P.O. Box 400217
Charlottesville, VA 22904-4217
VP/CIO Annual Report
In a world where access to information and communication technology is fully decentralized, where every device is potentially compromised, and where economics force a more strategic approach to sourcing, the job of managing technology is more about policy, architecture, contracting, efficiency, and relationship building than it is about hardware speeds and feeds. Accordingly, goals for the VP/CIO areas are organized around four themes designed to focus attention on the challenges and opportunities at hand:
- operational efficiency (2011-12 Progress | 2012-13 Goals),
- architecture and policy (2011-12 Progress | 2012-13 Goals),
- security (2011-12 Progress | 2012-13 Goals), and
- strategy (2011-12 Progress | 2012-13 Goals).
Progress on 2011-2012 Goals
Improve central IT's operational efficiency:
- In collaboration with Indiana University, Cornell, and EDUCAUSE,
refine and apply Indiana University's cost
of service framework to assess and benchmark UVa's costs of central IT services.
Status: In December, the consulting firm WTC concluded an analysis of FY11 (Fiscal Year 2011) actual transactions across all areas reporting to the VP/CIO. Expenditures and revenues/recoveries were categorized by activity, and allocated across 62 lines of business. Efforts during the second half of the year focused on shaping the IT Cost of Service framework to best meet the needs of our institution. Our goal was to ensure consistent reporting across functional areas, and to add or combine lines of business to better represent services from the customer's perspective. The report for FY11 is now complete — allocating actual transactions across 50 lines of business. Progress reports were provided to Indiana University and Cornell throughout the analysis and the revised FY12 framework will provide the basis for comparing a select number of key service areas with Indiana University.
- Develop a catalog of central IT services that reflects an improved understanding of the
costs associated with those services.
Status: An enhanced ITS services catalog, which has been mapped to the Cost of Services and includes targeted service levels, was completed.
- Develop service level targets with stakeholders and customers and improve mechanisms to
monitor and maintain service level agreements (SLAs).
Status: Current SLAs have been inventoried, and over 70 individual SLAs were finalized this year. These cover a variety of services, primarily in the application support area, but also for contract server work and for space in the University Data Center.
- Make substantial progress in developing the new Project Management Office and demonstrate
increased reliance upon project and portfolio management practices.
Status: The Project Management Office (PMO) was established. In its first year, the PMO completed the coordination of a Project Inventory for the VP/CIO area, developed and published an online Project Management Toolkit, established a volunteer mentoring network for the VP/CIO area, and developed processes for initial Project Prioritization and Portfolio Management. Four staff training classes related to Project Management have been developed and have begun to be offered to the VP/CIO staff.
- Enhance our ability to ensure services and projects are aligned with University priorities.
Status: Starting with the UVa Statement of Purpose and VP/CIO strategic statements, ITS developed a new mission statement, values statements, and balanced scorecard goals, objectives, and metrics that are aligned with University priorities. Projects have been inventoried and a prioritization of the project list has been done.
Continue to modernize our enterprise architecture and IT policy framework:
- Modernize the University's Voice Communication Infrastructure
Over the next 12 months, we will finish negotiations with the vendors of the various systems involved in the procurement, develop an implementation timeline/project plan, and begin implementation of the selected systems.
Status: Contract negotiations have taken longer than anticipated due to a variety of factors including the complexity of the contracts and delays associated with multiple management changes at a key firm. Many months of negotiation time were lost. We are moving forward along a path that will achieve our goals through the use of a larger number of contracts than originally anticipated.
We presently have two of the three most critical contracts in place. The first contract provides the University with dedicated fiber optic cable from Charlottesville to Northern Virginia enabling the University to make significant enhancements to our external network connectivity, especially for research use, with minimal additional investment. The second contract is for Trunking (how we connect to the national telephone infrastructure) and is a key component of our longer term voice strategy to move to more modern technology. The final agreement, for the main voice telephone call control system, is nearing completion.
