Top-Ten IT Issues, 2007

© 2007 John S. Camp, Peter B. DeBlois, and the 2007 EDUCAUSE Current Issues Committee

EDUCAUSE Review, vol. 42, no. 3 (May/June 2007): 12–33

Which IT issue is of top concern to technology leaders in higher education today? Did the number-one issue of 2006—Security and Identity Management—continue to be of prime importance to college and university IT leaders? Did new issues emerge on the top-ten list? Did issues from last year drop off the list this year? The eighth annual EDUCAUSE Current Issues Survey has the answers. Administered by the EDUCAUSE Current Issues Committee, whose members review and update the set of IT issues to be presented each year, the Web-based survey was conducted in December 2006. Survey participants—the primary representatives, typically CIOs, of EDUCAUSE member institutions—were asked to check up to five of thirty-two IT issues in each of four areas: (1) issues that are critical for strategic success; (2) issues that are expected to increase in significance; (3) issues that demand the greatest amount of the campus IT leader's time; and (4) issues that require the largest expenditures of human and fiscal resources.¹

Complete details and an in-depth analysis of the 2007 Current Issues Survey are published in the Summer 2007 issue of EQ, the EDUCAUSE quarterly journal for IT practitioners. The EQ article presents detailed demographic breakdowns, offers a 2006/2007 comparison of the top-ten issues in all four areas, and places the responses in the context of other organizations' annual surveys and reports on IT-related trends in higher education.²

This EDUCAUSE Review article focuses on the first of the four areas noted above: the top-ten issues that IT leaders identified as the most important for their institutions to resolve for strategic success. For each issue, we offer a definition and a set of questions. The questions are not meant to be exhaustive; they are intended to stimulate thinking and discussion.

But first, how do these results compare to last year's?³ Five findings merit special mention:

• For the 2007 survey, the Current Issues Committee decided to split a key issue choice from last year's survey: Security and Identity Management. Last year, this combined issue was the number-one IT-related issue, topping Funding IT, which had occupied the top position for three consecutive years (2003–2005). This year, survey respondents had two choices: Security and Identity/Access Management. Committee members reasoned that the two issues had separately matured and become complex enough in recent years that keeping them combined made no sense. With this change, Funding IT moved back into the top position, with Security rated number two and Identity/Access Management number four.
• For the first time, Course/Learning Management Systems (C/LMSs) moved into the top-ten ranking, as number nine. It is tempting to attribute this notable radar blip to the community's vigorous discussion of the Blackboard merger with WebCT and the patent controversy over the past year. Not to minimize the galvanizing impact of that controversy, but perhaps it is more important to recognize the evolution of C/LMS technology as a mission-critical enterprise system; its accelerating use as a fundamental teaching and learning resource by institutions of all kinds; the challenge of choosing an open-source or vendor-supplied solution; and the impact of the C/LMS technology on IT funding, in terms of both licensing and local support. Indeed, the 2006 inaugural EDUCAUSE Catalyst Award went to Course Management Systems as a "complex, far-reaching web of initiatives that has had broad impact on higher education in less than a decade."⁴
• Disaster Recovery/Business Continuity, which made a dramatic appearance last year as number four—following the U.S. hurricane seasons of 2004 and 2005—remains on the top-ten list this year, at number five.
• E-Learning/Distributed Teaching and Learning, which ranked ninth last year, does not appear on the 2007 top-ten list. This is still an area of top strategic importance for nearly all institutions but has likely been displaced, at least for this year, by the rising attention being given nationally and locally to Course/Learning Management Systems, a key technology supporting e-learning.
• Web Systems and Services, which was number ten in 2006 and has appeared regularly since 2003, does not appear on the top-ten list in 2007. Including as it does such subitems as developing Web-based business strategies, integrating legacy and Web-based systems, and developing Web policies, this item has perhaps stabilized sufficiently to not be of particularly high importance to the CIO.

With most issues either holding their rankings or moving up or down by only one position from 2006 to 2007, the top-ten issues have remained fairly stable. Nonetheless, their natures and dimensions of urgency are constantly in flux, meriting a fresh look with each year's survey results. Below, the members of the 2007 EDUCAUSE Current Issues Committee describe the top-ten issues that IT leaders say are the most important for their institution to resolve for strategic success.

Issue #1: Funding IT

In 2007, Funding IT resumed its place as the top-ranked strategic IT issue, where it has appeared five times since the survey began in 2000. In fact, Funding IT is the only issue that has ranked as number one or number two for all eight years of the survey. Escalating costs for IT service delivery and maintenance in the face of funding pressures at the institutional level leave little flexibility in many IT budgets. Along with these institutional pressures come broadening external pressures on the higher education community for improved accountability and productivity.

