IR&C: JOG/CPG Meeting Minutes (Jan 27-28, 1998)

Agenda

Minutes

Campus Reports

JOINT OPERATIONS GROUP
Meeting May 12-13, 1998
LBL

Minutes ...

CAMPUS REPORTS are linked to the online version of the meeting report. Only items covered at the meeting not contained in those reports are recorded here.

Lynn reported that the Governor’s proposed UC budget includes one-time funds in the amount of $25 million for instructional technology and $25 million for instructional equipment replacement.

Several campuses reported a trend towards increased use of recharges for networking and IT support services. Berkeley’s Computing Policy Board is completing a two-year study of the network funding models

All campuses reported increases in abuse of systems and network security problems, e.g., spamming, that requires intervention.

PARTNERSHIP FOR PERFORMANCE

Business Initiatives Director Kristine Hafner introduced Partnership for Performance as the context for identifying and gathering relevant data for performance measurement. The biggest challenge is to break out of the Business & Finance "box." Sponsors are needed for all business areas of the University, such as student services. Success would be integrating indicators of "how are we doing?" into daily organizational life. Completion would be a framework for defining goals and a mechanism for gathering performance data (information that can be acted on to change behaviors). Participation in national studies is encouraged. The Vice Chancellors-Administration are interested in national IT benchmarking; our self-assessment tool can provide a framework.

YEAR 2000.

Campuses updated their progress since the universitywide report compiled in February. Discussion focussed on the need to distinguish between mission-critical systems and those where the effect of failure would be relatively minor; some failures in research applications are inevitable due to their number, variety, and dispersal. UC-wide administrative systems, including Payroll/Personnel and Retirement have been tested and are compliant. Sharing of information across campuses was encouraged to avoid duplicate efforts. There was discussion of the need to focus on communication systems: one area of particular concern is the 800 mHz emergency channel. In general, follow-up testing shows that some vendor certifications are not valid and that newness of equipment does not guarantee compliance.

Updates for UCLA, San Diego, Santa Cruz, and OP are available on the Web from the Year 2000 link at http://www.ucop.edu/irc

Lynn reported that he had made a presentation to the Little Hoover Commission in Sacramento and also summarized what he heard at that hearing with regard to the progress of State agencies. There was particular discussion of the need for contingency planning and for joint testing with suppliers and other external entities.

Although the Payroll/Personnel system has been converted and tested at the system level, a joint cross-campus testing mechanism is needed. This will be implemented by the payroll technical coordinating group. Joint tests are needed with vendors, banks (coordinate with Treasurer's Office), insurance, state agencies across a timeline that extends decades beyond 2000. A meeting is scheduled in June.

Campuses will continue to report formally every six months on progress on Year 2000 testing in existing format.

Network and System Security

All campuses are experiencing rising incidence of system abuse, particularly an increase in incidences of spamming, invasion of servers, and of harassment. UC needs an organized approach to system security. The Information Security Policy will provide the necessary framework. An information-sharing mechanism is needed such as a protected Web site. (See item 8 below on new Information Security Policy.)

IT classifications

Recruitment and retention continues to be a problem at all campuses. The understaffing caused by vacancies that cannot be filled in a timely manner creates unsustainable tensions. Creative solutions are urgently needed. What can UC offer? Where will UC recruit its next generation of IT managers if turnover continues at current pace? JOG agreed to fund a consultant study to assess UC's current situation and recommend implementable actions that can be taken.

Document management

Discussion occurred of document management initiatives at several campuses and at OP. UCSD is piloting a document warehouse project, and UCB is preparing a RFP for document management. OP has implemented its central repository for major documents, replacing the old microfilm system. This area is requiring increasing attention, with a need for enterprise solutions to augment or replace the confusing patchwork of local initiatives that do not interconnect.

JOG decided to make this a continuing agenda item.

Taxpayer relief act

OP workgroups are developing requirements for reporting to the IRS and students. A RFP will be issued for a vendor to do UC processing and provide telephone support. Responses are due July 24, and a contract is anticipated early August. Telephone support has been outsourced. Technical issues arising from multiple data sources (campus, UNEX, summer session) intersect with FERPA privacy issues.

