The Social Security Administration used the project to modernize its Disability Case Processing System as a proof of concept.
The question then became could SSA replicate the success of DCPS with other legacy, traditional waterfall programs.
Sean Brune, the CIO of SSA, said the answer is a resounding “yes.” The agency is taking the success of the DCPS2 and expanding it through its new IT modernization strategy as a way to guide SSA’s transformation.
“We baked into that plan a lot of the lessons learned on DCPS2. Some of those are the joint sponsorship by business users and IT developers to have them working together in parallel each step of the way, in the planning, in the coding, in the testing, in the deployment and in the operation of the software,” Brune said on Ask the CIO. “The lifecycle for that software doesn’t end when it gets to the production environment. As soon as it gets the production environment, users interact with it. We learned things and we got to put that learning back into the lifecycle, and correct known errors as promptly as possible.”
SSA revamped DCPS2 starting in 2015, and over a 14-month period using DevSecOps to move from a COBOL based, green-screen system that had been in use for more than 25 years. SSA and states use DCPS to determine if claimants are qualified from a medical perspective for a benefit. State and territories process the claims on behalf of SSA using DCPS as a case management and disability determination system.
Brune said the DCPS2 success helped SSA expand their focus on overall IT modernization by further identifying core mission functions, building expertise in modern application development around those core mission functions. SSA released its new IT modernization strategy in June, updating a 2017 plan.
“We trained more agile Scrum Masters. We built institutional practices around product management, which is different than project management. Our projects have a dedicated focus, let’s start here, let’s end there. Done,” he said. “Product management is really, where do we want this product to serve the business going forward? It may take us more than a few projects to get there, but the projects are going to be sequenced to have cumulative value. They’re going to be user focused, as opposed to IT driven, and so those things we’ve trained and developed skillsets on. We’ve also broadened the use of those tools that I talked about. Those are automation packages that for the most part we’ve procured to support our modern development environment, our security authorization process, our operations from moving from a development environment to a production environment, that rather than taking manual action each step of the way, we can automate those handoffs and accelerate our approval process with high confidence that we’re not introducing any risk or vulnerabilities into the software delivery. Those modern tools have helped us, modern practices of product management and agile Scrum.”
Pathfinder to prove out agile
SSA also received recent input on IT modernization from an advisor board made up of former federal technology executives. The board made dozens of recommendations around four areas: operating model, governance infrastructure, IT modernization strategy and customer experience.
With DCPS2 as a pathfinder, Brune said the best result now is telling others around the agency the DevSecOps and agile processes worked and can be replicated.
The IT strategy details some specific benefits SSA already has seen from this culture change, including:
- Improving accuracy and timeliness of decisions;
- Providing online notices for the Cost-of-Living Adjustment through a my Social Security account;
- Consolidating data from multiple sources;
- Improving business processes for processing on-the-record hearing decisions;
“We are looking to make use of commercial-off-the-shelf offerings where appropriate, and to use best in breed technology to support our development efforts. So modern business process modeling software can provide out of the box many of the workflow and workload control features that we would need specific to the Social Security claims process or the Social Security number issuance process,” Brune said. “We are trying to leverage those existing capabilities where possible through procurement. What we find is that given the nature of our programs, and where we are with our legacy applications, it’s really a challenge to say, ‘well, that legacy software does the entire process, from claim initiation all the way through development and adjudication, let me just get something like that.’ What we do find is that commercial offerings can be a significant part of the solution, and that we can build around that with open source code or SSA generated code.”
He added the SSA enterprise architect created a defined target state technical architecture that they align their application development and their use of technology to when modernizing new systems.
SSA also expects to save money from this IT modernization effort. The agency told Sen. Maggie Hassan (D-N.H.) in August that its transformation effort would make “incremental efficiency gains of 10% in the first year benefits are realized, 15% in the following two years, and 20% thereafter. Applying these gains to the portion of our annual IT cost affected by modernization efforts results in a positive ROI of about 12%.”
CBO to work with CIO
As important is the training and use of agile software development is to IT modernization, Brune said. The creation of a chief business officer also is playing an important role. SSA named Kim Baldwin-Sparks as the CBO earlier this year.
In the IT strategy, SSA says the CBO will “ensure improved focus on the customer service aspects of the IT modernization effort.” The CBO will:
- Provide the public more service options and allowing them to use their service channel of preference;
- Develop systems that enable the public to interact with us across all service channels;
- Allow SSA technicians to complete more transactions at first contact; and,
- Ensure the public receives relevant and timely information.
“I look at the IT part and Kim defines the business requirements. She represents all our business interest those customers that transact business online, on the phone, in a field office and hearing office. It was really our intent from the start to have business and IT working together,” Brune said. “The chief business officer really institutionalizes that type of relationship. All of our development is focused on serving the public better, and that can be more timely service, more responsive service, more accurate service and/or all of the above. Kim and her team in the chief business office help define those requirements, help prioritize the work across our core business functions and serve as a day-to-day partner to make sure that our modernization remains customer focused and customer driven.”
Brune said he expects SSA to continue to train and improve its use of agile software development in the coming years. He said among his priorities over the next year are to expand the number of self-service options for the public on the SSA.gov website.
“Over the summer, we updated a portion of our website that relates to retirement benefits and retirement planning. That’s going to be a continued focus not just for retirement planning, but improving our full website and making sure that folks can easily find the information they’re looking for and complete their transaction with as few clicks and as easy as possible. To do that we need robust and secure authentication and authorization, we have put an emphasis on digital identity, which is an enabler for online transactions,” he said. “We want to continue to grow that and make our authentication that enables that account access securely, but also conveniently so more and more folks can continue to set up their personal my Social Security account. We’ve also had a focus on improving our highest volume workload that drives folks into our field office. So many times folks want to have a document that says, ‘I’m receiving Social Security benefits,’ or they need a social security number replacement card, we’re keenly focused on making sure that there’s options for the public to get those documents or get a replacement card without having to visit a field office. We’ve expanded a successful internet social security number replacement card service to almost all states nationwide. We do a verification of state driver’s license information as part of that transaction. We are continuing to work with states to make sure that we can access their data as part of that transaction so that the public has the convenience of requesting and receiving a social security number replacement card from the safety and comfort of their home without having to call or visit a Social Security office.”