No 6287
Wednesday 28 November 2012
Vol cxliii No 10
pp. 147–190
A Discussion was held in the Senate-House. Pro-Vice-Chancellor Dr Jennifer Barnes was presiding, with the Registrary’s Deputy, the Senior Pro-Proctor, the Junior Pro-Proctor, and twenty-seven other persons present.
The following Reports were discussed:
Report of the Review Panel, dated 10 October 2012, to the Council and the General Board of the Review of the University’s IT infrastructure and support (Reporter, 6282, 2012–13, p. 57).
Professor H. A. Chase (Member of the IT Review Panel, School of Technology, and Magdalene College):
Deputy Vice-Chancellor, the Council and General Board have recently agreed the publication of the draft report of the IT Review Panel, for consultation. As a member of that panel, I am here today to explain its approach, and key recommendations.
This is an important review. Chaired by Professor Keith Burnett, the Vice-Chancellor of the University of Sheffield, it has been at work throughout the academical year 2011–12, and the report is now open for consultation across the University during November. The Panel will then reconvene and adjust the report in the light of the comments it has received, before it is resubmitted to the Council and General Board next term.
I will start by explaining what has driven the review. We spend over £40 million per year on IT, but it is not clear that we are getting the best possible service for users, supporting research, teaching, and administration from that investment. Questions we have addressed include: Are our IT services commensurate with our status as a world-leading University? Do we make the best of the talents of our IT staff?
I should also emphasize that this review is strategic. It is not a detailed review of every aspect of IT provision across the University. We were not mandated to review IT provision within Colleges, although we have received some College-focused inputs, and we have kept the needs of Colleges in mind when making our recommendations. We are not, generally, proposing specific changes to the current service provision, on which many in the Collegiate University depend. The panel had neither the resources nor the detailed expertise to do that. We have, however, concentrated on structures, on governance and culture. The overall aim is not to save money, but to make sure that the IT systems in the University deliver what users need.
The Panel found that IT in Cambridge has many strengths. Key central services, such as the network, email, JANET and Raven operate smoothly. We benefit from the services of many highly skilled and dedicated IT staff. We have a system of local responsibility, in Faculties and Departments, which supports specialist local needs, and allows for innovation. Our information systems do meet our critical needs, and there have been improvements in the service they offer to Departments. In research computing, the High Performance Computing Service and many other areas, deliver a first-class service.
But alongside these strengths there are challenges. The Information Strategy and Services Syndicate (ISSS) is not empowered to develop and deliver an effective overall strategy that meets the needs of users. The central organizations (the University Computing Service (UCS) and the Management Information Services Division (MISD) of the Unified Administrative Service) have many strengths, but it is not always clear how the key decisions about which services to deliver correspond to the needs of users. The system of Departmental and Faculty responsibility for provision of generic services means that work is duplicated and standards can vary. In smaller institutions IT staff in small teams, of sometimes just one person, are under great pressure to manage all elements of the provision in their institution. The result is a lack of time for training, strategic planning, and even leave. High-level research computing lacks a clear central focus and the strategic oversight to ensure that the needs of all users across the University are met. Information systems do not always meet the needs of users in Departments, nor are they always easy to use.
So the Panel has developed some key principles, which have driven its recommendations, and which, if the report is accepted, should steer their implementation.
The first is that we need effective governance of IT, to ensure that we have a clear strategy that will meet the needs of users, and that our expenditure on central services is prioritized accordingly. To this end, we believe that having a single clear leader for the central services is critical.
We also believe that Schools, Departments, and Institutions remain the right level at which to take many decisions about provision; that allows for specialist local needs to be met, such as the role of computing in teaching and research.
We need to ensure that high standards of service are met across the whole University, in an era of increasing global competition. We must make sure we attract, recruit and retain the very best IT staff. Finally, IT services need to be designed with consideration of their carbon impact.
With these principles in mind, our key recommendations are:
• ISSS should be replaced by a new Information Services and Systems Committee (ISSC) to hold full budgetary responsibility for all central IT spend, and to better represent the needs of users. There will need to be a well designed structure of sub-committees to support this new body, and to ensure effective input from users and those with technical expertise. Many of the responses to the consultation have mentioned this, and we will give it more thought.
• UCS and MISD should merge under an Information Services and Systems Director, to create an organization well placed to deliver the strategy agreed by the new ISSC. The details of the merger will need to be worked out by an implementation team, if these recommendations are accepted, but it is not intended that the merged organization is part of the Unified Administrative Service.
• Schools should retain the ultimate responsibility for delivery of services at a local level. However, it should be made easier simply for them to buy in high quality standard services from the central organization should they so wish. There should be agreed minimum standards of provision.
• Career structures and employment arrangements for all IT staff should be reformed to promote greater mobility of, and opportunities for, individuals, and greater flexibility of IT teams.
• The oversight of large-scale high performance computing should become a University responsibility.
• Information systems need to be more closely focused on user needs.
This is inevitably a short summary of what is a substantial report. I commend it to the Regent House and other members of the University, and would encourage them to consider it and respond to the consultation. We have received constructive and thoughtful responses so far, both written, and in two open discussion meetings. The consultation remains open for written responses until the end of the month; please email the Review Secretary, Jim Bellingham, at jrb13@cam.ac.uk or participate in the online forum.
Mr R. J. Stibbs (Senior Pro-Proctor, University Computing Service, and Downing College):
Deputy Vice-Chancellor, Richard Stibbs, Senior Pro-Proctor, President of Downing College, and Senior Computer Officer, University Computing Service (UCS).
At the end of this academical year, I retire from the Computing Service after 40 years of service, starting in 1972. I had previously taken the Diploma in Numerical Analysis and Automatic Computation in the Maths Lab (the precursor of the Computer Laboratory) and had a weekly session as a Programming Adviser from 1968–1972 in the Maths Lab. This is therefore something of a valedictory speech.
Change is certainly coming to the Computing Service, whatever the outcome of the IT Review. The refurbishment of the Arup Building on the New Museums Site demands relocation of the bulk of the Computing Service, with the dispersion of servers to temporary sites until the new Data Centre is completed – and we expect the staff to move to the Roger Needham building at West Cambridge where there is the possibility of co-location with the staff of the Management Information Services Division (MISD), which will naturally help with UCS/MISD cooperation.
