobile devices for testing.
      7. Coordinates User Acceptance Testing (UAT) activities including ensuring application readiness, test data gathering, and management of the defect process so that OEST can complete the appropriate level of testing.
      8. Provides other components with scenarios and data needed to conduct testing activities.
      9. Gathers test data, including identifying and pulling the appropriate data from production, cloning, editing and copying this data to the appropriate region for testing.
      10. Conducts research and development activities to stay at the forefront of testing methodologies, tools and techniques. This includes leading testing groups such as the Software Testing Automation User Group (STAUG), sharing industry best practices and leading workgroups to develop and integrate best practices and new tools into the existing test methodology. Finally, monthly research is conducted to determine the appropriate combination of browser, operating systems and mobile devices that should be used for Validation.
      11. Provides management with an independent assessment of the state of the Application Under Test (AUT) to help determine the readiness of the application for deployment for production.
      12. Serves as an advocate for quality and testability throughout the software development process for OS developed applications.
    8. The Division of User Experience, Accessibility and Anti-Fraud (S43G)
      1. Designs the user experience for SSA’s Internet and Intranet web applications using the User-Centered Design process to meet user and business needs.
      2. Conducts customer research, provides iterative screen design and usability testing for new and existing (enhanced) systems.
      3. Performs heuristic evaluations of applications.
      4. Creates and designs conceptual models and performs task flow analysis.
      5. Creates interface standards for consistent customer experience.
      6. Serves as an advocate for the end user throughout the software design process.
      7. Provides agency-wide support for Section 508 compliance and works to ensure that our electronic technology is accessible to people with disabilities.
      8. Develops and maintains the agency’s Section 508 policy, processes, compliance reporting procedures, and guidance necessary to ensure SSA Information and Communications Technology (ICT) are accessible to people (both employees and members of the public) who are blind, have low vision, have hearing impairments, have difficulty speaking, and who have low mobility.
      9. Provides project support to ensure new applications and application updates incorporate Section 508 requirements and accessibility design principles.
      10. Provides testing services for OS and non-OS projects (applications, mainframe, documents, infrastructure and hardware).
      11. Provides Section 508 and accessibility training for project teams, developers, document authors, procurement officials, and purchasers of information and communications technology. Training is conducted through in-person classes, video on demand, and written guidance/procedures.
      12. Manages the Section 508 complaints process.
      13. Participates in inter-agency collaboration and community efforts to share information, establish best practices and harmonize processes and methods.
      14. Develops and maintains standards and guidelines for the Modernized Systems Operations Manual (MSOM), which provides documentation on modernized programmatic and administrative systems and their associated online screens. The MSOM staff partners with the Office of PolicyNet and Program Support in the Office of Retirement and Disability Policy to deliver timely, accurate and easy to use systems documentation.
      15. Provides training and consultation to MSOM authors.
      16. Publishes MSOM transmittals on PolicyNet.
      17. Collects and maintains auditable events (transactions and queries) from employees and the public in the Audit Trail System (ATS) to support the agency’s ability to prevent, deter, detect, and investigate instances of waste, fraud and abuse.
      18. Provides for the query and retrieval of auditable events for the purpose of detecting and investigating potential instances of waste, fraud and abuse.
      19. Develops and applies selection criteria for transactions and queries generated by employees and the public through the Comprehensive Integrity Review Process (CIRP), the Modernized Earnings Integrity Review System (MEIRS), and the Public Facing Integrity Review (PFIR) application to support the agency’s ability to prevent, deter, detect and investigate instances of waste, fraud and abuse.
      20. Selects cases for further review and investigation to detect and deter waste, fraud and abuse of SSA programs.
    9. The Division of Program and Project Management (S43H)
      1. Provides project management leadership for OITEBS. Coordinates project efforts with OITEBS divisions, OITPBS, OSE, OIS and OSO/OHE; leads analysts, developers and testers through the Systems Development Lifecycle.
      2. Serves as the central point of contact for stakeholders as well as other systems components.
      3. Provides program management (OMB 300) oversight.
      4. Coordinates OITEBS planning activities, support for project managers with the Investment Management Tool (IMT), estimating and other Customer Relationship Representative (CRR) functions.
      5. Provides audit management.
      6. Provides Software Process Improvement (SPI) services for OITEBS.
      7. Serves as the Contracting Officer Technical Representative (COTR) for OITEBS; coordinating the Contracting Officer Representative (COR) activities for the organization.

 

SSA ORGANIZATION MANUAL

Subchapter S44

OFFICE OF IT FINANCIAL MANAGEMENT AND SUPPORT

  1. Mission

    The Office of IT Financial Management and Support (OITFMS) supports the Deputy Commissioner for Systems/Chief Information Officer (DCS/CIO) in planning and executing sound Information Technology (IT) investments for the agency, maximizing accountability, compliance, and value for the agency’s IT investments. OITFMS supports the DCS/CIO with the full range of his/her responsibilities as they relate to Capital Planning and Investment Control (CPIC) including IT planning, resource allocation, budget, cost/performance management, compliance, and reporting to higher- level monitoring authorities. The office supports the DCS/CIO in carrying out his/her financial and management activities.

    OITFMS provides overall management of the planning, development and execution of the IT Systems Budget for the agency and the Administrative Budget for the Office of Systems. The office develops policies and guidelines for the exercise of the DCS/CIO budget responsibility, evaluates and appraises the manner in which DCS/CIO carries out these responsibilities. The office is responsible for IT training, internal controls, audits, contract management, software development lifecycle processes, Records Management and management of the Information Technology Investment Process.

    OITFMS supports development of the agency Information Resources Management (IRM) Strategic Plan and ensures that it aligns with the Agency Performance Plan. The office manages the development and implementation of standards, methods and procedures for software planning, tracking, requirements, design, development, validation and change control. It provides support for program/project management, and control. OITFMS manages a comprehensive, technical, and project management training program to ensure Systems staff can meet technological challenges and regulatory requirements.

