Data and information are fundamental assets for social security institutions. The scale of social security institutions and relevance of the activities they develop increase the complexity of and risks related to data management. Institutions make key decisions based on data and information about people, including employees, employers and work activities.

The institution permanently monitors, analyses and treats ICT-related events and problems in order to prevent incidents. In turn, incidents are managed in order to restore normal services as quickly as possible and minimize the adverse impact on business operations.

The institution implements a service desk to provide a single, central point of contact for all users, enabling them to request standard services, and to provide information about services and procedures for obtaining them.

The institution implements ICT operations management activities, which perform the daily operational activities needed to manage ICT services and the supporting ICT infrastructure following systematic and standard practices.

The institution implements systematic and standard technical management practices to ensure the availability of resources to support the service life cycle.

Technical management activities involve planning, implementing and maintaining a stable technical infrastructure and ensuring that required resources and expertise are in place to design, build, transition, operate and improve information technology services and supporting technology.

The institution implements electronic-based services (e-services) to improve service delivery by enabling users to interact with the institution remotely, and eventually autonomously.

Such e-services are multi-channelled, being based on different mechanisms (e.g. the Internet, mobile phones, call centres, kiosks).

The institution establishes a systematic and standardized framework for developing and managing its software applications throughout their life cycle, including requirements, design, the build, deployment, operation and optimization.

This set of guidelines addresses the delivery and support of ICT services, covering the aspects related to the overall software and service life cycle (planning, development and software construction, operations and maintenance). The purpose of ICT service delivery is to provide agreed levels of service to users, and to manage the technology that supports the application of administrative procedures implemented by the institution.

The institution monitors the performance of ICT-enabled investments and services, evaluates whether they generate the expected value and match the institution’s goals, and determines whether adjustments are necessary.

The overall goal is to ensure that value is created and continues to be created throughout the investment life cycle.

The institution establishes processes to implement and manage ICT investments, acquisitions and contracts, taking into account (institutional and ICT-related) strategic plans, technology roadmaps and good governance principles, aiming at optimizing ICT value realization.

The purpose is to optimize the performance of the overall portfolio of ICT resources and related activities in response to programme and service performance and changing priorities and demands.