The Eighth Annual EDUCAUSE Current Issues Survey asked campus information technology leaders to rate the most critical IT challenges facing them, their campuses, and/or their systems.1 Thirty-three percent (591) of 1,785 EDUCAUSE primary member representatives responded to an e-mail invitation to complete the Web-based survey in December 2006. Table 1 shows the institutional demographic breakdown of respondents. Survey participants were asked to check up to 5 of 32 issues in response to each of four questions (Tables 2 and 3).
Click image for larger view.
Click image for larger view.
Click image for larger view.
In preparing the survey each year, the Current Issues Committee (CIC) tries to strike a balance between preserving issues across time and introducing (a) new issues that arise as a consequence of emerging technologies and new solutions, (b) converged issues that no longer make sense to separate, (c) split issues that are too complex to continue as one, and (d) changes in the evolving IT nomenclature. For 2007, the CIC introduced the following changes to issues and subtopics.2
Commercial/External Online Services (new choice in 2007)
- Evaluating whether to recommend services that are supported by advertising (blogs, wikis, survey engines)
- Educating students about risks of social networking services
- Leveraging commercial services (institutional Facebook profiles, free e-mail services)
- Embedding noncampus services within the infrastructure (Skype)
E-Learning/Distributed Teaching and Learning
Note that this category has the same name as in 2006 but now includes the Distance Education/Virtual Universities subtopics from 2006.
- Developing infrastructure to support learning technologies
- Using active, collaborative, and immersive learning environments
- Aligning technology use with student expectations and institutional mission
- Integrating emerging tools (podcasts, immersive environments, mobile phones)
- Realigning policies, organizational structures, and procedures
- Developing information fluency
- Integrating library, learning, and support resources
- Promoting the use of technology in instruction
- Supporting faculty development
- Conducting assessment and evaluation
Identity/Access Management (split from Security and Identity Management in 2007)
- Developing authentication and authorization policies and systems
- Building the related technical infrastructure for managing identity information, authentication, and authorization
- Providing directory services
- Implementing public key infrastructure (PKI), digital certificates, and tokens
- Implementing single or reduced sign-on
- Eliminating Social Security number (SSN) dependence
- Facilitating federated access to resources (Shibboleth)
- Establishing the link between physical and electronic identity
- Adhering to emerging standards and solutions
- Evaluating the cost-benefit ratio of commercial, open source, and in-house–developed IdM systems
- Clarifying essential logging requirements
Security (split from Security and Identity Management in 2007)
- Developing and implementing information security infrastructure
- Developing campus-wide security policies, awareness, and training
- Creating a culture where security roles and responsibilities are understood
- Encrypting data on databases, laptops, handheld/mobile devices, and portable storage devices
- Preventing, detecting, responding to, and recovering from data incidents
- Understanding and implementing computer forensics
- Staffing for security
2007 Survey Findings:
All Respondents
Four findings associated with all respondents to this year's survey merit special mention. First, for the 2007 survey, the CIC decided to split a key issue choice from last year's survey, Security and Identity Management, into separate issues: (1) Security and (2) Identity/Access Management. CIC members reasoned that both issues have matured and become complex enough in recent years that it made no sense to continue yoking them together. Last year's combined issue was the number-one IT-related issue in terms of strategic importance to the institution (Question 1), topping Funding IT, which had occupied the top position for three straight years, 2003 to 2005. This year, Funding IT moves back into the top position, with Security second and Identity/Access Management fourth. In addition, Security and Identity/Access Management, respectively, are the first- and second-ranked issues expected to become even more significant next year (Question 2) and fifth and ninth in occupying IT leaders' time (Question 3). Security by itself continues in fourth position as consuming human and financial resources (Question 4).
Second, for the first time ever, the category Course/Learning Management Systems (C/LMS) moves into the top-ten ranking in two areas: number nine among issues of strategic importance and number seven with the potential to become more significant in the future. In addition, C/LMS jumps from eighth in 2006 to fifth in 2007 for its consumption of human and financial resources.
It is tempting to attribute these notable radar blips to the community's vigorous discussion of the Blackboard merger with WebCT and patent controversy over the past year. Not to minimize the galvanizing impact of that controversy, but it is more important to recognize the evolution of C/LMS technology as a mission-critical enterprise system; its accelerating use as a fundamental teaching and learning resource by institutions of all kinds; the challenge of choosing an open source or vendor-supplied solution; and the technology's impact on IT funding, both in terms of licensing and local support. Indeed, the 2006 inaugural EDUCAUSE Catalyst Award went to Course Management Systems as a "complex, far-reaching web of initiatives that has had broad impact on higher education in less than a decade."3
Third, Disaster Recovery/Business Continuity, which made a dramatic appearance last year as number four in strategic importance following the hurricane seasons of 2004 and 2005, continues among the top ten this year—fifth in strategic importance, fourth in potential to become more significant, and eighth in IT leaders' time commitment.
Fourth, the most dramatic change in ranking is the drop of Portals from fifth among issues expected to be more significant in 2006 to ninth in 2007. In future years, as more institutions deploy and refine role-based information gateways and as the technology becomes more robust, it might drop off this all-respondent aggregate measure. It may well be evolving into a service/technology that is understood to be part of the Administrative/ERP/Information Systems issue.
Comparing results from all respondents, three issues rank in the top ten for all four areas of strategic importance, future significance, IT leaders' time, and cost:
- Administrative/ERP/Information Systems
- Infrastructure
- Security
Four other issues are on the top-ten lists for three of the four areas:
- Course/Learning Management Systems (all but Question 3, IT leaders' time)
- Disaster Recovery/Business Continuity (all but Question 4, cost)
- Funding IT (all but Question 4, cost)
- Identity/Access Management (all but Question 4, cost)
How do the overall results of this year's survey compare to last year's? With most issues either holding their rankings or only moving up or down one or two positions from 2006 to 2007, the top-ten issues for all respondents have remained fairly stable (see Table 4). Two changes in addition to the four noted above, however, are worth noting in this comparison.
Click image for larger view.