University policies

(a) The existing UC security guidelines have been revamped into an Information Security Policy (Guidelines?) in response to Deloitte & Touche recommendations. JOG members are invited to comment on the draft. The Guidelines will be issued as a BFB following review by the Vice Chancellors-Administration. JOG members are asked to comment to Jim Dolgonas by June 3.

(b) Systems Development Standards are scheduled to be reviewed now, but experience is still scant, and a Fall review may be more productive.

ESTF

Although final funding approval for the ESTF Report recommendations has not been received, work is underway. The revised GUI interface for the Payroll/Personnel system has been started under a cross-campus collaboration. Work on the University Directory is also well underway.

Business Officer Institute

JOG is collaborating in the design of the IT portion of the Business Officer Institute curriculum. That portion of the curriculum is guided by a committee composed of Dave Tomchek (chair), Diana Brown, Larry Sautter, Jim Dolgonas, and Dave Scronce (HR).

In discussing the proposed curriculum, JOG members emphasized that business officers need to understand the division of IT responsibilities among departmental business officers, functional units, and IT organizations. Appropriate information should be provided about (a) where to go for information and what the central IT organization does; (b) hot topics; (c) future changes in the UC technology environment; security; University policies; supervision of department technical support; site licensing; business process analysis.

The workshop will be given several times a year, so there is a need for a "plug-and-play" IT agenda and presentation so that different people can teach it in a standardized way.

University audit

Following input from JOG, the external auditors have been asked to focus on information security, disaster recovery planning, Year 2000, and recruitment and retention. Campus reports indicated that this seems to be happening.

ADA compliance

Expansion of Web use is raising issues of accessibility for people with physical impairments. It is critical that system developers design sites with accessibility in mind. This should be an item for future JOG discussion. OP agreed to circulate list of URL's pointing to appropriate websites.

Web Developers’ Conference

Agenda proposed by Jim Dolgonas has been favorably received. Conference will be scheduled when Dell speaker agrees to a date. Jim Dolgonas will send out a notice when the date is set

JOINT MEETING
JOG and CPG

Electronic Communications Task Force

The Task Force will be reconvened to generalize from the Email Policy to an electronic communications policy, beginning with acceptable use. Faculty will be involved from the outset.

Authentication

Progress was reported on the Authentication Project. The certificates for the prototype project will be distributed using the Netscape Browser technology. The initial test projects will be MelWeb and Employee Self Service, with the latter permitting new hires to choose their benefits via the Web. Both should be available by the Fall. Prototyping and interoperability tests require campus participation. Policy structure surrounding issuance and maintenance of certificates will be more important than technology.

COMMUNICATIONS PLANNING GROUP

Year 2000

Discussion echoed JOG discussion. No assumptions are possible; network and communications systems, including 800 MHz, must be tested. A reporting template for communications will be developed.

CENIC/CalREN2/Abilene

It is expected that he CalREN2 network will be turned over after testing in early July. Abilene may reduce some CalREN2 needs and, particularly for the north-south link. Project implementation is contracted to ISI. CENIC will hire a fulltime president/executive director. RFPs will be issued for Network Operating Center support and Web support. The CENIC board is working through policies on acceptable use and classes of associates.

Internet Service Provider

Previous Sprint arrangement is no longer available. Exodus offers best possibility, including switchover to CalREN2. Concern about possible disruptions in transition led to decision to continue Sprint service for an additional month as backup. 1998-99 estimates are projected on basis of same usage. NOAG is responsible for planning the transition. Communications and operations plans are needed and should be circulated to campuses. N OAG will meet at the CENIC conference to plan transition.

Future of telephony

Although network voice applications are available, the quality of service is not adequate to replace PBX for at least five years. Wireless telephony may emerge for voice applications, even across and within campuses. Voice and data convergence on the desktop does not necessarily require network convergence behind them.

Videoconferencing

The VTC network will shift to the ATM portion of CalREN2. The intent is to move from VTC rooms to room- and desktop-based applications. OP will set up a working group to review options and share testing.

Campus reports

Individual reports are on the Web.

