Official websites use .gov
A .gov website belongs to an official government organization in the United States.
Secure .gov websites use HTTPS
A lock (
) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.
United States
The objective was to determine whether the Social Security Administration’s mobile phone security conformed with Federal standards and guidelines. Our audit report (A-14-19-50811) contain information that, if not protected, could result in adverse effects to the Agency’s information systems. In...
Objective: To determine whether the Social Security Administration took appropriate and timely action in response to representative payees’ alleged misuse of benefits.
The attached final report summarizes Ernst & Young LLP’s (Ernst & Young) Fiscal Year (FY) 2023 review of the Social Security Administration’s (SSA) information security program and practices, as required by the Federal Information Security Modernization Act of 2014 (FISMA). Ernst & Young’s audit...
The attached final report summarizes Ernst & Young LLP’s (Ernst & Young) review of the security of the Social Security Administration’s (SSA) Web Identification, Authentication, and Access Control System. Ernst & Young’s audit results contain information that, if not protected, could result in...
The attached final report summarizes Ernst & Young LLP’s (Ernst & Young) review of the security of the Social Security Administration’s (SSA) Earnings Record Maintenance System - Cloud. Ernst & Young’s audit results contain information that, if not protected, could be used to adversely affect SSA’s...
The attached final report summarizes Ernst & Young LLP’s (Ernst & Young) review of the Social Security Administration’s (SSA) ransomware prevention and response strategy. Ernst & Young’s audit results contain information that, if not protected, could result in adverse effects to the Agency’s...
The objective was to determine whether the Social Security Administration’s identity verification controls for the my Social Security portal were compliant with Federal requirements. Our audit report (A-14-18-50486) results contain information that, if not protected, could result in adverse effects...
Objective: To determine whether the Social Security Administration appropriately applied the Windfall Elimination Provision and Government Pension Offset. We also gathered information about the Agency’s efforts to obtain non-covered pension data for beneficiaries.
Objective: To determine whether the Social Security Administration properly processed windfall offset determinations.
Objective: To determine whether the Social Security Administration included the required whistleblower rights and protection language in contracts that exceed the simplified acquisition threshold, in accordance with the Federal Acquisition Regulation.
