Stakeholder Meetings November 5, 2008 Document Transcript
Stakeholder Meetings November 5, 2008
Information Systems 14:00-15:30
Introductions and Opening Remarks
The purpose of the meeting and session objectives were reviewed. There will be five
sessions, with groups of individuals representing Teaching and Learning, Research and
Scholarship, Administration, Information Systems, and Students.
Transcripts of all five sessions will be distributed to all participants.
Early in the New Year a draft of the IT (Information Technology) strategic plan will be
distributed. It is hoped that it will reflect the input received at these sessions.
Everyone is encouraged to read the recently released External Review of UBC’s Central
Information Technology Unit. The first six recommendations of the report focus on the
role of UBC’s CIO (Chief Information Officer), IT governance, and IT funding model.
The issue of UBC’s IT funding model is being addressed. There is a working group
charged with determining: what infrastructure services UBC requires, the cost of scaling
services to provide what is required, the cost of sustainment, and key performance
Review of Guiding Principles
For a strategic plan to succeed, it is necessary for everyone in the organization to know
what the plan is, and how what they do contributes. The principles express the values for
all members of the IT department to share: cooperation, sharing, helping each other, and
leveraging efforts through collaboration.
We would very much appreciate feedback on the principles. Is there anything missing?
Is there anything that shouldn’t be there?
• Are these new?
• UBC IT: Some are new, for example: Usability and Open Standards. Most were
easy to write down (reflecting long-established values).
• UBC IT: What are the priorities in your area – yours or your unit’s?
• Virtualization is a very big thing for ’09. We want to see a full offering: virtual
platforms, virtual networking, virtual firewalls… Also, aligning with PeopleSoft
and expanding the use of (PeopleSoft) services.
• Do you see yourself going 100% virtual?
• It depends: if it’s mandated, if it’s cost effective, we will use it.
• UBC IT: We’re trying to make it (virtual services offerings) so that everyone is
• UBC IT: We want it to be so that the default approach is to start with the virtual
environment – ask the question: “why shouldn’t we virtualize?”
• We want to go with virtual wherever we can, but we expect we won’t be able to
do it everywhere. For example, a new service may require a very special
environment. We will try it with virtual, but it may not work.
• Virtual is important, but the SAN (storage area network) is critical. It must be
scalable, fast, and accessible. It also needs to be available at other locations. Can
we recognize existence beyond the four campus locations? Note that VGH
(Vancouver General Hospital) is not recognized as a campus – but it’s huge,
receiving a third of the funding. VGH falls outside of the UBC network funding
model. Two things are important: connectivity to the off-campus sites (this is
paid for separately) and getting up-to-date technology at the off-campus sites.
• UBC IT: We need to get rid of the distinction of hospitals as ancillaries.
• Finance runs part of an ERP (enterprise resource planning) system. In a corporate
environment, we would expect uniform email, LDAP (lightweight directory
access protocol), etc. Here everything is different – everyone has different email,
for example. CWL (campus-wide login) doesn’t have some necessary security
features – for example, forcing password changes every 30 days. Lack of
consistency makes using ERPs difficult.
• UBC IT: Should there be a minimum level of technical support for everyone on
campus? Everyone gets an email address, a phone, some computing access, etc?
• I’m thinking more of corporate capabilities such as LDAP for ERP access.
Identity management, etc.
• UBC IT: Currently, we have no way to fund anything we can’t charge for. If we
could offer identity management, workflow, authentication, authorization, etc,
would that suit your needs?
• Communication is increasingly a problem. We keep getting requests for email
addresses, but there is no incentive for people to keep them up to date. Nothing
compels people to do this. If people could be inspired to keep this up to date while
doing something else … If we could at least associate Employee Id with email
address. It’s a bit easier with Interchange (email).
• Sometimes I think we should have “Exchange for All”. When you start, you get
Exchange, when you leave, it’s taken away.
• We’re doing some “on boarding” work. We’d like to automate more.
• UBC IT: In moving forward with SOA (service-oriented architecture) and Identity
Management, we’d like to do a functional workshop with use cases.
• What keeps me up at night is privacy and security. In Medicine, we have a
program to identify where private data sets are not properly protected. This
includes patient data.