[ Back to JOG Home ] [ Back to JOG Meeting Page ] [ Top of Page ]



Agenda Minutes Campus Reports	JOINT OPERATIONS GROUP Meeting May 12-13, 1998 LBL Minutes ...

	CAMPUS REPORTS are linked to the online version of the meeting report. Only items covered at the meeting not contained in those reports are recorded here. Lynn reported that the Governor’s proposed UC budget includes one-time funds in the amount of $25 million for instructional technology and $25 million for instructional equipment replacement. Several campuses reported a trend towards increased use of recharges for networking and IT support services. Berkeley’s Computing Policy Board is completing a two-year study of the network funding models All campuses reported increases in abuse of systems and network security problems, e.g., spamming, that requires intervention. PARTNERSHIP FOR PERFORMANCE Business Initiatives Director Kristine Hafner introduced Partnership for Performance as the context for identifying and gathering relevant data for performance measurement. The biggest challenge is to break out of the Business & Finance "box." Sponsors are needed for all business areas of the University, such as student services. Success would be integrating indicators of "how are we doing?" into daily organizational life. Completion would be a framework for defining goals and a mechanism for gathering performance data (information that can be acted on to change behaviors). Participation in national studies is encouraged. The Vice Chancellors-Administration are interested in national IT benchmarking; our self-assessment tool can provide a framework. YEAR 2000. Campuses updated their progress since the universitywide report compiled in February. Discussion focussed on the need to distinguish between mission-critical systems and those where the effect of failure would be relatively minor; some failures in research applications are inevitable due to their number, variety, and dispersal. UC-wide administrative systems, including Payroll/Personnel and Retirement have been tested and are compliant. Sharing of information across campuses was encouraged to avoid duplicate efforts. There was discussion of the need to focus on communication systems: one area of particular concern is the 800 mHz emergency channel. In general, follow-up testing shows that some vendor certifications are not valid and that newness of equipment does not guarantee compliance. Updates for UCLA, San Diego, Santa Cruz, and OP are available on the Web from the Year 2000 link at http://www.ucop.edu/irc Lynn reported that he had made a presentation to the Little Hoover Commission in Sacramento and also summarized what he heard at that hearing with regard to the progress of State agencies. There was particular discussion of the need for contingency planning and for joint testing with suppliers and other external entities. Although the Payroll/Personnel system has been converted and tested at the system level, a joint cross-campus testing mechanism is needed. This will be implemented by the payroll technical coordinating group. Joint tests are needed with vendors, banks (coordinate with Treasurer's Office), insurance, state agencies across a timeline that extends decades beyond 2000. A meeting is scheduled in June. Campuses will continue to report formally every six months on progress on Year 2000 testing in existing format. Network and System Security All campuses are experiencing rising incidence of system abuse, particularly an increase in incidences of spamming, invasion of servers, and of harassment. UC needs an organized approach to system security. The Information Security Policy will provide the necessary framework. An information-sharing mechanism is needed such as a protected Web site. (See item 8 below on new Information Security Policy.) IT classifications Recruitment and retention continues to be a problem at all campuses. The understaffing caused by vacancies that cannot be filled in a timely manner creates unsustainable tensions. Creative solutions are urgently needed. What can UC offer? Where will UC recruit its next generation of IT managers if turnover continues at current pace? JOG agreed to fund a consultant study to assess UC's current situation and recommend implementable actions that can be taken. Document management Discussion occurred of document management initiatives at several campuses and at OP. UCSD is piloting a document warehouse project, and UCB is preparing a RFP for document management. OP has implemented its central repository for major documents, replacing the old microfilm system. This area is requiring increasing attention, with a need for enterprise solutions to augment or replace the confusing patchwork of local initiatives that do not interconnect. JOG decided to make this a continuing agenda item. Taxpayer relief act OP workgroups are developing requirements for reporting to the IRS and students. A RFP will be issued for a vendor to do UC processing and provide telephone support. Responses are due July 24, and a contract is anticipated early August. Telephone support has been outsourced. Technical issues arising from multiple data sources (campus, UNEX, summer session) intersect with FERPA privacy