III.9:50 10:05Networkoperationsmanualchanges Endorse(Williamgreen)IV.10:05
ITArchitectureandInfrastructureCommittee
9:00–10:30a.m.,September12,2014,FAC228D
I.9:00–9:20IntroductiontoITGovernance(BradEnglert)
II.9:20-9:50CommitteePrioritiesfor2014-2015AcademicYear–Discussion
III.9:50–10:05NetworkOperationsManualChanges–Endorse(WilliamGreen)IV.10:05–10:20AustinDiskEncryption–Proposal(DavidMoss,DavidPavkovic)V.10:20–10:30CommitteeChair–Election
TheUniversityofTexasatAustin
OfficeoftheChiefInformationOfficer
AboutITGovernance
TheITgovernancestructureestablishesthestrategic,operational,andtechnicaldecision-makingprocessrequiredtoensureITenablestheUniversitytoexcelinitsmission.ITgovernanceprovidesstrategicleadership,establishescampus-wideITprioritiesandpolicies,andisaccountableandtransparenttotheUniversitycommunity.ThefollowingdiagramillustratesthecommitteestructureforITgovernanceattheUniversity.
GeneralResponsibilitiesofITGovernanceCommittees
TheITgovernancestructureasawholeisresponsibleforthefollowing:
Establishingandcommunicatingacampus-wideITvisionthatsupportstheUniversitymissionandgoals
EstablishingITpoliciesthatsupportstrategic,campus-wideITpriorities
EstablishinganoverallITbudgetstructurefortotalITspendoncampus,startingwithITS
DefiningtechnicalarchitectureandstandardsfortheUniversity
EstablishingbestpracticesandtoolsforITacrosscampus
ITGovernanceValues
ForITgovernancetobesuccessful,thecommitteesmustholdthefollowingvalues:
Transparency—Governancestructureandprocessmustbeclear.Howdecisionsaremadeandwhohasinputrightsanddecision-makingrightsmustbereadilyapparenttocampus.
Communication—Communicationmustoccurinto,outof,andacrossthecommitteesandwithcampus.
Accountability—Committeesandtaskforcesmustbeheldaccountablefordeliveringontheirresponsibilities.Clearescalationpathsforissueresolutionmustbedefined.
Responsibility—Governancestructuremustfocusonresultsratherthanimplementationandprojectmanagement.
Appropriaterepresentation—Constituencygroupsacrosscampusmustberepresented.
Activesupport—Governancestructurerequiresstafftosupporttheprocess.Agendasetting,meetinglogistics,issuetracking,andcommunicationareallessentialaspectsofactivesupport.
GovernanceMembership
Committeemembershipisdesignedtoberepresentativeofthecampuspopulation. Generally,membersareselectedtorepresentacademicandresearchunitsofvaryingsize,administrativeunitsofvaryingsize,andthestudentbody.Specificdetailsofthemembershipdesignatedforeachcommitteecanbefoundinthe SITACreport.
MembersarerecommendedtothecurrentgovernanceChairsbygovernancemembers,bymembersofthecampuscommunity,orthrougharesearchprocesstoidentifypotentialmemberswhorepresentaspecificunitorgroupthatisnotcurrentlyrepresentedinthegovernancemembership.Ifspecificexpertiseisdesiredorrequiredforaparticularprojectofgovernance,expertsareresearchedandrecommendedtothegovernanceChairs.Afterrecommendationsareconsideredandresearchisconducted,committeemembersarefinalizedbyandrecommendedtothePresidentoftheUniversitybythecurrentITgovernanceChairs.
AgendaSetting
Membersofeachcommitteeproposeagendaitemstobediscussedintheirrespectivecommittees.AgendaitemscanalsobesuggestedbyanyoneintheUTcommunity(non-committeemembers)bydirectlycontactingacommitteemember,acommitteechairortheCIO'soffice.Agendaitemsforeachcommitteearevettedthroughthatcommittee'schair.ThecommitteechairsandCIOmeetmonthlytocoordinatethetimingofcommitteeeffortsandensurepropercommunication,inclusionandprioritization.
Reporting
TheITgovernancestructureissupportedbyadministrativeandcommunicationspersonnelwhoreporttotheChiefInformationOfficer.
Notesforeachregularly-scheduledITgovernancemeetingareavailableontherespectivecommitteewebpages.Inadditiontothemeetingnotesandexecutivesummaries,ITgovernanceprogressandupdatesarecommunicatedviathe CIO’sWeeklyUpdate .AnypolicyrelatedmaterialsarepostedontheCIOwebsite.
Somedecisionsandprojectsmayneedadditionalcommunicationsduetotheirscope.Thesecommunicationswillbedeterminedonacase-by-casebasis.
Projects
ITgovernancecommitteesfocusonsettingdirectionandensuringaccountabilityratherthanimplementationresponsibilitiesorITprojectmanagement.Committeescan,however,askforandreceivepresentationsandupdatesonprojectsfromanyprojectteamsorsteeringcommitteesasneeded.
