Wednesday, October 23, 2002

Wrap up

Winter Meeting is in Augusta at Radisson

More details to follow (Jan 22,23,24)

Lisa, Doogie, et al -- working on support model.  (e.g. number of fte's per number of work stations)

 

 

comment [] 11:33:23 AM    

Security Report -- Jeff Crabtree

Three areas coverd

  1. Explore concept of managed security services
  2. develop prioritization list for acquisition of security tools
  3. explore the concept of security self-asessment procedures that might be deployed inedependently

Jeff provided a handout and CD

Proposal made for an information security extension service....

More details coming in January

 

 

comment [] 11:05:25 AM    

Introduction of IT Auditor and Development of IT Auditing...

Ron Stark and Scott Woodison

Ron introduced Scott and his quals...

IT Audit role:

  • System-wide role (5 miles wide and 6 miles deep)
  • Conduct Risk analysis of IT systems
  • Create IT audit model focusing on high risk areas
  • Condict IT audits and report results
  • Training audit staffs
  • Assist IT staff where appropriate

IT Audit Customers

  • BOR
  • Institutions
  • Systems Office
  • Consilidated ERP
  • Audit staffs

Areas of Focus

  • Policy
    • Drives architecture
    • required for succesful ops
    • level depends on institution and level of risk
    • standards should be developed
      • hardware
      • software
  • Security and Privacy (in paper by Scott)
  • Continuity planning and disaster recovery
    • id of mission critical systems
    • backup and recovery plans and procedures
    • incident response plans
    • system wide support capabilities
  • Application and System Development
    • Implementation procedure
    • Problem management
    • change management
    • capacity planning

Need to see if we can get ____ book and make available

John Mullin points out that business processes are also affected by security requirements and concerns.

Ron -- key to Scott's success will be preaching, teaching and coordinating.  We can't do it all.

Randall -- we are trying to determine what level the bar must be set.  Board is concerned on several of these issues.  We are looking at you for feedback...

 

comment [] 10:47:14 AM    

USG 123 -- Bill Bowes and Ray Lee

Following this link to view the options.

comment [] 9:45:28 AM    

Business Services Deployment/Best Practices - Bill Bowes

Best practice -- use technology and business practice to enhance performance

Discussed varous best practice model

Discussed possbility of creating best practices website

  • creating a competitive annual best practices program
  • Announce competition rules in January
  • Submissions in April-May
  • Appoint a cross-functional review committee
  • Develop a criteria..
  • Small award of $10k - 3 to 5 per year
  • award recipients present to board

Business Services Deployment

Are there options such as consolidation or regionalization of services that would result in improved services, productivity, etc

Strategy

  • IT Strategic Plan
  • RFP Process
  • Menu of Options : e.g. purchasing consortia to merging of financial/admin functions
  • Schedule: mid-year progress report, may presentation of options

 

What's been the feedback from CBO's?  Not a lot.  Folks holding back to see what its really about.

 

 

comment [] 9:15:43 AM    

Gartner as a Resource

Tom Maier and John Mullins

  • OIIT maintains a contract
  • Provides for:
    • Access to website for research
    • Gartner Updates
    • Call to analysts
    • Audio Conferences
    • Meetings with analysts
    • Conference Speakers

Go to ACIT webpage to use

If you see a report you want, don't pay for it per the site, call us to help...

John -- discussing GT use of site

  • Joint venture by OIT and Library (library does the support)
  • Provides services to students, faculty, and staff (we download their data to our server)
    • General access for gatech.edu to local server with weekly files from gartner
    • Custom access accounts too
  • Signed a one year contract and will evaluate then
  • we are in the rollout stage
  • users to access form library home page

 

comment [] 8:56:28 AM    

Remarks from Dan Papp

Budget -- sure everyone has heard rumors of another holdback after election.  All I can say is they are rumors.  But I suggest you be frugal.  We hear its anywhere from 1 to 5 percent.  If you have expenditures that can be deferred, defer them, slow down projects that may have otherwise kicked off.

