Lessons from a large scale outsourcing contract

November 17, 2014

In 2007 Somerset County Council created a joint venture company (JVC) with IBM to provide services such as IT, Finance and HR/Payroll to the Council and other similar organisations. The Council have recently published a report on the lessons learnt and some of these may be applicable to the higher education sector as we seek to establish cost sharing groups to provide shared services, or indeed make use of managed contracts to deliver aspects of our back office functions. I’ve identified two below.

The JVC had three initial clients – Somerset County Council themselves, Taunton Deane Borough Council and Somerset Police. The first issue relates to governance. The report notes that the supplier had difficulty in managing the sometimes conflicting expectations and services for the three initial clients and that the partnership “depends upon having similar incentives and an understanding of each partner’s requirements”. This is challenging for shared services where, in order for services to be shared, processes and systems have to be standardised across the partners. Any changes have to be agreed and implemented by all. However there were times when the three clients had differing requirements. Managing the delivery of services that are different (even slightly) brings an additional overhead. Either way, the mechanism for resolving resourcing and operational conflicts needs to be established and agreed at the contract stage and embedded in service level agreements.

The report also notes that the “Client function monitoring a major contract needs to be adequately resourced”. This is an area where the higher education sector has struggled with in the past and it isn’t just a matter of resourcing – those monitoring need to understand what actions are open to them in the event of a service failing to meet the desired quality. Part of this is down to the relationship between the client and supplier. If the focus is too heavily on service metrics and tying that into the contract then you are likely to end up having a very mechanistic way of determining service quality with neither party fully understanding the needs and goals of the other. If, on the other hand, the relationship is built on trust and a true partnership established, then there is a better chance of a shared understanding, greater flexibility (by both parties) and consequently a better service. Metrics based performance indicators have their place but they need to be supplemented by softer measures and partnership.

Vendor management is rapidly becoming a necessary skill in university and college IT service departments. This does not just apply to managed services; the University Nottingham won a UCISA Best Practice Award in 2010 for their supplier relationship management programme where the University’s IT suppliers were all allocated a Supplier Relationship Manager. This required a heavy investment in staff development but the return was an improved working relationship with suppliers, strong buy-in from the staff and an improvement of service levels and reliability for end users, in addition to a significant financial return on investment.

It is fair to say that there is not yet a contract of the complexity of the South West One Contract between Somerset County Council and IBM. That’s not to say that there won’t be and, when the time comes, the sector should to look for similar contracts to understand what worked and what didn’t. However, some of the lessons here are applicable to smaller contracts and shared services. We should do well to heed them.


Current challenges for Higher Ed Corporate Information Services

November 10, 2014

I circulate a briefing to exhibitors ahead of each of UCISA’s main conferences. As we are approaching CISG14, here’s my take on the current state of the nation…

CIS Services – current issues

It is three years since both the UK and Scottish Governments published White Papers encouraging the sector to put students at the heart of the system. Since then, institutions have focussed on the student experience, streamlining processes and improving facilities. That focus continues. Although some have invested in bespoke applicant environments, there is recognition that institutions need to do more to foster a long term relationship with applicants to ensure that they translate from applicant to student through to graduation and alumnus. IT systems are at the hub of this transition. Institutions are looking to their student information systems to support a greater focus on the student journey. They are also investigating how CRM systems can help engagement with applicants, students and alumni, moving from administering customers, to putting them at the centre of what we do.

There is a growth in the use of analytics to assist in the support of student services. The focus has primarily been on retention, tracking the interactions students make with a variety of systems (e-assessment, online learning, the Library, IT systems login, security systems) to identify those students who are not engaging with the institution and so are at risk of dropping out. However, there is evidence that institutions are making wider use of the data they hold to recommend materials to students to assist in their studies or to recommend modules based on previous performance. The student now gets a much more personalised experience, with tailored information delivered through portals or apps from a variety of systems and benefits from increased automation of processes.

There continues to be pressure on recurrent spending and so it has become increasingly important to know your numbers and for senior management to have accurate and timely information at their fingertips in order to inform business decisions. Knowing the costs of services is vital to demonstrating the effectiveness of efficiency and modernisation initiatives; services are being benchmarked both internally and against the operations of other institutions. Business intelligence systems are being used for much more than management reporting. They are at the heart of scenario planning exercises and are used to monitor critical business processes to identify whether performance is on target or whether remedial measures need to be taken.
IT is embedded in every aspect of an institution’s operations and continues to enhance processes and deliver business benefits. There remain challenges in ensuring that decisions to develop new services and implement new systems are linked to the institution’s strategies and plans, and are founded on strong business cases, backed by sound financial data. Effective business intelligence can assist with the latter but there remains a need to ensure that practices such as Enterprise Architecture are deployed to ensure greater understanding of the impact of change.

