According to a report by the General Audit Office (AGN, for its acronym in Spanish), PAMI, the National Institute of Social Services for Pensioners (INSSJP), 'improved' managing Information Technology (IT) regarding the last comments generated by the watchdog in its last report. However, the research makes it clear that there are still outstanding issues to address.

This is a follow-up on recommendations made in a report published in 2006 to determine the strengths and weaknesses of computer management. This new audit, approved in February of this year, analyzes the periods from 2004 to 2009.

One issue that was corrected is the position in the "index" that considers "risk information." That is, in terms of "the likeliness of reaching levels of effectiveness, efficiency, confidentiality, and reliability," PAMI decreased from 76% to 38%. However, the auditors recommended that this rate exceeds 20%. In fact, it was found that the INSSJP "has a policy of information security (comprising software, databases, and everything related to the risk of information being seen by someone who was not supposed to) formally approved and published on the intranet", and that it was "promoted by management."

Beyond the fact that the AGN recognized the "effort" made by PAMI in "lifting the observations" it’s important "to continue to deepen changes, concentrating on those objectives that have the lowest levels." In that sense, there is an index called "maturity level" of control objectives, which are weighted on a scale from 0 to 5. The report notes that the social work of the pensioners evolved from 0.87 to 2.18, and they advised that this index reaches a minimum value of 3.

The report indicates that the "technology -in terms of infrastructure planning - focuses on generating solutions to specific problems," and "continue taking reactive decisions on the budget," and that "there is no formal process for identifying and allocating IT costs ".

Returning to the improvements made by PAMI, in 2005 the AGN had said that "no inventory programs and procedures are maintained in IT", however, today they have a "division for organization and methods", which develop internal procedures, "many of them formalized by decision." It also noted they "defined roles and responsibilities, on a management level, with a functionally advanced IT organization."

Among the outstanding issues for improvement is the implementation of an "annual training plan structured and formalized," and the situation, for example in the management offices, where "data network and power cords were found loose in the hallways, around desks and hanging from the ceilings." However, it was noted that in the last period analyzed, "the place where the datacenter is located has environmental controls by the staff of operations."