Review Report

Review Report
Information Solutions & Services (ISS)
Finalised: 22/03/2011
Mary Crowe, Chief Information & Technology Officer, University College Dublin; Lesley Beddie, Director
of University IT, Durham University; John Holohan, Manufacturing Supply Chain IT Manager, HewlettPackard Ireland; Mary Ryan, Director of Academic Administration, Examinations Office, NUI Galway
(Cognate); Michael Lang, Lecturer, J.E. Cairnes School of Business & Economics, NUI Galway (Chair &
Key Strengths
Feedback from customers and users of ISS is predominantly very positive.
The staff of ISS are highly skilled, dedicated, innovative and open to change.
The definition of a service catalogue and the use of metrics to assess the quality of service
delivery has greatly enhanced the level of service provided by ISS.
The ISS unit is very supportive of staff as regards professional training, education, and skills
ISS has a strong collegiate sense of values and is very committed and loyal to serving the needs
of the university.
The ISS unit is becoming increasingly professional and streamlined in the way it plans and
executes its activities.
Staff of ISS have a unique and distinct advantage as regards their knowledge of managing
projects and processes within NUI Galway and the strong personal bonds they have built with
their internal customers.
Key Recommendations
The following set of 10 major points covers a demanding and wide set of improvements. In order to
achieve these, good governance and support from the University will be necessary. It is essential that
there must be a coherent and planned/prioritized approach taken over a 3-5 year timeframe to address
these issues.
1. There is a need for a clearly articulated university-level ICT Strategy, aligned with the NUI
Galway University Strategy and Support Services Strategy, alongside which there should be a
well-defined governance process to guide the prioritisation, selection and approval of ICT
projects and annual planning.
2. As a matter of urgency, a thorough analysis of ICT systems risk must be conducted within NUI
Galway and appropriate steps need to be taken to mitigate high-risk situations; in particular,
the concentration of certain skills within individual members of ISS staff has resulted in a
precarious dependency which can impede the execution of critical university activities.
Senior posts within the ISS are currently not filled on a permanent basis (i.e. Director of ISS,
Head of Solutions Group, and Head of Service Delivery Group); this uncertainty of management
structures presents a risk to the unit and the university at a time of high expectations and
transformative change. We therefore recommend that these senior posts be filled immediately.
The difficulties of integrating data between different systems, and the inability of end-users to
access information and create their own reports, are major issues which frustrate end-users
and place a substantial service request burden on ISS. In order to solve this problem, there
must be a well-articulated and documented ICT architecture, both in terms of technical
infrastructure and enterprise data. A well-defined ICT architecture is critical in order to be
able to build an institutional data warehouse.
As regards infrastructural refresh, there is a serious risk to NUI Galway from the lack of
planned funding i.e. beyond annual budgeting timeframe. NUI Galway has a major dependence
on systems which will be compromised by infrastructure issues unless this is addressed.
The ISS group needs to develop a proactive strategic plan in consideration of impending
changes and demands arising from government strategy to reform the public sector, the
university’s strategic imperative to raise its international profile and reputation, and major
planned projects currently on the horizon (e.g. Research System, Institutional Data Warehouse,
Academic Simplification Project). ISS will need to address demand on their resources posed by
these issues and consider ways to release ISS staff to engage in high-value work that leverages
their distinct abilities and privileged knowledge. In particular, the amount of time spent on
Level 3 support is a major barrier to innovation.
An ICT security education programme needs to be implemented so that all staff of NUI Galway
are aware of the university’s policies on data protection and are regularly informed of
recommended practices to safeguard the security/integrity of the university’s information
assets. Appropriate technical and procedural mechanisms should be put in place to ensure that
these policies are complied with. The NUI Galway ICT security policy should have clearly
defined roles and responsibilities for information ownership and information security across
the university.
End-users of ISS services and solutions are not fully clear on who to contact to resolve a
particular problem and find that they can get “passed around”. Workflow boundaries need to
be defined and communicated so that roles and responsibilities are unambiguous, especially
between ISS and related partner units (e.g. CELT, Security Office) and between ISS and principal
administrative functions (e.g. Examinations, Admissions, Buildings, Finance, HR).
There appears to be a substantial opportunity to reduce the service request workload by
enhancing the ways by which end-users can resolve their own issues quickly e.g. self-service,
training. We recommend that data collected from the ticketing system and other service
quality metrics be analysed to provide direction and action plans for continuous service
ISS need to establish transparent processes by which they interact with their customers and
elicit project requests / user needs. As one aspect of this, we suggest that ISS should directly
engage with representative user groups as a means of capturing feedback, listening to the
“voice of the customer”, and exploring problems/opportunities.
Other Recommendations
11. In relation to NUI Galway’s strategic objective to use information and ICT to enable the
University and its constituent units to “conduct their work efficiently and effectively”, it is
necessary for ISS to enhance its business systems analysis capabilities. The transformative
capability of ICT to deliver efficiencies and increase value-added, particularly within
collaborative knowledge work environments, should be investigated.
12. A mechanism needs to be put in place whereby service requests that are critical and urgent
can be prioritised for immediate action.
13. ISS should use the opportunity to get feedback now from users of the ticketing system on
ideas for further improvement and adoption.
14. As requested by some customers of ISS, appropriate “Service Level Agreements” should be put
in place. Consideration must be given to the implications of the demand for guaranteed
“24/7/365” up-time/support for some systems.
15. Inconsistency over the policy on end-users’ desktop type (i.e. “locked” or “unlocked”), which
seems to be a historical legacy of former MIS / Computer Services division, needs to be
resolved. End-users whose desktops are locked need to be aware of how to make software
installation requests, particularly in urgent situations.
16. We recommend that the good progress already made on identity management be continued
and extended so as to simplify access to all systems through elimination of need to have
multiple different usernames/passwords.
Comments on Review Process
 The review panel were inside all day, working through lunch. Time set aside for “Review Team
Alone” tended to be used to absorb slack, so 30 minutes scheduled “downtime” should be
allowed for.
 The formatting and presentation of the ISS Self Assessment Report could have been better,
particularly as regards a number of tables and graphs which were not elaborated upon and
presented in a way that was not meaningful to the reviewers.
 Whilst they responded well to questions and spoke readily about ISS and the services at their
meetings with the Review panel, the Students and Academic staff expressed at the beginning
that they were unclear about what was expected of them in the meetings. It was also clear that
not all members of ISS staff had read the Self-Assessment Report.