Turning to the Review itself, I wish to concentrate on what I see as the two aspects of it which will benefit from a change of emphasis. The first is in a better appreciation of the cultural differences between MISD and the UCS, and the second on the need for a clearer governance structure than that outlined in the report.
MISD is an essential part of the Unified Administrative Service (UAS). Its expertise is in running large commercial systems on which the University depends: Payroll, HR, Finance, Student Records, and tightly managed Desktop Services for administrative use. The management and running of these systems demand skills that are in common with those needed in commerce and industry, and the staffing of MISD correctly reflects this. It is evident that where such systems are closer to the industrial norm, the more successful they have been. We hear of no problems with the Payroll system. Where MISD has, not surprisingly, encountered the most problems is where the commercial model fails to fit with University realities. So we have seen that CamSIS (Cambridge Student Information System) finds it difficult to cope with College needs, and CUFS (the University Finance System) has had similar difficulties with Research Grant administration. Coping with such misfits has required a substantial growth in resources in MISD over the last ten years. MISD’s aim has been and should be to reach best practice as compared with the best commercial companies.
The Computing Service’s very different aspiration has always been and still is to be amongst the best academic Computing Services in the world, supporting the Collegiate University’s core activities of research, teaching, and learning. In addition, for historical reasons, we have supported some administrative functions outside the UAS. The underlying philosophy has been to provide enabling technologies to allow researchers as few constraints as possible in their own IT developments.
At the time when the Computing Service became a separate entity within the Computer Laboratory in 1972, major additional government funding allowed an expansion of staff of the Service, and that expansion consisted overwhelmingly of post-docs from the University, which meant that the staff were imbued with knowledge of what researchers expected and needed from the Service. These close links with research and teaching have continued. Many staff have supervised at undergraduate and postgraduate level, many have given lectures in other faculties, many have extensive academic publications, and we have always had Fellows of the Colleges on the staff. In addition, we have continued to be very active in University governance.
As an example of the important of these close connections with the Departments and the Colleges, I can cite Project Granta (the project to lay 33 km of ducting and fibre-optic cables under Cambridge, undertaken in the early 1990s). This needed political will and enthusiasm right across the University and the Colleges (as well as College money), and in my view, was only successful because of the closeness of the Service to the academic community. History repeated itself with the VOIP telephone project which was successful because of close cooperation utilizing existing links between the Service and Computer Officers in Departments and Colleges.
I would argue therefore for closer cooperation between the Computing Service and MISD, and also for co-location, but would urge the University to reject a full merger, which would put at risk the close links between the academic community and the Computing Service.
Turning to governance. The corollary to the cultural argument is that the governance of the Computing Service must be firmly in the hands of our academic leaders and not our administrative leaders. Responsibility for a vital part of what makes us a world-class University must lie with the Vice-Chancellor and the Pro-Vice-Chancellors with direct management lines through an academically dominated strategic committee.
Dr I. J. Lewis (Director, University Computing Service, and Girton College):
Deputy Vice-Chancellor, there is much to commend in the report of the IT Review Panel, in particular the emphasis on the requirement for excellent administrative tools in support of those engaged in teaching and research, and the desire to provide more effective career development and mobility for those staff across the University providing IT support.
However, hidden in the report is a proposal for a more centrally-managed organizational structure for IT which is not clearly explained, and it is unclear how this conclusion relates to the objectives expressed.
Our current IT structure has the University Computing Service (UCS) providing common infrastructure services across the Collegiate University, reporting to the academic-led Information Strategy and Services Syndicate (ISSS), while administrative IT systems are provided by the Management Information Services Division (MISD) of the Unified Administrative Service, with line management to the Registrary. The substantive recommendations of the report include the merging of UCS and MISD with line management of the combined whole to the Registrary, and committee oversight provided by a new committee chaired by the Senior Pro-Vice-Chancellor (PVC) for Planning and Resources with a similar membership to the existing Planning and Resources Committee.
The structure and oversight of our IT provision is of critical importance to the Collegiate University, and we should be wary of assuming the creation of a larger centralized organization is necessarily of benefit. Large central organizations tend to emphasize the importance of doing large central things. The University Computing Service has a strong track record in the provision of high-performing, robust and flexible network, email, and desktop services to the Collegiate University. It is the flexibility that is great about our services, and flexibility is not a common currency in large-scale IT services provision. The dedication of UCS staff to providing services meeting those needs of world-class teaching and research across Collegiate Cambridge has been supported by the independence, enshrined in Ordinances, of the UCS from the University central administration.
The review has a number of areas of concern that have been communicated via the Information Strategy and Services Syndicate. The Colleges were ‘out of scope’ for the review – this does not necessarily impact the characteristic of, for example, the email delivered to the Colleges, but it is important to understand that the infrastructure services, particularly the fibre, wired and wireless networks, are critically dependent upon a symmetrical and seamless set of relationships across Collegiate Cambridge. The cultures of the UCS and MISD really are different, driven by the differences in environment and role, and we need to be considered and careful in that regard so as not to end up with the worst of both. Administrative line-management of a merged UCS and MISD creates an immediate conflict of interest with the allocation of those combined resources to administrative requirements, an issue with which Cambridge committees are not well equipped to deal.
The report proposes the creation of a new committee, the Information Services and Systems Committee, removing the existing Information Strategy and Services Syndicate from Ordinances. The key difference is the membership of the former would be ex-officio Chairs of the Schools, with the PVC for Planning and Resources in the Chair, while membership of the existing Syndicate allows for more flexible representation from the Schools and Colleges such that academic colleagues with a real interest and involvement in the area can be sought and appointed. The new committee would be given budgetary control over the spending of the UCS and MISD. It seems to me that an obvious improvement would be to give the existing Syndicate budgetary control over the spending of the UCS and MISD, and not enter the labyrinthine corridors involved in the creation of the ISSC and the numerous sub-committees that will inevitably be spawned.
To conclude, the report highlights a large number of opportunities for the improvement in IT services in the University, the members of the Review Panel should be commended for their commitment and effort, and we should vigorously pursue the objectives highlighted. The structural recommendations, leading to increased administrative oversight, do not seem to flow from the objectives identified and risk Cambridge moving backwards rather than forwards.
