The institution develops an ICT strategy and innovation prospective as the cornerstone of an integrated institutional view of the current business, the future direction for the ICT environment, and the initiatives required to reach the desired future environment.
According to ISO/IEC 38500, management relates to “the system of controls and processes required to achieve the strategic objectives set by the organization’s governing body. Management is subject to the policy guidance and monitoring set through corporate governance”.
For COBIT®, ICT management plans, builds, runs and monitors activities in alignment with the direction set by the governance body to achieve the enterprise objectives.
The institution establishes ICT governance processes linked to its governance objectives, which include evaluating strategic options, giving direction to ICT and monitoring outcomes.
Governance processes ensure that stakeholder needs, conditions and options are evaluated in order to determine and agree upon balanced institutional objectives, set direction through prioritization and decision-making, and monitor performance and compliance against agreed objectives and direction.
The institution defines a single, integrated framework for ICT governance that establishes responsibilities and duties at the highest levels.
The framework fosters the application of the ISSA Guidelines on Good Governance and ICT-related principles as defined in international standards.
ICT governance can be defined as a “framework for the leadership, organizational structures and business processes, standards and compliance to these standards, which ensure that the organization’s IT supports and enables the achievement of its strategies and objectives”.
Structure
The corporate application of ICT in social security institutions requires establishing policies and practices to carry out the wide spectrum of ICT-related activities in a consistent and systematic way. Such policies and practices are addressed by the disciplines of ICT governance and management, which aim to guide organizations (in particular, medium and large ones) to improve effectiveness and efficiency in their application of ICT.
The following guidelines are organized in three parts:
Part A, ICT Governance and Management, incorporates five sections:
A.1. ICT Governance
A.2. ICT Management
A.3. ICT Investment and Value Management
A.4. ICT Service Delivery
A.5. Data and Information Management
Part B, Key Technologies, incorporates three sections:
B.1. Interoperability
The growing extent of ICT application globally has motivated the development of standards and frameworks, notably by the International Organization for Standardization (ISO), Control Objectives for Information and Related Technology (COBIT®), IT Infrastructure Library® (ITIL®), Data Management International (DAMA), Organization for the Advancement of Structured Information Standards (OASIS), World Wide Web Consortium (W3C), Object Management Group (OMG), Dublin Core Metadata Initiative and Capability Maturity Model Integrated (CMM/CMMI).
There are three main aspects to corporate use of ICT) in social security institutions:
The use of information and communication technology (ICT) in social security institutions represents a global trend. As institutions turn to ICT, the goal is the development of solutions that enable them to accomplish their mission, providing high-quality services, satisfying stakeholders and improving efficiency of key processes. Moreover, the challenges resulting from social security’s permanent evolution require a more intensive and sophisticated use of technology in the social security domain.
