ITArchitectureandInfrastructureCommittee

9:00–10:30a.m.,September12,2014,FAC228D

I.9:00–9:20IntroductiontoITGovernance(BradEnglert)

II.9:20-9:50CommitteePrioritiesfor2014-2015AcademicYear–Discussion

III.9:50–10:05NetworkOperationsManualChanges–Endorse(WilliamGreen)IV.10:05–10:20AustinDiskEncryption–Proposal(DavidMoss,DavidPavkovic)V.10:20–10:30CommitteeChair–Election

TheUniversityofTexasatAustin

OfficeoftheChiefInformationOfficer

AboutITGovernance

TheITgovernancestructureestablishesthestrategic,operational,andtechnicaldecision-makingprocessrequiredtoensureITenablestheUniversitytoexcelinitsmission.ITgovernanceprovidesstrategicleadership,establishescampus-wideITprioritiesandpolicies,andisaccountableandtransparenttotheUniversitycommunity.ThefollowingdiagramillustratesthecommitteestructureforITgovernanceattheUniversity.

GeneralResponsibilitiesofITGovernanceCommittees

TheITgovernancestructureasawholeisresponsibleforthefollowing:

Establishingandcommunicatingacampus-wideITvisionthatsupportstheUniversitymissionandgoals

EstablishingITpoliciesthatsupportstrategic,campus-wideITpriorities

EstablishinganoverallITbudgetstructurefortotalITspendoncampus,startingwithITS

DefiningtechnicalarchitectureandstandardsfortheUniversity

EstablishingbestpracticesandtoolsforITacrosscampus

ITGovernanceValues

ForITgovernancetobesuccessful,thecommitteesmustholdthefollowingvalues:

Transparency—Governancestructureandprocessmustbeclear.Howdecisionsaremadeandwhohasinputrightsanddecision-makingrightsmustbereadilyapparenttocampus.

Communication—Communicationmustoccurinto,outof,andacrossthecommitteesandwithcampus.

Accountability—Committeesandtaskforcesmustbeheldaccountablefordeliveringontheirresponsibilities.Clearescalationpathsforissueresolutionmustbedefined.

Responsibility—Governancestructuremustfocusonresultsratherthanimplementationandprojectmanagement.

Appropriaterepresentation—Constituencygroupsacrosscampusmustberepresented.

Activesupport—Governancestructurerequiresstafftosupporttheprocess.Agendasetting,meetinglogistics,issuetracking,andcommunicationareallessentialaspectsofactivesupport.

GovernanceMembership

Committeemembershipisdesignedtoberepresentativeofthecampuspopulation. Generally,membersareselectedtorepresentacademicandresearchunitsofvaryingsize,administrativeunitsofvaryingsize,andthestudentbody.Specificdetailsofthemembershipdesignatedforeachcommitteecanbefoundinthe SITACreport.

MembersarerecommendedtothecurrentgovernanceChairsbygovernancemembers,bymembersofthecampuscommunity,orthrougharesearchprocesstoidentifypotentialmemberswhorepresentaspecificunitorgroupthatisnotcurrentlyrepresentedinthegovernancemembership.Ifspecificexpertiseisdesiredorrequiredforaparticularprojectofgovernance,expertsareresearchedandrecommendedtothegovernanceChairs.Afterrecommendationsareconsideredandresearchisconducted,committeemembersarefinalizedbyandrecommendedtothePresidentoftheUniversitybythecurrentITgovernanceChairs.

AgendaSetting

Membersofeachcommitteeproposeagendaitemstobediscussedintheirrespectivecommittees.AgendaitemscanalsobesuggestedbyanyoneintheUTcommunity(non-committeemembers)bydirectlycontactingacommitteemember,acommitteechairortheCIO'soffice.Agendaitemsforeachcommitteearevettedthroughthatcommittee'schair.ThecommitteechairsandCIOmeetmonthlytocoordinatethetimingofcommitteeeffortsandensurepropercommunication,inclusionandprioritization.

Reporting

TheITgovernancestructureissupportedbyadministrativeandcommunicationspersonnelwhoreporttotheChiefInformationOfficer.

Notesforeachregularly-scheduledITgovernancemeetingareavailableontherespectivecommitteewebpages.Inadditiontothemeetingnotesandexecutivesummaries,ITgovernanceprogressandupdatesarecommunicatedviathe CIO’sWeeklyUpdate .AnypolicyrelatedmaterialsarepostedontheCIOwebsite.

Somedecisionsandprojectsmayneedadditionalcommunicationsduetotheirscope.Thesecommunicationswillbedeterminedonacase-by-casebasis.

Projects

ITgovernancecommitteesfocusonsettingdirectionandensuringaccountabilityratherthanimplementationresponsibilitiesorITprojectmanagement.Committeescan,however,askforandreceivepresentationsandupdatesonprojectsfromanyprojectteamsorsteeringcommitteesasneeded.