    The office is responsible for providing oversight and guidance on audit programs directed at SSA, directs the DCS Executive Assurance program ensuring internal controls are in place to meet prescribed guidance, as well as developing and maintaining DCS’ Continuity of Operations Planning (COOP) documentation. OITFMS administers SSA’s records management program and serves as the liaison with the National Archives and Records Administration and General Services Administration on records issues. OITFMS provides a governance structure to implement, direct, and oversee implementation of the DCS Enterprise Risk Management (ERM) program in support of the agency ERM.
  2. Organization
    1. The Associate Commissioner for IT Financial Management and Support (S44)
    2. The Deputy Associate Commissioner for IT Financial Management and Support (S44)
    3. The Immediate Office of the Associate Commissioner for IT Financial Management and Support (S44)
    4. The Division of Budget Planning, Analysis and Execution (S44A)
    5. The Division of IT Project Governance and Quality Assurance (S44B)
    6. The Division of IT Liaison and Enterprise BPAs (S44C)
  3. Functions
    1. The Associate Commissioner for IT Financial Management and Support (S44) reports to Deputy Commissioner, Systems/Chief Information Officer and is responsible for carrying out the OITFMS mission and providing general supervision to the major components of OITFMS.
    2. The Deputy Associate Commissioner for IT Financial Management and Support (S44) assists the Associate Commissioner in carrying out his/her responsibilities and performs other duties as the Associate Commissioner may prescribe.
    3. The Immediate Office of the Associate Commissioner for IT Financial Management and Support (S44) provides the Associate Commissioner and Deputy Associate Commissioner with management support on the full range of their responsibilities including senior technical support, resource oversight, personnel management, financial/budget management, Continuity of Operations Planning, project planning, contracting, training, program management assistance, etc.
    4. The Division of Budget Planning, Analysis and Execution (S44A)
      1. Provides the full range of analytical and advisory support to the Deputy Commissioner for Systems/Chief Information Officer (DCS/CIO) in his/her role of planning and executing sound investments on all IT and non-IT budget matters and Office of Systems resources.
      2. Directs the planning, development, analysis and implementation of the agency's IT Budget and the DCS Administrative Budget formulation and execution processes among the agency and DCS components respectively.
      3. Develops the IT Systems Budget for the agency, develops the Administrative Budget for Systems, prepares detailed budget submissions and develops monitoring and tracking systems. Provides staff support and advises the DCS/CIO and agency executives regarding resource utilization, competing priorities, and other spending issues.
      4. . Monitors IT procurements, systems lifecycle costs, reimbursable costs, other objects expenditures, FTE utilization, and DCS personnel time expenditures. Provides staff support and advises the Deputy Commissioner regarding the administration of the administrative budget including FTE/FTP ceilings, FTE work year utilization, overtime and other objects, allocations and spending. Develops DCS allocations and monitors the utilization for relocation costs, lump sum payments, retention and recruitment bonuses, and monetary awards.
      5. Provides DCS components with budget allocations, spending guidelines, and customer service support on staffing, relocation, overtime and other objects issues, including mandatory agency contracts for printing, scanning, and production of accessible notices; reviews/prepares funding recommendations for DCS/CIO; and serves as a point of contact for ALL agency components requesting IT resources.
      6. Prepares various exhibits supporting the agency’s budget request, providing answers to questions regarding the budget and answering to other authorities such as the Office of Inspector General (OIG), Government Accountability Office (GAO), Office of Management and Budget (OMB) and Congressional budget staff.
      7. Reviews agency-wide component input to the IT Budget Formulation Call and DCS-wide component input to the Administrative Budget Formulation Call; advises DCS/CIO regarding competing priorities and recommends funding levels. Serves as the point-of-contact for agency components requesting IT resources.
      8. Assists agency components in the development and execution of the IT acquisition plan with DCFBM/OAG; monitors project funding; processes IT Funding Change Requests for DCS/CIO approval; revises agency procurement plans with DCBFM/OAG; coordinates Social Security Online Accounting and Reporting System (SSOARS) project funding changes with DCBFM/OFPO; and coordinates agency-level IT budget changes with DCBFM/OB.
      9. Coordinates the DCS response to the annual DCBFM reimbursable budget call for reimbursable needs, reviews reimbursable bills and approves requisitions for reimbursable specific work.
    5. The Division of IT Project Governance and Quality Assurance (S44B)
      1. Develops and maintains several tools that support IT development processes or policies including IT Project Management, the agency’s Configuration Management Directive and Software Change Management policy, the System Development Lifecycle and Agile Lifecycle and maintains estimating tools for projects.
      2. Serves as the central Systems control point for all audit initiatives providing oversight as mandated by the Federal Manager’s Financial Integrity Act and guidance on audit programs directed at SSA.
      3. Provides guidance and oversight to the Systems organization on the development of improved and continuing project management, software development and systems engineering practices.
      4. Provides process orientation for project managers, team members and sponsor representatives.
      5. Provides process analysis, re-engineering and web development in support of the Systems Training, Requirements Engineering and Systems Process Improvement (SPI) initiatives.
      6. Provides Lifecycle documentation to internal and external auditors on request.
      7. Configures and maintains a PPM tool to support the Pre-Select, Select and Control Phases of SSA’s Capital Planning and Investment Control (CPIC) process.
      8. Provides development and technical support for the DCS SharePoint and internal webpages.
    6. The Division of IT Liaison and Enterprise BPAs (S44C)
      1. Leads SSA’s Capital Planning and Investment Control (CPIC) Guide development and documentation. The CPIC Guide is a comprehensive view of SSA’s IT governance influences, policies, procedures and tools.
      2. Serves as the SSA IT Liaison with OMB and the Federal CIO Council, primarily responsible for monitoring, assigning and ensuring compliance with external IT governance communications.
      3. Manages SSA IT preparation efforts for OMB-led FedStat and PortfolioStat. FedStat (agency wide, with IT elements) and PortfolioStat (SSA IT enterprise) reviews to check the health of the entire agency and the IT enterprise in accordance with both guidance and administration priorities.
      4. Coordinates and ensures accurate IT reporting and benchmarking, such as for President’s Management Agenda (PMA) Benchmarks and the quarterly Integrated Data Collection (IDC).
      5. Leads Post-Implementation Reviews (PIRs) on behalf of the DCS/CIO.
      6. Implements IT governance guidance, legislation, policy and mandates for DCS and the CIO in coordination with IT Budget, IT Investment Process (ITIP) and other SSA CPIC groups.
      7. Works closely with the DCS Associate Commissioner-level offices and the DCS Budget Staff to implement ITIP decisions.
      8. Leads development of Exhibit 300s (Major IT Business Cases), Exhibit 52 (IT Portfolio Reporting) and OMB IT investment reporting on the Federal IT Dashboard.
      9. Leads the Earned Value Measurement (EVM) initiative following appropriate OMB and other Federal guidelines.
      10. Provides leadership in the development of guidance and processes to support business case development, including Cost Benefit Analysis (CBA), Return on Investment (ROI) and approaches for the measurement of less tangible outcomes.
      11. Provides IT program and project teams with appropriate contractor support and planning, execution and reporting guidance based on internal and external requirements.
      12. Acquires, manages, and assesses performance of contractor support resources used throughout DCS in support of agency IT initiatives and approves associated vendor invoices.
      13. Serves as the principal communication point for contractors, OAG and customers of the contracts managed.
      14. Manages the agency’s suite of enterprise-wide support services contracts; for example, the ITSSC, BITSSC, SAAS, IBM Proprietary Support Services and Computer Associates Support Services, etc., coordinating efforts across components (e.g., Office of Budget, IT Budget, OAG and OGC), as required, to process contract compliant orders in accordance with agency priorities.
      15. Assesses new technologies and plans for, acquires, and administers information technology, information management and project management training for SSA IT Specialists.
      16. Maintains and operates the Systems training facilities.
      17. Manages course/curriculum, budget and student data for technical and project management training.
      18. Manages a modern multi-media center for the agency. Schedules and provides technical support for meetings, conferences, teleconferencing/ videoconferencing, vendor product demonstrations, remote electronic meetings, etc.
      19. Develops and supports a variety of agency-wide multi-media presentations and productions (i.e., Video/Audio on Demand, Training Sessions, Executive Demos/ Briefings).

