As social security systems and their delivery are increasingly dependent on information and communication technology (ICT), digital operational resilience is fundamental to any social security organization.
The International Social Security Association (ISSA) has published a new report Digital operational resilience – Strategies and approaches to protect social security data and operations. Digital operational resilience is all about ensuring that the organization has the capacity to withstand any disruption or threat concerning ICT. The report focuses on how to protect data, which is considered a very important asset of a social security administration.
The concept of digital operational resilience has emerged recently, notably during the COVID-19 pandemics, to develop appropriate robustness related to digital resources and services. While it has appeared in the financial sector, the ISSA is developing similar practices in social security.
In terms of digital operational resilience, the report deals with ICT risk management, data risks, strategies and mitigation plans. However, it also goes beyond this and looks at in-depth defence approaches. This deals with mission critical assets, prevention and policy management, ICT systems architecture, monitoring and response mechanisms.
The report concludes that institutions need to enhance their digital operation resilience to address the growing risks related to ICT application, with a focus on protecting social security data. Through digital operational resilience approaches, social security organizations can identify risks, protect and prevent disruptions, and detect and respond to suspicious activities.
With this new report, the ISSA is taking innovative steps in applying the concept of digital operational resilience in social security. This will support member institutions by providing practical guidance on applying digital operational resilience practices. It complements the recent ISSA report Enhancing the protection and cyber resilience of social security administrations, and the ISSA Guidelines on Information and Communication Technology.