FundingContinuum
Projectsarefundedthroughfourmechanisms;localfunding,aggregatefunding,aggregatefundingwithpartialcentralsupport,andcommongoodfunding.Localfundingisderivedcompletelyfromtheunitemployingtheserviceoradministeringtheproject.ExamplesofservicesthatarecompletelyfundedbythelocalunitincludeEcho360andComputerAidedDesign. Echo360isaservicefundedbyLiberalArtsthatisavailabletotheirunitandtrainingforwhichisavailableforcampusbasedonspecialagreementswiththeirstaff.ComputerAidedDesignisaservicefundedintotalbyEngineeringtoservethespecificneedsoftheirpopulation.
Aggregatefundinginvolvesthecooperationandcoordinationoffundingthroughmultipleunitstosavemoneybybuyingaserviceinbulk. Byaggregatingfundsandpurchasingpoweramongandacrossunits,theservicecantypicallybeacquiredatalowercost. ExamplesofthoseservicespurchasedthroughaggregatefundingincludeMediaSite,AppleEducationalLicensing,andgeneraluseCrashPlan.Whenaservicefundedaggregatelyisidentifiedasessentialtoamajorityofunitsacrosscampus,itmayqualifyforpartialfundingfromthecentralITbudget.
CommonGoodservicesaregeneralandglobalinuse.Theyareavailabletoandserveallcampusunitsandmembers.ExamplesincludeEncryptionsoftware,theITHelpDesk,CrashPlan,UTMail,andAustinExchange. CommonGoodservicesarefundedentirelythroughthecentralbudget.
ITGovernance
ContinuumofFunding
LocallyFundedAggregateFundingAggregate+Partial
CentralSubsidy
CommonGood
||||
Echo360MediaSiteAdobeConnectEncryptionSoftware
CanvasforNon-TraditionalStudents
MatLabCanvasforTraditional
Students
ComputerAidedDesignCrashPlanforFaculty
UTMail
HelpDesk
PolicyandFundingDecisionsandExceptionHandling
EachcommitteeintheITgovernancestructureisresponsibleforidentifyinganddraftingITpoliciesfortheUniversity.Policydecisionsarevettedthroughtheentiregovernancestructure.Forexample,apolicyoriginatingintheITArchitectureandInfrastructureCommitteeisvettedthroughtheOperationalITCommitteebeforeendorsementbytheStrategicITAdvisoryBoard.Committeesmaysolicitthereviewandexpertiseofpersonneloutsideofthegovernancestructureinmakingpolicydecisions.
ITpolicydecisionsareavailableat
Ifdecisionsinvolvefunding,theymayfirstbevettedbytheITArchitectureandInfrastructureCommittee,theBusinessServicesCommittee,ortheResearchEducationalTechnologyCommittee.Questionsconsideredduringthevettingprocessincludetheaudienceimpactedorserved,demandfortheservice,impacttocampus,entitiesresponsibleformanagementofprojectorservice,governanceprocessforprojectorservice,resourcesnecessarytoimplementprojectorservice,immediateandmaintenancecosts,timelineofprojectorserviceimplementation.FundingdecisionsmustbeendorsedbytheOperationalITCommittee.TheITgovernancestructureisalsotaskedwithestablishingprocessesforhandlingexceptionsthatmeetuniquebusinessneeds.Exceptionsarealsousefulmeansforcollectingfeedbackoncurrentstructuresanddeterminingwhenestablishedstandardsbecomeobsolete.
SubcommitteesandTaskForces
SubcommitteesaredefinedasongoinggroupsresponsibleforissuesanddecisionsinacertainareaofITattheUniversity.Taskforcesaredefinedastime-boundgroupsassignedspecificproblemstosolveortaskstoaccomplish.
ITgovernancecommitteescanformsubcommitteesandtaskforcesasneeded.ExistingcommitteesmaybeaskedtoestablishformalrelationshipswiththeITgovernancecommittees,suchastheonecreatedbetweentheBSCandtheAdministrativeITLeadersgroups.
ThereisanintermittentneedtocreatetaskforcestoinvestigateissuesandexploredifferentITsolutions.TaskforcescanbeappointedbyanyoftheITgovernancecommitteesonanas‐neededbasis.ThetaskforcesmeetforasettimeframetoaccomplishspecificobjectivesrelatedtoresolvinganissueorimplementinganITstrategy;theyarenotbeconsideredstandingorongoinggoverningbodies.TaskforcemembershipcanconsistofITgovernancecommitteemembersoranyqualifiedpersonnelidentifiedbyITgovernancecommitteemembers.
CustomerSteeringCommittees
CustomersteeringcommitteesserveasrepresentativecustomergroupsthatworkwithITprojectteamstodeterminethebestcourseofactionandtoprovideaccountabilityforITprojectsattheUniversity.Customersteeringcommitteeshelpprojectteams:
Developaprojectcharterthatdirectstheprojecttowardswhatcustomersneedmostfromtheservice
CreateathoroughandeffectivecommunicationplantodistributeinformationtoaffectedcustomersacrosstheUniversity
Refinetheprojectplanandbeaccountableforchangestothatplan
DirectresearchabouttheprojectorserviceattheUniversityandpeerinstitutions
DelivertheprojectsandservicesthattheUniversitytrulyneeds
CustomersteeringcommitteesmaybecalledupontopresentinformationandupdatestoIT
governancecommittees.
