Friday, October 26, 2007

No real news

1. The tone of the 17th comment to the last post was inappropriate. There is no need for personal attacks. There are plenty of substantive matters to address in this forum. If you want to make an ad hominem attack, please do it elsewhere.

We've had lots of good constructive criticism on this blog and at meetings. Flames lessen the credibility of whatever legitimate point you may be trying to make, and are just plain rude.

2. I haven't posted anything recently because I don't have any real news.

I presented the plan to PAC last week, and did a follow-up this week to answer questions they had. I've copied what I presented to PAC below. (The formatting is a bit goofy. I copied and pasted from Word.)

I'm waiting for Dr. Sethna's decisions on two points:

  1. Should we have a CIO?
  2. Do we move ahead on the functional organizational structure?
The discussion in PAC about the CIO issue was strongly pro-CIO, with the discussion echoing much of what's been said on this blog and at our meetings.

I'll post what I hear as soon as I hear something.



---------------------------------------------------------------------------------------
---------------------------------------------------------------------------------------

IT Reorganization Issues

PAC
October 23, 2007

I. How does the proposed plan address the IT audit?
• Audit item #1
• Assign “responsibility for Information Technology to a single individual or limited group and giving the individual or small group the authority and responsibility to coordinate and manage funding and resources.”
• The directors of Infrastructure Services and User Services would be assigned this authority and responsibility, under the direction of their executive officer. This would address concerns that “no effective IT governance structure in place to coordinate and ensure the best use of IT technology across the University… Cooperation between many of the various IT groups within the University was very poor.”

• Establish “a single University department (i.e. Office of Information Technology)” and designate “a Chief Information Officer to coordinate and be held responsible for the status of Information Technology at the University.”
• This is a biggie. See discussion of this issue in section II below.

• Establish “the long term strategic direction for Information Technology at the University in consultation with various units of the University.”
• The functional units would have the technical expertise to inform this discussion, with less of a tendency to be swayed by the parochial and turf-protective concerns that often dominate in the current organization. Techies should not, of course, set the strategic direction; they should only provide technical advice.

• Create “a formal definition of the charter, roles, and responsibilities of its information technology function.”
“Develop an annual one-year tactical plan that can be tracked and monitored based on a well researched and documented strategic plan.”
Develop “an overall Information Technology budget.”Create, publish, and monitor “standards and procedures for the implementation and administration of information technology across campus.”
• Tactical planning, up-front IT budgeting, and adoption and enforcement of standards and procedures would be more feasible with functional alignment of IT resources and staff, which would allow:
- Clear definition of roles and responsibilities
- Reduction in overlap and duplication of duties
- More streamlined communication channels
The Service Management Administration subunit in User Services would be charged with documenting and monitoring these plans, budgets, standards, and procedures.

• Define, implement and maintain “key common components of the University’s information technology infrastructure i.e. networks, critical network servers such as name servers and directory servers, mail servers, virus signature servers and others.”
• Servers will be administered by the Infrastructure Services group, with appropriate access made available to both User Services staffers and the rest of the University.

• Audit item #2
• “Management should ensure that an IT policy framework is developed which encompasses campus wide IT requirements… Where required, specific procedures and standards should be developed by individual operating units to suit their individual requirements.”
• The Infrastructure Services and User Services groups would:
- Provide technical information in their areas of expertise to PAC, the TPC, and other University committees charged with developing policy.
- Develop technical standards and procedures to meet campus-wide IT needs.
- Work with users to develop standards, and procedures with local application. In particular, this would include development of service-level agreements (SLAs).

Having a Service Management Administration subgroup charged with coordinating, documenting, and monitoring policies and procedures would facilitate UWG’s adoption of IT best practices, as recommended in the audit’s executive summary.

• Audit item #4
• “Management should consolidate [network support servers and] services were possible.”
• The Infrastructure Services group would maintain the servers and provide appropriate access to these services. They and the User Services group would develop operating level agreements (OLAs) to define their responsibilities toward each other, including the process and timeframe for delivery of the services. This is an area that has great potential for improvement in service in directory services and user authentication.
The issue addressed by this item – duplication of effort, resources, and services – applies to IT services other than those involved in network support. Grouping IT staff and services according to function rather than by administrative units would lessen the need for such duplication, highlight it where it exists, and remove the bureaucratic impetus to encourage it.

• Items #5 and #6 addressed system backup and recovery procedures. Disaster recovery practices in the distributed units are inadequate. Placing responsibility for server administration in the Infrastructure Services group would let us address this issue.