GTA -- we still have pretty good relations.  CCOP remains out there.  Nov 15 is due date.  Pure speculation on my part , would not be too surprised that this gets deferred once again.

In December USG will get its report card from OEA.  The four primary measures are graduation rates, retention rates, Regents test rates and licensure pass rates (law, med, etc)...

We have not worked out final details on how these measures will finally be measured.  As an example, while most of world consider 6 year and 3 year retention/graduation rates, OEA wants to use 2 and 4 year rates.

Regents Information and Instruction Technology Meeting continues to meet.  Strategic planning has been presented and Regents are favorably impressed.  Randall and Regent Coles and I will be sitting down in three weeks to talk about issues the Regents may want to be apprised of over the course of the coming year.

 

comment [] 8:45:02 AM    

  Tuesday, October 22, 2002

Enterprise Applications -- John Graham

Talking of SSN/ID outbound and inbound processes

There are not reasonable substitutes in particular instances -- like w-2s, etc.  Not going to stop using ssn where appropriate and won't stop collecting them for the same reason.  It will remain a required data element.

But, we do need to curtail inappropriate use.

Beth Brigdon -- one educause session talked of managing this issue, especially when working to get away from the ssn as a student identifier, is not unlike a Y2K project.  Expensive and tedious.

Much discussion on global identifiers and whether solution is system wide or on a campus by campus basis.

ACIT concerns on cost implications of such a move... and whether administrators have considered that...

John then discussed blanket service contracts

especially for oracle and peoplesoft services.  So he handed out a working draft of such an agreement and asked for validation that this draft anticipates the kind of needs for individual campuses.

Will be applying tax table upgrades after first january paycheck

Datawarehouse

Parallel collections expected by July 03

Have offered a supplemental 03 request to expedite human resources and be operational by June 04

He's out of time now

 

 

comment [] 4:30:18 PM    

ResNet -- John Scoville

Trying to tie privatized housing into campus resources, especially through third party, is difficult.  So, by segregating traffic into a port on our net, we can rate limit and price out such service.

So, we do have a model with GSCU which everyone is welcome to look at. 

Thursby -- you should make sure there is an acceptable use agreement with the students which allows you to discontinue service if necessary.  Without it, you have liability exposure.

 

comment [] 3:17:17 PM    

IT and the Construction Process -- Linda Daniels, Vice Chancellor Facilities

Jim Wolfgang commented on the new policy document created last year which put the IT checkoff into facilities planning...

Linda ...

If you are talking about IT and Construction -- you've missed the boat.  You gotta get in at the planning stage.

To make sure you are included in the process (even though policy requires you to be involved) -- "USG buildings and grounds .... Each campus shall employ ... concepts... and flexibility to include evolving technology."

Another resource - USG Master Planning template (on web)--  has rigid structure -- under infrastructure/communications --- IT folks are required to be a part of the planning process...  and communication as a part of infrastructure is discussed and budgeted for...

If your only exposure to the master plan is a campus map, well... 

Good news is that campus master planning is an iterative process (either updated or completely revisited).  So, you gots your chances...

Tom Maier passed out a handout summarizing the steps of the construction process.

Linda ...

Pre-planning documents is not on the web but will be soon... after we consolidate and will pursue in January...

The pre-planning document requires technology considerations -- at the time of programming.

Make sure you talk to those involved in the process.  If you get stonewalled, call Linda's office, to find your program manager and we will make sure you are included in the process.

Regarding privatized housing...

"we are in an entreprenurial stage".  No rules, yet.  Would love to see dialog opened up.  But, somewhere down the road, research is moving towards privatization, especially if a revenue stream is involved.  So, these research buildings may represent the biggest problem in the future as you are at the good intentions of the foundations.

Wolfgang -- wants to meet with Linda between now and winter meeting.  And will want Linda and program managers to come to the winter meeting.

Linda wants three campus reps at her next conference.

 

comment [] 2:34:45 PM    

Contracts -- Robyn Crittenden BOR Legal Affairs

A review of contracting procedures.

Comments assume you have gotten the requisite approval per procedures outlined by the USG CIO.