The way in which services are delivered is changing with a blend of outsourced and internal provision now prevalent across the sector. The range of services continues to grow and new technologies emerge and are deployed in our institutions. The IT service needs to be agile to respond to both the changes in delivery model and technological advances; both require the workforce to acquire new skill sets.


The student experience has been the focus since fees were increased to £9000. Whilst this has had a positive impact in that institutions have sought to improve facilities, there has also been an increased emphasis on making services more efficient and more appropriate for the modern age. This has been driven by a number of factors. The increase in fees has placed greater emphasis on value for money and the level of spend on administration has been highlighted as evidence that institutions are not investing in their core purpose. There has been a belief that the sector has been awash with cash and initiatives such as there continue to be initiatives to demonstrate that the sector punches above its weight whilst making improvements to aspects of its operation. There is though a declining unit of resource. Undergraduate fees are fixed and are not index linked; their value in real terms continues to decline. There is also pressure on the contributions made to the sector from Government funds. This is a particular challenge in Scotland, Wales and Northern Ireland where a greater proportion of funding is drawn directly from the national governments; a recent article on the situation in Northern Ireland in the Times Higher illustrates the issue.

Whilst the increase in fees has brought attention on the services for students, there has also been attention on the research institutions deliver. There is a growing emphasis on widening access to the outputs from publicly funded research and institutions are considering how open access to both publications and data can be delivered in a cost effective, efficient way. It is important that institutions are able to link publications to the researchers that produced them so that they can be referenced in applications for funding and so that evidence of their citation can be utilised in exercises like the Research Excellence Framework. The requirements of research focussed systems are complex as there are differences in the policies of the individual research councils and other funders as well as significant variations in disciplinary practices. It is an area that will continue to evolve and it is hoped that some standardisation and use of common identifiers can be achieved in order to facilitate the development of integrated systems.

Cyber security – top table interest

October 28, 2014

The risk cyber crime presents to the higher education sector was highlighted to Vice-Chancellors at the Universities UK Conference in 2012. Since then, there have been a series of round table discussions which have looked at the ability of the UK higher education sector to respond to cyber crime attacks. I attended the most recent of these which focused on the outcomes of a self-assessment exercise UUK promoted earlier in the year.

Those institutions that had completed the exercise will receive individual reports in the near future and a briefing will be circulated to Vice-Chancellors reflecting on the exercise. The briefing will include an additional report giving details of a number of UCISA resources that support institutions in their cyber security initiatives. The detailed results of the exercise are embargoed until the institutions have received their individual reports but, although it is clear that there is work to be done, there are some encouraging signs that cyber security is being taken seriously at a senior level within many institutions.
There are a number of factors that support this assessment. Firstly over sixty institutions took part in the exercise. In addition to these institutions, I am aware of a number of others that did not take part as they had already carried out similar work either utilising already published controls (such as the CPNI’s twenty controls for cyber defence) or by engaging external consultants.

Secondly there was a good level of interest shown in security and risk related topics by delegates at the Universities UK Conference this year. UCISA exhibits at the Conference to promote our resources and activities. Two publications that drew particular interest were the revised Model Regulations for the use of institutional IT systems and the Information Security Toolkit. Effective information security is underpinned by effective regulations and the Model Regulations give institutions a template to utilise locally. The current version of the Information Security Toolkit provides specimen policies for institutions to revise. The delegates were also interested in the Major Projects Governance Assessment Toolkit – effective governance reduces the risk of projects failing to deliver their anticipated benefits, or having major cost or time overruns.

So there are positive signs that risk and cyber security are being taken seriously. Care is needed though that cyber security is not just seen as an IT problem – people and processes are also important components in implementing effective information security measures. This is something that will be highlighted in the revised Information Security Toolkit – there is a need for senior management ownership and good governance in order for information security to be successfully managed. We also need to guard against IT only featuring at the top table for ‘problem’ issues – we need to work to ensure that the role IT can play in enhancing the student experience, delivering efficiencies is also understood by senior institutional managers.

Postscript – work is currently in progress on a revision of the Information Security Toolkit. It is anticipated that the new version will be launched at the UCISA15 Conference in March 2015.

Meeting the accessibility challenge

October 1, 2014

I attended a session at the Educause conference today on accessibility. This has become more of an issue in the US as a number of universities have faced litigation because of their lack of compliance with disability discrimination legislation. The number of cases is, in the overall context of the US education industry, relatively small but the amount of the awards made against institutions has made some university executives nervous and has driven moves towards greater compliance.

