EUROPEAN COMMISSIONEMPL/-/10 - EN

A.C. 382/12
Governance and decision making in EESSI – first evaluation and first proposals for improvement
SECRETARIAT – 25.09.2012

Orig.: EN
Annexes: 2

ADMINISTRATIVE COMMISSION
FOR THE COORDINATION OF SOCIAL SECURITY SYSTEMS

Subject: Governance and decision making in EESSI – first evaluation and first proposals for improvement

Note from the EESSI Project Steering Committee of 25 September 2012

  1. Introduction

At its331stmeeting in June this year, the Administrative Commission acknowledged, in line with the recommendations of the Technical Commission and the EESSI Project Steering Committee (see AC notes 253/12 and 162/12), that the current governance structure is not suited to manage a large scale IT project such as the EESSI Project. It therefore gave an assignment to the EESSI Project Steering Committee to elaborate a proposal for a revised governance structure to address the current challenges.

Member States were asked to provide suggestions/input to assist the EESSI Project Steering Committee in the elaboration of such proposal.The Belgian and Swedish delegation provided suggestions in notes AC 303/12 and 322/12.

The present note providesan outline of the first analysis of a revision in the governance structure, carried out by an internal working group that has been established within the EESSI Project Steering Committee. In its 12th meeting on 7 November 2012, the EESSI Project Steering Committee will further discuss the findings and the proposals of the working group,.

At this point in time, the EESSI Project Steering Committee would like to use the opportunity of the meetings of the Technical and Administrative Commission, to receive a first feedback from these committees, with the aim of having all the elements available to present in December an elaborate proposal on the revised governance structure for EESSI with a clear definition of roles and responsibilities of the bodies that are part of it.

  1. Background

Two years ago, the Technical Commission and Administrative Commission agreed to set up the EESSI Project Steering Committee to be able to better address the challenges in the EESSI Project (note AC 425/10). In the governance structure that was agreed the roles and responsibilities of the two governance bodies, Technical Commission and Administrative Commission, werealso clarified (see notes AC 367/10, AC 407/10 and AC 398/10). Furthermore, it was agreed that the EESSI Project Steering Committee would function as "a project management committee", which as suchsupports the Technical Commission and Administrative Commission in monitoring the implementation process of EESSI in the Member States and to support the Commission in the work of the implementation process.

Since the set-up of the EESSI Project Steering Committee a number of important events have taken place.

1. With the delivery of the system by ATOS in 2011, DG EMPL and the MemberStateshave become the main stakeholders and players in the implementation of the EESSI project.

2. After the hand-over of the system by ATOS, the role of DG EMPL has changed. In the current setting, DG EMPL fulfils different roles, with different responsibilities in the EESSI Project. It is now:

-Responsible for the Secretariat of the two governance bodies and the EESSI Project Steering Committee

-Acting on behalf of the European Commission, ensuring a correct application of the legal framework on social security coordination, also with regard to the EESSI project

-the main IT-system supplier, responsible for the delivery of the Community infrastructure for the electronic exchange of social security data between the MemberStates, and the day-to-day running of the system.

These different responsibilities are depicted in the chart in annex II.

3. A reflection period was initiated in Spring 2012 to review the EESSI requirements to see if theseare still valid or that they needed to be adapted. As a result of the reflection that followed, the existing requirements and specifications are currently being reviewed together with the Member States. Due to the many different stakeholders, requiring different review rounds and the heavy decision making procedure, in which the Technical and Administrative Commission need to sign of the revised requirements and specifications, this process has shown to be very time-consuming and intensive.

In the current situation, the challenges in the EESSI project are still multi-fold, due tointer alia:

-the size of the project (high number of different stakeholders across 31 Member States),

-the complexity of the business with the different business processes to be covered,

-the challenges of bridging different national IT solutions for implementing the cross-border electronic data exchange,

-the challenges of reaching acommon understanding on the overall objectives of the projects, the requirements and solution for the implementation of EESSI

-Monitoring of the delivery of the final product by DG EMPL and the implementation of EESSI in the Member States

The Technical and Administrative Commission acknowledge that the current governance structure is not sufficiently adapted to respond to these new challenges.

  1. Need for clear governance and project management structure

The current challenges require a clear governance and project management structure, with

a) effective and efficient decision making procedures

b) clear assignment of roles and responsibilities of the actors involved.

The questions that specifically need to be addressed in the decision making structure are:

1. Which decisions need to be taken in order to ensure the development and delivery of the EESSI system and the successful implementation of the project?

2. Who shall take these decisions?

3. How will these decisions be taken and their implementation monitored?

Decisions that need to be taken or validated in the next period are many and concern the following areas:

  1. Validation of updated project vision and project scope
  2. Validation of the updated project approach
  3. Governance and project management structure
  4. Updated communication strategy and planning
  5. Updated requirements and specifications
  6. Test Strategy and planning
  7. Release strategy and planning – milestones and deliverables
  8. Architecture - interface definitions and principles
  9. Deployment and roll-out

In the current governance framework, these decisions will betaken by the Technical and Administrative Commission. The necessary discussions in order to reach a common understanding and agreement will put a heavy burden on the Technical Commission and the Administrative Commission. The EESSI Project Steering Committee therefore would like to ask the Technical and Administrative Commission to advice on the decisions that could potentially be delegated to an operational body.

Annex I provides a first outline of the EESSI governance structure with the different layers of responsibility to address the challenges to introduce an effective decision making mechanism to:

1. Allow these decisions to be taken without further delay

2. Address the need for a strong project management structure to ensure the successful implementation of these decisions.

The proposed governance structure is based on a standard IT-governance model (i.e. Prince 2) which has been tailored to the specificities of the EESSI Project and which respects the different levels of responsibilities within the EESSI Project.