The "new" single issue of Identity/Access Management drops from its joint ranking with Security as the number-one strategic issue in 2006 to fourth in 2007. Among issues on which IT leaders spend their time, it drops from fifth last year, with Security, to ninth by itself this year. And it drops out of the top ten completely among cost issues in 2007, while Security remains fourth. This suggests that, while an important strategic and potentially volatile issue in the future, Identity/Access Management is not yet a major draw on human and financial resources across all institutions.
Electronic Classrooms/Technology Buildings/Commons Facilities rises two rankings to third among issues consuming the most human and financial resources, driven by the steady (on some campuses, explosive) expansion of campus wireless service and the infrastructure to support instructional technology, with the ever-broadening definition of "learning spaces." For the first time, this issue makes the top ten (as tenth) of those on which IT leaders spend the most time. This is not surprising given the increasing costs and the strategic implications of designing learning spaces that support new pedagogical models, balancing physical space and cyberspace, providing support services for such facilities, determining the future of computer labs, and creating a campus master plan for technology-enhanced classrooms.
Each year, the survey results show differences between issues on which IT leaders spend most of their time and the top issues for the other three questions. With broad responsibility for all elements of the IT organization, including services to many campus constituencies, multiyear planning, resource management, and intersection with institutional goals, CIOs and senior IT administrators typically focus on some challenges that either do not appear at all or are not as high on the other lists. In 2007, these are:
- Governance, Organization, and Leadership
- Staffing/HR Management/Training
- Strategic Planning
Except for minor changes of one or two rankings, issues that involve the greatest expenditures of human and/or financial resources are fairly stable in 2007. The top two rankings have remained unchanged since 2001: Administrative/ERP/Information Systems and Infrastructure. The notable changes this year are the rise by three positions of Course/Learning Management Systems (to fifth); the drop by three positions of Support Services/Service Delivery Models (to sixth); and the first appearance ever in this category of E-Learning/Distributed Teaching and Learning (tenth).
Context: Other Annual Measures and Indices
Before looking at specific demographic similarities and differences of the EDUCAUSE Current Issues Survey results, it is worth placing the overall responses in the context of other annual reports and digests of higher education trends that focus wholly or partly on IT. To be sure, other organizations' surveys and predictions pose different questions and apply variable breadth and depth probes for different industry sectors and audiences than for college and university IT leaders per se. With this caveat, we can see convergence and divergence.
Association of Research Libraries
At any given time, the Association of Research Libraries (ARL) tracks and researches major issues of interest to its membership of 123 research libraries in the United States and Canada. The current ARL key issues, several of which intersect with issues on the radars of IT leaders, are:
- Copyright and intellectual property
- Diversity
- Library support for e-science
- Leadership development
- Legislation and appropriations
- Library assessment
- New models of publishing
- Preservation
- Special collections4
Campus Computing Project
For the third straight year, the Campus Computing Project's 2006 survey finds "network and data security" to be the most important IT issue for campus IT officers, having supplanted "instructional integration of IT," which topped the survey from 2000 to 2003. In addition, more than half of the respondents reported that their campus networks experienced hacking attempts and other attacks in the previous year. The top five concerns are, in descending order:
- Assuring network and data security
- Facilitating instructional integration of IT
- Upgrading/replacing ERP systems
- Providing user support
- Financing the replacement of hardware and software5
Campus Technology
In its 2006 end-of-year issue, Campus Technology spotlighted 101 best practices under three major categories that will challenge IT leaders in the immediate and indefinite future: smart classrooms, connectivity, and administrative IT. In addition to giving paragraph-long descriptions of the practices with links, the issue provides indexes by subtopic and institution/organization.6
Chronicle of Higher Education
In a presentation delivered at the Chronicle of Higher Education's fall 2006 Technology Forum, strategic planning specialists James Martin and James Samels noted the following emerging trends that will have direct and indirect impacts on IT in higher education:
- Collaboration and consolidation among colleges and IT vendors
- Rising competition from for-profit colleges
- Increasing collaboration between two- and four-year colleges
- Increasing government regulation of campus computing environments
- Increasing identity theft, online stalking, and cyberterrorism
- Increasing willful disruption of campus networks
- New teaching and learning technologies addressing different learning styles
- Making the CIO a cabinet-level appointment
- Increasing planning for disaster recovery
- Increasing impact of cellular technologies7
CIO Insight
CIO Insight's annual IT survey for 2007 groups the most important perceived trends under four major headings, a selection of which includes the following:
- Strategy
- Process improvement becomes a top priority
- Web site are made more engaging
- Customer service is further refined
- Business data is put to work
- Management
- IT organizations keep growing
- Managers struggle to find business-savvy technologists
- Outsourcing growth slows
- IT leaders struggle to demonstrate ROI
- Security and Risk
- Security threats and incidents increase
- Security morphs into risk management
- Compliance spurs process improvement
- Technology
- New architectures are developed
- Enterprise applications become less appealing
- IT reluctantly embraces Web 2.0
- IT professionals feel increasing dissatisfaction with vendors8
CIO Magazine
CIO Magazine's 2007 annual State of the CIO survey of IT leaders in business, finance, government, health care, and manufacturing identified four CIO archetypes and their associated skills:
- Turnaround CIOs
- Assess business needs in chaotic situations
- Identify inefficiencies
- Prioritize
- Influence and motivate change in others
- Shake up/clean house where and when needed
- Operational CIOs
- Manage and execute projects effectively
- Deliver desired results on time and on budget
- Understand business processes
- Communicate well with stakeholders
- Negotiate effectively
- Achieve high level of user acceptance
- Business leader CIOs
- Have interpersonal skills
- Understand business processes
- Cultivate tactical ability
- Align IT and business goals
- Collaborate
- Control costs
- Innovative CIOs
- Envision and create new IT solutions
- Drive new business products/services
- Think strategically
- Communicate persuasively
- Take calculated risks9
Coalition for Networked Information
The Coalition for Networked Information (CNI), an organization of 200 institutions representing higher education, publishing, network and telecommunications, information technology, and libraries and library organizations, identified the following current issues and projects in its 2006–2007 Program Plan:
- Institutional content resources and repositories
- Institutional and disciplinary implications of e-research
- Digital preservation
- Learning spaces: services and environments for today's users
- Risk management implications of digital content
- Open archives initiative: object reuse and exchange program
