The COUNCIL and the GENERAL BOARD beg leave to report to the University as follows:
1. During the academical year 2005-06 the Standing Joint Committee on Information Strategy (the Information Strategy Group) and the Information Technology Syndicate considered arrangements within the University and its institutions for the supervision and development of the University's information strategy, and the associated information communication and technology services, systems, and development projects. They were advised in this regard, inter alia, by an internal audit review commissioned by the Audit Committee.
2. The Internal Audit Review concluded that:
The Information Strategy Group has a prominent role within the University, yet is not enshrined in the University's Ordinances. We have suggested that, as a result of this, there is a risk that its decisions proposals/recommendations will not be afforded sufficient weight to ensure that they are adopted effectively.
3. Since the first meeting of the Information Strategy Group (ISG) in June 2001, there have been considerable developments in the University in the governance of information technology systems, the management of services, and the deployment of major administrative systems, notably the Cambridge University Finance System (CUFS) and the new Student Information System (CamSIS). The Audit Review concluded that:
Overall, … the IS and IT governance and strategic planning systems and controls in place for the management of the risks identified are satisfactory, but capable of improvement.
4. The ISG has supervised the project management of the new systems, receiving systematic reports on progress from the Chairs of the relevant project management boards and itself reporting to the Planning and Resources Committee and the Council. The Group also receives annual reports from the Director of the Management Information Services Division and the Data Protection Officer. In addition the ISG received and endorsed an information strategy, prepared by its subordinate working group, the Information Strategy Task Force (ISTF), and this strategy was subsequently adopted as policy by the Council. Furthermore, work by the ISTF revealed the very high level of utilization of networked systems across the University (notably via 'the Web') and the high degree of reliance upon them. This reflects, in part, the very fast changes in technologies which facilitate such developments.
5. In the same time frame, and for similar reasons to those given above, the work of the Information Technology Syndicate (ITS) has also changed, being less concerned with the management of the University Computing Service and becoming more focused on strategic issues of service provision. In short, the work of the ISG and ITS has converged.
6. In the light of this, whilst acknowledging the good progress which has been made, the Internal Auditors further concluded that:
The University has instituted numerous groups to oversee various aspects of the IS and IT framework. While we consider such groups to be essential to the oversight and management in this area, there is a significant risk that the governance framework may become fragmented and ineffective, especially in areas where management by committee is in place.
7. In view of this observation, the Council and the General Board believe that the opportunity should now be taken to streamline the supervising committee structure of the field of information strategy and information technology governance, maintaining and enhancing the philosophy of good financial, systems, and project management whilst, at the same time, enabling line managers to run their parts of the structure efficiently and with despatch.
8. The Council and the General Board therefore propose that the Information Strategy Group and Information Technology Syndicate be merged into a single Information Strategy and Services Syndicate, advising both the Council and the Board, and that this Syndicate should be supported by such Sub-syndicates, project management and functional policy boards, and other task forces as the Syndicate deem to be useful for the execution of its responsibilities. The regulatory responsibilities of the Information Technology Syndicate would be assumed by the new body. The membership of the proposed Syndicate reflects its responsibilities to the University and Colleges for oversight of information strategy. The operational work of the present Group and Syndicate will transfer to the proposed Sub-syndicates, the memberships of which will be subject to the approval of the Syndicate which will be expected to include additional representatives of the key stakeholders currently represented on the ISG and the ITS, in particular the Colleges.
9. The Council has re-examined the recommendation of Professor Shattock in his post-CAPSA review that the University should consider the integration of the University Computing Service and the Management Information Services Division of the Unified Administrative Service. The Council does not believe that it is necessary or appropriate to merge these separate managerial units. Not only would there be a significant opportunity cost in a merger but the change in the governance arrangements proposed in this Report and the increased collaboration between the two units, when taken with the overall conclusions of the Audit Report, suggest to the Council that the present arrangements will be capable of delivering the operational support the University needs over the medium term.
10. The Council has been advised that the Director of the University Computing Service has taken on the role of Project Sponsor for the development project, currently overseen by the Joint Telecommunications Management Committee, for the replacement of the University's telephone network, shared with the Colleges. Following consultation with the Joint Committee and with the staff concerned it is recommended that the staff of the Telecommunications Office be transferred to the Computing Service and the Joint Committee's responsibilities be absorbed by the new Syndicate, recognizing the convergence of the technologies involved.