Temple University was one such institution. The University Board set a project in motion to review the current level of provision and take the steps necessary to comply with disability discrimination law. The initial analysis showed that Temple were not compliant with many aspects of that legislation – essentially in the same boat as many other institutions. I suspect that this is much the case in the UK too – there is some awareness of the disability legislation but not of what is required in order to comply.

However, Temple’s Board sought to address this, recognising that they needed to tackle to problem on a number of fronts. It was necessary to define the policy for the institution but then follow it through so that considering accessibility started to become business as usual. A broad based committee was established to oversee the project. Led by the CIO, it included representatives from the service departments but also Estates and the institutional counsel. The policy the group established was clear – we will be accessible. Responsibility for accessibility was devolved to the person providing the technology or information – so faculty were responsible for ensuring their materials were accessible and heads of service were responsible to ensuring compliance in their areas. Will became the watch word – where there were items that could not be made accessible, those responsible were challenged to think of another mode of delivery or whether the items were necessary at all.

After the initial audit, Temple instigated departmental liaison officers that were responsible for promoting the accessibility message within the department, ensuring departmental accessibility initiatives were funded and evaluating accessibility during the procurement process. The group established standards for the web services, learning spaces and IT labs with each bearing in mind the principle that accessibility should be standard provision, not the exception. Checklists were prepared to assist faculty in assessing their materials. Once the preparation was complete, the CIO promoted the policy and available support to a wide range of institutional groups through a series of roadshows.

There were some quick wins once the policy began to be implemented. The largest and most used IT labs were upgraded first bringing an instant return. Web accessibility standards were introduced and processes established to ensure compliance. Control panels in smart classrooms were upgraded. However, not everything gave so rapid a return. Although the processes were in place to ensure the web sites were compliant, adoption was slow. The guidelines for instructional materials took over 12 months to complete and a larger group was established to review and amend them as required. The initiative wasn’t cheap – Temple spent over $600k in their move towards compliance.

Not all institutions in the US had followed the same road – some opted to steer clear from even establishing an accessibility policy as they felt that doing so would put them at greater risk of litigation. I suspect the reverse is true – if you have a policy in place and plans to implement it then I believe you are less prone to litigation as you have recognised that you have a problem (in not being compliant) and are taking steps to address it. I wonder how compliant UK institutions are with the Disability Discrimination Act. My gut feel is that there probably aren’t that many. Will it take litigation in the UK to change that?

Sharing across borders

September 30, 2014

UCISA is a member of the Coalition of Higher Education IT Associations (CHEITA). Many of the issues we face in the UK are the same in other countries – it is hoped that the existence of CHEITA will encourage international collaboration to address those issues. The following is a report on the Spring meeting of CHEITA.

The Spring CHEITA meeting took place ahead of the UCISA14 Conference in Brighton, UK in March. The meeting looked at the four main issues that were identified at the CHEITA meeting at EDUCAUSE in Anaheim in October 2013 and sought to identify resources that member associations were willing to share to assist others in addressing those issues. In addition, there was a brief update on the benchmarking activities since Anaheim. The afternoon session was dedicated to the support of research and included a number of presentations. The meeting was attended by representatives from France, Italy, Sweden, EUNIS (the Europe wide association), Hong Kong, South Africa, the USA and the UK.


Susan Grajek gave a brief update on the work of the CHEITA Benchmarking Group and the work EDUCAUSE have carried out. Susan highlighted the Top Ten IT Issues and the Top Ten Strategic Technologies for 2014. The discussion in Anaheim had focused on the need to develop maturity indices for technologies in higher education institutions (HEIs). Susan noted three areas where EDUCAUSE had developed indices:

• Research computing (see http://www.surveygizmo.com/s3/1125699/Research-Computing-Maturity-Index);
• Analytics (see http://www.educause.edu/ecar/research-publications/ecar-analytics-maturity-index-higher-education);
• E-learning (see https://www.surveygizmo.com/s3/1298256/E-Learning-Maturity-Index).

In addition SURF have developed a maturity index for Green IT (see http://www.surf.nl/en/knowledge-and-innovation/knowledge-base/2014/surf-green-ict-maturity-model.html).

A meeting of the EUNIS Benchmarking Group was held in December with Leah Lang attending from EDUCAUSE. The group had identified five elements that could be established as international IT benchmarks. It was noted that there were particular challenges in measuring spend and the quality of service delivered. It was also noted that it was difficult to compare institutions internationally because of the different educational systems in each country and different institutional missions within it. The CAUDIT Complexity index may provide a mechanism for facilitating international comparison. It was noted that the index worked well in South Africa and initial results in applying the index to US institutions was encouraging.