- Institutional infrastructure to support research
- Authentication, authorization, and access management10
Computerworld
As part of Computerworld's 2007 Premier 100 IT Leaders issue, Jennifer McAdams identified seven common management obstacles facing today's CIO:
- Skills and staffing shortages
- Insufficient backing from management
- Insufficient budgets
- Business-IT alignment issues
- Pace of technological change
- Lack of business understanding inside IT
- Lack of technology understanding outside IT11
Council of Australian University Directors of IT
The Council of Australian University Directors of IT (CAUDIT), consisting of IT directors of universities in Australia, New Zealand, Papua New Guinea, and Fiji, identified the following top-ten issues for 2006, in order of importance:
- Business continuity/disaster recovery
- Identity management: authentication, authorization, access
- Funding/resourcing
- Workforce planning: recruitment, training, succession, retention, change management
- Security
- Governance
- Service management: support and delivery—availability, capacity, change management
- Information management: storage, archiving, records management
- Legacy systems: administration—student management/ERP
- Strategic planning12
EDUCAUSE Center for Applied Research
The EDUCAUSE Center for Applied Research (ECAR) research agenda provides a valuable perspective on issues of critical importance to higher education. The studies and research bulletins that emanate from the agenda help campus leaders make better decisions about IT. While the most recent research studies and bulletins are accessible only to subscribers, ECAR key findings and roadmaps are available to all as soon as they are published. Numerous ECAR publications, including major research studies, case studies, and research bulletins that were published 18 months or longer ago, are publicly available. In addition, all current and past survey instruments are accessible. In 2007, major studies of practices and trends have been or will be released on:
- IT help desk management
- IT engagement in research in medical schools and colleges
- IT readiness for business continuity
- Multi-institutional collaborative efforts to develop and deliver technology services
- Student technology use and skills
ECAR subscribers also receive three reports per year from Burton Group on topics such as business process modeling, converged real-time communications, trends in social software, and others.13
EDUCAUSE Core Data Service
The EDUCAUSE Core Data Service Fiscal Year 2005 Summary Report, published in December 2006, noted significant increases in the following:
- Centralized IT support staff
- Ratio of IT budgets to FTE students
- Outsourcing of IT services
- Bandwidth tracking
- Campus security risk assessments
- Use of voice over IP and video over IP
- Student computer ownership
- Campus wireless deployment
- Completed ERP implementations
- Completed portal implementations14
European University Information Systems
Since 2003, European University Information Systems (EUNIS) has conducted an annual Top Concerns Survey. The most recently published results, for 2004–2005, identified the following concerns, in order:
- User management
- Network security
- Data interfaces
- Strategic approach to infrastructure
- Anytime, anywhere computing
- Enterprise portals
- Data management
- Network technologies
- Information security
- (tie) Systems resilience and availability; learning support; and IT in institutional planning15
Gartner, Inc.
Gartner's 2006 annual assessment of the "hype cycle" for higher education identified the following elevated, elevating, and settling phenomena:
- On the rise
- COBIT (Control Objectives for Information and related Technology, a set of best practices for information management created by the Information Systems Audit and Control Association)
- Technology-enabled classrooms
- Global library digitalization projects
- At the peak of inflated expectations
- ITIL (IT Infrastructure Library, a set of IT management best practices developed by the British Office of Government Commerce)
- Personally owned devices with campus network access
- Podcasting learning content
- ID and access management
- Sliding into the trough of disillusionment
- E-learning repositories
- Peer-to-peer entertainment
- CRM for enrollment management
- Learning content management
- Open source e-learning applications
- E-portfolios
- Web services for administrative applications
- RFID library materials management
- Climbing the slope of enlightenment
- IP video for e-learning
- Next-generation library management systems
- Internet2/next-generation Internet
- 802.11x on campus
- Higher education enterprise portals
- Course management systems16
Another Gartner report, "The Current State and Future Direction of IT," provided results of a survey of 1,400 CIOs, including these top-five strategic management priorities:
- Linking business and IT strategies
- Applying metrics to the IT organization and services
- Improving the quality of IS service delivery
- Demonstrating the business value of IT
- Attracting, developing, and retaining IS personnel17
Horizon Report
The Horizon Report, an annual collaborative publication of the New Media Consortium and the EDUCAUSE Learning Initiative, identifies and describes emerging technologies likely to have major impacts on teaching, learning, and scholarship. The 2007 edition of the report identified six key trends over three adoption-maturity horizons:
- One year or less
- User-created content
- Social networking
- Two to three years
- Mobile phones
- Virtual worlds
- Four to five years
- New scholarship and emerging forms of publication
- Massively multiplayer educational gaming18
Sloan Consortium
The Sloan Consortium's fourth annual report, Making the Grade: Online Education in the United States, 2006, summarized results of a survey of trends and challenges in online education faced by IT and academic leaders at a broad demographic of degree-granting institutions, including:
- Nearly 3.2 million students were taking at least one online course during the fall 2005 term, a substantial increase over the 2.3 million reported the previous year. The number of new online students (over 800,000) is more than twice the number added in any previous year.
- Online students, like the overall student body, are overwhelmingly undergraduates. The proportion of graduate-level students is slightly higher in online education relative to the overall higher education population. Online students, especially undergraduates, are more likely to be studying at associate's institutions than are their face-to-face contemporaries.
- Over 96 percent of the very largest institutions (more than 15,000 total enrollments) have some online offerings, which is more than double the rate observed for the smallest institutions. The proportion of institutions with fully online programs rises steadily as institutional size increases, and about two-thirds of the very largest institutions have fully online programs, compared to only about one-sixth of the smallest institutions. Doctoral/research institutions have the greatest number of online programs, as well as the highest overall rate (over 80 percent) of some form of online offering (either courses or full programs).
- In 2003, 57 percent of academic leaders rated learning outcomes in online education as the same or superior to those in face-to-face education. That number is now 62 percent, a small but noteworthy increase. The proportion who believe that online learning outcomes are superior to those for face-to-face learning is still relatively small, but has grown by 40 percent since 2003 (from 12.1 percent in 2003 to 16.9 percent in 2006).19
Society for College and University Planning
The Society for College and University Planning (SCUP) conducts an annual scan of higher education trends. The most recent survey identified the following phenomena of specific relevance to the IT community:
- Co-existence and even collaboration of "traditional" and for-profit education is inevitable.