The delayed contract negotiations enabled us to alter our overall project plan to move forward with the upgrade of the University data network prior to the start of the installation of the new telephone system. The original plan had called for much of the network refresh being completed in parallel with the telephone system installation. Completing much of the network upgrade prior to the telephone system installation will reduce overall project risks and hopefully enable the installation process to move forward at a more rapid pace.
- Identity Management
Our primary efforts during the coming year will focus on finalizing and, pending resource allocation, implementing the Phase 1 recommendations of the Identity Management Steering Committee.
Status: This project is taking longer than expected. Discussions with key stakeholders proceeded during the Fall semester. Identity Management Steering Committee meetings during the Spring semester focused on newly uncovered process interactions with central business systems that would complicate existing plans. Possibilities for alternative next steps are being discussed.
- In partnership with the Office of the General Counsel (OGC) and Procurement, address
the compliance challenges posed by the consumerization of IT.
Status: Universal language addressing security, privacy, intellectual property rights, and mandatory contract terms and conditions for inclusion in vendor master agreements and purchase orders for cloud services and shrink-wrapped software was developed and is being implemented in current and future procurements. A draft policy and set of procedures that outline employee and University responsibilities as they apply to consumer and cloud-based software and services have been developed and will be moved through the policy review process in Fall 2012.
Continue to strengthen IT security:
- Prioritize the key tasks from our Network and Application Security Addenda Request
and create a revised project scope that matches the addenda funding that was provided.
Status: The revised project scope was submitted and the project adjusted to match the available resources, primarily by extending the timeline to accommodate the constraints of fewer funded fulltime employee (FTE). To date, the new network security tool (FireEye) and the scanning tool for network-connected devices (Nessus) have both been installed and tested. A phased production rollout is underway. We have filled one position associated with the revised scope and are actively recruiting to fill the remaining two positions. The revised timeline calls for technical solutions to be implemented and production rollouts to be underway by July 1, 2013.
- Complete remediation of highly sensitive files found in 2010-11 on general-purpose storage
servers and search and begin remediation of additional locations where legacy files might be stored.
Status: Remediated 84 percent of potential highly sensitive data (11 million of 13 million SSN pattern matches) identified on two general-purpose storage servers in 2010-2011, and are actively working with the department administrators on the remainder.
- Complete assessment of sourcing and funding options for achieving compliance with Payment
Card Industry Data Security Standards.
Status: The compliance strategy agreed upon at the executive level was to 1)change business practices to the extent possible to minimize PCI-DSS compliance concerns, and 2)to engage a consultant, paid for by affected departments, to assist with this work. The consulting engagement has commenced and remediation plans are being developed and carried out.
- Establish a community of key individuals with institutional data management
and compliance responsibilities for the purpose of enhancing communication
and collaboration among them.
Status: A comprehensive review of data governance best practices, both within and external to the higher education sector, was completed. A draft of the revised data governance policy based on this review will be completed by the fall. Work to reaffirm/update data steward appointments (the data management/compliance community) continues.
- Building on records management successes over the past 2.5 years, we will
a)continue work to automate the currently paper-based process that certifies the
destruction of public records;
b)facilitate the movement of paper records to secure storage by establishing
contracts with approved storage vendors; and
c)develop standards for trustworthy electronic records to be incorporated into the
design of new systems.
Status: a)Project scoping and a cost estimate for automating records management and destruction processes have been completed and a vendor software solution has been selected; implementation awaits funding; b)Records storage agreements with vendors have either been completed or are in final stages (multiple vendors); and c)Trustworthy system standards are in draft format being reviewed.
Continue to invest in strategic initiatives:
- Work with the Library
1)to build a multi-institutional partnership to create an appropriately scaled and redundant
digital preservation archive;
2)continuing to develop tools that address the needs of scholarship in a digital age, and
3)developing UVa data management plans that are responsive to emerging funding agency
requirements. The prestige, cost avoidance, and grant funding opportunities across all 3
initiatives are significant.