• UBC IT: What would you like from IT?
• We’d like a way to track where all the data sets are, what sensitive data is there,
how it’s exposed, and when it was last audited for security. This is a battle the
whole university will have to fight.
• UBC IT: Everyone shares this concern.
• Yes, for us privacy is very important.
• As soon as you give people a reporting tool, they can go anywhere.
• You need policies, with education and guidelines on how to follow the policies.
There needs to be a service to help with this – tools you can use in your
environment. At Calgary you take courses to gain privileges for access to patient
data, at increasing levels.
• What keeps us up at night? A few issues – not many. What’s governance going to
be – a vote, or a steering committee? We want to know how stakeholder influence
will affect decisions.
• UBC IT: We need stakeholder input. How do we know that we’re spending funds
effectively? What are the elements of IT governance that would be effective for
your unit? What kinds of forums and other input mechanisms? It’s possible that a
committee for IT governance could evolve from the funding model initiative.
• What kind of authority would the committee have? We would want it to have
some voting power – decision making authority.
• UBC IT: We would like the committee to have authority over standards as well as
authority over funding.
• If $150 million is being spent, how is it being spent effectively? Are expenditures
in alignment with strategic goals of the university? We need to understand this.
• We have control over administrative and instructional computing, but none over
research computing. Of the 480 people doing IT, how many are in which
categories? We need more nuanced numbers.
• Our pain points relate to future planning and the identity management and unified
communications committees. We have pain points that could be addressed by
better SQL access to SIS (student information system), FMS (finance
management system), and HRMS (human resources management system). We’re
tired of maintaining separate datasets. Also, why is there a separate grad
admissions process, consuming lots of staff time across many departments? It
even maintains its own list of institutions.
• Other issues:
1. Access to data - There are multiple canonical data sources (SISC, HRMS, FMS)
to which it would be useful to have SQL (structured query language) based
access; the intent of the Identity Management and SOA initiatives is to make this
data available. To authorized consumers of the data; it would be useful to gain
access to this data sooner (now!) rather than later (when Identity Management and
SOA are implemented); semi-automated and/or manual access already exists to
the data (SISC exports; SISCftp repository; HRMS/FMS reporting, perhaps
emailed). I'm asking for access to data using SQL so that I can build systems that
augment rather than duplicate the existing canonical systems.
2. Communications re Sympa (open source mailing list software) can be used:
a. Sympa is a particularly powerful mailing list server that provides the
ability to structure mailing list hierarchically (not just simple list
inclusion) and the ability to create authorization scenarios (forward email
subject to sender confirmation and moderator approval, etc.)
b. As incentive to update contact information; e.g. by adding their email
address to HRMS, a faculty member can be added to the faculty email list
c. To set up employment-group-related mailing lists on a department-by-
d. To avoid the need to maintain a dataset (subscriber list) when there
already exists a possible canonical dataset (HRMS)
e. Solution: SQL access to HRMS data to configure Sympa
(www.sympa.org) to populate the subscribers of mailing lists
automatically; also like to have SQL access to SIS data in order to
populate Sympa mailing lists but that's probably more difficult to arrange
f. Solution: UBC IT could deploy Sympa for the entire campus
3. Communications re MADHU (VPs, Deans and Administrative Heads of Units)
o stop asking to "forward as appropriate" emails sent to MADHU from all
over campus; at the very least stop asking to forward the emails regarding
research grant deadlines
o add a tagged posting system (such as what UBC IT has for their bulletins
website, bulletins.it.ubc.ca); faculty members can subscribe to the RSS
(web feed format) feeds that they care about (i.e, NSERC (Natural
Sciences and Engineering Research Council), CFI (Canada Foundation for
Innovation) but not CIHR (Canada Institute of Health Research)) and
receive these announcements from UBC VP Research, UBC Research and
Trust Accounting, UBC Office of Research Services, UBC University
Industry Liaison Office directly rather than through the let's-get-MADHU-
4. Improved www.directory.ubc.ca interface
o many individuals at UBC have multiple roles but the way these are
presented at www.directory.ubc.ca is confusing
o one solution: modify the underlying data structure and administration
interface so that titles / contact info can be associate with units; modify the
display such that the titles / contact info are presented on a unit-by-unit (or
5. Graduate admissions process
o why is each unit having a graduate program required to manage their
admissions process independently? Why can't there be SQL (structured
query language) access to the current admissions database used by Faculty
of Graduate Studies?
o solution: procure / develop a central system for graduate admissions
o problem: adoption of WebCT (Web Classroom Training application)/Vista
in Electrical and Computer Engineering is low because the management
interface is too cumbersome
o solution: Sakai Project (open source collaboration and courseware
• UBC IT: The answer to why Graduate Studies have their own admission system
goes back to the old funding model. There was no strategic planning and without
funding, they went their own way.