ITGovernanceMeetings
TheITgovernancecommitteesmeetaccordingtothefollowingschedule:
BusinessServicesCommittee
FirstFridayofeverymonth,1:30-3:00p.m.
ITArchitectureandInfrastructureCommittee
SecondFridayofeverymonth,9:00-10:30a.m.
ResearchandEducationalTechnologyCommittee
ThirdThursdayofeverymonth,8:00-9:15a.m.
OperationalITCommittee
FourthWednesdayofeverymonth,3:00-4:00p.m.
C-13InformationTechnologyCommittee
FirstMondayofeverymonth,2:15-3:15p.m.
ITGovernanceChairs(BSC,AIC,RE,C-13,OIT)ThirdThursdayofeverymonth,11-11:30a.m.
StrategicITAccountabilityBoard
Quarterly,scheduledaccordingtoavailabilityofmembers
NetOpsManualChanges-Endorse
SummaryofProposedChanges(seescreenshotsofmajorchangesattachedsinceitishardtogothroughthemanual):
1) Non-compliantbuildingServiceLevelAgreementof“BestEffort”clarified.
2)MDF/IDFaccesschangedfromBuildingAccessControlSystemtoKeybydefault. Unitsmayincurchargesforfuturere-keyingorifBuildingAccessControlSystemisrequiredduetotheroomuse.
3) ChargestocorrectE911recordsnotbeingmaintainedbyUnits(approvedbyVoIPExecutive
DeploymentCommittee).
Fulldocumenthere:
AUSTINDISKENCRYPTIONREQUIREMENTCHANGEPROPOSAL–SEPTEMBER2014
ExecutiveSummary
InformationTechnologyServices(ITS)isproposingaconfigurationchangetoAustinDisk¹tooptimizetheexperienceforMacusers.Byremovingthecurrentencryptionrequirementforon-campususers,MacclientswillbeabletoconnecttoAustinDiskusingthemorereliableandrobustServerMessageBlock(SMB)protocol.ThisproposalhasbeenreviewedandapprovedbytheInformationSecurityOffice²(ISO)andendorsementfromtheInformationTechnology(IT)ArchitectureInfrastructureCommitteeisrequested.
BusinessNeed/Background
AustinDiskisacampus-widefilestorageandsharingservicewhichsupportsthreefiletransportprotocols,allofwhichrequireencryption:
SMBoverIPSecurity(IPSec)
WebDistributedAuthoringandVersioning(WebDAV)overHypertextTransferProtocoloverSecureSocketLayer
(HTTPS)
SecureShellFileTransferProtocol(SFTP)
MacclientshavehistoricallyhadtousethelessrobustWebDAVprotocolbecausetheydonothavethesamelevelofIPSecsupportasWindowsclients.WebDAVhasrepeatedlyprovenunreliablewithreportedclientissuesontheMacsideandserverissuesontheAustinDiskside.WithOSX10.7,ITSreleasedanIPSecconfigurationtoolthatallowedclientstouseSMBoverIPSec.However,OSX10.8removedIPSecfeaturescriticalforcompatibilitywithAustinDisk.
IncollaborationwiththeISOandITSNetworking,itwasdeterminedthatintheinterestofusability,IPSeccouldbemadeoptionalonAustinDiskforon-campusnetworkscontrolledbyITSNetworking.Encryptionintransitwillstillberequiredforoff-campususers,on-campusnetworksnotmanagedbyITSNetworkingandshareswithfederalgrantrestrictions.ForAustinDiskcustomersthatrequiretransportencryption,ITSwillworkwiththemdirectlytopreservetheircurrentconfiguration.ITSwilllooktore-implementencryptionrequirementsasthecampusenvironmentevolvestoproperlysupportit.
CommunicationPlanTimeline
Thetechnicalchangesrequiredarenominal,however,itwillbecriticaltocommunicatetocustomersthattransportencryptionwillnowbeprovidedonan“opt-in”basis.Additionally,customersusingWebDAVwillrequireconfigurationchangestotakeadvantageoftheSMBprotocol.Thecommunicationplanwillinclude:
EndorsementbyInformationTechnology(IT)ArchitectureInfrastructureCommittee–lateAugust2014
EmailtoIT-Updateslistdescribingchangesandactionrequired-earlySeptember2014
Phone/emailcommunicationtocurrentcustomerstodetermineencryptionrequirements–midSeptember2014
Encryptionrequirementisremoved–lateSeptember2014
ForMoreInformation
PleasecontactDavidPavkovic,ITSSeniorITManager,
¹
²
1AustinDiskEncryptionRequirementChangeProposal–September2014