Content

University E is a large, research intensive university with a worldwide reputation made up of a confederation of Colleges, Faculties and other institutions with over 18,000 students.

Strategy

The University functions with a relatively small central administration and with central bodies consisting of, and mainly elected by, the current academic personnel of the Faculties and Colleges. At the time of the pilot a University-wide consultation on a new Learning and Teaching Strategy has been launched and, closely coupled with this, work has begun on an E-learning Strategy.

The overall governance of information systems within the University falls within the policies of the Information Strategy of the University, which states “The University…. is a knowledge-based institution par excellence. The raison d’être of the University is to be devoted to the maintenance, development and advancement of all principal branches of scholarly knowledge within an environment which demands the highest attainable level of academic standards in teaching, research and the wider dissemination and exchange of knowledge and information. An Information Strategy should support this objective and become a key component in the overall strategy for the University itself.

The University is also a complex institution in which decision-taking is both diffuse and devolved, a reflection of its self-governing and democratic status. The overall objective should be that information systems are managed in such a way as to maximise benefit to users, whilst achieving an acceptable level of ease of maintenance and cost over the long term. The strategy is being developed with express intent of putting the users’ needs and aspirations first, rather than attempting to construct a “top down” approach.”

These general principles are taken to apply to apply to the management of all information systems within the University, whether scholastic or corporate, although it should be recognised that the University comprises many independent, self- governing institutions which are empowered to proceed independently, if they so should wish. However, in recent years, there has come a widespread recognition that ease of use for the individual user has become a defining characteristic of information systems of all kinds and this, in turn, leads to the development of “common” systems, rather than individual “stand-alone” units, and for effective interfaces between them.

The Information Strategy Group

The Information Strategy Group was established in 2001 and was responsible, inter alia, for supervising the production of the Information Strategy, the detailed preparation of which was delegated to an Information Strategy Task Force, set up for the purpose chaired by the University Librarian. The work of both these bodies has since developed, the former taking on a supervisory role for all major projects and service delivery, to which the individual Project Boards report; and the latter working as semi-informal clearing house for early conceptual thinking in the information management field.

The Information Strategy Group is responsible to the Council and the Planning and Resources Committee (PRC), when a financial allocation is required, for ensuring that all information systems proposals are consistent with the overall Information Strategy of the University. As is indicated in the responses to the JISC Questionnaire, below, the University now intends to amalgamate the current Information Strategy Group with the longer established Information Technology Syndicate into a single supervisory committee of the University – the Information Strategy and Services Syndicate (ISSS)

Thus there will be, under the aegis of the Council of the University a unified framework supervising the development of the Information Strategy (IS), comprising the ISSS (& PRC for finance), the ISSS for the direction of the strategy, ISTF for conceptual development, and the sub-ordinate project boards for new systems development and initial implementation. Line managers, primarily, but not only, the Directors of the Management Information Services Division and University Computing Service are responsible for much day-to-day service delivery and their divisional strategies and delivery performance is are monitored by the ISSS.

The responsible information system officers of the University, the academic Departments and the Colleges are all represented at all levels in the decisions process. By convention, Heads of Houses (Colleges) are invited to chair all these committees other than the Council, PRC and ISTF. This arrangement ensures that representatives of all the components of the University have a voice in, and can contribute to, the decision process.

It should be noted that, notwithstanding the “federal” nature of the University, consultation and co-operation increasingly characterise the management of information systems at this University. Although the response to this self-assessment exercise amplifies the above description, it concentrates in detail on the four major corporate systems of Finance, Grants Management, Student Information, and HR & Payroll, the above governance model is being systematically extended toward telecommunications, archiving, communications (the Website) experimental data capture and collection. Thus the governance of information systems is being regularised but is following a path which recognises the value of independent initiative and devolved administration in information systems management in a complex institution such as this University.

The Review Process

Section 1- Preparation

Which Information Systems should be included in this Exercise?

The Institution concluded that all major systems should be included i.e. those that are critical to core business: Finance, Grants Management, Student Information, HR and Payroll. Under the present structure a wider assessment would not be a practical proposition and this constraint is further considered in Section 3: Planning Improvements

What Investments should be considered significant?

The University took the view that investments of £1m or greater would qualify individually, and that groups of small projects adding up to such commitment could be reviewed collectively and should be governed consistently. The University was undertaking substantial strategic investment at the time of the self-assessment and so the risk level was considerable. It is reasonable to assume that smaller scale projects should be governed by similar principles, but with a much lighter touch and possibilities for this are considered in Section 3: Planning Improvements.

Who will be responsible for conducting the exercise?

The Director MISD was tasked with this initially. While it was recognised that his scope of responsibility was a subset of the overall University IS/IT commitment, widening the exercise would be considered in the light of lessons in the first iteration. It would be appropriate to consider a similar piece of work within the areas of responsibility covered by the University Computing Service.

Who will review the self-assessment?

Under the University’s existing governance arrangements this task will fall to the Information Strategy Group (ISG), a Committee of Council.

Section 2 – Self-Assessment

The University then undertook an institutional self-assessment, using the ISMG self-assessment questionnaire

Section3 – Planning Improvements

Having completed the self-assessment the University then started to plan improvements as follows, to address areas of perceived weakness.

Governance

The assessment in Section 2 shows that much of the good practice recommended is already in place. However the University’s organisation structure as a self governing community of Scholars presents some unique challenges.