Dr R. Charles (University Computing Service, and Newnham College):
Deputy Vice-Chancellor, my name is Ruth Charles. I am the User Policy and Account Manager at the University Computing Service (UCS). I am also a Bye-Fellow of Newnham, where I am a member of the College IT committee. I cut my teeth as an undergraduate on computing in Cambridge. I was one of my College’s first computer officers, when such roles were voluntarily filled by competent students. That early experience provided a set of transferable skills that enabled me to work in the IT industry. After a decade in industry, I returned to UCS to take up my current post.
In January 2011, the Principal Assistant Registrary gave a presentation to computer officers across the University on the topic of risk management, emergency and continuity planning. This highlighted ‘loss of IT’ as the second highest operational risk to the University, the only risk deemed more important was ‘loss of staff’. There can be no doubt that IT plays a critical part in the success of our University – this is why it appears under ‘Key Infrastructure’ on the University’s Key Risk Register. The successful delivery of IT is something that I am sure is very much of interest to our Vice-Chancellor. It is in this context that I make my comments.
I welcome many of the recommendations of this report. In particular, I welcome the recommendation for the creation of the Information Services and Systems Committee (ISSC), a body with budgetary control, and I welcome the proposed appointment of a single Director responsible for central IT provision within the Collegiate University. These are both excellent ideas that are long overdue. An individual of great talent and ability will be needed for such a crucial and high-level appointment, which I anticipate will be made at a similar level to that of the Pro-Vice-Chancellors if it is to reflect the strategic importance of this role to the University.
As one might expect, there are some devils in the detail of the report, and I will talk about two of them. At the consultation meeting on 6 November, I expressed my concern about the absence of a leading strategic role for the new Director. This appointment must secure an individual of the highest calibre, with considerable and wide-ranging experience of IT who will be accustomed to operating at a very senior level in any organization, and in particular to formulating and delivering its strategy.
Paragraph 61 of the report makes it clear that the new Director will not be a member of the proposed ISSC. This committee will have the responsibility of developing and implementing a strategy for information services and systems across the University (paragraphs 57–67, and recommendation B1). The new Director will be in attendance. This follows a similar pattern to the current Information Strategy and Services Syndicate (ISSS) in which the Registrary, the University Librarian and the Directors of UCS, MISD and the Finance Division have the right to attend.
This current state of affairs is something the Panel highlights as unsatisfactory, in particular for the Registrary, whose responsibilities depend critically on many of the IT services provided (paragraph 58). So it is proposed that both the Registrary and the University Librarian become members of the ISSC (paragraph 61). Yet the new Director, who will be accountable to the Chair of the ISSC for the delivery of its strategy, plans, and decisions will remain in attendance and not be a member. Does the Council agree that the new Director, an experienced IT professional and strategist, must have an equal voice in the creation of any strategy that they will lead and implement?
My own view is that the new Director should be an ex officio member of the new ISSC. Similarly, the reporting and management lines for the new Director will be a determinant factor in the success of this new role. Surely the line management should fall on the academic rather than the administrative side to ensure that the needs of the University are fully met? My own view is that given the seniority of this post, the line manager of the new Director should be the Vice-Chancellor himself, and not the Registrary (paragraph 83).
There is another problem with the proposed make-up of the ISSC, and that is one of balance. Another point made in the consultation of 6 November, is that a key objective of the IT review is to improve IT provision and delivery for our users. This is clearly reflected in the report’s recommendation A6: ‘The governance and organisation of information services and systems should be driven by a strategy that is based on a clear understanding of user needs’.
However, the terms of reference for the review ruled the Colleges out of scope. The current proposal is that the Colleges will have a single representative on the new ISSC, and that is the sum total of their voice.
It is clear that the Review Panel stayed within its remit in this regard. However, in doing so the needs and requirements of the Colleges as institutional consumers of central IT systems and services are omitted, and the needs of College-based users are forgotten. I raised this in the consultation meeting, and I make no apology for raising it again. This is a significant omission that distorts the evidence considered by the Panel, and inevitably impacts on its recommendations.
I did not have exact figures at the consultation, and estimated that perhaps a third of our users were college-based. As the User Policy and Account Manager at UCS, my job is to ensure that access to UCS services are provided to all who are entitled to use our systems. I have now produced accurate figures, which I hope will place my concerns about the omission of the Colleges and their users’ needs in context.
Today, there are 47,842 active users of UCS systems. Access to UCS resources is provided equally wherever possible to all University and College staff, students and accredited academic visitors in both the Colleges and University institutions. The volume of accounts we provide is an order of magnitude greater than the ~1,200 users of the MISD-managed desktop, or the ~2,200 Clinical School Computing Service users, both mentioned in the draft report. Of these 47,842 people we know that 33,941 are members of a College. To be fair, for some people that affiliation comes solely by virtue of matriculation many years ago, with no active ongoing involvement with their undergraduate or postgraduate College. So I have looked at how many people have both a college affiliation and use that as their correspondence address. I believe this provides an accurate estimate of the number of College-based users across the Collegiate University. It is 21,037 people or 44% of our users.
By excluding the Colleges, 44% of our users fall outside the scope of this review. The Review Panel has been hamstrung from the outset, and can only deliver a tunnel vision for future IT provision across the University. In its current form, this review neither fully addresses nor attempts to meet the needs of our Collegiate University. There is a real danger that if the draft report progresses in its current form it will have a disproportionately negative impact upon subject areas in the Arts and Humanities, where a significant proportion of both teaching and research is carried out by CTOs – College-based users who make substantial contributions to our teaching and our research.
Access to UCS resources is currently provided equally across the Collegiate University, but if we move forward with the report in its current form some of our users will become more equal than others.
Mr P. Mazumdar (University Computing Service) (read by Dr R. Charles):
Deputy Vice-Chancellor, I am currently the acting Chair of a group within the University Computing Service (UCS) that aims to disseminate security matters across teams within the Computing Service. We discussed the IT review at our most recent meeting, and felt many of its aims were commendable but that the outworking was focused in specific areas, leaving others uncovered. There were two issues of particular concern.