Jisc have developed a Financial X-Ray to establish the cost of IT in institutions. This work has identified a taxonomy for IT Services in institutions and looks through financial and staffing information to identify full costs for each element of the IT service provision. This is available as a service from Jisc. It was noted that a substantial amount of effort was required to establish full and accurate costs. A group looking at benchmarking of all university services is considering using the X-Ray method across all service departments for facilitate nationwide benchmarking.

There was a brief discussion on the role of benchmarking in driving improvements and efficiencies in institutions. There is a need to link cost with the quality of the service provided, both in terms of the service itself and customer satisfaction. Without an understanding of the quality of service and its relationship with cost, there is a risk that institution management may jeopardise quality services if they compare on cost alone. The UCISA approach has been to encourage benchsharing – institutions looking at the outputs from statistics exercises should compare all aspects of that service with their peers.

In addition to core data surveys, UCISA has carried out a benchmarking study on university service desks in the UK (report launched at the UCISA14 Conference) and Technology Enhanced Learning (report published in September 2014). UCISA is also planning to carry out a survey on Digital Capabilities and will look to see how these surveys can be shared effectively across the CHEITA members.

Information Security

A number of associations were carrying out work to improve information security in institutions in their countries. Cineca have developed systems to provide services on demand. These include virtual machines, disaster recovery and a remote systems management service. Cineca are storing and maintaining scientific data sets, backing them up and managing access to them through various clients. It was noted that institutions in Italy are mandated to have business continuity plans in place; the Cineca system assists in those plans.

The regulations institutions have in place underpin good information security. UCISA was launching the latest edition of its Model Regulations at the Conference; these are designed for institutions to take and adapt as they require. In addition, UCISA was revising the Information Security Toolkit. This is a substantial piece of work and the expected publication date is March 2015. The current version is available online.

In the UK, the operations of universities are overseen by governing boards that include members with no higher education background or involvement. UCISA has worked with the Leadership Foundation for Higher Education in the UK to produce a guide for institutional governors to help them understand the application of IT in universities and the related issues that institutions might face.

Efficiencies and modernisation/cloud and shared services

It was noted that all associations seek to drive efficiencies and modernisation in their membership by promoting best practice and sharing knowledge. Those that are consortia will help their members achieve efficiencies by developing new (and potentially shared) services for their members. The challenge within individual institutions is demonstrating that initiatives are delivering the efficiencies expected.

There were a number of developments taking place in Italy. Cineca were looking at providing facilities for a use on demand service for MOOCs. The prospect of developing a system based on the complete student lifecycle was being investigated. Cineca were developing a number of cloud solutions. EUDAT is a collaborative data infrastructure which will allow research data to be shared between communities and fortissimo provides services running on a cloud based high performance computing (HPC) infrastructure. In the UK, the possibility of a data centre being shared between a number of research focussed institutions to facilitate the sharing of research data was also being investigated. The University of Aberdeen and Robert Gordon University have refurbished a data centre and are now sharing it with another institution in the North East of Scotland. The initiative won the UCISA Award for Excellence this year.

EDUCAUSE have established a working group looking at the total cost of ownership of cloud computing and are starting work to establish if Cloud is cost effective. The Financial X-ray work from Jisc started as an initiative to ensure that institutions understood their full internal costs and so were able to compare their internal provision with cloud offerings. UCISA has produced a briefing paper on Cloud Computing targeted at senior management within institutions.

There is an initiative in Europe that is looking at the area of learning analytics. The LACE project is funded by the European Union and is considering the ethical aspects of learning analytics as well as looking to share best practice.

Support of research

The afternoon part of the meeting focused on the support of research and CHEITA delegates were joined by representatives from universities and a number of other organisations. It was recognised that, with increasing international collaboration, standards played a key part in sharing information. The session opened with two presentations looking at standards.

EuroCRIS is the European organisation for international research information. Although primarily Europe based it has members worldwide, including Australia, Canada and the USA. EuroCRIS promotes sharing through CERIF, the Common European Research Information Framework. CERIF supports a range of data objects, including publication, person and funding. It is intended that Research Information Systems (RIS) will hold information or be able to import/export information in the CERIF format. In the UK, the framework has been used to track publications and harmonise reporting. Germany is following the UK model. EuroCRIS are linking with CASRAI and ORCID.

A working party formed by Jisc and including representation from UK universities, research organisations and UCISA, recommended that the ORCID was adopted as a standard identifier for researchers. Following on from that recommendation, Jisc have established a number of pilot projects to streamline the ORCID implementation process at universities and to develop the best value approach for a potential UK wide adoption of ORCID in higher education. The pilots were due to begin in April 2014 and mirror similar projects taking place in the US.