 

SSA ORGANIZATION MANUAL

Subchapter S45

OFFICE OF SYSTEMS OPERATIONS

  1. Mission

    The Office of Systems Operations (OSO) directs, manages, and coordinates the planning, implementation, operation, and maintenance of SSA’s computer systems operations, enterprise Information Technology (IT) infrastructure and application services.

    OSO monitors and provides 24x7 IT operations support for enterprise applications for the entire agency including DCO, DCDAR, DDSs, OQP, OIG, OGC, etc. In addition, OSO monitors and maintains all computer storage and network assets and all electronic services residing at SSA’s data centers. OSO maintains infrastructure related to batch, integration testing, IT Security infrastructure, change management, database, print operations, Service Level Agreements (SLA) and infrastructure facility usage. The office performs governance activities associated with change and release management for applications and systems software, capacity planning, performance testing and the delivery of infrastructure services to “guarantee” a highly available environment (99.95% uptime) for Internet, SSN verification workloads, Business-to-Government and Government-to-Government data exchanges.

    OSO consists of seven divisions, the Network Operations Center (NOC), and six Remote Operations Communication Centers (ROCCs). It develops the specifications, executes the system implementation, and operates an in-house IT help desk to provide support, training and customer service to over 65,000 SSA employees, 30,000 DDS state employees, and 10,000 Industry Partners. The office is responsible for Continuity of Operations Planning (COOP) at the target failover site to include site-identification, planning, and restoration of permanent services from the failed center. OSO is responsible for execution of the Disaster Recovery Plan, failed site-damage assessment and recovery of assets. The office is accountable for 24x7 operations stability, availability and security of the agency’s IT infrastructure and environment.
  2. Organization
    1. The Associate Commissioner for Systems Operations (S45)
    2. The Deputy Associate Commissioner for Systems Operations (S45)
    3. The Immediate Office of the Associate Commissioner for Systems Operations (S45)
    4. The Division of Batch Operations and Production Control (S45A)
    5. The Division of Information Systems Security Administration and Operations (S45B)
    6. The Division of Integration and Environmental Testing (S45C)
    7. The Division of National Network Services and Operations (S45E)
    8. The Division of Online Systems and Database Operations (S45G)
    9. The Division of Systems Performance and Service-level Management (S45H)
    10. The Division of Systems User Services and Facilities (S45J)
  3. Functions
    1. The Associate Commissioner for Systems Operations (S45) is directly responsible to the Assistant Deputy Commissioner for Systems (Systems Operations and Hardware Engineering) for carrying out the OSO mission and providing general supervision to the major components of OSO.
    2. The Deputy Associate Commissioner for Systems Operations (S45) assists the Associate Commissioner in carrying out his/her responsibilities and performs other duties as the Associate Commissioner may prescribe.
    3. The Immediate Office of the Associate Commissioner for Systems Operations (S45) provides the Associate Commissioner and Deputy Associate Commissioner with senior technical support; management assistance; technology leadership and planning; resource oversight and management; recruitment, administrative and information management; research support; and other initiatives on the full range of their responsibilities.
    4. The Division of Batch Operations and Production Control (S45A)
      1. Manages SSA’s batch processing operations by working jointly with developers throughout the Systems Lifecycle to efficiently plan, coordinate, test, schedule, and process the agency’s batch production workloads.
      2. Oversees the agency’s processes to update and synchronize databases, generate notices and payments, and print and mail SSN cards efficiently and timely.
      3. Serves as the user interface and provides technical support for data exchanges between SSA and external trading partners.
      4. Provides customers with a wide range of batch operations services including: Testing and Analysis, Automated Scheduling, Batch Production Monitoring and Schedule Control, Print Mail Services (SSN card and Notice Production), Data Exchange Services, and Post-Batch Implementation Analysis.
      5. Responsible for the planning, coordination, analysis and tracking of batch releases and changes.
      6. Responsible for analyzing, developing, and testing mainframe, Client Server control-M schedules, and batch integration testing for production batch workloads to ensure data center standards are met.
    5. The Division of Information Systems Security Administration and Operations (S45B)
      1. Responsible for supporting the IT security operations infrastructures that protect the agency’s resources and data and facilitate systems operations.
      2. Collaborates with the Office of Information Security on the operation of security controls and safeguards to protect the agency network, devices, applications and data.
      3. Responsible for the acquisition, co-evaluation, deployment, operations, and maintenance of new and advanced protections within SSA’s infrastructure.
      4. Responds to and coordinates IT audits in the security, management and contracting arenas.
      5. Proactively maintains contingency plans for SSA’s Data Center mission-critical IT operations.
    6. The Division of Integration and Environmental Testing (S45C)
      1. Ensures that all application, configuration, and systems changes across all platforms are documented, coordinated, and tested resulting in a complete integration into the production environment.
      2. Maintains change policies and manages internal software controls.
      3. Responsible for exploring, testing, evaluating and refining the integration process in collaboration with others to examine new methods like Agile and DEV/OPS.
      4. Supervises the integration-testing environment to support a rapidly increasing stream of applications being released into the agency’s production environment.