11. The Council and the General Board accordingly recommend:
I. That the regulations for the Information Technology Syndicate (Statutes and Ordinances, p. 128) be rescinded and that a new Information Strategy and Services Syndicate be established to be governed by the regulations set out in the Annex to this Report.
II. That, subject to the approval of Recommendation I, all references to the Information Technology Syndicate in the Ordinances be replaced by reference to the Information Strategy and Services Syndicate.
III. That, subject to the approval of Recommendation I, the regulations for the University Computing Service (Statutes and Ordinances, p. 606) be amended as follows:
Regulation 3(a).
By deleting from the last sentence of this sub-paragraph the words 'Secretary to the Information Technology Syndicate and shall also act as'.
IV. That, subject to the approval of Recommendation I, the regulations for the Granta Backbone Network Management Committee (Statutes and Ordinances, p. 934) be rescinded.
V. That, subject to the approval of Recommendation I, the regulations for the Joint Telecommunications Management Committee and for the University Telecommunications Manager (Statutes and Ordinances, p. 935) be rescinded.
| 18 June 2007 | ALISON RICHARD, Vice-Chancellor | D. W. B. MACDONALD | LIBA TAUB |
| ROSS ANDERSON | G. A. REID | JOAN M. WHITEHEAD | |
| NIGEL BROWN | DAVID SIMON | RICHARD WILSON | |
| WILLIAM BROWN | VERONICA SUTHERLAND | S. J. YOUNG | |
| DEBBIE LOWTHER |
| 6 June 2007 | ALISON RICHARD, Vice-Chancellor | RICHARD FRIEND | MELVEENA MCKENDRICK |
| JOHN BELL | JACOB HEAD | KAMIAR MOHADDES | |
| TOM BLUNDELL | RICHARD HUNTER | PATRICK SISSONS | |
| WILLIAM BROWN | D. W. B. MACDONALD | I. H. WHITE | |
| PHILIP FORD |
1. The Information Strategy and Services Syndicate shall consist of:
| (a) | the Vice-Chancellor (or a duly appointed deputy) as Chairman; |
| (b) | four persons appointed by the Council including two on the nomination of the Colleges Committee; |
| (c) | four persons appointed by the General Board of the Faculties; |
| (d) | one person elected from among their own number by the combined officers of the University Computing Service and the Management Information Services Division of the University Offices; |
| (e) | one member of the University in statu pupillari, co-opted by the Syndicate; |
| (f) | not more than two persons co-opted by the Syndicate, provided that it shall not be obligatory for the Syndicate to co-opt any person or persons. |
2. The Registrary, the Librarian, and the Directors of the University Computing Service and of the Management Information Services Division and the Finance Division of the University Offices shall have the right to attend meetings of the Syndicate.
3. The appointment of members in classes (b) to (c) shall be made in the Michaelmas Term for periods of four years from 1 January following. An election of members in class (d) shall be held in the Michaelmas Term of every year of which the number is even; the procedure for such an election shall be that prescribed in the Single Transferable Vote Regulations, except that the returning officer shall be the Chairman of the Syndicate or a deputy appointed by the Chairman. Members in class (d) shall serve for two years from 1 January following their election. Co-opted members in class (e) and (f) shall serve until 31 December of the year following that in which they are co-opted, provided that if the member in class (e) ceases to be in statu pupillari he or she shall thereupon cease to be a member in that class.
4. The Registrary shall appoint the Secretary of the Syndicate, in consultation with the Directors of the University Computing Service and the Management Information Services Division and the Chairman of the Syndicate.