Open access to research outputs, including data, is proving a challenge to CHEITA members. The pressures to develop an infrastructure to facilitate open access come from both governments who are seeking to maximise the investment they make in research by making the outputs more publicly available, and from the researchers themselves (particularly younger researchers) who seek to build their reputations through publications. The difficulty for publications is balancing the timeliness of public access against the desire for research outputs to be peer reviewed and the commercial aspects of publishing against the open movement. Open access to research data presents a further set of problems – the data need to be made available in such a way that they are discoverable and reusable and its curation and preservation need to be well managed. Both data and publications need to be discoverable. In Italy, Cineca have produced a number of resources to assist Italian universities. These include a directory of open access repositories, a registry of archiving policies where open access has been mandated, a directory of open access journals and a portal to provide a central point of access to publications archived in Italian open access repositories and journals. In addition, they have been participating in cross-Europe initiatives such as OpenAire to support the discovery, sharing and reuse of research outputs.

The meeting moved on to discuss institutional responses to the challenge of supporting research. In both instances it was clear that institutions need to invest heavily in supporting research if they are to maintain and/or enhance their research standing. The University of Cape Town (UCT) have established an eResearch Centre. The University recognised that leading research universities have a strategy that ensures that their researchers are equipped with the latest tools and techniques to raise their profile and improve collaboration. Consequently UCT planned to build an eResearch Centre to support their strategic mission to raise the quality of research within the institution and its profile globally. The first phase is to establish the core IT infrastructure to support research – HPC, storage and on demand (cloud) services were key to the initial phase but they must also be supported by dedicated IT and Library staff with a strong understanding of research. Thereafter the infrastructure can be built on by identifying discipline focussed pilot projects to develop institutional capabilities. Interdisciplinary projects can then follow before finally moving to international collaboration.

The University of Bristol was also contemplating setting up an eResearch centre which would bring two strands of activity together. The first of these was to develop a research data service which would assist researchers to develop data management plans, provide training and assist archiving data. The other strand was to develop an effective IT infrastructure to support the diverse requirements of researchers at the University. Bristol already provide 5Tb of storage to their researchers but need to build the support and tools to further assist their research faculty.

There were a number of common themes from the two presentations. The first was that IT departments are poor at communicating with researchers – this has led to frustration and the trend for researchers to do their own thing and build their own research infrastructure and support. A possible solution to this was to create a new role of Research analyst with IT or the eResearch Centre. This would be someone with a research background who would be better placed to understand researchers’ needs and both help them to use the tools available and communicate what was required of IT. This would go some way to making things as easy as possible for researchers – the institution needs to provide tools and support to its research community.
The meeting concluded with a discussion on research infrastructure models. These varied between highly centralised and government sponsored services (such as in Finland), services developed by consortia (such as in Italy) and services developed collaboratively between institutions (a growing model in the UK). In South Africa, one institution (UCT) appears to be taking the lead. The conclusion was that there was no one size fits all solution. There are perhaps efficiencies to be gained from a coordinated national approach which may require direction from government to be achieved.

Mission impossible

June 17, 2014

I attended a session at the EUNIS conference on internet security given by Leif Nixon from the Swedish National Supercomputer Centre. The first two words of the presentation title were “Mission impossible” so it seemed unlikely that there would be many answers to the challenge of securing the internet. And so it proved. Although, as Leif pointed out, people will “hook up all sorts of crap to the internet” (his words), the problem is with how that crap is configured, allied with individuals or groups that take advantage of vulnerabilities to attack systems. A great deal of what is connected to the internet is insecure by default.

Leif highlighted a range of devices that were insecure when purchased. These included routers for which the default password for the admin username was ‘admin’. He had found how to reset the password but the chances of an ordinary member of the public resetting the password were practically nil. It was much the same story with patching firmware – even if end users received a patch to update firmware to correct a vulnerability, few would have the expertise to apply it. It wasn’t just routers that were the problem – webcams, access control systems and printers all had vulnerabilities of various forms. These included open root access, poorly configured firmware (support for which was often deprecated) and automated responses to polling on given communications ports. Such devices are not just home owned – the chances are that there will be unsecured devices in practically every organisation (Leif illustrated the point by identifying devices in a number of organisations).

Why is this a problem? In short, it is these devices that are used as the source of a range of internet attacks such as denial of service. Those that are so minded can gain control of the device or can utilise its configuration to generate targeted traffic. The consumerisation of IT means that there is pressure on low end manufacturers to produce devices at as low a cost as possible and as a consequence there is little or no effort put into ensuring that the devices are secure at sale or providing ongoing support for the firmware. There is no financial incentive for them to do so. As a result there will continue to be insecure devices connected to the internet for those who want to do harm to exploit, making securing the internet truly “mission impossible”.