1)Together with the library, we are leading the creation of two consortium-based preservation systems. First, we have recruited approximately 10 other universities to participate in the creation of APTrust, a shared preservation oriented deposit repository that will allow us to take advantage of the economies of scale that come with building shared large storage and digital preservation services. Second, we are leading in the launch of a national Digital Preservation Network (DPN). The goal of DPN is to create a preservation backbone that will ensure that digital objects subject to preservation are replicated across diverse software architectures, organizational structures, and geographic locations. To date, we have enrolled 54 institutions and have financial commitments exceeding $1M to support the launch. Internet2 is providing financial and accounting services and we are working with the Association of American Universities (AAU) to establish a robust governance structure. In the meantime, an executive committee has been established and the search for a program manager is underway.
2)ITS continues to work with the Sciences, Humanities & Arts Network of Technological Initiatives (SHANTI) to deploy additional tools integrated into Collab. During the 2011-2012 academic year, almost 1000 Collab sites used the Wordpress integration and over 1000 Collab sites used the Kaltura integration. During the Spring 2012 semester, pilots were conducted for the integrations of Confluence (over 30 sites) and NowComment (over 25 sites). ITS also conducted a pilot of the iRubric integration into the Collab Gradebook (6 sites) in conjunction with the Office of Assessment and Studies and a pilot of electronic textbooks (8 courses) in conjunction with Internet2, McGraw-Hill, and Courseload. SHANTI continued to develop JUXTA (a textual comparison tool) and the ZOTERO bibliographical management system, and created a solid basis for a pan-University Drupal Farm (an open source Content Management System).
3)APTrust and DPN will provide a foundation for developing data workflows (i.e., data storage, deposit, retrieval, and access) and research management plans that should give our researchers competitive advantage when responding to the emerging requirements from funding agencies and our humanities faculty a foundation for creating new and sustainable digital scholarship.
- Continue to work with Internet2, Berkeley, Indiana, and other premier institutions to
acquire, test, and implement cloud-based technologies.
Status: Hilton and McPherson continue to serve on the steering committee for the Internet2 Net+ Initiative, which has expanded from 3 to nearly 20 vendors in the past few months. UVa successfully completed the Phase I eText Pilot, and plans to participate in the much larger Fall 2012 Pilot. The Indiana-led high performance computing (HPC) cloud effort is in production.
- Leverage economies of scale by collaborating with MidAtlantic
Terascale Partnership (MATP) to improve regional network capacity,
participating in Gig.U to pursue gigabit access for faculty, staff,
and students living
near the University, continuing to participate in the leadership of Internet2, and closely observing
and participating where appropriate in the evolving mission of National
Lambda Rail (NLR).
Status: Hilton continues to serve on the Internet2 Board of Directors and as Chair of the Governance and Nominations Committee. McPherson continues to serve on the Steering Committee for Gig.U, which is in Phase II (community-level discussions with providers about next steps). Gig.U has been an invaluable part of the national conversation about broadband and economic development, and UVa has been seen as a leader. We are in the final stages of transitioning MATP to an independent 501c3 status. By decoupling MATP from Virginia Tech, we open opportunities for building a more robust shared regional network infrastructure, enable more effective participation in national R&E Networks, and create legal mechanisms that better enable public/private partnerships.
- Coordinate and provide infrastructure support for UVa's participation in the
that focuses on leveraging technology to: 1)improve teaching/learning efficiency, productivity
and quality, and 2)enhance the research competitiveness of the partner institutions.