- Public confusion about the costs and benefits of higher education must be addressed.
- "Green industry" growth is accelerating and starting to penetrate higher education.
- Access to learning will broaden and diversify as two- and four-year institutions accelerate their collaboration.
- Student learning styles and expectations are increasingly driven by technology and culture rather than by institutional decision making.
- Teaching and teacher needs are reemerging alongside learning and learner needs.
- Data security challenges will be complicated by increasing governmental data appetite, compliance, and regulations.
- Real and virtual reality will continue to blur as learning technology evolves.20
Universities and Colleges Information Systems Association
Universities and Colleges Information Systems Association (UCISA), an association representing IT leaders and professionals in United Kingdom colleges and universities, administered the same Top Concerns Survey developed by EUNIS to its members in 2004/2005, resulting in the following top-ten ranking:
- Anytime, anywhere computing
- Systems resilience and availability
- Network security
- Strategic approach to infrastructure
- Learning support
- Network technologies
- Enterprise portals
- User management
- Ensuring sufficient funding
- Data management21
2007 Demographic Similarities and Differences
For individual institutions and their IT leaders, perhaps the most interesting results of the Current Issues Survey are those that show year-to-year changes, similarities, and differences among various types and sizes of institutions. The survey tracks responses by control (public versus private); Carnegie classification; and enrollment size—small (fewer than 2,000 students), medium (2,000 to 7,999), medium-large (8,000 to 17,999), and large (18,000 plus) institutions. To simplify analysis, we use four groupings based on the basic, pre-2005 Carnegie classifications: Doctoral/Research Universities Intensive and Doctoral/Research Universities Extensive are combined into Doctoral/Research; Master's Colleges and Universities I and Master's Colleges and Universities II are combined into Master's; Baccalaureate Colleges–Liberal Arts, Baccalaureate Colleges–General, and Baccalaureate/Associate's Colleges are combined into Baccalaureate; the fourth category, Associate's Colleges, represents community and other two-year colleges; and the fifth category, International, encompasses non-U.S. institutions. Table 5 provides issue rankings by institution size and control, and Table 6 ranks issues by Carnegie classification and international status.
Click image for larger view.
Click image for larger view.
Click image for larger view.
Click image for larger view.
Important to Resolve for Strategic Success
The answers to this question remain stable across institutions of all sizes, control, and Carnegie class, with seven of the top-ten issues considered important for strategic success appearing in nearly all demographics. Three appear among the top five issues for all institutions:
- Administrative/ERP/Information Systems
- Funding IT
- Security
Four other issues appear in the top ten for all groups with few exceptions:
- Disaster Recovery/Business Continuity
- Faculty Development, Support, and Training (except large and international schools)
- Identity/Access Management
- Strategic Planning (except medium-large and associate's)
Issues critical for strategic success that appear for the first time or reappear after an absence of some years in specific demographics include Advanced Networking (large); Course/Learning Management Systems (small, medium, medium-large, and international); Faculty Development, Support, and Training (medium-large); Electronic Classrooms/Technology Buildings/Commons Facilities (medium, medium-large, master's); Infrastructure (large); Portals (medium-large, international); and Web Systems and Services (master's).
Issues that dropped completely out of the top-ten issues of strategic importance include Advanced Networking (doctoral/research); Electronic Classrooms/Technology Buildings/Commons Facilities (small, large, private, baccalaureate); End-to-End Service Assurance (large); Portals (small, private, baccalaureate); Staffing/HR Management/Training (medium); and Web Systems and Services (public).
Rankings that went up or down by three or more positions were Faculty Development, Support, and Training (public [-4], associate's [-4]); Identity/Access Management (baccalaureate [-7]); Infrastructure (small [-3], master's [-3]); Research Support (doctoral/research [+6]); and Security (international [-4]).
Expected to Increase in Significance
This category identifies volatile issues expected to rise in importance. Five issues are in the top ten for all sizes, Carnegie classes, and public and private institutions:
- Administrative/ERP/Information Systems
- Disaster Recovery/Business Continuity
- Funding IT
- Identity/Access Management
- Security (first for all groups except small, baccalaureate, and international)
Portals made the top-ten list for all of the demographic breakdowns except large and doctoral/research.
Issues appearing for the first time among those expected to become more significant for particular demographics include:
- Advanced Networking (medium-large)
- Assessment/Benchmarking (medium-large, master's, baccalaureate)
- Change Management (medium-large)
- Course/Learning Management Systems (small, private)
- Digital Records Management (doctoral/research)
- Electronic Classrooms/Technology Buildings/Commons Facilities (small, large, international)
- Faculty Development, Support, and Training (small, medium-large, doctoral/research)
- Legislative Compliance and Policy Development (medium-large, master's)
- Research Support (medium-large)
- Staffing/HR Management/Training (large)
- Web Systems and Services (small, private, master's)
Issues expected to grow in importance for specific demographic groups in 2006 that do not appear in either this list or in those critical for strategic success in 2007 include:
- Assessment/Benchmarking (small)
- Course/Learning Management Systems (public)
- Data Administration (associate's)
- Digital Records Management (associate's, international)
- E-Learning/Distributed Teaching and Learning (international)
- E-Portfolio Development and Management (large, public, doctoral/research, baccalaureate)
- Emerging Technologies (small, private, doctoral/research, baccalaureate)
- Legislative Compliance and Policy Development (private)
- Portals (private)
- Staffing/HR Management/Training (medium-large)
- Support Services/Service Delivery Models (international)
- Web Systems and Services (associate's)
Challenges Demanding IT Leaders' Time
This category shows little change from one year to another, with Funding IT being the number-one or number-two issue occupying IT leaders at nearly all types and sizes of institutions. Also demanding the IT leader's attention as top-ten issues for all institutions are:
- Administrative/ERP/Information Systems and Strategic Planning
- Governance, Organization, and Leadership
- Infrastructure
- Security
- Staffing/HR Management/Training
New top-ten issues for CIOs in 2007 for particular types of institutions that did not appear in 2006 are:
- Electronic Classrooms/Technology Buildings/Commons Facilities (small, master's, associate's)
- Faculty Development, Support, and Training (baccalaureate)
- Research Support (large, doctoral/research)
- Support Services/Service Delivery Models (large)
- Web Systems and Services (medium, private)
Where Institutions Are Spending Their Resources
From 2001 to 2007, colleges and universities have allocated the most human and financial resources in two areas this year: Administrative/ERP/Information Systems (first) and Infrastructure (second). Resource-intensive areas continuing to appear in the top ten for nearly all groups from last year include:
- Electronic Classrooms/Technology Buildings/Commons Facilities
- Course/Learning Management Systems
- Security
- Support Services/Service Delivery Models
While a fair amount of stability marks the top-ten expenditures across all demographic groups, each year we see variations reflecting the different missions and expectations that IT leaders at certain types of institutions must support. The most obvious in 2007 is Advanced Networking at large and doctoral/research institutions.