Getting past “the computer says no”

April 16, 2014

Linda Davidson highlighted in her presentation at UCISA14 that IT continues to have a very negative image. There are many reasons for this but we have all had the “The computer says no” experience where IT is blamed for a lack of information or for the inability to respond to a question. It is a response borne of poor processes and is symptomatic of an uninterested and disengaged support service. The impact of the negative image is such that the services’ customers are also disengaged – they don’t even bother to ask the question as they expect a negative answer – but also it is often applied to all IT services.

Confidence in the reliability of the service underpins any efforts to build good customer relations. It is vital, therefore, to get the core services right to ensure that the service is regarded as a trusted partner and in order to be in a position of influence with key stakeholders and decision makers. All members of staff have a role to play – it is important for staff to be consistent in delivering the services message, becoming respected within their spheres of influence and to engage with the department’s customers.

The Service Desk is often the first port of call. It was encouraging, therefore, to hear Sally Bogg quote from the HE Service Desk Benchmarking report that professional standards are being adopted widely for service desk operation. As one delegate pointed out, “Service operation where is users get value from IT – get it wrong, people will think IT is rubbish”. However, many institutions are at the start of the journey; the absence of formal service catalogues and service level agreements are key indicators that the processes that underpin those standards are some way from maturity. Continued investment and continual improvement is needed to ensure that the people and processes continue to deliver quality service.

It isn’t just about changing one aspect of a service – the whole department needs to reflect the service and have a strong customer ethos. This may require a shift in attitude amongst some staff who may be set in their ways and views. Changing culture, as Chris Day observed, is never an easy journey but is necessarily the first step to improving customer service. All members of the department need to be able to engage with your customers – particularly as they may offer less formal routes to key stakeholders.

Where there is more formal contact, it is important to ensure that the individuals involved understand the needs of the customers they are talking to. That way, trust and credibility will be built. This was seen as a particular issue when talking to researchers and some have sought to address this by employing staff with a research background specifically to talk to researchers. There were, however, few examples of such a specialist role – in many instances account management is tacked on to some jobs as an afterthought or in some cases is not acknowledged at all.

It is important to remember that all staff in IT service departments are essentially account managers. They each have their own sphere of influence, through formal and informal contacts and so all have the potential to influence customers and key stakeholders in the university. They need to deliver the services message and there needs to be consistency across the piece. The difficult part is getting them all to recognise their account management role and so play their part in IT services being a valued and trusted partner so that the computer says “yes”.


Current challenges in the sector

March 19, 2014

I circulate a briefing to exhibitors ahead of each of UCISA’s main conferences. As we are approaching UCISA14, here’s my take on the current state of the nation…

Current challenges for IT departments

1. Efficiencies and modernisation

The continued uncertainty within the sector has prompted increased focus on efficiencies and modernisation. CIOs and IT Directors continue to look at different ways of providing services and at streamlining operations. Many IT departments now deliver services by blending outsourced provision with internally provided services. The sector has been slow to adopt new shared services but there is growing evidence that institutions are looking to collaborate to share data centres and infrastructure. One such example is the North East Scotland Shared Data Centre which won the UCISA Award for Excellence and is featured in the University Showcase sessions on Wednesday afternoon.

Work on delivering efficiencies is not restricted to outsourcing alone. Many IT departments have responsibility for process improvement and for working with other departments within the institution to make more effective use of IT systems. The IT department will play a critical role in assisting the institution in identifying the benefits of new systems, prioritising those developments and demonstrating those benefits post implementation.

2. Student services and engagement

The advent of higher fees has seen a shift in attitude towards the student body in institutions. Students are now seen as partners helping shape decisions in their institutions and there is ongoing investment in understanding students’ expectations in order to build responsive services. In addition to the improvements in student engagement, institutions are looking at how they can make better use of the data they hold in order to both improve retention and improve student satisfaction. The aim of many of the efficiencies initiatives taking place in institutions is to improve the service for students, either by providing access to resources that could not be accommodated in house, or by improving system resilience. Additionally institutions are investigating ways of providing access to institutional resources from off campus.

3. Research data management

Whilst the changes in the fees regime are driving efficiencies and student related initiatives, a drive from Government and the Research Councils has made managing research data is a particular challenge to CIOs and IT Directors. There is a need to store large volumes of data generated as part of academics’ research but also to provide and manage wider access to that data for an extended period once the research has been completed. However, not all data should be openly available. Institutions carry out research that is commercially sensitive or contains personal (particularly medical) data; clearly such data needs a different level of protection to ensure that the information remains secure.