We propose now to combine the IT Syndicate and the ISG into a single body to be called Information Systems and Services Syndicate (ISSS). The title is chosen to reflect the intention that University will continue to permit a high degree of flexibility in local choice of technology within all institutions, but endeavour to set light touch but effective standards so as to maximise interoperability and accessibility to systems. The title also reflects a growing emphasis on service provision rather technology supply in the context of strategic planning.

We believe that step represents a natural evolution of current arrangements and that it will contribute effectively in co-operation with other bodies (notably Audit Committee and Planning and Resources Committee) to furthering good practice in Vision, Alignment and Assurance.

Resources: People

The UCS provides an effective focus for the development and training of technical staff through regular networking and through specific institutional liaison arrangements. The University therefore believes that it has sound arrangements for supporting training needs. We do not consider that we do as well in supporting training records and planning, nor do we do well in the training of staff such as Business Analysts.

The University is implementing a modern HR and Payroll system and as part of the business process review training records and planning are to be addressed. A pilot scheme for Project Management Training has been successfully completed and will now be part of the general portfolio of Staff Development Training, this success is being followed by a working party to address Business Process Review and Development and simple guide has been produced to allow pilot work to commence.

Generally speaking staff turnover is low, remuneration and working conditions are consistent with good practice in the sector.

Application systems that are used by staff and students are well supported by training and help desk facilities.

Resources: Technology

Evidence of the good practice indicators is available in many institutions and in the case of key business systems are comprehensive except in respect of the business operational aspects of business continuity and disaster recovery.

The University plans to focus on operational business continuity and on the consistent application of good practice across all institutions. The focus for this is provided by the policy decision made by the IT Syndicate that all institutions must be supported by UCS or MISD unless they have a level of skill and resource such that they can independently follow the same policies and good practice.

Resources: Finance

In this context (and indeed others) it is not really appropriate to consider the University to be a single institution, it is rather a federation of institutions with a level of common interest.

Within the context of financial planning and regulation a high degree of autonomy in technology and purchasing decisions is enjoyed by all member institutions. There are no plans to change this, but mechanisms for ensuring that value for money is achieved are policed and enforced through financial regulations and internal audit. Both UCS and MISD provide a focus for effective use of preferred supplier arrangements for commonly used products and services.

The University plans expenditure and revenue on a rolling five year basis and this helps to focus decisions on cost of ownership on a whole life basis. The University’s procedures for business case preparation also focus on whole life cost of ownership.

Organisation: Structure

The University is and will remain a highly devolved structure, but the central bodies have effective methods for determining policy and increasingly effective methods for measuring and reviewing service delivery performance and risk.

These bodies also review the Management arrangements for the key delivery units (i.e. UCS and MISD) from time to time.

Organisation: Policies and Procedures

In this context the University has well ordered processes for policies and the basic disaster recovery needs are dealt with and risk assessed. The University is aware that more detailed work is needed on Disaster Recovery and Business Continuity to achieve a higher level of consistency.

Moreover the University believes that more formality is needed in the procedures for ongoing service delivery and the Six Sigma model has been considered and rejected and ITIL is now under consideration.

Organisation: Decision-making

The University has a well developed Capital Projects Process (CPP) and IT projects use this process alongside other major investment programmes such as land and buildings. The process is presently being reviewed and updated.

We are aware from recent work that more effort is needed to make dispassionate and measurable business cases and that this is a necessary precursor to effective post project implementation evaluation of benefits realised. This work continues and is sponsored primarily by PRC and Finance Division.

Services: Systems

The University has a well ordered and documented architecture for business systems and is co-operating with UCS on the development of infrastructure to support the architectural aims. The key aims are of the architecture in the context of user experience are summarised as follows:

Systems should be access agnostic (i.e. they should not require any special facilities on the user’s access device) and meet good practice in presentation for accessibility.

Authentication and authorisation should follow emerging standards for identity management.

Systems should interwork rather integrate.

The University routinely uses the nine criteria model for evaluation of investment.

Services: Projects

The University uses a PRINCE 2 style model for Project Governance that is close to the JISC Infokit approach referred to in the tool set document.

At present work is in hand to develop a Project Office so as to capitalise on the good practice and lessons learned from the two major recent implementations in Student Systems and HR Payroll Systems where a number of methods of review and reporting and risk assessment were trialled.

The Project Office will now take the most successful elements of this work and standardise their use through templates etc. across the MIS scope.

Services: Service Delivery

This area is a current priority for University. Some work has been done on Service Level Agreements (termed Service Management Plans at the University) and regular reporting of system availability and performance is undertaken. However it is clear that there is no systematic and consistent approach to service delivery and so ITIL is under active consideration as a suitable framework for achieving consistent levels of performance within a manageable overhead of procedural constraints.

Section 4: Implementing Improvements

Work in this area will commence at the end of January when the first of a series of workshops will take place to determine the University’s MIS Strategic Plan for the period from October 2007 to July 2012. It is clear that the approach to classifying and planning improvements needs work and the toolsets proposals will be tried out in these fora.

Section 5: Evaluation

This is an intractable area at this time, since the requirements established for recent investments were not set with detail and precision. There was good reason for this, since all the systems being replaced were beyond their useful life and so there were elements of “distress purchase” in the decision making.