The most notable first-time appearance among the top-ten cost factors is Data Administration, which occurs across seven demographic groups: small, medium, private, public, master's, baccalaureate, and associate's institutions. Other first-time appearances in this category are
- Course/Learning Management Systems (small, baccalaureate)
- E-Learning/Distributed Teaching and Learning (master's)
- Portals (international)
- Staffing/HR Management/Training (medium-large, large)
- Student Computing (medium)
- Web Systems and Services (doctoral/research)
2007 Summary Observation
The most dramatic trend in the Current Issues Survey since last year has been that Course/Learning Management Systems moved into the top-ten ranking in two areas: number nine among issues of strategic importance and number seven with the potential to become more significant in the future. Also in 2007, the split of last year's number-one strategic issue, Security and Identity Management, into two distinct issues has now sorted them more accurately among the different measures: Security second and Identity/Access Management fourth among strategic issues; Security and Identity/Access Management, respectively, as first and among issues expected to become even more significant next year; as fifth and ninth in occupying IT leaders' time; and Security as fourth in consuming human and financial resources. Disaster Recovery/Business Continuity, after making a dramatic appearance last year as number four in strategic importance, continues among the top ten this year—fifth in strategic importance, fourth in potential to become more significant, and eighth in IT leaders' time commitment. The most dramatic change in ranking is the drop of Portals from fifth among issues expected to be more significant in 2006 to ninth in 2007.
Top Ten Current Issues Defined22
The following brief profiles describe the top-ten issues that IT leaders say are the most important for their institutions to resolve for strategic success.
No. 1: Funding IT
In 2007, Funding IT resumes its place as the top-ranked strategic IT issue, where it has appeared a total of five times since the survey began in 2000. In fact, it is the only issue ranked as the most or second-most significant concern for all eight years of the survey. Escalating costs for IT service delivery and maintenance in the face of funding pressures at the institutional level leave little flexibility in many IT budgets. Along with these institutional pressures come broadening external pressures on the higher education community for improved accountability and productivity.
These internal and external pressures place IT leaders in a highly visible catch-22: Requests for innovation to advance institutional goals compete with demands for reduced expenditures, even as technology has become a necessity for institutional improvement.23 The challenge by the Spellings Commission for more accountability, efficiency, productivity, and transparency with respect to higher education costs24 is not likely to fade soon. Board members and other local constituencies also expect more accountability and demonstration of value in exchange for funding support. Increases in IT funding are likely dependent on the CIO's ability to align IT with institutional priorities, to convey the value that information technologies bring to these priorities, and to deliver on the promises.
Associated with the critical need to collaborate, communicate, and deliver is the need for IT budget and expense benchmark data, as well as student-centered metrics demonstrating the value of IT. These measures, combined with development of an adaptive planning model25 to help ensure IT alignment and agile responses to changing needs,26 are essential for funding success. Funding for IT initiatives is more likely to follow proposals and programs that clearly advance institutional goals, demonstrate the value provided by IT, and are communicated in ways the various constituencies can readily understand.
Critical questions for Funding IT include the following:
- What revenue streams can you identify that better align with the current drivers of IT costs?
- What external collaborative opportunities exist that enable cost reductions, cost avoidance, or even a new revenue stream?
- What percentage of the IT budget is flexible? What percentage is consumed by fixed costs?
- Do you have an activity-based budget in place to facilitate communication about the costs associated with specific IT services? Are you making the hard decisions about which trailing-edge services should be discontinued in favor of strategic services?
- What decision-making process can you implement to free up portions of the central IT budget each year for innovative uses?
- What student-centered metrics best convey the value IT provides for your institution?
- What steps can you take to implement or enhance your institution's IT governance process to insure IT priorities align with institutional goals?
- What steps can you take to contribute to the development of higher education cost standards and student-centered metrics?
No. 2: Security
IT security remains a top concern at colleges and universities—a direct result of the changing landscape. Increasingly, critical data and services are available electronically; data breaches occur more frequently; and the number of security-related state and federal regulations is rising. College and university personnel have a greater responsibility to be proactive in ensuring the security of information resources while operating within a culture of openness and decentralization. The issues institutions need to address include the following:
- Does your institution have privacy and security policies that extend beyond those areas where they are legally required and encompass all of the institution's IT resources and not just the central systems? Are they enforced consistently across the enterprise, reviewed regularly, measured for effectiveness, and audited for compliance? Do your procedures reflect your policies' goals?
- Does your institution have a formal, documented, security incident response plan that includes procedures for detecting, reporting, alerting, escalating decision-making authority, containing, remediating, and returning to service? Does the plan include a notification process when confidential data have been potentially compromised? Do you have staff trained in computer forensics?
- Do your senior administrators recognize their roles as information stewards? Have you developed clear, consistent policies and procedures for classifying, handling, retaining, and disseminating information and appropriate security controls for protecting critical and confidential resources?
- Does your institution have an enterprise IT security program to address the changing nature of IT threats and the increasing number of IT security-related federal and state mandates? How do you ensure that you remain current with respect to the changing regulatory landscape? How have you dealt legally and, if necessary, technically, with CALEA?
- Is IT security viewed as a funding priority? Are there necessary funds to facilitate and support improved security measures on a campus-wide basis?
