The Department's role at the Commission is to provide information technology leadership to build the Commission’s information infrastructure and effectively participate in making it a modern and efficient regulator. The department strives to expand technology support to create the information technology environment that the Commission needs in order to achieve its mission and vision. To be successful in this role, the department has been developing broad based partnerships throughout the organizational and beyond even reaching out to the outside stakeholders. The objective of the department is to provide excellence through technology by working hand in hand with all the divisions/departments of the Commission to enable a fully automated and paperless environment with the purpose of information sharing, data integrity, efficiency, and security. IS&T department envisages that the adaptation of a complete electronic culture will result in a collection of fully automated process that provides a more effective method of achieving the goal of efficient and transparent governance.

The IS&T Department of the Commission has come a long way from a humble beginning, the division now provides a host of services ranging from various management support functions, design and development of specialized applications as well as IS applications and managed services. Major areas of operations include software systems and database maintenance and development; website and intranet engineering and maintenance; LAN and WAN connectivity and central services; hardware and software maintenance services and training in IT products and services. The IS&T Department is determined to become an efficient and modern division of the Commission fully conversant with the international best practices and also to be recognized as being so. Most current and forthcoming projects of the Commission like the e-Services, Scanning and Archiving of documents, Disaster Recovery Centre, ERP, Insurance Industry Regulatory System, Market Monitoring and Surveillance System, and Data Warehousing are driven by Information Technology. The department’s vision is to take the Commission to the next level of automation through innovative use of Information Technology and Business Process Management to make it a truly modern, effective and efficient organization at par with any world class institution. To build and create IT infrastructure and environment the division is following International Quality Standards as well as world class Information Security best practices and therefore became the first public sector entity to accomplish ISO 9001:2008 quality certification in 2006 and has also succeeded in becoming the first regulator in Pakistan to achieve ISO 27001:2005 information security certification for its implementations in the design, development and implementation of IT solutions and services for the Commission.

The department enjoys a world class repute in the IT industry at national and international level and has won several distinctions over the years including the Sword of Cyber Defense, top 5 website ranking, first RAC installation, first SOA based implementation and most recently won Laureate Gold Medal on envisaging and developing eServices for the Commission in the Computer World Laureate Honors Program 2011. The following are some of the major roles that IS&T division is plays for the Commission:

• Management and administration of Local Area Network (LAN) and Wide Area Network (WAN) including internet services at the Commission for HQ and CROs, providing core electronic services to users including office automation. Telecommunications/Networks and end-user need assessment and provisioning for software applications, hardware selection, procurement, deployment, maintenance, configuration and support for the Integrated Management Information System (IMIS).
• Implementation, development and operation of the IS&T infrastructure at the Commission and participate in the strategic and annual planning processes.  Design and implementation of major systems (hardware and Software) initiatives, managing multiple, concurrent and often disparate tasks for projects that often involve innovative applications, dissimilar systems as well as databases and highly complex system integration and linkages.
• Ensure changes to the IS&T operating environment including software, hardware, networks and system software are carefully investigated and implications understood before making such changes. Development of In-house software applications for various functional areas of the Commission after careful need assessment and requirement analysis.
• Professionally advise management and departments of the Commission - including acting as focal point and advisor to Commission on all IT matters - on the effective and strategic use of IT in a changing business environment; development and dissemination of best practices.
• Develop standards for the Service in hardware and software, e-Mail, groupware, workflows, methodologies. Requirement assessment for IT solutions and Exhibit control on effective uses of IS&T. Information Management, Storage, Retrievals, and Dissemination for all types of information needed of the Commission
• Needs Assessment for IT assets (i.e. software, hardware, databases, networks, storage, and telecommunications, etc.) as well as Information Systems for all departments and divisions of the Commission and mapping it with effective decision making for specification, selection, procurement, allocation and deployment.
• Identification of Information Sources including establishment of linkages with other regulatory organizations and developing mechanisms to capture it accurately and completely.
• Organization wide Business Process Management (BPM) for the Commission. Continuous Process Improvement (CPI) and Alignment for the Commission and organization wide Process Re-engineering and Simplification for the Commission
• Data Analysis, Management, and Development of a unified repository of Information “Data warehouse” for the Commission, organization wide Content Management for the Commission and implementation and Support of a completely automated workflow environment at the Commission. Lead efforts to review and revise, as necessary, the existing set of Information Technology related policies, processes, and standards and to identify areas where new policies, processes, or standards should be developed.
• Design a training and manpower development plan for employees of the Commission.
• Work for an appropriate legal frame work for the creation of an IS&T-based culture, with due focus on intellectual property rights (IPR), secrecy, security and safety of information and ensure the privacy and security of Information Systems and Technology. Contribute in formulization / amendments of rules and regulations required for electronic recordkeeping, filling of returns, licensing and registration, etc. Provide feedback on formalization of Commission’s policies so that Commission’s policies and IS&T strategy should be aligned accordingly.
• Design and Implementation of major systems initiatives, multiple, concurrent and often disparate tasks for projects that involve innovative applications, dissimilar systems as well as databases and highly complex system integration and linkages. Identification and Development of key strategic systems for SECP to become a more efficient, effective, vigilant and modern regulator.