      5. Responsible for two functions (testing and release to production) within the Construction phase of the New Project Lifecycle.
      6. Responsible for a myriad of functions such as automated testing, infrastructure testing, configuration management and release coordination, client server software migration, software testing, application and system software migration and implementation.
    7. The Division of National Network Services and Operations (S45E)
      1. Maximizes and communicates enterprise IT availability with 24x7 monitoring, help desk services and problem management leadership.
      2. Provides program management of the Data Center’s operations and for the Network Operation Center (NOC) operations, which are primarily responsible for maintaining telecommunication network connectivity between all sites connected to the SSA network with the goal of maximizing network availability.
      3. The six Remote Operations Communications Centers (ROCCs) are responsible for resolving site severity-1 incidents and providing on-site infrastructure equipment support within the Payment Center buildings.
      4. Receives and documents all incidents related to any hardware, software and network issues for SSA.
      5. Provides concise, accurate and informative communications to SSA’s user community to ensure they are aware of outages and maintenance affecting SSA’s systems in a timely manner.
      6. Provides 24x7, 365 days a year proactive monitoring, tier 1 and 2 technical support, problem determination and customer support for all critical network and telecommunications infrastructure devices throughout the agency.
      7. Monitors, tracks, and trends various daily operational, performance standard, process compliance, and preventative support and trend reports.
      8. Develops the criteria, executes the system implementation, and operates an in- house IT support help desk for SSA employees, DDS state employees, and industry partners to provide support, training and customer service.
      9. Ensures measurable World Class Service for all customers by applying compassion, oversight, performance standards, and technology to deliver services within and throughout the Office of Systems, using service and operating level agreements developed through collaboration.
    8. The Division of Online Systems and Database Operations (S45G)
      1. Procures, installs, modifies and tunes all online/batch Teleprocessing Monitor Systems Software, Database Management System and vendor support products on Mainframe and Distributed Platforms.
      2. Configures and maintains the mainframe integration and production environments for CICS, WebSphere MQ and database systems including DB2, Oracle and IDMS.
      3. Responsible for the evaluation, installation, and maintenance of monitoring software used by SSA’s mainframe and distributed environments.
      4. Monitors and troubleshoots all of the online and batch application and database system IT environment 24x7 in support of the agency’s mission critical programmatic workloads.
      5. Evaluates, installs, maintains, monitors and operates the agency’s online and Database Management System software used by SSA’s mainframe and distributed environments.
      6. Configures and integrates application software for both the pre-production and production phases of SSA’s Lifecycle.
    9. The Division of Systems Performance and Service-level Management (S45H)
      1. Ensures systems capacity is utilized effectively and efficiently and accurately predicts and plans for SSA’s future IT capacity needs.
      2. Provides mainframe problem determination and capacity studies, configuration and workload/workflow analysis, stress testing analysis, and metrics data collections and reporting.
      3. Responsible for a range of network functions such as wide-area network capacity studies, sizing recommendations, modeling studies, and network performance data administration.
      4. Provides Windows and UNIX performance data collection, utilization analysis, reporting and capacity modeling and participates in network procurement activities.
      5. Serves as principal executive liaison for telecommunications and systems operations to counterpart offices in the DDSs, Office of Hearings Operations (OHO), OQP and regional offices.
      6. Serves as liaison to external business partners for infrastructure related to batch, integration testing, IT Security, change management, database, print operations, Service Level Agreements (SLA), and infrastructure facility usage.
      7. Provides capacity planning guidance to SSA’s web developers by testing the performance of SSA’s internet and intranet applications.
      8. Monitors mainframe functions and the accessibility of SSA’s internet and intranet applications and coordinates enterprise workload availability and problem reporting.
    10. The Division of Systems User Services and Facilities (S45J)
      1. Provides for planning, installation and management of white space supporting the IT infrastructure in the SSA data centers.
      2. Administers the introduction and growth of SSA’s electronic imaging and image management/image serving capabilities.
      3. Installs, plans and supports SSA’s imaging infrastructure, faxing, high-speed and casual scanning in the DDSs, OHO, PSC, and field offices.
      4. Provides agency enterprise monitoring for UNIX and Windows.
      5. Installs and supports Change, Asset and Problem Reporting System (CAPRS) for IT change and problem management and IT service and request catalog.
      6. Provides support for Output Print environment including Enterprise Print Architecture (EPA) and agency-wide notice processing.
      7. Provides Systems NCC facilities management liaison support for space management, renovations and NCC building related activities.

 

SSA ORGANIZATION MANUAL

Subchapter S46

OFFICE OF HARDWARE ENGINEERING

  1. Mission

    The Office of Hardware Engineering (OHE) provides reliable, secure, and efficient Information Technology (IT) engineering solutions that support SSA’s service delivery mission, its strategic business processes, and its core operational goals and requirements. OHE is accountable for planning, designing, building, testing, delivering, operating, and managing the enterprise IT environment which resides within the agency’s data centers, and which is comprised of the computing, network, telecommunications, storage infrastructures and service delivery platforms.