issues. University policies (a) The existing UC security guidelines have been revamped into an Information Security Policy (Guidelines?) in response to Deloitte & Touche recommendations. JOG members are invited to comment on the draft. The Guidelines will be issued as a BFB following review by the Vice Chancellors-Administration. JOG members are asked to comment to Jim Dolgonas by June 3. (b) Systems Development Standards are scheduled to be reviewed now, but experience is still scant, and a Fall review may be more productive. ESTF Although final funding approval for the ESTF Report recommendations has not been received, work is underway. The revised GUI interface for the Payroll/Personnel system has been started under a cross-campus collaboration. Work on the University Directory is also well underway. Business Officer Institute JOG is collaborating in the design of the IT portion of the Business Officer Institute curriculum. That portion of the curriculum is guided by a committee composed of Dave Tomchek (chair), Diana Brown, Larry Sautter, Jim Dolgonas, and Dave Scronce (HR). In discussing the proposed curriculum, JOG members emphasized that business officers need to understand the division of IT responsibilities among departmental business officers, functional units, and IT organizations. Appropriate information should be provided about (a) where to go for information and what the central IT organization does; (b) hot topics; (c) future changes in the UC technology environment; security; University policies; supervision of department technical support; site licensing; business process analysis. The workshop will be given several times a year, so there is a need for a "plug-and-play" IT agenda and presentation so that different people can teach it in a standardized way. University audit Following input from JOG, the external auditors have been asked to focus on information security, disaster recovery planning, Year 2000, and recruitment and retention. Campus reports indicated that this seems to be happening. ADA compliance Expansion of Web use is raising issues of accessibility for people with physical impairments. It is critical that system developers design sites with accessibility in mind. This should be an item for future JOG discussion. OP agreed to circulate list of URL's pointing to appropriate websites. Web Developers’ Conference Agenda proposed by Jim Dolgonas has been favorably received. Conference will be scheduled when Dell speaker agrees to a date. Jim Dolgonas will send out a notice when the date is set JOINT MEETING JOG and CPG Electronic Communications Task Force The Task Force will be reconvened to generalize from the Email Policy to an electronic communications policy, beginning with acceptable use. Faculty will be involved from the outset. Authentication Progress was reported on the Authentication Project. The certificates for the prototype project will be distributed using the Netscape Browser technology. The initial test projects will be MelWeb and Employee Self Service, with the latter permitting new hires to choose their benefits via the Web. Both should be available by the Fall. Prototyping and interoperability tests require campus participation. Policy structure surrounding issuance and maintenance of certificates will be more important than technology. COMMUNICATIONS PLANNING GROUP Year 2000 Discussion echoed JOG discussion. No assumptions are possible; network and communications systems, including 800 MHz, must be tested. A reporting template for communications will be developed. CENIC/CalREN2/Abilene It is expected that he CalREN2 network will be turned over after testing in early July. Abilene may reduce some CalREN2 needs and, particularly for the north-south link. Project implementation is contracted to ISI. CENIC will hire a fulltime president/executive director. RFPs will be issued for Network Operating Center support and Web support. The CENIC board is working through policies on acceptable use and classes of associates. Internet Service Provider Previous Sprint arrangement is no longer available. Exodus offers best possibility, including switchover to CalREN2. Concern about possible disruptions in transition led to decision to continue Sprint service for an additional month as backup. 1998-99 estimates are projected on basis of same usage. NOAG is responsible for planning the transition. Communications and operations plans are needed and should be circulated to campuses. N OAG will meet at the CENIC conference to plan transition. Future of telephony Although network voice applications are available, the quality of service is not adequate to replace PBX for at least five years. Wireless telephony may emerge for voice applications, even across and within campuses. Voice and data convergence on the desktop does not necessarily require network convergence behind them. Videoconferencing The VTC network will shift to the ATM portion of CalREN2. The intent is to move from VTC rooms to room- and desktop-based applications. OP will set up a working group to review options and share testing. Campus reports Individual reports are on the Web.

JOINT OPERATIONS GROUP Meeting May 12-13, 1998 LBL

JOINT OPERATIONS GROUP
Meeting May 12-13, 1998
LBL