The IS&T Division has five distinct functional management wings as follows:

• Applications Management Wing: The Applications Management wing is responsible for a variety function comprising of the design and development of a variety of Information Systems for the Commission and also provides maintenance of software applications already developed and deployed to meet the needs of the entire Commission. The software development undertaken by the unit is developed at the highest quality standards at par with international standards and best practices of software and is aimed at increasing the efficiency of business processes of various divisions and departments of the Commission. Some key information systems designed and developed by the wing are eServices, Market Monitoring and Surveillance System, Insurance Industry Regulatory System, CRCS, the Commission’s website and Intranets and many more.
• Infrastructure Management Wing: The Infrastructure Management wing is responsible for servers/users side infrastructure and services.  It continuously monitors infrastructure performance and availability in order to provide stable and reliable system management environments. Logs are produced and transformed into management friendly reports to review servers and services availability. The wing is also responsible for SECP’s Network / Internet infrastructure and services and continuously monitors infrastructure performance in order to provide stable and reliable network and internet management environments. Logs are produced and transformed into management friendly reports to review network availability and bandwidth utilization. In addition, this wing is also responsible for incorporating new, and upgrading existing systems along with the periodic checking, analyzing and implementation of fault tolerant systems.
• Databases and Business Intelligence Management Wing: Database team directs or performs all activities related to maintaining a successful database environment. Responsibilities include designing, implementing, and maintaining the database system; establishing policies and procedures pertaining to the management, security, maintenance, and use of the database management system; and training employees in database management and use. Database team is responsible for user management at database level in addition to security management as well as generating reports and making changes to database at the request of users with proper authorization. Back up of database and other steps to ensure data integrity and security are also very important functions of the database team. Database team also works with consultants and vendors for study of database management systems, management of electronic exchange and document management system, in order to keep the databases updated according to the requirements of the users. Close monitoring of the system removes any redundancy and ensures integrity of the data.
• User Support Management Wing: The wing is responsible for providing state of the art services to users inside and outside the Commission. It handles client computer application deployment issues and troubleshooting. The wing is also responsible for entertaining problems and queries of outside stakeholders in support of the online applications.
• Disaster Recovery Management Wing: DR team acts to counteract interruptions to the Commission’s business activities and to protect critical business processes from the effects of major failures of information systems or disasters and to ensure their timely resumption, the IS&T division is in the process of establishing the Business Continuity and Disaster Recovery Centre at CRO Lahore. This project is in its implementation phase. Site preparation for Disaster Recovery Centre is underway.

In addition to the above wings following two functional groups have been constituted as follows:

• Business Process Analysis, Management and Re-engineering Group
• Information Security & Quality Assurance Management Group

The Quality Council and Information Governance & Security Council have been constituted to monitor, review, comply and update Quality and Information Security related policies and procedure with international standards.