The establishing of a minimum level of desktop service is a welcome development; regrettably, the same standardization has not been applied to the infrastructure of networks and servers. The media have recently reported on a number of breaches of university IT systems; these would have been mitigated had all institutions been expected to maintain a minimum standard of infrastructure.
Second, for security to work well, it needs to be built into the strategy and structure of an IT service; when bolted on as a form of last-minute operational compliance, it can feel more restrictive than protective. It should either be made part of the remit of the ISSC or a separate information security group established. In particular, up until now we have benefitted from having a single point of contact with law enforcement agencies who is appropriately trained, skilled and familiar with their requests. It would be unfortunate were we to lose such a conduit for external bodies.
This is an important and high-profile issue. As a result of this external liaison, members of the UCS are potential witnesses in a major cybercrime trial involving extradition and governmental-level targets, and are called periodically by the Coroner’s Office in suicide and murder investigations. These would be impeded by not having such a clear external contact for legal issues.
Despite Cambridge being a high-profile target for electronic attacks, we currently have a good record for controlling them. It would be unfortunate were that to be lost by the review not adequately covering the issue of information security.
Mr N. M. Maclaren (University Computing Service):
Deputy Vice-Chancellor, this report surprised many people because of its incomplete and inaccurate descriptions of current IT services and the University’s requirements. An inspection of Annex 3 clarifies why, and shows that its very first paragraph is being most economical with the truth. Only 24 people were spoken to, of which only one was a researcher below the level of a Reader, and only three were non-managerial IT staff (from the Management Information Services Division (MISD), Engineering and English). Given the major changes this report proposes to the support of research and to the University Computing Service (UCS), that is not what one would expect from leading academics.
It is infeasible to describe those omissions and inaccuracies in 15 minutes, so I shall address just the aspect of support for the University’s actual research. This aspect was almost completely omitted from the report, and it is likely that the effect will be even more neglect of this area.
At the second open meeting, the Pro-Vice-Chancellor stated that the current separation of MISD and UCS causes a poor service to the University by failing to provide proper support for administrative computing in departments. He seemed surprised when told that this was not the responsibility of the UCS, and responded by stating that it should be. That is a reasonable position, and I shall not argue against it. However, if the UCS takes on that workload, something else will have to go.
By support for actual research, I am referring to when researchers need to learn academic disciplines that are not covered by their School or Department, or to learn comparably advanced skills; it also covers when they encounter an advanced IT-related problem that their Department can neither bypass nor resolve. Examples of these include applied mathematics, statistics, numerical analysis, algorithmics, and more. At the more basic level, such disciplines and skills need teaching to staff and graduate students, sometimes as ‘transferable skills’ and sometimes as part of M.Phil. or Ph.D. courses. In extreme cases, such advice verges on collaboration, such as when it is necessary to develop a new variant of an algorithm, or even invent a completely new algorithm.
I have been doing these tasks since 1972, at least as part of my role, but there are dozens of IT and other staff who also provide them, often without receiving any credit for doing so. What does the report say about this area? Nothing. It is not because the Panel did not receive any information, because they did. Many of us have also made Remarks on this before, and pointed out that the University’s provision for this area is notoriously inadequate. Many successive Reports, such as the belatedly published one on teaching and learning support services, have completely ignored the issue, as does this one.
The proposals for levels of service (paragraph 45) say nothing about access to appropriately expert advice, or even access to appropriate courses for the skills they need to use in their research, and section G (Research Computing) is all about the provision of systems. One of the things that all forward-looking universities (including Cambridge) learnt in the 1960s and 1970s was that provision is not enough, and access to advice and assistance on the use of systems is equally important. We really should not plan to regress back to the 1950s!
How would such support be handled under this proposal? Paragraph 90 and recommendation D1 imply that the larger Departments would handle it themselves, and others might use a central service. Paragraph 132 implies that Ph.D. students or post-doctoral workers could provide it, but is it realistic to expect a professor or principal investigator to consult a student on a problem he cannot resolve? The problem here is that Cambridge’s speciality is leading-edge research, and that leads to questions that are themselves leading-edge.
The UCS has always attempted to provide this sort of support, even when officially discouraged from doing so, and usually without any resources to take on the extra workload. Recommendations D1 and F2 imply that Schools and Departments will decide who gets their share of the resources. Many of them will want to keep it for their in-house support, so it would necessarily mean a cut-back in central provision. Experience here and elsewhere is that charging for such teaching and advice simply does not work.
What will happen to this area when the UCS is merged with MISD? Will this survive? What will be the impact on the University’s research? What are the effects of not being able to get such help?
The researcher may waste a huge amount of time, may not be able to solve the problem at all, or may use an inferior method, which often leads to wrong answers. None are conducive to maintaining a lead in research. I sincerely hope that the plan is not to buy-in leading-edge teaching and advice! Even larger Departments will suffer. But the real impact will be on the smaller ones, and those with only group-level IT service organization. To alleviate the harmful effects on the University’s research, the University needs to do two things:
(i) To provide closer integration between the UCS and the IT staff in Departments, as recommended in the Swinnerton-Dyer report; and
(ii) To take action to provide proper academic-level cross-disciplinary training, teaching and advice.
Kicking those into the long grass yet again will not work; this is the University’s last chance to build on our current mechanisms and even staff; if it is delayed, those will disappear and the University will sooner or later have to rebuild them from scratch.
Mr D. J. Goode (Faculty of Divinity and Wolfson College):
Deputy Vice-Chancellor, I am speaking today on behalf of the Computer Officers in the School of the Arts and Humanities.
The School’s Computer Officers met this morning for one of our regular IT Coordination Group meetings, and thought we would take the opportunity of this Discussion to make a few brief remarks about the IT review under consideration today.
Much of the review is taken up with the proposed merger of the University Computing Service with the Management Information Services Division. We do not have a particular view to express today on this proposed merger, but we did note that it takes up a substantial part of the review.
We also noted that the Panel which produced the review is drawn predominantly from the Science, Technology, Engineering, and Mathematics (STEM) subjects. This, of course, is unsurprising as the composition of the Panel will ‘follow the money’, and does not help to allay a nagging fear that the outcomes of the review may not suit the needs of the Arts and Humanities.