The current environment

A year ago the sector was managing the impact of the change in fees regimes in each of the four home countries. Although there was an overall fall in student numbers, the impact varied from country to country with the drop in undergraduate numbers not unexpectedly most pronounced in England. The different fees strategies saw an increase in EU enrolments offset a fall in UK domiciled undergraduates in Scotland but elsewhere EU student numbers also declined. There were, however, signs of recovery with undergraduate applications for courses for the current academic year increasing.

The optimism that undergraduate student numbers would bounce back was not misplaced – there were a record number of students placed into higher education through UCAS for the 2013/14 academic year. However, that does not give the complete picture. There were a number of institutions that failed to fill their undergraduate places despite the record numbers of acceptances UK wide. The sector has not seen a similar recovery in postgraduate and part time enrolments and there is evidence that the number of international (non-EU) students wanting to study in the UK is decreasing. This has led to a wide variation in the financial performance of individual institutions across the sector, and some institutions will face challenges if they experience repeated falls in student recruitment.

There are 30,000 additional places available at English higher education institutions for 2014/15 and the student number cap will be removed altogether from 2015/16. The removal of the cap will create both opportunities and risks, and increasing levels of uncertainty over student recruitment. This could lead to greater volatility in financial forecasting and even greater variations in individual institutional financial performance.

One impact of the increased competition has been greater emphasis on infrastructure and systems relating to all aspects of the student experience. Many institutions invested in their infrastructure ahead of the increase in fees but institutions continue to make capital investments in infrastructure, particularly where there has been historic underinvestment. There is concern, however, that the current growth in capital investment is not sustainable, with accounting changings requiring institutions to carry pension scheme liabilities on their balance sheet impacting available reserves and uncertainty over future student recruitment.

It is clear that the future higher education environment will be characterised by increased competition and as a consequence, institutions will need to be more agile in order to stay ahead of or respond to the competition. IT is critical to higher education institutions with IT embedded in every aspect of an institution’s operation. This will require a highly skilled IT department which, from the top down, has a good understanding of the institution’s business and aims.

The Conference website gives details of the programme and will include the presentations. I am looking forward to many good conversations with delegates and exhibitors alike.

Shout it from the rooftops!

November 27, 2013

One of the messages from the Universities UK conference in September was that universities need to do far more to promote themselves. There continues to be scepticism about the value of universities and the introduction of the new fees regime has fuelled that scepticism further. In addition, there is a belief by some in Whitehall that the sector is “feather bedded” and inefficient. In his address to the conference, the Universities UK President, Christopher Snowden highlighted two risks identified in a report from 2011 by the National Coordinating Centre for Public Engagement – that

“public support for investment in the sector could be damaged because society does not fully appreciate the value of higher education”

and that

“without better insight into how universities generate value, we miss an important opportunity to achieve more with limited resources, and will struggle to engage in purposeful debate with wider society about the future direction of the sector”

He noted that “We need to pull together and communicate the value of higher education using real examples that mean something to the public, business and politicians”. It was a theme Toni Pearce, President of the National Union of Students, revisited in her address at the same conference. Universities need to go out and promote both themselves and the sector.

Although the focus of both addresses was at the institutional and sector level, there are some clear parallels for IT service departments within institutions. They are facing similar challenges internally – the value of what they deliver is not understood. All too often IT is seen not as a strategic contributor to the success of the institution but as a utility and a cost. To paraphrase Christopher Snowden, we need to communicate the value of IT using real examples that mean something to institutional management.

Delivering that message isn’t just restricted to the IT Director or the CIO. Everyone in IT Services has a role to play, to be on message, to listen to the customer, understand what they are trying to achieve and to promote what IT services does. There needs to be an efficient mechanism within the department to harvest all this information and to act appropriately on it in order to ensure that IT services can improve the service and anticipate demands. Providing a quality service, listening to customers and responding to their needs will go some way to IT services becoming a trusted partner in delivering their institution’s strategic aims.

There are, of course, other opportunities to demonstrate the excellent work that IT services perform – awards. UCISA has invited entries for both the Award for Excellence and the Amber Miro Memorial Award for innovation. Success gains recognition from the Vice Chancellor of the winning institutions and provides the opportunity to promote the institution more widely in the sector. However, institutional IT service departments face a wide range of challenges with demanding customers in a complex environment. They are delivering quality services comparable to commercial companies. So it is all the more pleasing to see two universities beating large commercial organisations to win awards at the UK IT Industry Awards. Congratulations to the University of Aberdeen (and their partners Robert Gordon University and North East Scotland College) for taking the Data centre project of the year category and to the University of Derby for winning the Network/infrastructure project of the year. I hope that the PR departments of the two universities promote their success beyond the institutions. We need to take every opportunity to demonstrate that universities are efficient and effective in delivering quality services, to promote not just IT services within institutions or even within the sector, but the sector as a whole.

