Social Security Administration

The Office of the Inspector General contracted with the independent certified public accounting firm Ernst & Young LLP to audit: (1) the Social Security Administration’s (SSA) consolidated financial statements as of September 30, 2023 and the related notes to the consolidated financial statements;...

The Reports Consolidation Act of 2000 (Pub. L. No. 106-531) requires that Federal Inspectors General summarize and assess the most serious management and performance challenges facing Federal agencies and the agencies’ progress in addressing them.

Objective: To determine whether the Social Security Administration decreased the number of auxiliary beneficiaries with missing or incorrect Social Security numbers on the Master Beneficiary Record.

The objective was to determine whether the Social Security Administration’s mobile phone security conformed with Federal standards and guidelines. Our audit report (A-14-19-50811) contain information that, if not protected, could result in adverse effects to the Agency’s information systems. In...

Objective: To determine whether the Social Security Administration took appropriate and timely action in response to representative payees’ alleged misuse of benefits.

The attached final report summarizes Ernst & Young LLP’s (Ernst & Young) Fiscal Year (FY) 2023 review of the Social Security Administration’s (SSA) information security program and practices, as required by the Federal Information Security Modernization Act of 2014 (FISMA). Ernst & Young’s audit...

The attached final report summarizes Ernst & Young LLP’s (Ernst & Young) review of the security of the Social Security Administration’s (SSA) Web Identification, Authentication, and Access Control System. Ernst & Young’s audit results contain information that, if not protected, could result in...

The attached final report summarizes Ernst & Young LLP’s (Ernst & Young) review of the security of the Social Security Administration’s (SSA) Earnings Record Maintenance System - Cloud. Ernst & Young’s audit results contain information that, if not protected, could be used to adversely affect SSA’s...

The attached final report summarizes Ernst & Young LLP’s (Ernst & Young) review of the Social Security Administration’s (SSA) ransomware prevention and response strategy. Ernst & Young’s audit results contain information that, if not protected, could result in adverse effects to the Agency’s...