• Items #3 and #10 - #16 address concerns with security and logical access to sensitive data. The proposed structure responds to concerns like these in four ways:
- Moving the Information Security Office out of an operational IT unit and giving it a direct reporting line to the President to give it more authority and credibility.
- Consolidating server administration in the Infrastructure Services group.
- Increased emphasis on service management to stimulate adoption of standard practices like change management, configuration control, version control, and IT asset management.
- Separation of duties between Infrastructure Services and User Services to better regulate privileged access to servers for those not charged with server administration.

II. CIO?

• The auditor recommended that UWG establish “a single University department (i.e. Office of Information Technology)” and designate “a Chief Information Officer to coordinate and be held responsible for the status of Information Technology at the University.”

• We discussed four leadership models at the last PAC meeting:
1. CIO, reporting to the President and a member of PAC
2. Executive Director of IT, reporting to the VPAA and not a member of PAC
3. Directors of Infrastructure Services and of User Services, reporting to the VPAA and not members of PAC, with the UTO remaining only as a transitional position.
4. UTO, reporting to the President and not a member of PAC

• The models differ on four dimensions:
1. One IT head or two.
2. Reporting line: to the President, or to the VPAA.
3. PAC member or not.
4. Hired specifically for the position, presumably after a national search, or is the UTO.

• Each of the models has advantages and disadvantages, which I am happy to discuss.

• We could consider variations, like an Executive Director of IT reporting to the President.

• I make two strong requests:
- If we decide on one IT head, we should do so after a national search, for these reasons:
-- Lack of baggage
-- Credibility
-- Skill set

o Whatever structure we adopt, we must move the Information Security Office out of an operational IT unit and give it a direct reporting line to the President

III. Some things we need in IT, with or without a reorganization

In no particular order:

- Increased emphasis on:
customer service
service management
security
tactical planning
accountability
training for both users and IT staff

- A reward system for IT managers that encourages desirable behavior.

- Goal-driven, up-front budgeting

6 comments:

Anonymous said...

Quote: "A reward system for IT managers that encourages desirable behavior."

What about a reward system for IT people who actually do the work? Isn't the big salary the IT directors currently receive a reward? Their undesirable behaviour is what got us to this point.

Anonymous said...

Quote: If we decide on one IT head, we should do so after a national search, for these reasons:
-- Lack of baggage
-- Credibility
-- Skill set"

That is kind of rude on your part to imply that the current individual responsible for IT at West GA has no credibility and lacks the skill set to administer IT effectively.

Anonymous said...

That is kind of rude on your part to imply that the current individual responsible for IT at West GA has no credibility and lacks the skill set to administer IT effectively.

I agree with this statement.

It seems like every time the CIO/IT Director issue comes up, whether on the blog or at open meetings, Dr. Lloyd makes a point to assert that we have no one currently at UWG who would be capable of filling that role. I'm curious to know why Dr. Lloyd feels this way.

Mike Russell already heads ITS which puts him in charge of the campus infrastructure and user services for part of the campus. How is it that he wouldn't even be considered for the CIO position?

With the frequency that Dr. Lloyd has made this assertion, it appears to be a veiled insult directed towards Mike Russell. It also gives the impression that the SPA for this reorganization may be bringing a little baggage of his own into the process.

Anonymous said...

We had an IT audit two years ago. Majority of the problems were not fixed two years ago, so it is going to be fixed now after waiting for two years. We may have another IT audit soon, so Dr. Lloyd is going to hurry up and do a reoorganization before the IT auditor comes to campus, so he and the President get a "job well done" from the Chancellor. Apparently thats what matters. The auditor is going to be as confused as he was the first time he got here. All this is in my opinion is just a power play at the highest management level, and unfortunately the IT staff have to end up paying the price at the end. Even with all the quirks that IT has had at West GA, we always had stability. After the reoorg we will not have the same stability. If West GA ends up conducting a national search for CIO, Infrastructure, User Services, or whatever other positions that they choose to post for, when you bring people from the outside, they bring with them their own management styles and strategies which might sometimes prove to be effective or not. So we are going to see one shakeup after the next, that is if majority of us are still here.

Anonymous said...

"With the frequency that Dr. Lloyd has made this assertion, it appears to be a veiled insult directed towards Mike Russell"

I agree. When the IT audit took place, Mike was the new kid on the block. He is getting punished now for an audit that happened a few years back. He can't make miracles happen. Sometimes you can only work with what you have.

Anonymous said...

An empowered organization is one in which individuals have the knowledge, skill, desire, and opportunity to personally succeed in a way that leads to collective organizational success.

- Stephen R. Covey, Principle-centered Leadership