• UBC IT: Shadow systems are not bad. Departments have a need for functionality
that can’t be provided centrally. But the only way they have to solve the problem
is to build full systems. What we want to have is shadow systems built on
• UBC IT: When a department builds a good service, it should be made available to
• UBC IT: What are the common services that everyone needs?
• What is important and lacking, is interoperability standards. IT did something
very good by arranging an Oracle site licence. Everyone could use the same
standard, which made getting data from central sources very easy. If you can’t get
funding for central services, then make it possible to build for coordination. Is
there a standard we can build around? Virtualization, etc? As we build our
shadow systems, we should get together to see if there is a way to avoid
• There is a need for an auditing and assessment process where we can make sure
people aren’t duplicating work. We have many information sources where access
control is by IP (internet protocol) address. If the IP address changes, it’s very
difficult to get the information out to vendors.
• In some ways, UBCO (UBC Okanagan) is more like what UBCV (UBC
Vancouver) is striving for. Things we collaborate on include Exchange – but we
have to be independent of the network, in case it goes down. Our hands do what
UBCV needs. We need to try to get above “it’s my money or your money”. It
comes down to stepping back and looking at what’s best for the institution. The
tough things are when within the model of centralization you get pushback when
you make a decision. With email addresses, for example: all faculties wanted their
names as part of the address, but the decision was to use email@example.com. It takes
a bit of courage and a thick skin, because people will always complain. But if you
approach from what is best for the institution as a whole, then it’s easier.
Centralizing IT isn’t going to be all new money, and that’s harder. But everyone
has to step back and cooperate.
• With regard to pushback, we can mitigate it if there is voting representation from
the units. We need to have ongoing stakeholder input to make this work.
• UBC IT: The idea is not to get advice on how to centralize IT. But one thing is to
replace the funding that now comes from the sale of services – cost recovery.
• We’re looking for economies on the scale of enterprise-wide software licencing.
• Yes – with the whole university, there is considerable leverage.
• It comes down to purchasing power. We dilute it by buying from different
vendors: Dell, IBM, etc. If UBC goes with one vendor, we’ll get support you
wouldn’t believe. The vendor will step up to it.
• UBC IT: The question to ask is “why shouldn’t we do it this way?” What are my
legitimate reasons for not doing it?
• It scales out – not just hardware, but also software, SAN storage, etc.
• UBC IT: As an ancillary, the $10/gigabyte reflects all costs, right down to
janitorial. We have all the disadvantages of a business, and none of the
• SAN snap-shotting gives off-the-shelf backup. As another example, we’re using
the same licences as ISI – but they were purchased separately.
• Another pain point is that we have very old wiring – Cat 3 cable that was
installed in the ‘80s, and not covered by UNP (University Networking Program).
Upgrades for just the downstairs area will cost $150,000 to $300,000. Pockets
have been upgraded, but the problem remains for most areas.
• UBC IT: I wish we had known this 5 years ago.
• The port charges went away, but that was all.
• Just don’t go down the route where you charge at the line item level – $10 for a
drill, and $2 for a ladder.
• It was very refreshing to view the recommendations in the review report. Our
reaction is yes, yes! It would be good to have a website to give feedback – make
the document accessible on a wiki or whatever to get feedback.
• What are the next steps?
• UBC IT: We will take away the information from these sessions, put it into a
format to absorb, and then take it to management. We’ll then circle back to
communicate with you. Note that some of this applies to UBC IT, but much of it
to IT at UBC. My focus is on the latter as much as the former. I have told the
UBC executive that it’s important that UBC have an IT strategy that is linked to
the university strategy.