Guideline 5. ICT management processes

Submitted by Anonymous (not verified) on

The institution implements ICT management processes aligned to the planning, building, running and monitoring of ICT-related activities, and to full coverage of ICT services within the institution.

Guideline code
ICT_00800
Mechanism
Mechanism
  • The management, with the assistance of the ICT and specialized units, should define the ICT management processes covering the planning, building, running and monitoring of ICT-related activities and full coverage of ICT services within the institution.
  • Management processes should cover the areas related to:
    • Aligning ICT elements with the institution’s goals, as well as planning and organizing the overall ICT-related tasks. This includes:
      • Resource management, in particular budgeting and costs, human resources, suppliers, assets and service agreements;
      • Quality management, especially on key social security processes and assets;
      • Risk management, especially on key social security operations;
      • Security management;
    • Building, acquiring and implementing programmes, projects, ICT platforms and assets, including change management. This includes managing programmes and projects, managing requirements definition, and managing knowledge and assets;
    • Delivering, supporting and managing the continuity of ICT services;
    • Monitoring, evaluating and assessing the performance of ICT-based systems overall, and their conformity with the institution’s goals and compliance with regulations.
  • The management should define the organizational structure, optimizing the placement of ICT-related functions and establishing associated roles and responsibilities.
Parent
A. Governance and Management
Structure
Structure
  • The board should commission the management and the ICT unit to establish ICT management processes.
  • A specialized organizational structure, reporting to or including the management, should be established to coordinate ICT management processes. To establish accountability, the roles and responsibilities of units within that structure have to be well defined and documented.
  • The ICT management activities (planning, building, running and monitoring) should be aligned with the direction set by the board to achieve the enterprise objectives.
  • The ICT management processes should follow the adopted ICT governance principles and ICT strategies, and be based on international standards and practices (e.g. COBIT®).

Tags

Title HTML
Guideline 5. ICT management processes
Type
Guideline_1
Weight
11