FY 2013 Annual Support Unit Budget Report Chief Information Officer

FY 2013 Annual Support Unit Budget Report Chief Information Officer

Budget Guidance Report

Fiscal Year 2013

Our Mission

The University’s goals are our goals. The mission of the Office of the Chief Information Officer (OCIO) is to provide technology services to the university community that support the university’s strategic goals through our core functions: Managed Enterprise Risk; Optimized Shared Services; Decision Support & Information Management Empowering Research, Innovation, & Outreach, Business Process Enablement, and Teaching Enrichment & Student Experience.

Our Guiding Principles

·  We support ONE university.

·  We do IT in support of the OSU strategic plan.

·  Technology re-use and optimization is essential.

·  Technology is changing at an exponential rate.

·  Security is an essential component of the services we provide.

·  Customer Satisfaction and resource stewardship will measure our success.

Fulfillment of this budget request would trigger the beginning or significant enhancement of numerous technology services to greatly improve the teaching, working, and learning in the lives of our faculty, staff, and students.

Core IT Functions / New/Improved Services
Optimized Enterprise IT Services - A world class IT environment that is secure, efficient, and effective. By leveraging enterprise standards, strategic procurement, IT governance, shared services and IT Service Management best practices, we focus precious university resources to advance the goals of the university. / ·  Efficient procurement and interoperability of IT through enterprise standards
·  Unified enterprise communications
·  Effective data center & disaster recovery
·  Secure enterprise environment
·  One university network
·  Shared IT Service Desk
Decision Support & Information Management - Enable decisive, fact-based decision-making by building a comprehensive, best-in-class decision support environment including the tools, training and support to ensure successful usage. / ·  High integrity enterprise data warehouse
·  Data analysis tools
·  Education and support for users
Empowering Research, Innovation, and Outreach - An information technology environment that streamlines process, enables worldwide collaboration, facilitates storage, access, and creativity, while protecting intellectual property and advancing OSU prominence. / ·  “Secure Data” designation for easily accessible, economical storage
·  Industry standard federated access model
·  High availability/capacity, local/international data networks
·  Visibility to research
Business Process Enablement - A simplified and standardized ERP environment that securely supports business agility in enterprise processes. / ·  HR/SIS split
·  HR/Finance/SIS upgrade or replace
·  Talent Management
·  Mobile access
·  Enterprise document management
Teaching Enrichment & Student Experience - A centrally provided teaching and learning toolbox for faculty and students to expand and enhance the educational experience by transforming the University mindset to “Digital First” for the delivery of educational materials. The Ohio State University being committed to bringing change along the continuum of our population to ignite transformative experiences for our prospective students, current students, and alumni. / ·  Technology enabled classrooms and learning spaces
·  Mobile access
·  Digital delivery of educational materials

.