Centrally provided services are mentioned as a way in which a consistent service can be offered to students and staff. The experience of the Computer Officers in the School of the Arts and Humanities is that these sorts of things do not necessarily work well in our School. For example, the Managed Cluster Service (MCS) is used in only two of our Faculties and Departments. Two other Faculties have had MCS in the past and withdrawn from it, and the other institutions have considered it but never implemented it.
Of course, there are various reasons for this, some technical, some financial, some practical. But it is no coincidence, we feel, that such a centrally provided service may not suit our needs, and an even wider-ranging and larger-scale centrally provided service may suit them even less.
It is the impression of the Computer Officers in this School that we are generally underfunded, and the idea of seeing major investment going into more and more centrally provided services and inevitably away from specialised services in what would become ‘outlying’ institutions worries us.
Local expertise is essential in the Arts and Humanities. We have many specialized needs that cannot be met with a ‘one size fits all’ centrally provided service, but require the knowledge each of us has of our institutions and subject areas. The centralization of library services came to mind, with the potential loss of subject knowledge that may entail.
The review recommends the appointment of IT Coordinators in Schools. In fact, one of the items on the agenda for this morning’s meeting was to review the first draft of the PD33 for the new role in the School of the Arts and Humanities, a role we identified as necessary at a previous meeting. We are pleased to see this recommendation.
Though a relatively new thing for us, the School IT Coordinating Group meetings have been very productive, and the fact that I am standing here today, speaking on behalf of my colleagues in the School, is living proof of the value of these sorts of meetings, to which much value will be added by the appointment of a good IT Coordinator.
To finish, I will reiterate that the Arts and Humanities comprises generally smaller, more specialised institutions than in the STEM subjects, where large-scale centrally provided services are not always the appropriate solution to those needs; and we would like to see the outcomes of the review include the recognition that locally-based flexibility, subject knowledge, and effective service are not just desirable in the provision of IT in the Arts and Humanities, but essential.
Mr J. Warbrick (University Computing Service):
Deputy Vice-Chancellor, my name is Jon Warbrick, I am a Computer Officer in the University Computing Service (UCS), and a former member of the Information Strategy and Services Syndicate (ISSS). I am also a former College computer manager.
I believe that the review committee has correctly identified many of the issues facing the University in managing its IT infrastructure and support services. I think that some, though not all, of the criticisms of the current situation are justified, and I agree that the University as a whole probably isn’t getting the best value it could for the money it is spending.
The review committee is to be congratulated for producing a set of proposals for debate. It seems to me that these proposals might indeed work, and I agree with many of them. However I am concerned that there is little evidence that they will work, and quite a significant risk that they won’t. With IT systems representing one of the most significant corporate risks to the University, it is unfortunate that the review fails to address this.
The devil is in the detail – the detail of what’s in the report (and significantly what’s not in the report), what Council eventually enacts, and the most difficult issue of all: what happens as a result. It is instructive to look back at the proposals in previous similar reports by Professor Swinnerton-Dyer, and by Professors Shattock and Finkelstein, and to compare those proposals with what was actually achieved.
I would like to make two specific points in this regard.
Firstly, much of the thrust of the report is about centralizing the strategic management of information services and strategy, by replacing the existing Information Strategy and Services Syndicate with an Information Services and Systems Committee (ISSC), appointing an Information Services and Systems Director, and merging the UCS and the Management Information Services Division (MISD). But even after these changes, which are not without their own risks, most IT provision and spending will remain in Schools, Faculties and Departments, and outside the ISSC’s area of responsibility. Worse, it seems to me that there is a danger of one or more non-ISSC-supervised organizations expanding to fill the vacuum caused by merging the UCS into MISD, resulting in a new, separate academic computing service independent of the ISSC. Were this to happen it’s not clear what we would have gained by the entire process.
I note in passing that four reviews over the last 20 years have all proposed strengthening the role of the equivalent to the ISSC and none of the previous three seem to have achieved it.
Secondly, the proposed IT Services organization would have a ‘Director’ reporting to the Registrary, be responsible to a committee, and work closely with an identified Pro- Vice-Chancellor. In this respect it will be very similar in all but name to many divisions of the Unified Administrative Service (UAS). Paragraph 86 suggests that the new organization should be outside the UAS, but this thought isn’t reflected in the formal recommendations. It seems to me that the proposals as they stand will inevitably bias the new organization towards the administrative needs of the University, potentially at the expense of support for the University’s core business of teaching and research.
Mr M. B. Beckles (University Computing Service):
Deputy Vice-Chancellor, my name is Bruce Beckles and I am a member of the University Computing Service (UCS), and the future of the University Computing Service is one of the matters considered by the report under discussion. I am also a member of the Board of Scrutiny, and although I am not speaking on their behalf, I am speaking as a member of the Board.
My first concern with this report has to do with the quality of the data on which it bases its conclusions. I am aware that the Review Panel received submissions from a number of people across the University, which is, of course, a good thing. Unfortunately, in my view, it is also one of the most significant problems with the report. Some of the contributing individuals, probably quite unintentionally, will have said things to the Panel which are misleading, or possibly even incorrect. I see nothing in the report to suggest that the Panel has engaged in any independent verification of the information provided to it. Will the Council tell us what independent verification was undertaken, and by whom?
I am also concerned that the report fails to quantify the risks associated with its recommendations. As we know, IT is the second highest operational risk the University faces, and so a major overhaul of the University’s IT arrangements is clearly adding to this risk significantly. The Board of Scrutiny is, in general, concerned whenever the University engages in activities which significantly increase the risk to which we are exposed. This report is therefore incomplete so long as it fails to quantify the risks inherent in its recommendations. The report contains a lot of recommendations, but very little detail, which makes the situation with regard to risk worse.
One of the main recommendations of the report is the merger of the UCS and Management Information Services Division (MISD), and included in this is the idea of co-location of the relevant parts of these organizations. However, the UCS has been told that it will need to vacate its current premises in the very near future, and it is currently being suggested that when we do so, we co-locate with MISD. This means that co-location with MISD may well happen in advance of the final version of this report, and of any Graces associated with it. This is clearly wrong; if the report is, as it appears, concerned with co-location, then co-location clearly must not occur until the University as a whole has made a decision about the report.