    OHE collaborates with other components within the agency (including other components within the Office of Systems) to identify the agency’s technology needs, to develop cost-effective data center hardware, software, and end-user technology solutions to meet those needs.
  2. Organization
    1. The Associate Commissioner for Hardware Engineering (S46)
    2. The Deputy Associate Commissioner for Hardware Engineering (S46)
    3. The Immediate Office of the Associate Commissioner for Hardware Engineering (S46)
    4. The Division of Client/Server Infrastructure (S46A)
    5. The Division of Integrated Telecommunications Management (S46B)
    6. The Division of Internet/Intranet Application Services (S46C)
    7. The Division of Mainframe Systems Software (S46E)
    8. The Division of Network Engineering (S46G)
    9. The Division of Resource Management and Acquisitions (S46H)
    10. The Division of Systems Storage Management (S46J)
    11. The Division of Infrastructure Services (S46K)
  3. Functions
    1. The Associate Commissioner for Hardware Engineering (S46) is directly responsible to the Assistant Deputy Commissioner for Systems (Systems Operations and Hardware Engineering) for carrying out the OHE mission and providing general supervision to the major components of OHE.
    2. The Deputy Associate Commissioner for Hardware Engineering (S46) assists the Associate Commissioner in carrying out his/her responsibilities and performs other duties as the Associate Commissioner may prescribe.
    3. The Immediate Office of the Associate Commissioner for Hardware Engineering (S46) provides the Associate Commissioner and Deputy Associate Commissioner with senior technical support, management assistance, technology leadership and planning, resource management oversight, recruitment, administrative as well as information management, research support, and other initiatives on the full range of their responsibilities.
    4. The Division of Client/Server Infrastructure (S46A)
      1. Plans, evaluates, implements, conducts continuing assessments and engineering analyses through comprehensive Research and Development (R&D), pilots, and Proofs of Concept (POCs).
      2. Manages the number, as well as the capacity, of servers in SSA’s field operations, develops environments to ensure and enhance greater reliability through virtualization technologies to provide greater performance from IT investments, and consolidates IT equipment into OHE.
      3. Designs, develops, implements, and supports SSA’s enterprise and distributed client/server computing infrastructure including: enterprise directory, name resolution and remote connectivity services, servers, desktops, assistive technology, printers, infrastructure management, server and desktop virtualization.
      4. Responsible for standard image configuration for all users of the agency’s mandated desktops (workstations and laptops): Field Offices (FOs), Teleservice Centers (TSCs), Processing Service Center-Office of Quality Performance (PSC-OQP), Office of Disability Adjudication and Review (ODAR), Disability Determination Services (DDSs), Employees with Disabilities (EWDs), and Knowledge Workers (KWs).
      5. Manages and supports the desktop operating system, which includes building and maintaining desktop images.
      6. Categorizes and catalogs Commercial Off-the-Shelf (COTS) desktop tools.
      7. Maintains Assistive Technology desktop software and systems that enhance learning, working, and daily living for persons with disabilities.
      8. Manages the remaining physical enterprise application servers in the Client/ Server Application Computing Platform (CSACP).
      9. Responsible for the configuration and support of the non-Microsoft COTS desktop tools (e.g., Adobe Reader).
      10. Researches new emerging technologies, configures and integrates the Assistive Technology Software with SSA infrastructure, and provides day-to- day support to all SSA EWDs and all deployed Assistive Technologies.
      11. Responsible for design, development, management and support of the System Center Configuration Manager (SCCM), Cross-platform server monitoring and alerting Systems Center Operations Management (SCOM) infrastructures. Conducts engineering and testing of expanded platforms for applications.
      12. Responsible for the design, development, management and support of agency production virtualization environments, including the Data Center Virtual Infrastructure (DCVI) and Virtual Desktop Infrastructure.
      13. Responsible for the design, development, engineering, and management of SSA’s Enterprise Network Services, which include: Active Directory (Production and Integration), Group Policy Management MS Domain Name Service (DNS), Universal Network Information eXchange (UNIX) Berkeley Internet Name Domain (BIND) DNS, Dynamic Host Configuration Protocol (DHCP), Windows Internet Naming Service (WINS), Virtual Private Network (VPN), and Network Policy Server (NPS) Radius/Wireless.
      14. Provides base image support for Application Member Servers (AMS) typical to ODAR and state DDS offices.
      15. Coordinates the Change Control Board (CCB) process through Technical Review for client/server changes.
      16. Responsible for providing, implementing, and supporting SSA’s Virtual Branch Office standard configurations in over 1,700 FOs, Regional Offices (ROs), Headquarters (HQ), Processing Centers, and TSCs.
    5. The Division of Integrated Telecommunications Management (S46B)
      1. Implements and maintains national telephone platform, including Voice over Internet Protocol (VoIP) and softphone solutions.
      2. Provides administrative site change relocation services for voice, video, data, workstation, server, Homeland Security Presidential Directive-12 Interactive Video Training (HSPD-12 IVT), and multi-vendor network components.
      3. Plans and manages the strategic and tactical direction of the SSA voice- communications and voice-data integration programs.
      4. Provides technical and analytical support for the National 800 Number, among other communications initiatives and programs.
      5. Provides and manages voice communications systems hardware, software, services, and ancillary equipment for SSA nationwide.
      6. Provides support and manages the Interactive Video Teletraining infrastructure to support the agency’s distance learning program nationwide.
      7. Directs the acquisition, operations, maintenance, retention, and disposal of voice communications systems and services SSA-wide.
      8. Develops and administers voice communications Information Technology Service (ITS) contracts.
      9. Administers Federal Telecommunication System (FTS) 2000 General Services Administration (GSA) provided services SSA-wide and represents SSA in all related negotiations within SSA and with GSA vendors and carriers.