Unit Funds History /
Provide the unit’s continuing funds and cash funding history and ending budget balances for the past three years. (General Funds only.)
Unit Description / FY10 / FY11 / FY12 / Percent Change from FY11 / FY12 Cash
Carry Forward Percentage
PBA History / Cash Carry Forward / PBA History / Cash Carry Forward / PBA History / Cash Carry Forward / PBA History / Cash Carry Forward
Chief Information Officer[1] / 36,015,126 / (3,171,416) / 37,125,695 / 3,388,970 / 37,481,485 / 15,547,650 / 1.0% / 358.8% / 41.5%
What is the planned use of cash carry forward 20% of FY12 PBA? (100 word limit)
The cash carry forward was given to fund specific enterprise applications’ projects that still in progress and will be used to fund these initiatives. For example, Semesters alone has $4.4M of Cash carry forward, another $5.4M for various PS ERP projects, about $2M for Classrooms and Carmen, and finally over $2M for Security and infrastructure projects.
Status Report on Cash or Continuing Funding Received for FY11 & FY12 Requests
For each mandate or service improvement that received funding in FY11 or FY12, complete the table below. Please include funds received through either the support unit budget process or alternative University sources, e.g. one-time cash funding from the Provost.
Mandate or Service Improvement Title / Amount received / How is the funding being used? Who is benefiting from the service? Have the uses of funds changed from the original intent? Has it been expended as planned? (100 word limit)
One-Time Cash / PBA
FY 12
ERP-Semester Conversion / $2,587,000 / These funds support the implementation of changes to the PeopleSoft systems required for the conversion to a semesters-based academic calendar. As of March 2012, 5 of 14 implementations complete. Remaining implementations will complete by end of FY 13 Q1. The funds are being used as originally intended with an expected under-run of $2.5million.
Learning Technology-OSU Pro / $100,000 / Research in View is a data management system developed by Thomson-Reuters in conjunction with OCIO Learning Technology. Funding was used to cover salaries and benefits for two professional staff for the ongoing support of OSU:Pro.
Infrastructure-Data Center Facility Risk Mitigation / $750,000 / Data Center Facility Risk Mitigation project was initiated to reduce the risk of unavailability of the Kinnear Road facility due to deferred maintenance of power, cooling, and the physical facility. This facility is used to support critical applications for student and administrative systems. Funds have/will be utilized for improvements such as replacements of 4 computer room air conditioning units, lighting protection, data center facility monitoring, removal of windows, and physical access controls. Expenditures are as planned. Also see below under Data Center Facility.
Provost Reserve: / $5,000,000
·  Infrastructure E-mail Conversion / $500,000 / Funds have been used to support email conversion to the centralized university email system. Over 12,000 faculty and staff mailboxes were moved to new email system, exceeding commitments for the year. In addition, the legacy OCIO Sun Java system has been retired. Expenditures have been as intended and as planned.
·  Infrastructure Data Center Facility / $600,000 / Data Center Facility Risk Mitigation project was initiated to reduce the risk of unavailability of the Kinnear Road facility due to deferred maintenance of power, cooling, and the physical facility. This facility is used to support critical applications for student and administrative systems. Funds have/will be utilized for improvements such as replacements of 4 computer room air conditioning units, lighting protection, data center facility monitoring, removal of windows, and physical access controls. Expenditures are as planned. See Data Center Facility Risk Mitigation above
·  Infrastructure Service Continuity (DR) / $400,000 / Funds utilized to develop the groundwork for a larger project to create a credible, sustainable, Disaster Recovery (DR) plan for the systems and services delivered by the Office of the CIO. Funds used for:
·  Dedicated DR professional
·  Development of high-level requirements including recovery time and recovery point objectives for OCIO application inventory (from business continuity planning artifacts)
·  2-year DR development plan with milestones and deliverables
·  DR call tree to minimize time required identifying and contacting personnel needed to initiate recovery capabilities.
·  Security-Patch & Vulnerability Project / $399,000 / Patch & Vulnerability Project was initiated to reduce susceptibility to vulnerabilities in OCIO servers and client workstations. Project deliverables are:
·  An OCIO patch management policy,
·  Formal process and procedures for vulnerability management
·  Process and procedures for Servers, Clients (Laptop/Desktops), and Applications
·  Security-Restricted Data Removal & Remediation-DLP / $773,880 / Funding is being leveraged to procure and implement an enterprise Data Loss Prevention solution, providing each department with a best class service and university wide compliance reporting. This FY, we will be implementing the solution in a pilot group consisting of 4-6 colleges, focusing on restricted data identification and removal. The service will be implemented university wide within the next 2 FYs. This enterprise solution is also saving the university money by eliminating duplicate tools and reducing license, maintenance and implementation costs.
·  Security-Logging & Monitoring / $340,000 / Program was expanded to $340,000 cash and includes software acquisition and to fund staff to lead the development and ongoing management of an enterprise wide Security Event Management solution. The RFP process has begun to select a enterprise wide log management solution which will be implemented for existing Enterprise Security logs this FY. This benefits the University as a whole through more effective, efficient incident response and through better event management workflow enabling us to be more proactive when managing security incidents.