FundingContinuum

Projectsarefundedthroughfourmechanisms;localfunding,aggregatefunding,aggregatefundingwithpartialcentralsupport,andcommongoodfunding.Localfundingisderivedcompletelyfromtheunitemployingtheserviceoradministeringtheproject.ExamplesofservicesthatarecompletelyfundedbythelocalunitincludeEcho360andComputerAidedDesign. Echo360isaservicefundedbyLiberalArtsthatisavailabletotheirunitandtrainingforwhichisavailableforcampusbasedonspecialagreementswiththeirstaff.ComputerAidedDesignisaservicefundedintotalbyEngineeringtoservethespecificneedsoftheirpopulation.

Aggregatefundinginvolvesthecooperationandcoordinationoffundingthroughmultipleunitstosavemoneybybuyingaserviceinbulk. Byaggregatingfundsandpurchasingpoweramongandacrossunits,theservicecantypicallybeacquiredatalowercost. ExamplesofthoseservicespurchasedthroughaggregatefundingincludeMediaSite,AppleEducationalLicensing,andgeneraluseCrashPlan.Whenaservicefundedaggregatelyisidentifiedasessentialtoamajorityofunitsacrosscampus,itmayqualifyforpartialfundingfromthecentralITbudget.

CommonGoodservicesaregeneralandglobalinuse.Theyareavailabletoandserveallcampusunitsandmembers.ExamplesincludeEncryptionsoftware,theITHelpDesk,CrashPlan,UTMail,andAustinExchange. CommonGoodservicesarefundedentirelythroughthecentralbudget.

ITGovernance

ContinuumofFunding

LocallyFundedAggregateFundingAggregate+Partial

CentralSubsidy

CommonGood

||||

Echo360MediaSiteAdobeConnectEncryptionSoftware

CanvasforNon-TraditionalStudents

MatLabCanvasforTraditional

Students

ComputerAidedDesignCrashPlanforFaculty

UTMail

HelpDesk

PolicyandFundingDecisionsandExceptionHandling

EachcommitteeintheITgovernancestructureisresponsibleforidentifyinganddraftingITpoliciesfortheUniversity.Policydecisionsarevettedthroughtheentiregovernancestructure.Forexample,apolicyoriginatingintheITArchitectureandInfrastructureCommitteeisvettedthroughtheOperationalITCommitteebeforeendorsementbytheStrategicITAdvisoryBoard.Committeesmaysolicitthereviewandexpertiseofpersonneloutsideofthegovernancestructureinmakingpolicydecisions.

ITpolicydecisionsareavailableat

Ifdecisionsinvolvefunding,theymayfirstbevettedbytheITArchitectureandInfrastructureCommittee,theBusinessServicesCommittee,ortheResearchEducationalTechnologyCommittee.Questionsconsideredduringthevettingprocessincludetheaudienceimpactedorserved,demandfortheservice,impacttocampus,entitiesresponsibleformanagementofprojectorservice,governanceprocessforprojectorservice,resourcesnecessarytoimplementprojectorservice,immediateandmaintenancecosts,timelineofprojectorserviceimplementation.FundingdecisionsmustbeendorsedbytheOperationalITCommittee.TheITgovernancestructureisalsotaskedwithestablishingprocessesforhandlingexceptionsthatmeetuniquebusinessneeds.Exceptionsarealsousefulmeansforcollectingfeedbackoncurrentstructuresanddeterminingwhenestablishedstandardsbecomeobsolete.

SubcommitteesandTaskForces

SubcommitteesaredefinedasongoinggroupsresponsibleforissuesanddecisionsinacertainareaofITattheUniversity.Taskforcesaredefinedastime-boundgroupsassignedspecificproblemstosolveortaskstoaccomplish.

ITgovernancecommitteescanformsubcommitteesandtaskforcesasneeded.ExistingcommitteesmaybeaskedtoestablishformalrelationshipswiththeITgovernancecommittees,suchastheonecreatedbetweentheBSCandtheAdministrativeITLeadersgroups.

ThereisanintermittentneedtocreatetaskforcestoinvestigateissuesandexploredifferentITsolutions.TaskforcescanbeappointedbyanyoftheITgovernancecommitteesonanas‐neededbasis.ThetaskforcesmeetforasettimeframetoaccomplishspecificobjectivesrelatedtoresolvinganissueorimplementinganITstrategy;theyarenotbeconsideredstandingorongoinggoverningbodies.TaskforcemembershipcanconsistofITgovernancecommitteemembersoranyqualifiedpersonnelidentifiedbyITgovernancecommitteemembers.

CustomerSteeringCommittees

CustomersteeringcommitteesserveasrepresentativecustomergroupsthatworkwithITprojectteamstodeterminethebestcourseofactionandtoprovideaccountabilityforITprojectsattheUniversity.Customersteeringcommitteeshelpprojectteams:

Developaprojectcharterthatdirectstheprojecttowardswhatcustomersneedmostfromtheservice

CreateathoroughandeffectivecommunicationplantodistributeinformationtoaffectedcustomersacrosstheUniversity

Refinetheprojectplanandbeaccountableforchangestothatplan

DirectresearchabouttheprojectorserviceattheUniversityandpeerinstitutions

DelivertheprojectsandservicesthattheUniversitytrulyneeds

CustomersteeringcommitteesmaybecalledupontopresentinformationandupdatestoIT

governancecommittees.