      10. Serves as the SSA focal point for voice communications capacity planning.
      11. Manages SSA-wide programs for imaging, video, facsimile, satellite, radio, and emergency communications.
      12. Manages SSA HQ voice systems and the acquisition of data circuits.
      13. Serves as SSA-level liaison with Federal, state, other government agencies, and private-sector entities on voice communications and voice-data integration.
      14. Manages the development and application of emerging voice communications technology within SSA.
      15. Manages technical solutions for “800” and toll-free services SSA-wide.
    6. The Division of Internet/Intranet Application Services (S46C)
      1. Designs and supports the SSA Unified Communications environment (including video services such as teleconferencing, Video On Demand (VOD), webinars, email, VPN, cell phones, etc.).
      2. Manages the telecommunications operations complexes located at the Central Office, ROs, TSCs, and SSA field sites.
      3. Responsible for delivering 99% overall availability to the user community of four major infrastructures: Intranet, Electronic Messaging, Groupware, and Data Exchange, by meeting the technical milestones as defined within the “OHE Architecture Plan”.
      4. Analyzes, designs, and implements hardware and/or vendor software in support of electronic messaging (including Email, Groupware, Collaboration), Windows web-based application, web servers, production file transfer and data exchange.
      5. Develops or selects, evaluates, modifies, installs, implements and maintains software and/or hardware systems in support of data exchange, electronic messaging, groupware, collaboration, and application and web servers.
      6. Analyzes requirements for new systems and ensures computing capacity provides for sufficient functionality.
      7. Integrates and validates test design and execution of all major hardware, software, configuration, release, version and maintenance levels.
      8. Manages communications software changes.
      9. Serves as the SSA-level technical liaison with Trading Partners to conduct the exchange of data.
      10. Implements Internet/Intranet policies, objectives, plans, and methods for achieving the SSA mission
      11. Interfaces with SSA Network (SSANet) users to determine the impact of new applications and workloads, supports user liaison, and systems development activities of other SSA components in resolution of technical and operational problems.
      12. Performs Level 3 hardware and software support and problem determination for the Internet and Intranet infrastructure including electronic messaging, web, and data exchange.
      13. Provides the development and maintenance necessary to operate, maintain, and upgrade the Electronic Messaging Infrastructure, providing a reliable and secure means to communicate via Email and real-time communications.
      14. Provides engineering services for Data Exchange architectures and their supporting software utilities, which provide file transfer solutions for various Trading Partners accessing SSA’s mainframe environment through Internet VPN or Security File Transfer Protocol (SFTP) connections.
    7. The Division of Mainframe Systems Software (S46E)
      1. Implements new mainframe roles in hosting SSA’s Internet and Intranet applications.
      2. Ensures mainframe capacity to service SSA workloads.
      3. Responsible for installing and maintaining the mainframe, mid-range operating systems, and software products used by employees throughout SSA every day.
      4. Ensures the availability and reliability of critical software systems, which automatically control and monitor many of SSA’s data processing functions.
      5. Maintains vendor products that enhance the mainframe operating system.
      6. Ensures availability and reliability of critical software systems which automatically control and monitor many of SSA’s data processing functions to allow SSA to provide excellent service to its customers.
      7. Provides stable and reliable mainframe systems environments by staying current and up-to-date with the latest releases of systems software running on the SSA mainframes to ensure the highest availability.
      8. Responsible for installing and maintaining z/OS WebSphere on the mainframe, On-Demand and Content Manager software, and iSeries hardware and software in the NCC and the Second Support Center (SSC).
      9. Provides stable and available z/OS WebSphere and iSeries environments to ensure that agency software is current and free from defects to allow SSA to provide superior services to its customers.
      10. Installs and maintains numerous COTS software products on SSA’s test and production mainframe systems, keeping products up-to-date and compatible with SSA’s ever-changing system environments.
    8. The Division of Network Engineering (S46G)
      1. Plans and maintains the infrastructure for growth in the deployment of the agency's Internet, Intranet, and Extranet infrastructures.
      2. Plans, tests, maintains, and deploys the network hardware, software, and monitoring tools that support SSA’s networks.
      3. Ensures reliability of data, voice, and video communications at all times, and assists the end-user community in gaining access to network services.
      4. Serves as customer advocate with external service providers.
      5. Provides, administers, and maintains network connectivity between SSA data centers and External Business Partners (state, Federal, and partner agencies).
      6. Provides, administers, and maintains network connectivity between SSA’s network and DDS sites.
      7. Provides, administers, and maintains mainframe, network, and firewall device connectivity between SSANet and Electronic Business Process (EBP)/DDS sites.
      8. Responsible for network design and operational support of SSANet for the Baltimore HQ Campus, NCC, and SSC Buildings (excluding the Data Centers), Falls Church ODAR Headquarters, and Commissioner’s Local Area Network (LAN) Wireless Infrastructure and Unified Communications.
      9. Responsible for network design and operational support of SSANet for the National Support Center (NSC), and SSC Data Centers, DC-to-DC Backbone links, Software Development Plan (SDP) Database Isolation Switches (DBIS), Demilitarized Zone (DMZ), and System Zero Laboratory.
      10. Responsible for network design and operational support of SSANet including LAN/Wide Area Network (WAN) Routing and Switching including security, SDPs, Remote Operation Communication Centers (ROCCs), EBP, PSCs, ROs, TSCs, DDSs, FOs, Foreign Service Posts (FSPs), and Wireless Infrastructure, but excluding Campus and Data Centers.