- Do you have a chief privacy officer and/or a chief information security officer for striking the balance between privacy and security? Are sufficient staff members trained to assess the risks to, and ensure the privacy and security of, the institution's information resources?
- Has your institution planned or completed a comprehensive risk assessment to identify and prioritize vulnerable areas and ways to mitigate potential risks, including those caused by lost or stolen mobile devices? Do you routinely consider the privacy and security implications before buying or deploying new systems or technologies?
- Does your institution provide an awareness and training program in privacy and security? Does it include awareness of the defensive measures appropriate to your institution to protect systems, data, and identity? Do you regularly communicate information about your policies and procedures to your constituents?
- Has your institution built the appropriate infrastructure to improve security? Have you implemented a unified threat-management system that includes such features as firewalls; VPNs; antivirus, antispyware, antispam, and antiphishing; bandwidth management; intrusion prevention and detection; and content filtering?
A key resource for security managers and stakeholders in higher education is the Web site of the EDUCAUSE/Internet2 Computer and Network Security Task Force, <http://www.educause.edu/security>.
No. 3: Administrative/ERP/Information Systems
Although Funding IT is the top issue of strategic importance in 2007, managing Administrative/ERP/Information Systems continues to require the most human and/or financial resources. Until recently, most campuses were in the early stages of ERP implementations; however, since the majority of survey respondents to the EDUCAUSE Core Data Service survey reported having implemented or being close to implementing their ERPs,27 this overview focuses on the later stages of this never-ending process.
While the number of ERP vendors and providers can be counted on both hands, competition has forced them to offer stronger products and better services. To understand the dynamics and results of this competition, Gartner, Inc., publishes and regularly updates a Magic Quadrant for Higher Education Administrative Suites (September 2006).28
Due to pressures both external (such as competition) and internal (such as funding), campus officials must assess the opportunities and risks of migrating to a different vendor or open source solution. Vendors are increasingly responsive to major shifts in higher education. They have begun concentrating on value-based business models and on understanding shifting student demographics. While a fully developed open source ERP has yet to be finalized, it is certainly an evolving option to watch. A few questions to consider in your assessment are:
- Does your institution get timely and ready access to information, especially for strategic planning and decision making? Have reengineered processes improved operations and increased efficiency? Has the system improved services for students, faculty, staff, and administrators?
- Is your vendor a leader in addressing challenges of higher education? Does the vendor's vision align with your strategic goals?
- What percentage of the functionality of your ERP is being used?
- Were/are you able to integrate other major systems/packages with your ERP without major customizations?
- Do you have sustainable resources to improve the system and keep up users' productivity in the new environment? What is your total cost of ownership for this system?
- If your last implementation was not successful, what are the risks and costs of continuing? Do you have the resources to migrate to another system? If you do, can your campus take on such a project?
A successful evaluation of ERP vendors and solutions should consider more than just the functionality of the solution. The alignment of the vendor's vision with your institution's mission and the mutual ability to adapt and execute are also critical considerations. Clearly, an ERP implementation is not just about the technology, and responsibility and authority should not rest with the CIO alone. Even with a broad set of senior stakeholders, the CIO must draw on leadership experience, diverse people's skills, anger and stress management, organizational and project supervision, and many other qualities to make ERP implementation a success. The good news is that many have done it and lived to talk/write about it!
No. 4: Identity/Access Management
The connection between managing information about an individual's identity and an individual's access to information and services now extends to nearly every aspect of academic, administrative, and community experience. Identity/Access Management (I/AM) ensures that the right people access the right services. In the past, I/AM was implemented system by system with duplicate identity data distributed across campus. The challenge now is to balance identifying, authenticating, authorizing, and provisioning not only for the systems managed by central IT organizations but also for the many units on campus that need to maintain relationships with different constituencies.
Managing the life cycle of an individual's institutional roles by consolidating and securing identity information and providing this data for services that IT or other departments deliver are core enterprise responsibilities. To support these responsibilities, several organizations provide valuable up-to-date I/AM and associated middleware resources, including EDUCAUSE (http://www.educause.edu/Browse/645?PARENT_ID=285); the InCommon Federation (http://www.incommonfederation.org/); Internet2 (http://middleware.internet2.edu/); and the National Science Foundation (http://www.nmi-edit.org/index.cfm).
Another important dimension of I/AM is assessing the impact of state and federal regulatory pressure on identity information practices and policies, particularly those originating with the Family Educational Rights and Privacy Act (FERPA), the Health Insurance Portability and Accountability Act (HIPAA), and the Gramm-Leach-Bliley Act.
Critical questions for institutions include the following:
- Do you have trained staff to select, deploy, and manage I/AM solutions?
- How does your institution extend and manage access to confidential data within the organization? How do you apply I/AM standards to external partners and service providers?
- Do campus leaders recognize their roles as information and identity stakeholders? Is access to institutional data managed properly?
- Do you have a strategy for managing digital identities? Do existing systems use a centralized repository, synchronization technologies, best practices, and/or open or prestandard technologies? Have you incorporated developing standards? How do you handle noncompliant systems?
- How effectively does your institution help students, faculty, and staff understand their legal rights and responsibilities and manage and protect their identities?
- Have you planned or completed an IT risk assessment to identify and prioritize vulnerable areas and ways to mitigate potential risks?
- Have you assessed and limited the use of Social Security numbers and other identifying data?
- Has your institution formally established the ownership of identity data maintained in its systems?
No. 5: Disaster Recovery/Business Continuity
The recovery of IT systems following a disaster has long been a concern of CIOs, but the broader issue of business continuity planning requires engagement by the entire campus. This engagement requires executive buy-in to ensure the participation of all stakeholders. In the event that these issues are seen as purely IT problems, it may be necessary for the CIO to provoke discussion by presenting draft solutions that presuppose commitments from other units.
Formal methodologies, consultants, and software tools are available to assist in conducting a business impact analysis. Resources are also available for institutions required to comply with the federal National Incident Management System (NIMS) or state Continuity of Operations/Continuity of Government (COOP/COG) initiatives. In addition, the EDUCAUSE Resource Center section on disaster recovery planning (http://www.educause.edu/Browse/645?PARENT_ID=166) includes an extensive collection of resources for developing, implementing, and maintaining an effective disaster recovery plan. Regardless of what approach is taken, institutions need to address the following questions:
- What are the natural and human risks facing the institution? Remember that universities offer more than education; they are also typically involved in housing, health care, entertainment, and retail enterprises.