These internal and external pressures place IT leaders in a highly visible "catch-22" situation: requests for innovation to advance institutional goals compete with demands for reduced expenditures, all as technology has become a necessity for institutional improvement.⁵ The Spellings Commission's challenge for more accountability, efficiency, productivity, and transparency with respect to higher education costs is not likely to fade away anytime soon.⁶ Board members and other local constituencies also expect more accountability and demonstration of value in exchange for funding support. Increases in IT funding are likely dependent on the CIO's ability to align with institutional priorities, to convey the value that information technologies bring to these priorities, and to deliver on the promises.

Associated with the critical need to collaborate, communicate, and deliver is the need for IT budget and expense benchmark data, as well as student-centered metrics demonstrating the value of IT. These measures, combined with the development of an adaptive planning model⁷ to help ensure IT alignment and agile responses to changing needs,⁸ are essential for funding success. Funding for IT initiatives is more likely to follow proposals and programs that clearly advance institutional goals, demonstrate the value provided by IT, and are communicated in ways the various constituencies can readily understand.

Critical questions for Funding IT include the following:

• Can the institution identify revenue streams that are better aligned with the current drivers of IT costs?
• What external collaborative opportunities might enable cost reductions, cost avoidance, or even a new revenue stream?
• What percentage of the IT budget is flexible? What percentage is consumed by fixed costs?
• Does the institution have an activity-based budget in place to facilitate communication about the costs associated with specific IT services? Are the hard decisions being made about which trailing-edge services should be discontinued in favor of strategic services?
• What decision-making process can the institution implement to free up portions of the central IT budget each year for innovative uses?
• What student-centered metrics best convey the value that IT provides for the institution?
• What steps can the institution take to implement or enhance its IT governance process to ensure that IT priorities are in alignment with institutional goals?
• What steps can the institution take to contribute to the development of higher education cost standards and student-centered metrics?

Issue #2: Security

IT security remains a top concern at colleges and universities, a direct result of the changing landscape: increasingly, critical data and services are available electronically; data breaches are occurring more frequently; and the number of security-related state and federal regulations is increasing. College and university personnel have an increased responsibility to be proactive in their approach to ensuring the security of information resources while operating within a culture of openness and decentralization.⁹

Critical questions for Security include the following:

• Does the institution have privacy and security policies that extend beyond the legally required areas and that encompass all of the institution's IT resources and not just the central systems? Are the policies enforced consistently across the enterprise, reviewed regularly, measured for effectiveness, and audited for compliance? Do the institutional procedures reflect the goals of the policies?
• Does the institution have a formal, documented incident-response plan that includes procedures for detecting, reporting, alerting, escalating decision-making authority, containing, remediating, and returning to service? Does the plan include a notification process when confidential data have been potentially compromised? Are any IT staff trained in computer forensics?
• Do senior administrators recognize their roles as information stewards? Have clear, consistent policies and procedures been developed for classifying, handling, retaining, and disseminating information and appropriate security controls for protecting critical and confidential resources?
• Does the institution have an enterprise IT security program to address the changing nature of IT threats and the increasing number of IT security-related federal and state mandates? How does the institution remain current with respect to the changing regulatory landscape? How has the institution dealt legally and, if necessary, technically with CALEA?
• Is IT security viewed as a funding priority? Are there necessary funds to facilitate and support improved security measures on a campus-wide basis?
• Does the institution have a chief privacy officer and/or a chief information security officer for striking the balance between privacy and security? Are there sufficient resources to assess risks to, and ensure the privacy and security of, the institution's information resources?
• Has the institution planned or completed a comprehensive risk assessment to identify and prioritize vulnerable areas and to find ways to mitigate potential risks, including those caused by lost or stolen mobile devices? Does the institution routinely consider privacy and security implications before buying or deploying new systems or technologies?
• Does the institution provide an awareness and training program in privacy and security? If so, does the program include awareness of the defensive measures appropriate to the institution to protect systems, data, and identity? Does the institution regularly communicate information about its policies and procedures to its constituents?
• Has the institution built the appropriate infrastructure to improve security? Has it implemented a unified threat-management system that includes such features as firewalls, VPNs, antivirus/antispyware/antispam/antiphishing, bandwidth management, intrusion prevention and detection, and content filtering?

Issue #3: Administrative/ERP/Information Systems

Until recently, most campuses were in the early stages of ERP implementations; however, since the majority of respondents to the EDUCAUSE Core Data Service survey reported having implemented or being close to implementing their ERPs,¹⁰ this overview discusses the later stages of this never-ending process.