Status: The 2 TelePresence rooms are operational and the Provost's office is coordinating teaching use of the TelePresence facilities. One course was taught using the facilities in the Spring Term (CHIN 4993 was offered from GMU with one student here at UVa) and one is planned for the Summer (PLIR 3500, Special Topics in International Relations, Intelligence Analysis, is being offered by JMU, with three students here at UVa). For Fall, a half dozen courses in the languages and engineering are being evaluated for suitability and demand. The Research competitiveness has been successfully launched, with three major events shared between the 4-VA partners using the advanced video infrastructure. In addition, we are promoting use of the 4-VA collaboration to foster more interaction between the faculty at the four institutions through online collaborative team meetings, coordinating activities of research administration groups, and facilitating interaction with funding agencies and grant monitors.
- Continue support for the Commission on the Future of the University (COFU) initiative
focused on computation intense research and scholarship. In the year ahead we will:
1)continue to enhance our digital infrastructure capacity/use; 2)enhance our high
performance computing capacity/use; 3)build the culture around digital/computational
inquiry; 4)provide direct support for computation intense projects; and 5)measure the
impact of these investments on funding support for computation intense research and scholarship.
1)As noted above, SHANTI has continued to pilot and deploy a host of tools that facilitate digital scholarship. In addition we are leveraging the 4-VA initiative to enhance the infrastructure required for increasing the interoperability between the new TelePresence rooms and our legacy and remote video conferencing systems. These changes should lead to significantly more use.
2)The expanded Cross-Campus Grid (XCG) resources now include clusters from Futuregrid sites and HPC cloud resources.
3)SHANTI and UVACSE (the University of Virginia Alliance for Computational Science & Engineering) engaged in multiple education and outreach activities with a combined participation that exceeded 500 faculty/students/staff. The year culminated in the UVACSE/VPR (Vice President for Research) sponsored a Big Data Summit which drew 169 registrants from 35 different UVa schools/departments.
4)SHANTI is employing the new Drupal Content Management system as a framework for organizing support for information–intensive projects and to support the needs of academic departments to manage their Web presence. UVACSE is currently supporting 27 Tiger Team research projects (from 6 departments in the College, 6 in SEAS (School of Engineering & Applied Science), 3 in SoM (School of Medicine), 2 in Curry (School of Education), and 1 in Architecture);
5)From Office of Sponsored Programs (OSP) data, the number of computational research projects funded by external sponsors was: 154 in 2010-122, and 260 in 2011-12 (through April 2012).
- Provide support for the development of the new University financial model. While the
specific form of the new model has yet to be established, it is clear that any new model
will require significant investments dedicated to enhancing/creating new reporting mechanisms.
Status: A working group has been established that is looking at the financial reporting requirements that will accompany the new budget model and the implications those requirements have for our existing enterprise systems. The group is chaired by Hilton and reports to the NIFM Steering Committee.
Goals for 2012-2013
Improving central IT's operational efficiency — We must run our services efficiently and be judged by the metrics of predictability, cost, and value. In the year ahead we will:
- Cost of service: Refine and apply UVa's cost of central IT services framework to provide meaningful data informing decisions around the catalog of central IT services. In collaboration with Indiana University, identify key central IT service areas to benchmark.
- Catalog of services: Work with governance and other advisory groups to refine the catalog, ensuring that we are tracking costs for key services through Cost of Services, and for some services, develop optional offerings for increased service levels.
- Service Level Agreements: Expand the number of SLAs published and the number of SLAs negotiated with specific customers by 20 percent.
- Enhance the project management capabilities in the VP/CIO areas: Evaluate the need for a more automated project inventory mechanism. Establish contact with other PMOs within the state and participate in periodic meetings and assess best practices.
- Continue to enhance our ability to ensure that services and projects are aligned with University priorities: Expand involvement of stakeholders/governance/advisory groups in the project prioritization process. Update the balanced scorecard to include fiscal year 2012-2013 initiatives.
- Improve our ability to deliver predictable services and achieve promised service levels by formalizing IT service management with ITIL (Information Technology Infrastructure Library) best practices: Educate the organization on ITIL; develop a roadmap for ITIL Lite implementation; and implement the most cost effective components of ITIL.