5. It shall be the duty of the Syndicate:
| (a) | to establish and keep under review, subject to the approval of the Council and the General Board and in consultation with the Senior Tutors' Committee and the Bursars' Committee where appropriate, an information strategy in support of the aims and objectives of the University and the Colleges; |
| (b) | to promote the adoption of the information strategy where appropriate throughout the University and the Colleges, and advise on developments in information technology and its implementation; |
| (c) | to keep under review the information requirements of the University and the Colleges, and advise the Council and the General Board on priorities for and other matters relating to the development and application of appropriate information policies, facilities, and services in support of those requirements; |
| (d) | to ensure that any such information policies, facilities, and services provided are operating effectively and are fit for purpose; |
| (e) | to oversee the direction and planning of the University Computing Service and Management Information Services Division and to approve general principles for the allocation of resources and priorities in the use of their facilities; |
| (f) | to be responsible for ensuring that appropriate project and budgetary management and control mechanisms are in place for such major information systems and technology projects as the Council or the General Board may from time to time determine; and to be accountable for the funds allocated for such projects; |
| (g) | to make, or amend, and publish rules, subject to approval by the competent authority, for the regulation and security of the use of information technology facilities within the University, and of such computing facilities in College institutions as may be designated for this purpose from time to time by the appropriate College authorities concerned, and to impose on a person infringing one or more of those rules either or both of the following penalties: |
| (i) | the suspension of authorization to use computing resources for such a period as the Information Strategy and Services Syndicate shall determine; |
| (ii) | a fine not exceeding £175. |
| (h) | to make an annual report to the Council and the General Board and to the Senior Tutors' and Bursars' Committees. |
6. There shall be a Standing Sub-syndicate of the Information Strategy and Services Syndicate on Service Management. The Syndicate shall appoint a Chairman of the Sub-syndicate and the Directors of the University Computing Service and the Management Information Services Division shall be members of the Sub-syndicate, ex officio.*
7. There shall be a Standing Sub-syndicate of the Information Strategy and Services Syndicate on Network Management. The Syndicate shall appoint a Chairman of the Sub-syndicate following consultation with the Chairman of the Bursars' Committee. The Director of the University Computing Service shall be a member of the Sub-syndicate, ex officio.*
1. There shall be a Standing Sub-syndicate of the ISSS which shall be known as the Service Management Sub-syndicate:
2. 'Service' shall be defined as an application or set of software tools running on a defined hardware platform the whole supported either by the University Computing Service (UCS) or by the Management Information Services Division (MISD) or the two in co-operation with each other.
3. The Sub-syndicate shall have a Chairman appointed by the ISSS and the membership shall be determined from time to time by the ISSS always provided that the membership shall be suitably representative of stakeholders in the use and delivery of Services.
4. The Directors of the UCS and MISD shall be members of the Sub-syndicate, ex officio.
5. The Chairman shall appoint a Secretary who shall ensure that a list of Services under supervision is maintained and agreed with the ISSS and keep records of meetings and decisions.
6. For each Service the Sub-syndicate shall oversee delivery and development as follows:
| (i) | For each Service a Service Level Agreement (or equivalent) shall be prepared by the responsible division. This shall define the facilities to be provided together with quality standards such as availability and repair time and the management of faults. The Sub-syndicate shall approve all such documents formally and subsequently review reports on compliance provided by the responsible Divisional Director. |
| (ii) | For each Service a list of minor enhancements and a roadmap for ongoing development shall be provided by the responsible Divisional Director and approved by the Sub-syndicate. This document shall provide at least a two-year rolling view of planned work updated each term. |
1. There shall be a Standing Sub-syndicate of the ISSS which shall be known as the Network Management Sub-syndicate:
2. The Sub-syndicate shall be responsible under the advice of the Director of the UCS for all aspects of network service policy and provision of core services within the University and Colleges including telephony and all multimedia services. Core services shall be defined as those services to which institutions connect their local infrastructure at an agreed service delivery point.
3. The Sub-syndicate shall have a Chairman appointed by the ISSS following consultation with the Chairman of the Bursar's Committee and its membership shall be approved by the ISSS on the recommendation of the Chairman, always provided that the membership is suitably representative of the stakeholders who use the service and are responsible for its delivery. The Director of the UCS shall be a member of the Sub-syndicate, ex officio. The Chairman shall appoint a Secretary who shall keep records of meetings and decisions and copy the same to the Secretary of the ISSS.
4. The Sub-syndicate shall be accountable to the ISSS for the policy for the development and support of the Cambridge University Data Network, Granta Backbone Network, and University telephone service and shall delegate its responsibilities to the Director of the University Computing Service in respect of implementation of new or upgraded services and their day to day operation.
* The agreed Terms of Reference for these Standing Sub-syndicates are given in the Appendix to this Report.