Although the number of ERP vendors and providers can be counted on both hands, competition has forced them to offer stronger products and better services. To understand the dynamics and results of this competition, Gartner publishes and regularly updates its Magic Quadrant for Higher Education Administrative Suites.¹¹ Due to both external pressures (e.g., competition) and internal pressures (e.g., funding), campus officials have to assess the opportunities and the risks of migrating to a different vendor or open-source solution. Vendors are increasingly responsive to major shifts in higher education, concentrating on value-based business models and on the shifting student demographics. Even though a fully developed open-source ERP has yet to be finalized, that is certainly an evolving option to watch.

A successful evaluation of ERP vendors and solutions should consider more than just the functionality of the solution. The alignment of the vendor's vision with the institutional mission and the ability of the vendor and the institution to adapt and execute are also critical considerations. Clearly, an ERP implementation is not just about the technology, and responsibility and authority should not rest with the CIO alone. Even with a broad set of senior stakeholders, the CIO must draw on leadership experience, diverse people skills, anger and stress management, organizational and project supervision, and many other qualities to make the ERP implementation a success. The good news is that many have done this and lived to talk/write about it!

Critical questions for Administrative/ERP/Information Systems include the following:

• Does the institution get timely and ready access to information, especially for strategic planning and decision making? Have re-engineered processes improved operations and increased efficiency? Has the system improved services for students, faculty, staff, and administrators?
• Is the vendor still a leader in addressing challenges of higher education? Is the vendor's vision aligned with the institution's strategic goals?
• What percent of the functionality of the ERP is actually being used?
• Was/is the institution able to integrate other major systems/packages with its ERP without major customizations?
• Does the institution have sustainable resources to improve the system and keep up users' productivity in the new environment? What is the total cost of ownership for this system?
• If the last implementation was not successful, what are the risks and costs of continuing? Does the institution have the resources to migrate to another system? If so, can the campus take on such a project?

Issue #4: Identity/Access Management

The connection between managing information about identities and an individual's access to information and services now extends to nearly every aspect of academic, administrative, and community experience. Identity/Access Management (I/AM) ensures that the right people access the right services. In the past, I/AM was implemented system by system, with duplicate identity data distributed across a campus. The challenge now is to balance identifying, authenticating, authorizing, and provisioning not only for the systems managed by central IT organizations but also for the systems of the many units on campus that need to maintain relationships with different constituencies.

Managing the life cycle of an individual's institutional roles by consolidating and securing identity information and providing this data for services that IT or other departments deliver are core enterprise responsibilities. To support these responsibilities, several organizations provide valuable up-to-date I/AM and associated middleware resources—including EDUCAUSE (http://www.educause.edu/Browse/645?PARENT_ID=285), the InCommon Federation (http://www.incommonfederation.org/), Internet2 (http://middleware.internet2.edu/), and the National Science Foundation (http://www.nmi-edit.org/index.cfm).

Another important dimension of I/AM is assessing the impact of state and federal regulatory pressure on identity information practices and policies, particularly those originating with the Family Educational Rights and Privacy Act (FERPA), the Health Insurance Portability and Accountability Act (HIPAA), and the Gramm-Leach-Bliley Act.

Critical questions for Identity/Access Management include the following:

• Does the institution have trained staff to select, deploy, and manage I/AM solutions?
• How does the institution extend and manage access to confidential data within the organization? How does it apply I/AM standards to external partners and service providers?
• Do campus leaders recognize their roles as information and identity stakeholders? Is access to institutional data managed properly?
• Does the institution have a strategy for managing digital identities? Do existing systems use a centralized repository, synchronization technologies, best practices, and/or open or pre-standard technologies? Has the institution incorporated developing standards? How does it handle noncompliant systems?
• How effectively does the institution help students, faculty, and staff to understand their legal rights and responsibilities and to manage and protect their identities?
• Has the institution planned or completed an IT risk assessment to identify and prioritize vulnerable areas and ways to mitigate potential risks?
• Has the institution assessed and limited the use of Social Security numbers and other identifying data?
• Has the institution formally established the ownership of identity data maintained in its systems?

Issue #5: Disaster Recovery/Business Continuity

The recovery of IT systems following a disaster has long been a concern of CIOs, but the broader issue of business continuity planning requires engagement by the entire campus. This engagement requires executive buy-in to ensure the participation of all stakeholders. In the event that these issues are seen as purely IT problems, it may be necessary for the CIO to provoke discussion by presenting draft solutions that presuppose commitments from other units.