It is also proposed that the new merged IT organization should ultimately come under the purview of the Registrary. This seems perverse, given that the UCS is larger than MISD,1 provides services to – and support for – an order of magnitude more users than MISD,2 and that the UCS is primarily concerned with services and support for the Schools and the Colleges, rather than the Unified Administrative Service (UAS). If the Registrary is in charge of the new merged organization, then inevitably its focus will be on administrative computing as opposed to the supporting of the academic aims of the University which, after all, shape its core business.
There has been some talk about whether the replacement for the Information Strategy and Services Syndicate (ISSS) should be a Syndicate or a Committee. I have been unable to discover any definitive distinction between these classes of organizational body. However, I observe that Syndicates always arise from our Statues and Ordinances (S&O), whereas Committees do not necessarily do so. It seems to me that it is vital that the replacement for the ISSS should be a body defined in S&O, although I am agnostic as to what it is called.
The report correctly identifies weaknesses of the existing ISSS. A significant cause of these weaknesses is that other senior University committees – in particular, the Planning and Resources Committee (PRC) – make decisions without reference to the ISSS. Thus, the ISSS might, for instance, decide not to pursue a particular course of action, but if some other body in the University applies to the PRC for funds to follow exactly that course of action, the PRC may well provide those funds. There is nothing in the report that would prevent this happening with the proposed replacement for the ISSS. Unless and until this issue is addressed, any replacement for the ISSS will remain ineffective in dictating overall University IT strategy. I suggest that the final version of the report recommends that the PRC and other significant University committees are required, under Statute or Ordinance, to consult with the ISSS, or its replacement, whenever they consider any matter which involves IT. It should be remembered that matters such as the building of machine-rooms fundamentally involve IT, and are not simply minor building works.
A number of the report’s recommendations appear reasonable at first glance, but when one considers the lack of detail, these recommendations could be anything from hopelessly ineffective to utterly disastrous. For example, recommendation D1 makes reference to some minimum standard, but we are not given any detail on what those minimum standards might be, or how they might be determined. For a standard to be effective, it needs to be at least credible, fit-for-purpose, measurable and enforceable.
Leaving aside the issues of credibility and fitness for purpose as things which a report at this level might reasonably not concern itself with, we are left with a gaping void with regard to the issues of measuring and enforcing the minimum standard. If the standards are not routinely monitored by an independent body, then we cannot tell whether they are being met; if the standards are not enforced, no-one will meet them. By failing to address these issues, recommendation D1 is effectively meaningless. Similar comments could be made about other recommendations in the report.
The report also proposes that existing IT provision be maintained and that even more be provided. However it fails to identify any new resources for these purposes. How is this to be achieved? The report fails to say.
Thus, whilst I agree that central IT in the University needs to continue to be developed so that it can continue to meet the University’s needs as they evolve and expand, it does not seem to me that this report actually helps with this. I think that the report needs to be carefully considered in light of the issues raised in this Discussion by myself and others. I look forward to a revised report in the near future.
1According to the Report on the Review of the Strategy, Plans and Budget of the Unified Administrative Service (UAS) July 2011, in 2010–11 MISD had 90.3 full time equivalent (FTE) staff (Reporter, 6237, 2011–12, p. 33; see Annex 2 of the aforementioned Report on the UAS Review). According to the UCS Annual Report 2010-11, in 2010-11 the UCS had at least 101.1 full-time equivalent staff (see Table 1 of the UCS Annual Report’s Statistical Appendix: http://www.ucs.cam.ac.uk/about-us/annual-report/ucs-annrep-appendix-1011.pdf).
2For details, see my colleague Dr Ruth Charles’s contribution to this Discussion.
Mr J. P. King (University Computing Service):
Deputy Vice-Chancellor, my name is Julian King, I am a member of the University Computing Service (UCS). I admit that I am a newcomer to the University having been here for less than 14 years. I am also a member of the Information Strategy and Services Syndicate (ISSS) and of the IT Purchasing Group.
I would like to start by saying that there is much to be positive about with regards to the report on the review of IT infrastructure and support. I think that the general direction proposed is the correct one. I think that one result will be a reduction in political infighting between the current central organisations. However, if all there was to say was positive then I, and many others, wouldn’t be here to make comments.
I have read this report many times. I have attended several meetings contemplating it. I have heard views from both sides. Many of the criticisms have had the response that the critic is misinterpreting the report. I am pleased to say that I am largely convinced that this is the case. However, this belief doesn’t mean that I can forgive the report for this very failure to communicate its intent. If the conclusions and recommendations from this review are to be voted upon, then the report must be tightened up and ambiguity removed before there is a Grace. A justification of why it was appropriate to ignore teaching, training, and the Colleges must be made, hopefully not relying on the effectiveness of the Teaching and Learning Services Steering Group which meets incredibly infrequently. If the title ‘Information Services and Systems Director’ is intended as a placeholder then this should be made clear, or better yet replaced with a sane title, say ‘Chief Information Officer’ (CIO). If the intent is not to tie the hands of the incoming CIO and the Information Services and Systems Committee, then the concrete organizational proposals should be struck from the report. If the intention is for lists of services to be considered merely a sample, then this must be made crystal clear. If the belief is that the focus for IT support within the University should be academia, then the case must be made why the Registrary should be in the line management chain.
Essentially the quality of the report must improve from its current passing grade to the merit that matches the aspirations it has for the quality of IT provision within the University.
My second point may in a way be covered by my first, but I suspect may actually be a flaw in the underlying logic. The report appears to simultaneously hold two opposing views. Centralization – and the efficiencies and improved communication that come from that centralization – is good. At the same time competition with the centre is also good. Now, make no mistake, I firmly believe that there are things which are better done at the edges. For example, the centre can never hope to match the focus and responsiveness of specialist tailored support within the institution. At the same time, there are other things which firmly belong in the centre. I hope, for example, that no-one would disagree that the CUDN (Cambridge University Data Network), which, effectively carries all the Internet traffic around the University, belongs at the centre. Different people will have contrasting views on quite where the the line between the centre and the periphery should be drawn. The risk that I would like to highlight is that the centre will, much like the Post Office, be obliged to offer a service to everyone at a uniform price, but with competition which then removes some of the economies of scale and the almost invisible cross-subsidies that this permits to the benefit of everyone. The result is a more expensive central service, which loses custom, resulting in a downward spiral to a situation where the University ends up paying more overall for its IT, which at the same time isn’t as good as it should be. Exactly the situation that the report claims to be trying to escape.