Ongoing modernization of enterprise IT architecture and policy—IT consumerization continues to bring significant architectural and policy challenges. In a world where users control their devices, we must pay increased attention to network access, identity and authorization, data management policies around potentially sensitive information, and licensing software requirements. In the year ahead we will:
- Modernize the University's Voice Communication Infrastructure: Complete the remaining procurement aspects and complete contracts, perform the detailed design work to develop the implementation plan and implementation schedule, and if performance of design work with vendor is as expected, begin the implementation of the replacement systems.
- Identity Management: Complete the process of mapping both the interim next steps and the longer-term strategy for identity management enhancements. Pending resource allocation, start the process to enhance the identity management system.
Ongoing strengthening of IT security—As noted in last year's annual report, we no longer live in a world where it is reasonable to assume that technology alone, or even primarily, can protect data and systems. We must continue to design and operate for a world where every device that touches our network is potentially compromised and where people are seen as empowered and accountable decision agents for the data they use, create, and store. In the year ahead we will:
- Network and Application Security Project: Technical solutions will be implemented and production rollouts will be well underway by July 1, 2013.
- Protecting Highly Sensitive Data: 1)Complete remediation of potential highly sensitive data. 2)Continue to search and remediate other locations where legacy files might be stored. 3)Continue periodic scanning of remediated systems to guard against return of inappropriate data. 4)Shepherd the revised data governance policy through the approval process and implement across the University.
- Records Management: Continue to build records management capabilities. Pending funding or re-allocation, implement a solution for automating records management and destruction processes. Finalize records storage agreements and trustworthy system standards and enroll University departments in their benefits.
Ongoing investment in strategic initiatives—While much of our attention and resources are necessarily devoted to the essential IT services that we provide, we must continue to invest in areas where technology gives us competitive advantage on the teaching and research fronts. In the year ahead we will:
- Digital Preservation: 1)In partnership with the Library, continue to position UVa in leadership roles for both the Digital Preservation Network and APTrust and shepherd both through their initial start-up phases. 2)In partnership with the VPR and the Library develop data management templates and workflows that will help streamline grant writing and that will leverage our investments in digital preservation infrastructure.
- 4-VA: Continue to coordinate and provide infrastructure support for UVa's participation in the 4-VA initiative that focuses on leveraging technology to improve teaching/learning efficiency, productivity and quality, and enhance the research competitiveness of the partner institutions. In 2012-2013 we will: 1)complete the interoperability work to bring full functionality to the TelePresence infrastructure; 2)hold the High Performance Computing Bootcamp in the TelePresence facilities and make it available to a broader range of institutions; 3)support an increased number of shared courses originating from UVa; and 4)continue to expand opportunities for faculty collaboration across the 4-VA institutions.
- Support for Computation Intense Inquiry and Digital Scholarship:
Continue to enhance support for computation-intense inquiry and digital scholarship. In
2012-2013 we will:
- continue to enhance our digital infrastructure capacity/use by:
- increasing network bandwidth available for research;
- continue to invest in tools that create a framework for weaving together disparate UVa digital resources into a digital ecology supporting the sustainable and scalable creation of scholarly websites;
- in partnership with the Provost, evaluate the adequacy of Collab and strategic direction for providing online support for classes;
- enhance our high performance computing capacity/use by integrating cloud compute-on-demand into our UVa grid infrastructure;
- build the culture around digital/computational inquiry focusing on launching support for advanced visualization through a partnership between UVACSE and SEAS;
- continue to provide direct support for computation intense projects; and
- continue to work with University partners to measure the impact of these investments on funding support for computation intense research and scholarship.
- continue to enhance our digital infrastructure capacity/use by:
- Online Faculty Annual Reporting: Support the Provost in the assessment and implementation of an online faculty annual reporting system.
- Supporting Implementation of New Financial Model: Continue to provide support for the development of the new University financial model. While the specific form of the new model has yet to be established, it is clear that any new model will require significant investments dedicated to enhancing/creating new reporting mechanisms.