      11. Reports network historical performance, administers Cisco Prime, and maintains and implements functionality of SSANet’s application switch infrastructure.
    9. The Division of Resource Management and Acquisitions (S46H)
      1. Ensures the integration of requirements development, budgeting, governance processes, application of comprehensive risk management planning, and accounting for the scale of complexity between infrastructure projects and programs.
      2. Communicates and advocates for infrastructure acquisitions with decision makers and stakeholders, formulates and presents the Office of Systems Operations/ Office of Hardware Engineering (OSO/OHE) IT budget. Executive is responsible for OSO/OHE Office of Management and Budget (OMB) 300, and Earned Value Measurement Systems (EVMS) programs.
      3. Provides acquisition services for all OSO/OHE mainframe infrastructure activities, including re-competition and transition to new contracts.
      4. Manages the development of OHE Special Expense Items (SEIs) and formulates the annual IT Budget.
      5. Supports contract and fiscal administration for OSO/OHE Software and Hardware maintenance contracts.
      6. Serves as Contracting Officer’s Technical Representative (COTR) for Information Technology Services re-competition and ongoing maintenance contracts.
      7. Manages most of the OSO/OHE contractor support services contracts and their respective SEIs.
      8. Directs and coordinates OSO/OHE planning, budget, and acquisition activities for IT hardware, software maintenance services, and engineering support services.
      9. Manages all OSO/OHE Operational Budget tasks and approves all OSO/OHE requisitions.
      10. Processes the majority of OSO/OHE micro purchases.
      11. Supports the three Infrastructure OMB-300 Portfolios by providing monthly earned value measurement analysis and reporting for the three Portfolios, and supports the Portfolio Program Managers in the preparation of OMB-300 submissions.
      12. Responsible for monitoring the execution of the OSO/OHE ITS budget, directing the renewal process for existing contracts, providing centralized certification and authorization of vendor invoices, and managing a centralized inventory for the agency’s ITS and telecommunications equipment.
      13. Supports appropriate management and Project Officers on contract and fiscal administration for the agency’s Software and Hardware maintenance contracts.
      14. Develops and maintains budget reports to assist components on ITS expenditures and balances.
      15. Continues, extends, and optimizes the agency’s computers, networks, telecommunications, storage, and service delivery platforms to maintain service levels, reduce technology debt, and leverage economies of scale.
      16. Works with other systems components to determine and define the agency’s infrastructure hardware, software, and end-user device needs.
      17. Configures, tests and supports new hardware configurations, vendor software products, and microcode updates.
      18. Evaluates and recommends acceptance of new hardware.
    10. The Division of Systems Storage Management (S46J)
      1. Manages, plans, delivers state-of-the-art data storage, storage management, and storage options provided in the SSA IT architecture on all server platforms to include monitoring, troubleshooting, and updating systems storage infrastructures to provide highly available, fault tolerant data protection.
      2. Ensures risk reduction throughout the infrastructure lifecycle, retiring hardware (and dependent software/operating systems) as it ages by replacing it timely, responsibly, and efficiently.
      3. Budgets for and procures tape resources including media, Automated Cartridge Systems (ACS), Virtual Tape Libraries, and encryption Key Management Systems (KMS).
      4. Monitors, maintains, and reports tape environment status, including all tape , resources, processes, job flows, and inventories. Designs infrastructure, coordinates installation, and analyzes performance and utilization of tape resources at the agency. Oversees offsite secure storage and vaulting operations for critical data resources.
      5. Identifies and resolves operational issues with media, devices, library control and tape management systems processes, encryption KMS cluster, and allocation errors.
      6. Supports SSA’s Disaster Recovery (DR) efforts by ensuring critical data are available and accessible and sufficient tape resources are available for production processing.
      7. Researches, analyzes, acquires, and implements software systems which control storage space management and performance operations, and enhances the administration of storage resources through expert systems and automation.
      8. Implements and maintains System Managed Storage (SMS) within the production complexes.
      9. Coordinates with DASD Pool Managers to project agency requirements for physical mainframe data storage (direct access, tape, optical, microfiche/film, etc.) and manages tactical allocation of storage resources to applications development components.
      10. Provides data backup and recovery services for SSA's major databases of client information on mainframe and Intelligent WorkStation (IWS)/LAN platforms.
      11. Directs the integration of new mainframe storage technology into the NCC environment.
      12. Manages the data recovery at SSA's "hot site" facility during trials and in the event of a severe data loss.
    11. The Division of Infrastructure Services (S46K)
      1. Provide infrastructure services spanning UNIX mid-tier, virtualized x86, public cloud, and on-premise cloud technology that will support all lifecycle environments.
      2. Provide Linux OS enterprise services and governance.
      3. Provide Internet/Intranet application software support.
      4. Provide infrastructure automation platforms, services, and governance.
      5. Run a container-based Platform-as-a-Service offering for automated deployment and management of applications.
      6. Develop and govern Docker container images and configurations.
      7. Develop and govern a centralized and unified Service Portal offering that allows for self-provisioning of infrastructure and infrastructure services.
      8. Assist in the cataloging, onboarding, integration, and governance of external cloud services and SaaS offerings.
      9. Provide the technical contract services, budgeting, and billing services for infrastructure services.
      10. Support the traditional UNIX/Linux infrastructures.
      11. Provide engineering services for UNIX and Linux Systems, which are available to support the agency’s needs and provide a secure platform for public access through SSA.gov.