Mr B. K. Omotani (University Computing Service):
Deputy Vice-Chancellor, I speak as the senior member of the Security Incident Response Team at the University Computing Service (UCS) that deals with the abuse reports involving computer systems on the Cambridge University Data Network (CUDN).
I was surprised that the IT review did not include information security as part of the remit of the proposed Information Services and Systems Committee (ISSC). A framework for the oversight of this area must be of importance for the University. Loss or exposure of personal information or sensitive research data could have serious consequences for the University. Appropriate guidance and measures to ensure compliance with any existing legislation are necessary for the functioning of the University and to protect its reputation. This must cover both the integrity of the information and the systems on which it is stored. The latter could be information systems, personal devices or even paper-based systems. Access to information required by students, researchers and administrative staff must be maintained while preventing accidental and unauthorized disclosures. The Data Protection Act 1998 has legal requirements to ensure that personal information that the University holds is both appropriate and correct. Examples of other relevant legislation include:
– the Freedom of Information Act 2000;
– the Computer Misuse Act 1990;
– the Regulation of Investigatory Powers Act 2000; and
– the Telecommunications (Lawful Business Practice) (Interception of Communications) Regulations 2000.
There is an increasing variety of data being used that is accessible using the network, and institutions will need advice and guidance about the security/legal implications, and how to respond to requests/complaints. In addition, other devices like CCTV and building management systems that may not have been designed with network security in mind are being deployed both by central bodies and individual institutions. Appropriate measures need to be taken to ensure their integrity.
There are many resources being made available that are external to the University often referred to as being in the Cloud. They are often seen as attractive for possible financial savings or for convenience of access. Users need to be made aware of the possible consequences of using such services, e.g. for intellectual property, and possible loss of data or access to data should a service cease. Advice on the appropriate use of such resources should be provided.
The University should be aware of the data and IT systems that are being used by its institutions, and be confident that appropriate security measures are in place. This includes measures to maintain data integrity as well as avoiding accidental disclosure. While the need for backup facilities is mentioned in the IT review, the preservation of research data is not covered.
Mr R. S. Haynes (University Computing Service):
Deputy Vice-Chancellor, my name is Ronald Haynes, a Computer Officer in the University Computing Service (UCS), former College IT Manager and former large Department Deputy IT Manager.
It is good that we have an opportunity to review IT infrastructure and support as a community. Regrettably, we seem to have missed significant sections of our community in the official considerations so far. These should have included greater representation of the unique needs of Departments and Institutes, and important input in consideration of the needs of Colleges. There should also be a better account taken of the other groups providing IT and related services and support beyond their own Department, complimenting the focus on the Management Information Services Division (MISD) and UCS. The IT review and the Information Services and Systems Committee (ISSC), which is proposed to replace the existing Information Strategy and Services Syndicate (ISSS), does not take sufficient account of the IT provision of the University Library, including CARET (Centre for Applied Research in Educational Technologies), nor of experimentally expansive groups which have begun to emerge.
When speaking of taking account, it is inevitable that this review came out of an initial effort to consider efficiency savings.1 It is laudable that the review does not intend to pursue a reduction of costs or staff. That said, we should urgently compare our various spends on IT against comparable institutions. Prior to this review, the School of Physical Sciences held their own IT review, and out of that published a strategic plan for the School.2 It is noteworthy that their plan indicates the understandable expectation of growth as it states ‘... as IT continues to become more pervasive and more complex, demand for support resources will continue to grow, which will mean that spending on IT will increase or quality of service will suffer unless action is taken’.3
It was also instructive to hear Dr Kirsty Allen of the Registrary’s Office at a seminar last year 4 indicate that the University’s business continuity exercise identified the loss of IT as the second most important risk in emergency situations, naturally after the impact of loss of staff. Business continuity, of course, is our ability to carry on our various work in the event of any loss of any resources. With both of these risks in mind, both people and IT resources, there is undoubtedly much greater scope for sharing services and direct support for personal and professional development, e.g. assured time for participation in personal and professional development, mutual job shadowing for service resilience, cross-institutional resource planning discussion, such as virtualization and storage. These will likely necessitate greater resources to assure the reduction of risk and the growth of our essential services and support.
Extreme caution should be observed with regard to any outsourcing considerations and calculations, something about which the review hints. Apart from its being an increasingly outmoded business model, which we would do well to review and take due heed, there are groups such as the European Services Strategy Unit, which track some of the wider impact of outsourcing attempts, including contract problems and cost overruns, such as nearly £30 billion in contracts with an average cost overrun of 30.5%.5 One only needs to consider the long list of failed public IT projects. The flexibility required by our proper IT provision is not something which outsourcing can affordably deliver.
Many of us who specialize in the academic side of IT are rightly concerned that there is so far insufficient consideration of the essential work required for the widely varied and proper provision of teaching, learning, and research-related IT. It sends entirely the wrong signal for the proposed Director of the ISSC to be reporting to the Registrary for line management. In a discussion the other week,6 an alternate proposal was for the Director to report to the Vice-Chancellor, and this met with much support.
While it does not yet seem obvious that we need a type of Chief Information Officer to solve our IT problems, after debate, if we are to have one it should be clear that the post and all the reorganization that would go with that post should be more inclusive and balanced with the needs of all sides of our University community, which would mean not biasing it toward the more administrative side alone.
As we take this forward, we must decide whether, metaphorically, we want to build a cathedral or maintain a bazaar (not bizarre, I should stress). Of this metaphoric model, we have a good example just nearby with the Cambridge market square next to which we have Great St Mary’s church. Each area has its own function and complements the other. If we tried to combine these as one entity, we would lose the best of each. There is a well-known article and book by this title The Cathedral and the Bazaar7 and it has evolved along with the rise of open source software, especially the Linux operating system, upon which much of the University community and the internet more widely rely, whether knowingly or otherwise. The lessons learned include: ‘the fact that this bazaar style seemed to work, and work well, came as a distinct shock.’8 We should think again about the model we are to follow and the best fit our unique structure needs.