- Which institutional staff, equipment, and information are necessary to continue functioning in the event of an incident? Look at processes, such as registering a student, rather than the daily operations of discrete offices.
- Which processes are mission critical? How long can the critical processes be unavailable (the recovery time objectives)? How much information loss can be tolerated (the recovery point objectives)? Are there tiers of processes with similar recovery time objectives?
- Rather than designing specific scenarios for specific crises, what recovery modules can be combined as necessary depending on the actual situation? Include specifications for the chain of command, communication plans, alternative work sites, and the necessary personnel and resources. Don't overlook opportunities for partnering with other educational, governmental, and nonprofit institutions.
- Do you have a documented and tested disaster recovery and business continuity plan in place for critical applications? How do you determine an acceptable level of risk and the right level of investment?
- Where can the documented recovery solutions be stored so as to be readily available in the event of an emergency?
- Are all stakeholders willing to commit to testing the recovery modules on at least an annual basis in order to prevent a false sense of security and to surface changes in the underlying processes?
No. 6: Faculty Development, Support, and Training
Faculty development remains crucial for strategic success in integrating technology into teaching, learning, and research, regardless of institutional size and type. A continuing challenge is the lack of congruence between the speed with which technology is advancing and the speed with which academe is able to evolve and adapt. There is "a lack of compatibility between pedagogical evolution and technological evolution."29 Further, students, too, are changing. The new generation of students brings with them very different expectations and understanding of technology, as well as different life and learning styles, than students in the not-too-distant past.
Determining which of the many emerging technologies are pertinent to faculty at your campus is a continuing challenge. The 2007 Horizon Report identifies key trends, critical challenges, and technologies to watch in the practice of teaching, learning, and creativity.30 These trends may help those who are responsible for faculty professional development activities. Another set of valuable resources on helping teachers use technology appears on the EDUCAUSE Resource Center page on Training (http://www.educause.edu/Browse/645?PARENT_ID=480).
Faculty development programs must be linked to campus infrastructure and services to optimize effectiveness. Planning faculty development activities related to effective uses of mobile and wireless technologies, for example, must be coordinated with the campus deployment of such technologies.31
Given a renewed emphasis on collaborative learning, it is important to incorporate inter- and intracampus collegial networks in faculty development. This might include creating venues (such as workshops, institutes, forums, brown-bag lunches, wikis) where faculty across disciplines can discuss what they are learning, talk about problems, and learn from each other.32
Critical questions for Faculty Development, Support, and Training include the following:
- What constitutes faculty development? How is success measured?
- How can faculty better understand their students and how they perceive technology?
- What are the appropriate models for faculty training and support? Do faculty have time to attend workshops, or should support personnel consider different service models to convey the pertinent information?
- Are "faculty incentives" still an issue for individual faculty and for campuses?
- How can the standards and assessment work of national and international associations benefit campuses seeking to measure student learning and faculty productivity?
- How should concerns related to digital media copyright protection be incorporated into development activities?
No. 7: Infrastructure
Managing IT infrastructure for higher education today is a balancing act. Institutions require high performance, reliability, scalability, agility, and a platform for innovation. Managers must balance cost, manageability, flexibility, stability, privacy, security, and performance.
As institutions strive to improve communications and services for all members of the community, expectations are high. Service level agreements are useful tools for establishing expectations and understanding the requirements of internal customers. Under the rubric of "timing is everything," institutions continue to view technologies as a competitive opportunity requiring the ability to adopt and adapt quickly.
IT project delivery schedules become increasingly short at the same time that integration and security requirements become more complex. IT organizations must deploy the appropriate combination of hardware, software, and services in a manageable and scalable information architecture. In turn, this architecture must facilitate the organization, storage, access, and maintenance of strategic information services and resources.
Some things to consider when planning, maintaining, and upgrading your IT infrastructure include:
- Do you have a replacement plan for servers, appliances, network devices, and other hardware? Do you negotiate prepaid or long-term maintenance agreements? Have you compared lease and purchase options?
- Are you planning for and budgeting "environmental" upgrades? Do you know your power, generator, UPS, air-conditioning, floor-space, and fire-suppression requirements for the next three years or for an appropriate planning horizon?
- Do you have good monitoring and benchmarking practices? Do you perform trend analyses to assist with capacity and upgrade planning?
- Do your network and systems administrators have the tools and training to automate problem detection and notification? Do you have end-to-end component and service-level monitoring agents or tools in place? Do you have problem resolution processes integrated throughout your IT infrastructure?
- Do you have built-in redundancy for your network and critical applications servers? Do you have test environments for use when upgrading hardware and software?
- Are you effectively managing the accelerating requirements for systems and storage? Do you have a plan to deal with the development and growth of more and larger data warehouses, institutional repositories, and digital collections? Do you have an information life-cycle management plan to assure the continued availability and usability of information?
- Are you evaluating or deploying virtualization techniques for storage, network, or server consolidation?
- Does your institution have adequate planning, staff and infrastructure resources, and funding to support research computing?
- Do you account for the dynamic change and pace of policy, security, and compliance requirements?
- Are you effectively meeting the current demand for both wired and wireless connectivity and mobile applications?
No. 8: Strategic Planning
Developing an IT strategic plan may seem, to some, to be close to impossible to achieve. How can planners create effective strategies for IT environments that change rapidly and will continue to change over time? Within the context of the strategic direction of the institution, IT certainly can play its role in supporting institutional directions. Institutional mission, vision, and values must drive the strategic priorities of not only IT, but of all units. The way to craft an IT strategy is to engage key stakeholders in dialogues to answer the question, How can information technology help the institution achieve its strategic goals? In addition, any IT strategic plan must be a living document updated periodically to reflect changes in institutional priorities or technologies themselves.
Building the IT strategic plan should be a collaborative effort across academic, research, and administrative units. It should consider the roles of students, faculty, staff, and administration. However, the plan must be much more than a reflection of institutional goals. It is the roadmap for investments in information technology and it publicly affirms the major thrusts of IT.
