Social security institutions are an important face of government. The public turn to social security for support, especially in times of need at various phases of their life course. While the financial sustainability of programmes is an ongoing concern of social security administrators, satisfying the public’s demand for benefits and services on a daily basis requires more immediate attention and action. The public has grown to expect the predictable and timely delivery of social security benefits and services in normal circumstances, as well as in highly disruptive and extreme situations, as evidenced by the recent experience with the COVID-19 pandemic.
Unforeseen shocks and extreme events can significantly stress and overwhelm the capabilities of social security institutions, which can lead to serious disruptions in providing benefits and services and, ultimately, to a loss of public trust. The pandemic is an unequivocal reminder that the public counts on social security administrators to keep the promise of promptly delivering social security even under adverse conditions. Cognizant that shocks can easily translate to social crises, social security institutions must have the capacities to quickly scale and deploy resources and collaborate with other government units as part of a concerted national response.
An increasingly broad range of shocks and extreme events are affecting the work of social security institutions. Socioeconomic and humanitarian crises require exceptional social responses to protect the affected population groups. Natural catastrophes impact social security services and require specific social support operations. Other types of physical incidents, such as fires, can destroy institutional infrastructure, leading to severe service disruptions. Furthermore, the increasing digitalization of social security administration exposes institutions to emerging cyber-risks and vulnerabilities, as described in the ISSA report Enhancing the protection and cyber resilience of the social security administrations – Introduction to cybersecurity (2021) and the ISSA report Digital operational resilience (2022).
A shock can potentially throw everything into disarray, not least human and ICT resources, business processes, and programmes and service delivery. Social security institutions must be ready to manage such disruptions and be able to restore normalcy and business continuity with ease and resilience. It is important to identify the strengths of the organization and, no less important, correct weaknesses whether these originate from deficiencies in the organization, decision-making, business processes, infrastructure, assets or activities. Shock-proofing requires correcting and strengthening the heretofore weak links to ensure that the whole institutional structure can withstand and be resilient in the face of any future disruptive event.
Institutional readiness for adverse events provides the public and the institution’s staff with a strong sense of stability and confidence. Stress-tested and de-risked systems and resources enable a position of strength from which the institution can readily serve citizen needs with minimum operational disruptions. Regardless of an institution’s stage of development, the last few years have underlined the importance of including business continuity and resilience as a key governance element in social security administration. Should an adverse event materialize with no contingency plans in place, reactive measures could be proven to be too little or too late, comprising costlier last minute and stop-gap solutions incapable of saving an institution’s reputation or the public’s goodwill.
To be resilient, it is imperative that institutions establish business continuity plans that anticipate unforeseen crises. Such plans will enable the institution’s systems and resources to be part of the solution instead of compounding the challenge to be solved and allow the institution to be agile in managing a crisis and be proactive in protecting beneficiaries and the covered population.
The unpredictable nature of shocks and extreme events underlines the need for frameworks that provide the means to quickly identify, respond and be resilient against these events. The ISSA Guidelines on Continuity and Resilience of Social Security Services and Systems aim to provide guidance on how social security institutions can prepare, strengthen and continue to provide benefits and services in the face of unforeseen events by formulating a path that focalizes efforts in different domains.
While business continuity frameworks and standards exist, they are broad and general in nature and are not tailored to the specific needs of social security programmes and institutions. These guidelines cover this gap and address the specificities of social security administration, particularly the need for resilience and readiness for unforeseen, extreme events. The ISSA Guidelines on Continuity and Resilience of Social Security Services and Systems complements the other ISSA Guidelines as well as applicable international standards to cover the lack of specific guidance for social security administration.