1Establishment of Working Groups to consider University-wide efficiency savings; see http://www.admin.cam.ac.uk/reporter/2009-10/weekly/6195/section1.shtml#heading2-4.
2School of the Physical Sciences, ‘Strategic Plan 2010-2014’, archived at: http://web.archive.org/web/20100613022631/http://www.physsci.cam.ac.uk/strategicplanning/plan.pdf.
3Op. cit.; ‘Computing and IT’, Section 5, part b, p. 20 (internal p. 17).
4Whose business is your business continuity?, Risk management, emergency and continuity planning at Faculty/Departmental, School and University level; see http://www-tus.csx.cam.ac.uk/techlink/workshops/seminar-jan19-2011.pdf.
5105 public sector ICT contract failures, http://www.european-services-strategy.org.uk/outsourcing-library/contract-and-privatisation-failures/105-public-sector-ict-contract-failures/.
6Open Meeting, 6 November, http://www.admin.cam.ac.uk/reporter/2012-13/weekly/6282/section1.shtml#heading2-4.
7The Cathedral and the Bazaar; see http://www.catb.org/~esr/writings/cathedral-bazaar/cathedral-bazaar/.
8Ibid.
Consultation paper on amendments to the Second Joint Report of the Council and the General Board on the pay and grading scheme for non-clinical staff (Reporter, 6283, 2012–13, p. 83).
Professor J. K. M. Sanders (Pro-Vice-Chancellor for Institutional Affairs) (read by the Senior Pro-Vice-Chancellor):
Deputy Vice-Chancellor, I speak as Chair of the Human Resources Committee and also as Chair of the Working Group that drew up the proposals that form the basis of this consultative report.
The recruitment market for academic staff has evolved substantially since the Second Joint Report1 was enacted in 2006. Those who have been involved in recruitment recently will be aware that we are operating in an ever-more competitive international market for the most talented staff. In order to respond to this challenge over the past few years it has been necessary to make increasing use of the market supplement mechanism. This is unsatisfactory from several perspectives, including comparability with current staff, disconnection from the published criteria, and the need for regular review. In short, this system is no longer fit for purpose. Furthermore, even using the market supplement mechanism, we are ultimately unsuccessful in recruiting many of those to whom we make an offer; a significant fraction of those failures is due to our inability to meet salary expectations or match salaries offered by our international competitors.
This consultative report is an attempt to address these issues. In the course of the working party deliberations, we also decided to propose a significant change to the University Senior Lecturer (USL) reward structure. I shall take the latter first.
The report proposes improved recognition of USLs whose teaching and/or general contributions are outstanding. This will be achieved by a two contribution point extension to the scale of stipends for the University Senior Lectureship, enabling outstanding USLs to attain the same salary level as Readers on point 63.
While recognizing that many USLs will aspire to promotion to Reader and Professor on the basis of a strong all-round record in which research plays a prominent role, we propose that USLs whose outstanding contributions are in teaching and other non-research activity should be recognized by the new contribution route.
For Grade 12, we propose an extension and revision of the salary scale to enable us to compete more effectively in recruiting and retaining staff of the highest calibre. This will be achieved by introducing an overlapping extension to Bands 1 to 4 of Grade 12 and the incorporation of the professorial minimum spine point into Band 1. Progression within and between bands will continue to require evidence of a sustained and improving contribution through the biennial Professorial Pay Review.
At present, promotion to personal professorships is to point 68 of the single spine, Band 0. Movement to Band 1 is then through a further significant promotions process. By contrast, Professors elected from outside to established chairs are almost always appointed at least into Band 1. By assimilating Band 0 into Band 1, there will still be an applications process to move upwards within Band 1; the barrier to that first move will be smaller but will remain significant.
A cap of spine point 100 for Band 4 was selected following comparison with Russell Group and US competitor salary data. Many other UK institutions do not have a published scale at these levels: they simply have secret negotiations. We feel the discipline of a published scale is preferable. The extended scale would provide greater transparency in the pay of senior staff by requiring fewer market supplements.
This approach allows us to propose the abolition of new market supplements in most cases, to be replaced by the introduction of advanced contribution supplements for academic staff and market pay for other staff.
Advanced Contribution Supplements (ACS) are payments that proleptically reward an expected future level of achievement. ACSs will be awarded in the expectation that an individual will reach a certain level of achievement in the near future. Where an ACS is awarded for retention purposes, it will be for a fixed, limited period. Individuals in receipt of an ACS may apply for promotion, contribution points or a change in band. If they are successful, the increase will be incorporated into the individual’s base pay and the ACS reduced by a corresponding amount so that their overall pay remains the same. Individuals would not receive an increase in pay in real terms until their underlying base pay had fully absorbed their ACS. This would be made clear to new appointees.
Over a period this approach should reduce the differential between staff who have come in with a high salary and those who have worked their way up through the promotions system.
For senior academic-related staff we need greater flexibility to enable appointments to strategically important positions at salary rates competitive with external market conditions. The University has in the past struggled to offer competitive rates of pay to enable it to attract the best candidates to take forward important projects, and has found market supplements to be essential.
We propose that for these staff, market supplements are renamed market pay to reflect the reason why an individual’s total pay is above the salary scale for their particular grade. Where market pay is used for recruitment purposes, appointments should normally be made on a fixed-term basis with a defined end point, or on an open-ended or permanent contract but with a market payment for a fixed period of time. The use of fixed-term contracts where objectively justifiable would enable the University to pay salaries appropriate to the relevant market, but also limit its longer-term financial exposure and better manage employee expectations.
It is proposed that existing market supplements are absorbed into base pay where possible.
Following the consultation period, we hope to produce a Report setting out final recommendations in the Lent Term 2013 with a view to implementation from 1 October 2013. Changes to the USL salary scale would be implemented from 1 October 2014 to provide sufficient time for amendments to be made to the Senior Academic Promotions guidance.
1See Reporter, 6002, 2004–05, p. 745.
Report of the General Board, dated 31 October 2012, on the establishment of a Professorship of Experimental Psychology (Reporter, 6284, 2012–13, p. 116).
No remarks were made on this Report.
Report of the General Board, dated 5 November 2012, on the establishment of a Readership in Comparative Oncology and Genetics (Reporter, 6284, 2012–13, p. 116).
No remarks were made on this Report.