Challenges for heads of Corporate Systems departments

November 20, 2013

I write a briefing for the Exhibitors at the UCISA CISG Conference which focuses on the challenges the Conference delegates are facing and highlights the current issues in the sector. The briefing is below….

Challenges for CISG delegates
1. A blended approach to service delivery

IT service departments have long been in the position where they have had to support an increasing number of systems and services without a commensurate increase in resources. This has led to increased adoption of outsourced services for some aspects of the service whilst retaining a core of services in house. It is rare that the reason for outsourcing a service is to reduce costs. More often it is to improve the service offered, to free up resource within the IT department so that it can be redeployed on projects more closely aligned with the institutional mission, or to address skills shortages. The move to a blended delivery model has its challenges; integrating services from a range of providers is not cost free and institutions have to ensure that any outsourced service has at least comparable resilience to those provided in house. There is still some uncertainty amongst senior university management about the role cloud services may have in providing IT services and storage, particularly with regard to managing research data. This uncertainty is reflected in a continued trend to build data centres rather than procure cloud services.

2. Business intelligence, analytics and data/information governance

The volatility in student numbers over the past two years has resulted in increased use of business intelligence and analytics to model potential scenarios to assist planning. Analytics are also being used to improve retention by using data from a variety of sources to identify those students at risk of dropping out and we are starting to see more attention being paid to the potential for learning analytics to assist students in making their module and course choices. This has, along with the implementation of the Key Information Set (KIS), highlighted the variable quality of data within institutions and has brought greater focus on information and data governance. The need for strong information governance has been highlighted by the Department of Business, Innovation and Skills in its briefings on cyber security. Although primarily focused on ensuring that sensitive research is adequately protected, they have resulted in a greater attention being paid to managing information, securing data and ensuring compliance with legislation within an environment where open access, particularly to publicly funded research, is encouraged. The growth in the use of portable devices such as laptops, tablets and smartphones both on and off campus to access corporate information and to possibly store personal information and university records presents a new challenge in preventing data protection breaches and ensuring an institution’s data are not compromised. CISG are running an event on information management and governance in January which may be of interest.

3. Skills shortages

One of the reasons institutions have cited for moving to a managed service has been to address skills shortages. A number of institutions are facing skills shortages in key areas. This is partly as a result of year on year budget and staffing cuts which have meant that there is no flexibility in managing staff resource, and partly because internal role evaluation exercises have led to the salaries for technically focused posts being unattractive for suitably qualified personnel. This may see an increase in the use of external agencies to deliver projects and an increase in the use of managed services, either for service provision or for specialist IT support.

The current HE landscape

The 2013 admissions cycle closed with a more positive outlook for the sector as a whole. The number of undergraduate admissions returned close to the 2011 levels after the expected dip in numbers in 2012 and many universities achieved their target numbers. However, there remain concerns about the drop in postgraduate, part-time and mature student numbers and the impact of the Home Office rhetoric on immigration continues to be felt with international students proving harder to attract.

Although many universities budgeted for a drop in student numbers in 2012, few anticipated how far short of achieving their targets they would fall. This has resulted in institutions cutting budgets further whilst still looking to continue to invest in improving the student experience. The recovery in student numbers, whilst welcome, does not signal a significant improvement in the ongoing financial position for institutions. There are growing pressures on research funding and with requirements for open access to resources and long term storage of data, institutions are having to do more with, at best, the same but in many instances, less. The same is true of fee income. Undergraduate student fees are not increasing with inflation and so are falling in real terms, whilst the costs of teaching continue to rise. Consequently the focus on efficiencies and modernisation remains. Institutional initiatives are supported by national programmes to improve efficiency, notably by driving savings through better procurement. There will be many institutions that will look to modernise their processes by implementing new IT systems. However, IT is only part of the solution; the introduction of a new IT system needs to be supported by process improvement and, in many instances, a change in culture. The recent UCISA publication Strategic challenges for IT departments highlights the complexities of successfully embedding IT systems and services to deliver successful business goals.

The White Paper Students at the heart of the system, published in 2011, recognised the need for reducing the reporting burden on universities. The HEDIIP programme has been instigated to attempt to reduce this burden and looks to enhance the arrangements for the collection, sharing and dissemination of data and information about the UK higher education system. The Director of HEDIIP, Andy Youell, spoke about the Programme on Wednesday afternoon.

You can view the presentations from the conference from the link on the conference web page.