ITGovernanceMeetings

TheITgovernancecommitteesmeetaccordingtothefollowingschedule:

BusinessServicesCommittee

FirstFridayofeverymonth,1:30-3:00p.m.

ITArchitectureandInfrastructureCommittee

SecondFridayofeverymonth,9:00-10:30a.m.

ResearchandEducationalTechnologyCommittee

ThirdThursdayofeverymonth,8:00-9:15a.m.

OperationalITCommittee

FourthWednesdayofeverymonth,3:00-4:00p.m.

C-13InformationTechnologyCommittee

FirstMondayofeverymonth,2:15-3:15p.m.

ITGovernanceChairs(BSC,AIC,RE,C-13,OIT)ThirdThursdayofeverymonth,11-11:30a.m.

StrategicITAccountabilityBoard

Quarterly,scheduledaccordingtoavailabilityofmembers

NetOpsManualChanges-Endorse

SummaryofProposedChanges(seescreenshotsofmajorchangesattachedsinceitishardtogothroughthemanual):

1) Non-compliantbuildingServiceLevelAgreementof“BestEffort”clarified.

2)MDF/IDFaccesschangedfromBuildingAccessControlSystemtoKeybydefault. Unitsmayincurchargesforfuturere-keyingorifBuildingAccessControlSystemisrequiredduetotheroomuse.

3) ChargestocorrectE911recordsnotbeingmaintainedbyUnits(approvedbyVoIPExecutive

DeploymentCommittee).

Fulldocumenthere:

AUSTINDISKENCRYPTIONREQUIREMENTCHANGEPROPOSAL–SEPTEMBER2014

ExecutiveSummary

InformationTechnologyServices(ITS)isproposingaconfigurationchangetoAustinDisk¹tooptimizetheexperienceforMacusers.Byremovingthecurrentencryptionrequirementforon-campususers,MacclientswillbeabletoconnecttoAustinDiskusingthemorereliableandrobustServerMessageBlock(SMB)protocol.ThisproposalhasbeenreviewedandapprovedbytheInformationSecurityOffice²(ISO)andendorsementfromtheInformationTechnology(IT)ArchitectureInfrastructureCommitteeisrequested.

BusinessNeed/Background

AustinDiskisacampus-widefilestorageandsharingservicewhichsupportsthreefiletransportprotocols,allofwhichrequireencryption:

SMBoverIPSecurity(IPSec)

WebDistributedAuthoringandVersioning(WebDAV)overHypertextTransferProtocoloverSecureSocketLayer

(HTTPS)

SecureShellFileTransferProtocol(SFTP)

MacclientshavehistoricallyhadtousethelessrobustWebDAVprotocolbecausetheydonothavethesamelevelofIPSecsupportasWindowsclients.WebDAVhasrepeatedlyprovenunreliablewithreportedclientissuesontheMacsideandserverissuesontheAustinDiskside.WithOSX10.7,ITSreleasedanIPSecconfigurationtoolthatallowedclientstouseSMBoverIPSec.However,OSX10.8removedIPSecfeaturescriticalforcompatibilitywithAustinDisk.

IncollaborationwiththeISOandITSNetworking,itwasdeterminedthatintheinterestofusability,IPSeccouldbemadeoptionalonAustinDiskforon-campusnetworkscontrolledbyITSNetworking.Encryptionintransitwillstillberequiredforoff-campususers,on-campusnetworksnotmanagedbyITSNetworkingandshareswithfederalgrantrestrictions.ForAustinDiskcustomersthatrequiretransportencryption,ITSwillworkwiththemdirectlytopreservetheircurrentconfiguration.ITSwilllooktore-implementencryptionrequirementsasthecampusenvironmentevolvestoproperlysupportit.

CommunicationPlanTimeline

Thetechnicalchangesrequiredarenominal,however,itwillbecriticaltocommunicatetocustomersthattransportencryptionwillnowbeprovidedonan“opt-in”basis.Additionally,customersusingWebDAVwillrequireconfigurationchangestotakeadvantageoftheSMBprotocol.Thecommunicationplanwillinclude:

EndorsementbyInformationTechnology(IT)ArchitectureInfrastructureCommittee–lateAugust2014

EmailtoIT-Updateslistdescribingchangesandactionrequired-earlySeptember2014

Phone/emailcommunicationtocurrentcustomerstodetermineencryptionrequirements–midSeptember2014

Encryptionrequirementisremoved–lateSeptember2014

ForMoreInformation

PleasecontactDavidPavkovic,ITSSeniorITManager,

¹

²

1AustinDiskEncryptionRequirementChangeProposal–September2014