If your campus follows Department of Admin Service procedures, those are being changed - so expect the ripples to follow.

Any kind of agreement is a contract.  License, service, consulting, whatever.  The details need to be clear.  Duties and responsbilities for earch party.  And, of course, you want to shift as much risk to the other party as possible (but that is a negotiating item).

Once details are known, plug into standard agreements as applicable.  There are lots of vehicles available as well as a multitude of resources.  Call for details.

Make sure you have proper signatories (or someone could be paying from their own pocket).

Some red flags to look for...

  1. Indemnification -- we never hold harmless other parties.  They must indemnify us...and don't let the party to try to take full control of representation since by law only the AG is our attorney.
  2. Statute of Limitations -- some parties try to limit when cause of action is brought to terms less than the law allows -- so don't do it.
  3. Governing Law -- never agree to any provisions except to Georgia Law.  (This means a UCITA or shrink wrap license would contradict this).
  4. Contract Terms -- one year -- can't obligate future monies as only the legislature can do that and it is only a one year budget.  But, if you have the funds now, you can have a multi-year commitment.
  5. Arbitration/Mediation -- Says disputes can be resolved this way.  But, that takes away from AG to settle.  Also puts decision into third party's hands which you are not permitted to do, unless it is non-binding.  Also are some traps as to how costs are split... We don't agree up front to pay for someone else's legal fees.
  6. Insurance -- you want to run these provisions through your procurement and you want to make sure the vendor has sufficient insurance.

Some key terms you want to include/consider

  1. Appropriate and Necessary -- we are stewards and need to exercise proper due diligence
  2. Reasonable and Feasible -- make sure vendor is capable (whatever measures are appropriate may apply), consider legal, political, budget and other implications
  3. Policies and Procedures -- both campus and USG policies must be followed
  4. Duration is important
  5. Scope of Work -- one of the most important pieces of the contract.  Dates due, quality of work, expectations, etc are all spelled out here...
  6. Maximum dollar amount - must be there -- be sure to max travel
  7. Warranties -- make sure risks are shifted properly
  8. Termination -- we argue for convenience on our side with appropriate notice.  With licensing agreements paid up front, we try to get pro rata return (if you don't receive it, it is gratuity).  be careful giving other party the convenience clause -- you may have paid them for work/services not received should they not finish.
  9. Revisions and Amendments -- must be done by original signatories.  Big changes to scope of work
  10. Breach -- usually in termination provisions

Question -- what about Assignments?  A - require written approval by you...

comment [] 1:40:02 PM    

Campus Computing Surveys

Jim Wolfgang and Kris Biesinger are discussing the Campus Computing Survey conducted late summer of USG institutions.  Kenneth Green, The Campus Computing Project was contracted to do the survey and will discuss at the meeting in August (when? December 10).

Kris is discussing the survey results (nationwide) which were discussed at Educause in Atlanta.  USG institutions that were used to benchmark at the other campuses are available through the link.

Benchmarking is limited because individual (one on one) comparisons are not permitted as Green does not have permission to do so.

Kris asked for institutions to identify questions that were either confusing or may not have applied in a particular campus context and send them to Reid Christenberry.

USG system questions are being compiled and will be prepared for the January meeting as well.

Jim Wolfgang says Green will discuss how institutions use the results of the surveys.

comment [] 1:25:16 PM    

Bloggin the ACIT Conference

There's about 45 folks and we have wireless connectivity -- but, I'm the only one blogging.  Course, that is one of my missions here, to introduce the topic and see what the reception might be to creating a system wide blog community. 

The agenda will be fast paced.  Lisa Spence, Georgia Southern, is taking notes and perhaps she will share them with me to post later.

 

comment [] 1:23:18 PM    


© Copyright 2004 Jim Flowers .
Last update: 7/12/2004; 4:26:36 PM .

Click here to visit the Radio UserLand website. Valid CSS! Subscribe to "ACIT" in Radio UserLand. Click to see the XML version of this web page. Click here to send an email to the editor of this weblog.

Technorati Profile