The EESSI Project Steering Committee asks the Technical Commission and Administrative Commission to provide feedback on the proposed structure and in particular:

  1. To indicate at which level of the proposed structure the two committees need to be positioned with an outline of their main responsibilities.
  2. To indicate which type of support the Technical and Administrative Commission need, to allow them to take the relevant decisions in a more efficient and more timely fashion
  3. To identify which decisions they would consider, within the boundaries of their mandate under the Regulations, to delegate to another body, responsible for the actual management of the project.
  4. To indicate whether they consider the proposed structure for the delegation of project management responsibilities in annex I a feasible option.

Based on the information provided on these points, the EESSI Project Steering Committee will present for the meetings in December 2012 a detailed note on the roles and responsibilities of the different bodies and the different roles and responsibilities of the EMPL EESSI Project Team.

Based on that, the EESSI Project Steering Committee will review its current mandate and the work programme.

Annex Ito note 382/12

Proposals for improvement of the current EESSI governance structure

This document describes the IT governance model for the European EESSI project.

Definition:

IT Governance: Specifying the decision rights and accountability framework to encourage desirable behaviour in the use of IT(Weill & Ross: IT Governance, HarvardBusinessSchool Press, 2004)

The IT Governance in EESSI must address the following three questions:

  1. What decisions must be made to ensure effective management of the EESSI project?
  2. Who should make these decisions?
  3. How will these decisions be made and monitored?

Areas to govern

  • IT principles: High-level statements about how IT is used
  • IT architecture: Defining integration and standardization requirements
  • IT infrastructure: Determining shared and enabling services
  • Business application needs: specifying the business need for internally developed IT solutions (or purchased)
  • IT investment and prioritization: choosing which initiatives to fund and how much to spend.

These areas are related and require linking for effective governance – typically following from top to bottom: IT principles drive the architecture that leads to infrastructure. The infrastructure capabilities enable applications to be built based on business needs specified by the business process owners. IT investments must be driven by the IT principles, architecture, infrastructure and application needs.

The proposed model in this document is based on Prince 2.The model describes the chain of command in the project including the project mandate and responsibilities for each role.The proposed structure is a sample of how the standard IT-governance model used in Prince 2 could be applied to the different levels of responsibilities within the EESSI Project.

The Administrative Commission (AC) is responsible for the implementation of Regulations 883/2004 and 987/2009. As part of that a software product must be provided. Based on the Regulations the Administrative Commission creates the vision statement for EESSI and delivers this along with a definition of the set of resources and a timeline and by this delegate a mandate to Technical Commission. The Administrative Commission can set the objectives for the project in line with the strategic plan, ensure that appropriate resources are committed and resolve issues where necessary. A project mandate is created by the Administrative Commission which is the trigger and the framework for the whole project.

A project mandate is:

  • The Main Objective of the Project
  • The Business Case, which describes the reasons for the project
  • Project Scope in high-level terms
  • Customers’ quality expectations (i.e. reaching an agreement on what Member States expect to receive from the project)
  • Information about the customer, e.g.: best practice for documenting requirements
  • Information on related projects that may provide important feedback

The Technical Commission (TC) holds responsibility for delivering a sufficient EESSI product given by the Administrative Commission in the project mandate. The Technical Commission is responsible for enriching the provided vision from the Administrative Commission to a high-level system definition defining the EESSI product (both functional and non-functional requirements) and defining success criteria. The mandate given to the Technical Commission is a system definition describing the desired product that must be delivered, as well as the resources and a milestone plan (timeline for the project).

In order to be efficient in controlling the project, the Technical Commission can appoint anExecutive Boardthat based on a given mandate operates the project.The system definition and the business case will act as a framework in which this Executive Board can operate.

In summary, the mandate of the Technical Commission would be:

  • IT principles: High-level statements about how IT is used
  • Transformation of the project mandate from AC to operational action
  • choice of supplier(s)
  • Appointing anExecutive Board and chairman (if mandated by the Administrative Commission, alternatively, the Administrative Commission appoints the chairman) that runs the project, reports to the Technical Commission and renews mandate if significant changes to scope and/or timeline/resources occur.

Executive Board and Project Board

In the classical IT governance structure, as depicted in the chart, the actual management of the project will be done at the level of anExecutive Board(not be confused with the current EESSI Project Steering Committee).In the proposed governance structure, the day-to-day managementwould be delegated to a Project Board, the mandate of which would be defined by a number of key documents. These are the levels which have to take ownership of the project and which will need to report to the AC and TC.

The role and responsibilities at the level of the Executive Board and Project Boardvery much depends on the extent to which responsibilities of thetwo decision-making committees at the top of the governance structure concerning the actual project management are delegated at the lower levels.

Program Manager

If it were agreed that it is necessary to put in place anExecutive Board and a possibility to delegate the day-to-day management to the Project Board, it is recommended to nominate a program manager, which acts as an interface between theExecutive Board and the project board. On behalf of the Executive Board, the Program Manager will control the work of the ProjectBoard. He will have the responsibility to produce the required product(s) to the required quality within the specified time and cost.

There are many different facets to the role of program manager such as communication (in fact, it is estimated that more than 70% of a program manager’s time is spent on communication), but also on cost management, quality, product status, changes, user needs, monitoring and planning.

Final note

The proposed governance model in the chart does not include the roles of DG EMPL as being responsible for the Secretariat for the different committees and as a guardian of the Treaty and more specifically the correct application and implementation of the two Regulations. This important nuance has been visualized in annex II.

Annex II further contains the organization chart of DG EMPL as IT supplier, capturing the different the roles and responsibilities it has as IT supplier within the EESSI project.

Annex IIto note 382/12

1

DG EMPL – IT responsibilities in EESSI Project

1