Critical questions related to IT strategic planning include:
- How do you engage the institution in building the IT strategic plan, when so many users may just want 24 7 services?
- Have you connected the strategic plan to the mission-critical foci of the institution? Does it address teaching and learning, research, outreach, and engagement goals? Do you actively involve constituencies for those in the planning process? How do deans and other executives participate in the process?
- Do you have a communication plan to inform all constituents about IT planning activities? Does it include conversations with members of the cabinet, regents or trustees, advisory groups, academic leadership, and student leaders? Do articles about the IT plan appear in the faculty/staff newsletter and the student newspaper? Is there an IT strategic plan Web site?
- Which tactics for multichannel communication and engagement should you deploy for the range of IT strategic plan stakeholders on your campus: surveys, newsletters, student and administrative newspapers, town meetings, focus groups, interviews, blogs, others?
- Does your strategic plan drive IT budget priorities and investments?
- Are the goals of the strategic plan realistic and reachable? Does it include "stretch" goals intended to push the institution beyond current capabilities?
- Have you built accountability into the strategic plan, with credible metrics in gauging progress? Have you included benchmarks as short- and long-term yardsticks of success?
- How often do you review and update the strategic plan? Does your review process include constituents from across the institution? How do you report progress to the institution?
- Is your strategic planning process aligned with how your institution makes decisions?
No. 9: Course/Learning Management Systems
Possibly spurred by concerns over the Blackboard/WebCT merger and Blackboard's patent suit, as well as the continuing maturity of open source options, Course/Learning Management Systems (C/LMS) have appeared for the first time among the top-ten issues facing higher education CIOs. It may also be the case, as suggested in the beginning of this article, that this visibility can be attributed to the evolution of C/LMS technology as a mission-critical enterprise system; its accelerating use as a critical teaching and learning resource by institutions of all kinds; and the technology's impact on IT funding, in terms of licensing and local support.
Following the pattern of library and ERP systems, C/LMS's are fast becoming a campus utility, expected to be available 24 7. There is a growing body of literature and research on student and faculty use of and attitudes toward this technology. The findings suggest that overall penetration in higher education has increased by a factor of three since 2000; more than 90 percent of campuses support at least one C/LMS, with nearly 70 percent standardized on a single commercial C/LMS; and while more faculty are using C/LMS's, they are selective and more often than not focused on administrative tools, less so on interactive features.33
C/LMS's are still relatively young. As the technology matures, it is evolving more toward learning management, encompassing content management and groupware tools as well as assessment tools and e-portfolios to track learning across courses and semesters. Likewise, the systems are becoming more student-centered, giving students greater control over content and supporting more higher-order learning activities.
Key issues to consider in the implementation of a C/LMS include:
- Should you buy a commercial C/LMS or can your institution support an open source application? Do you have the development expertise to implement and support open source?
- Do you have opportunities to reduce C/LMS costs through a consortium arrangement?
- What will you want to integrate with the C/LMS: Portal? Portfolio? ERP? Library resources?
- Do you have training/support resources available to help faculty and students make effective use of the C/LMS's features?
- Have you conducted or are you planning an assessment of how the C/LMS impacts teaching and learning at your institution?
- If you are changing systems, do you have a plan in place to ensure smooth migration of existing materials to the new system?
- Have you planned for a high-availability hardware system for your C/LMS, with sufficient failover capability to prevent the shutdown of a critical service?
No. 10: Governance, Organization, and Leadership
The pervasiveness and strategic value of IT in higher education make effective guidance of IT essential. In addition, IT must be an integral part of an institution's culture. Governance, Organization, and Leadership is critical to successfully using IT to achieve institutional goals.
For more than 20 years, various organizations, including EDUCAUSE, have collected and disseminated data about IT environments in higher education.34 These data and analyses can help higher education executives make judicious decisions about IT in their institutions.
The IT organizational structure manages the allocation of IT resources (human resources especially) in performing operational work; influences information flow throughout the organization; and optimizes the efficiency of knowledge work. IT Governance, Organization, and Leadership undergirds all of the other current issue areas. It is the foundation for good/best practices, processes, and procedures to ensure that the organization's IT services and staff both support and advance the organization's goals and objectives.
In higher education, a balance must be achieved between the needs of academic IT and administrative IT. In larger institutions, an added dimension of balance is required because of large divisions/departments competing for limited IT resources. Although governance structures will differ across sizes and types of campuses, Jack McCredie suggested that "to achieve a higher level of coordination, campuses should consider moving toward more 'federated' structures in which areas that overlap can be defined and governed more collaboratively, efficiently, and effectively."35
Beyond institutional structures, state governing bodies impact all higher education institutions, whether public or private. Coordinating and aligning with state-level governance structures will allow your institution to offer excellent services as well as access to vital statewide information that your organization needs to be successful within the region.
Important areas to address for Governance, Organization, and Leadership include the following:
- Does your current governance structure, including advisory committees, facilitate or impede planning, prioritizing, and implementing IT initiatives, sharing expensive resources, and actions that could improve campus IT services?
- Does the executive team at your institution understand that the role of an IT leader is not about technology itself but the ability of a campus to achieve its goals and objectives through technology? Does the IT leader interact frequently with campus executives and academic leaders? Does he or she sit on the president's cabinet and participate in institutional strategic planning bodies? To whom does the IT leader report?
- Have you established advisory structures for IT that are broadly representative?
- Are you helping to develop IT leaders for the future? Does your organization have a leadership development path in place?
- How well do you coordinate with state-level governance structures?
Conclusion
The 2007 Current Issues Survey shows, as have the previous seven surveys, the ebb and flow of a profession that is responsive in adapting services and organizations to emerging technologies and rising information appetites. Just as there are the predictable "big" issues that continue making the largest blips on the collective radar, there are those being surpassed or replaced by newer ones that now shape the learning enterprise and figure more centrally in the institutional mission. Where the survey aligns with measures of IT trends in other sectors of the economy, it reflects global forces of an increasingly connected and "flatter" world. Where it diverges, the survey shows the special needs and opportunities of institutions that, despite dramatic changes in the sources, form, and delivery of instructional and research services, remain the focal point of society's investment in education.