 

SSA ORGANIZATION MANUAL

Subchapter S47

OFFICE OF INFORMATION SECURITY

  1. Mission

    The Office of Information Security (OIS) (S47) is responsible for developing, managing and directing SSA’s IT security program. OIS develops, manages and provides oversight of functions for agency-wide IT security policies and procedures. OIS’ robust IT security program includes: providing security and PII awareness training and serving as liaison to components and systems developers; protecting the confidentiality, integrity and availability of SSA’s computer systems and information; identifying and implementing risk-based security controls; conducting compliance reviews and tracking security metrics to gauge compliance and effectiveness. OIS is also responsible for analyzing risks, vulnerabilities and trends to identify threats; identifying solutions to mitigate threats; and identifying appropriate risk mitigation strategies to support SSA’s evolving technology and business processes. These processes include a comprehensive penetration-testing program of both internal- and external-facing systems, reviewing application code for vulnerabilities before it is released to the production environment; and reporting on vulnerabilities in previously deployed applications and infrastructure. OIS is further responsible for the agency’s Identity, Credential and Access Management program. In this role, OIS is tasked with the design, development and deployment of security software to protect SSA systems through the authorization of access requests and logical access to SSA systems including strong authentication for public access to our online services. The office also serves as the central Security Administrator for access to mainframe systems for Office of Systems’ components. Additionally, OIS is responsible for reporting the agency’s IT security posture to higher monitoring authorities including the Office of Management and Budget (OMB), the Department of Homeland Security (DHS), the Government Accountability Office (GAO) and other outside oversight organizations. OIS prepares various internal reports for Executive review and oversight as well. The office also interprets new guidance and recommendations from OMB and the National Institute of Standards and Technology and other applicable guidance. OIS is responsible for assessing risk to IT systems and its Security Assessment and Authorization program, which conducts risk assessments and compliance reviews of both on-going operations and new applications. OIS is responsible for reengineering both the Audit Trail System and the Comprehensive Integrity Review Program system. The office is the SSA lead for the Continuous Diagnostic and Mitigation program, which is mandated by DHS to improve the security posture of all Federal Executive Departments and Agencies. OIS operates SSA’s Division of Security Operations (DSO), which is responsible for monitoring the agency’s network of potential intrusions and other software and hardware vulnerabilities 24 hours a day, 7 days a week. The DSO investigates and coordinates the correction of identified vulnerabilities in cooperation with local Systems Administrators. Finally, OIS serves as the overall agency lead for IT incident and coordinates with the Chief Privacy Officer who has agency-wide responsibility for breach response, notification and remediation; in this role, the Chief Information Security Officer serves as the Incident Commander and coordinates SSA’s response to any IT incidents.
  2. Organization
    1. The Associate Commissioner for Information Security (S47)
    2. The Deputy Associate Commissioners for Information Security (S47)
    3. The Immediate Office of the Associate Commissioner for Information Security (S47)
    4. The Division of Security Integrity (S47A)
    5. The Division of Security Operations (S47B)
    6. The Division of Compliance and Assessments (S47C)
    7. The Division of Security Applications (S47E)
    8. The Division of Security Customer Service (S47G)
    9. The Division of Security Engineering (S47H)
  3. Functions
    1. The Associate Commissioner for Information Security (S47) is directly responsible to the Deputy Commissioner for Systems, for carrying out the OIS mission and providing general supervision to the major components of OIS.
    2. The Deputy Associate Commissioner for Information Security (S47) assists the Associate Commissioner in carrying out his/her responsibilities and perform other duties as the Associate Commissioner may prescribe.
    3. The Immediate Office of the Associate Commissioner for Information Security (S47) provides the Associate Commissioner and Deputy Associate Commissioners with senior technical support; management assistance; technology leadership and planning; resource oversight and management; support for legislation and other initiatives on the full range of their responsibilities; and develops, directs and maintains the OIS COOP program, including periodic testing and training.
    4. The Division of Security Integrity (S47A) mission is to provide data security as a customer service to ensure SSA meets policies, procedures and standards for the confidentiality, integrity and availability of information and resources in all environments.
      1. Administer access to the SSA network (TOP SECRET, Systems Access Management (SAM), etc.).
      2. Assist component management and project staff in assessing and resolving possible system access issues.
      3. ESEF Security Infrastructure and Configuration Management ESEF Personnel Actions (HSPD-12, HRMIS).
      4. Support security access needs for DCS FO and Office of Commissioner staff.
      5. Sponsor of the agency’s programmatic audit trail system (ATS), Comprehensive Integrity Review Program (CIRP) and Reengineered CIRP (R-CIRP).
      6. Develop programs to extract data, analyze data and provides deliverable to internal agency customers in support of MI and fraud investigation assistance service requests.
    5. The Division of Security Operations (S47B) continuously assess threats and vulnerabilities to Social Security Administration’s information systems to effectively respond to incidents and reduce potential damage from such events. The Division of Security Operations (DSO) will perform strategic analysis, issue warnings/alerts, and coordinate response and recovery efforts related to threats against the agency information systems.
      1. Provide timely technical assistance to operators of agency information systems regarding security incidents, including guidance on detecting and handling information security incidents.
      2. Compile and analyze information about incidents that threaten information security.
      3. Inform operators of agency information systems about current and potential information security threats and vulnerabilities.
      4. The DSO will also provide remediation efforts to recover from an incident.
      5. As new systems and applications are introduced to the agency network environment, the DSO will perform an assessment of these systems. The analysis will include an assessment of the system’s ability to comply with agency security configuration guidelines and polices. This will also include a comparison of the security controls in place, best practices, mitigations or compensating controls that may be in place.
      6. Part of these assessments will also include performing vulnerability scans and penetration tests.
      7. The DSO runs the agency network compliance monitoring processes. This includes running regular scheduled scans of the agency networking environment and associated systems. These monitoring processes insure that agency systems are configured per agency configuration and security guidelines.
      8. We continuously monitor various news and security sites. As new events are released, they will be assessed to determine impact to the agency and compensating controls that are in place.
      9. The DSO maintains and operates the agency network intrusion detection systems. These systems include both network based and host based systems. These systems monitor for, and generate alerts on, unauthorized or malicious activity. These alerts will be analyzed and, if required, remediation process will be taken to mitigate the threats that are detected.
    6. The Division of Compliance and Assessments (S47C) has the responsibility and authority to administer and assess the agency's suite of security controls and safeguards in place to protect agency data from improper disclosure, modification or destruction. Other significant information security tasks within the division include:
      1. Leading external compliance reviews with domestic and international exchange partners to evaluate security controls they must implement and maintain to protect information the agency provides.
      2. Employing the agency’s security authorization and assessment (SA&A) process.
      3. Leading the risk assessment process to understand project security needs and risk mitigation.
    7. The Division of Security Applications (S47E) administers and maintains the agency-wide Identity, Credential and Access Management (ICAM) program; and develops security applications needed to effectively govern access to our IT resources. Other significant information security tasks within the division include:
      1. Interpreting and implementing the Identity, Credential, and Access Management (ICAM) policies and regulations for the agency.
      2. Ensuring that SSA complies with all Federal identity management mandates, such as Homeland Security Presidential Directive 12 and the Federal Information Processing Standards 201.
      3. Managing the agency Access Control program.
      4. Assisting project teams in determining access requirements, testing and evaluating access control concerns for programmatic application releases.
      5. Emerging and maintaining automated applications to aid in the processing of Top Secret access changes for all SSA applications.
      6. Performing security validation testing and other analytical support services in an effort to maintain effective and aggressive implementation schedules, develop quality software products, and ensure seamless large-scale deployment.
      7. Administering the Electronic Personal Enrollment Credential System (EPECS) and the Systems Access Management (SAM).
      8. Assisting in the remediation of agency audit findings related to access control through policy adoption, procedural revision, and automation.
      9. Serving as the Program Management Office (PMO) providing project management and lifecycle support, policy guidance, and technical assistance for Agency-wide ICAM projects.
      10. Developing secure, scalable, usable, flexible, automated, and standards-driven enterprise platforms with dependable authentication and authorization models enduring robust performance.
    8. The Division of Security Customer Service (S47G) has responsibility and authority for the coordination, creation, issuance, and maintenance of information security policies, standards, and procedures. Other significant information security tasks within the division include:
      1. Writing strategies and policies that protect and secure sensitive information and personally identifiable information (PII) collected and maintained on behalf of the agency.
      2. Conducting annual information security awareness training and role-based training for individuals with significant information security responsibilities.
      3. Addressing information security policy and PII questions.
      4. Executing a variety of social engineering campaigns to safely introduce personnel to current cyber threats, mitigate vulnerabilities, and reduce the agency’s risk of compromise.
      5. Developing platform security configuration baselines for platforms and devices.
      6. Coordinating the assessment and deployment of Microsoft Security Bulletins.
      7. Providing full-scale project management for specific OIS projects.
      8. Documenting security business processes.
      9. Providing strategic planning and resource estimating support.
      10. Coordinating various audits at the OIS, Systems, and Agency levels.
      11. Performing International Travel Risk Assessments.
      12. Managing the OIS Continuity of Operations Plan.
    9. The Division of Security Engineering (S47H) effectively evaluates the impact of emerging security technologies and evolving threats to the agency's enterprise infrastructure; to design, develop and support agency security architectures; and to provide security guidance for agency infrastructure changes as well as technical expertise and resources in support of agency security policies. The Division of Security Engineering (DSE) administers security incident reporting and trending. Other significant information security tasks within the division include:
      1. Carrying out regulatory compliance monitoring and reporting through the creation and maintenance of Continuous Diagnostics and Mitigation (CDM) dashboards.
      2. Advancing the agency’s Information Security Program by administering the Software Authorization Program to ensure critical agency source code is frequently scanned for vulnerabilities, conducting daily agency-wide penetration tests, and leading agency cyber incident reporting and trending initiatives.
      3. Testing emerging technologies and confirm they can be integrated securely into agency infrastructures.