·  Security Framework / $231,000 / This project was originally titled Security Training and Awareness with under 100k allotted. After further reviewing the security framework, policies, etc. it was decided that we first need to assess our adoption of an industry framework, identify a framework to move forward, map regulatory requirements and assess our current policies and standards. This funding includes money for 1 FTE, frameworks, and tools to assist in regulatory mappings. This will benefit the university in meeting our compliance requirements as it will provide the university a central security and compliance framework, illustrating specific control requirements.
·  Security-Critical Server Monitoring / $80,000 / This project is focused on upgrading our hardware for our network border intrusion detection cluster, which was first implemented in the early nineties using open source technology. We will be utilizing our old hardware as a development cluster. In addition to improving the stability of our intrusion detection system, we are installing additional sensors inside the OSU network to improve visibility of security activity within OSU. The additional sensors will be placed within a high density risks area within the medical center.
·  Security-Identity Management / $680,000 / The initial go-live of Identity and Access Management, in October 2010, synchronized an individual’s identity data between PeopleSoft HR/SIS and IdM. Additional systems were connected in February 2011. In August 2011 my.osu.edu, a 24 x 7 self-service site was launched along with strengthened password criteria and mandatory password resets, and synchronization of log-in credentials to 700+ university systems. Between August and December 2011, over 120,000 OSU affiliates activated their accounts and reset passwords, strengthening both individuals’ and university information.
In addition, the funds are supporting the current Release 2 work which focuses on implementing robust reporting and enhanced auditing capabilities, retiring two unsupported, insecure legacy applications, enhancing my.osu.edu functionality and customer experience, and general stabilization of the environment as we move forward with connecting to additional systems. Several components of Release 2 have been implemented, with all components to be completed Summer 2012.
·  ERP-Oracle PeopleSoft Incremental License Fees / $496,120 / This fund will cover the expected Oracle PeopleSoft Incremental License Fees
·  ERP-Oracle PeopleSoft Upgrade Project - Planning Phase / $500,000 / Funding supported scope confirmation and planning for HR/SIS Upgrade. Activities included 1) identifying process streamlining opportunities, 2) the technical project approach, and 3) a detailed plan and budget for upgrade project. The funds are being used as originally intended. Any under-run will roll over to the Oracle PeopleSoft HR/SIS Upgrade Project implementation.
FY 11
ERP-SIS / $6,200,000 / These funds were used for the completion of implementation and stabilization of the new PeopleSoft SIS system. This system benefits students and academic support units, primarily the Offices of the Registrar, Admissions, Student Financial Aid and the Bursar. These funds were used as planned and the total project spend was finalized at $50,414,122. This project has been formally closed and OCIO return excess funds of $19,877.76 back to Resource Planning in December 2010.
Infrastructure-Email Conversion / $500,000 / $300,000 / The $300K of PBA is used for operating expenses (staff salaries/ benefits, software/ hardware maintenance, anti-spam/anti-virus and equipment accruals) and $500K of cash was used to repay a loan from B&F in FY10 to purchase hardware, storage, and consulting services. By the end of FY12 the legacy system will have been retired and over 25% of university email users will be on the new system. Without this funding, the university will not benefit from the collaboration and communication benefits of a global address, calendaring, and email capability.
Security-Identity Management / $1,850,000 / $180,000 / In August 2011 IdM began creating and managing individual identities and access to core systems (e.g., email, Carmen, and Libraries) as well as self-service for managing and synchronizing password changes and sponsored guests. PBA supports ongoing software license costs.
Learning Technology-Carmen Upgrades / $200,000 / $250,000 / Carmen is an enterprise Learning Management System that benefits the entire Ohio State community. Carmen is available to all faculty and students on the Columbus and regional campuses, and staff to deliver training courses for administrative purposes. We have used the funds as originally intended. These funds have covered increases in operational costs associated with running Carmen, including higher annual license maintenance fees by Desire 2 Learn, funding staff previously funded by cash, increasing the number of virtual servers to improve performance, upgrading database servers, transitioning to scalable enterprise storage, and conducting a webinar service pilot beginning this spring.
Fees and Charges
Include new fees and planned increases to existing fees for FY13 that affect other departments or large numbers of students, faculty and staff
Description (include group to be assessed the fee) / Current / Future (FY13)
Amount per unit / Unit of Measure / Amount per unit / Unit of Measure
Requests for Next Fiscal Year
Carry over to the Long-Term Needs Continuing Multi-Year Needs section if this request spans multiple years
Priority / Title (50 characters) / Mandate[2](M) or Service Improvement (SI) / Amount requested
($) / Additional FTE
(# of FTE
supported by request) / Description/rationale for the request. Explain how the proposal will be implemented if additional funds are not received (300 word limit).
PBA / Cash / PBA / Cash
Secure Data – University-wide Security:
An enterprise wide security program, proactively addressing security risk across the university aligned with the university’s risk posture. Systematic controls will be implemented requiring less ongoing maintenance and support; enabling innovation and agility.