Formal methodologies, consultants, and software tools are available to assist in conducting a business-impact analysis. There are also resources available for institutions that are required to comply with the federal National Incident Management System (NIMS) or state Continuity of Operations/Continuity of Government (COOP/COG) initiatives. In addition, the EDUCAUSE Resource Center section on disaster recovery planning (http://www.educause.edu/Browse/645?PARENT_ID=166) includes an extensive collection of resources for developing, implementing, and maintaining an effective disaster recovery plan.

Critical questions for Disaster Recovery/Business Continuity include the following:

• What are the natural and human risks facing the institution? Colleges and universities offer more than education; they are also typically involved in housing, health care, entertainment, and retail enterprises.
• Which staff, equipment, and information are necessary to continue functioning in the event of an incident? The institution should look at processes—for example, registering a student—rather than the daily operations of discrete offices.
• Which processes are mission-critical? How long can the critical processes be unavailable (what are the recovery time objectives)? How much information loss can be tolerated (what are the recovery point objectives)? Are there tiers of processes with similar recovery time objectives?
• Rather than designing specific scenarios for specific crises, can the institution combine recovery modules as necessary depending on the actual situation? Specifications for the chain of command, communication plans, alternative work sites, and the necessary personnel and resources should be included, and opportunities for partnering with other educational, governmental, and nonprofit institutions should not be overlooked.
• Does the institution have a documented and tested disaster recovery and business continuity plan in place for critical applications? How does the institution determine an acceptable level of risk and the right level of investment?
• Where can the documented recovery solutions be stored so as to be readily available in the event of an emergency?
• Are all stakeholders willing to commit to testing the recovery modules on at least an annual basis in order to prevent a false sense of security and to surface changes in the underlying processes?

Issue #6: Faculty Development, Support, and Training

Faculty development remains crucial for strategic success in integrating technology into teaching, learning, and research, regardless of institutional size and type. A continuing challenge is the lack of congruence between the speed with which technology is advancing and the speed with which academe is able to evolve and adapt. As Michael M. Crow, the president of Arizona State University, has noted, there is "a lack of compatibility between pedagogical evolution and technological evolution."¹² Further, students too are changing. The new generation of students brings with them expectations and understandings of technology, as well as life and learning styles, very different from those of students in the not-too-distant past.

Determining which of the many emerging technologies are pertinent to faculty is a continuing challenge. The Horizon Report: 2007 Edition identifies key trends, critical challenges, and technologies to watch in the practice of teaching, learning, and creativity.¹³ These trends may help those who are responsible for professional-development activities for faculty. Another set of valuable resources for helping teachers use technology is the EDUCAUSE Resource Center page on Training (http://www.educause.edu/Browse/645?PARENT_ID=480).

Faculty-development programs also must be linked to campus infrastructure and services to optimize effectiveness. Planning faculty-development activities related to the effective uses of mobile and wireless technologies, for example, must be coordinated with the campus deployment of such technologies.¹⁴

There is a renewed emphasis on collaborative learning. Hence, it is important to incorporate inter- and intra-campus collegial networks in faculty development. This might include creating venues (such as workshops, institutes, forums, brown-bag lunches, wikis) where faculty across disciplines can discuss what they are learning, can talk about problems, and can learn from each other.¹⁵

Critical questions for Faculty Development, Support, and Training include the following:

• What constitutes faculty development? How is success measured?
• How can faculty better understand their students and how students perceive technology?
• What are the appropriate models for faculty training and support? Do faculty members have time to attend workshops, or should support personnel consider different service models to convey the pertinent information?
• Are "faculty incentives" still an issue for individual faculty members and for campuses?
• How can the standards and assessment work of national and international associations benefit campuses seeking to measure student learning and faculty productivity?
• How should concerns related to digital media copyright protection be incorporated into development activities?

Issue #7: Infrastructure

Managing IT infrastructure for higher education today is a balancing act. Institutions require high performance, reliability, scalability, agility, and a platform for innovation. Managers must balance cost, manageability, flexibility, stability, privacy, security, and performance.

As institutions strive to improve communications and services for all members of the community, expectations are high. Service-level agreements (SLAs) are useful tools for establishing expectations and for understanding the requirements of internal customers. Under the rubric of "timing is everything," institutions continue to view technologies as a competitive opportunity requiring the ability to adopt and adapt quickly.

IT project-delivery schedules become increasingly short at the same time that integration and security requirements become more complex. IT organizations must deploy the appropriate combination of hardware, software, and services in a manageable and scalable information architecture. In turn, this architecture must facilitate the organization, storage, access, and maintenance of strategic information services and resources.

Critical questions for Infrastructure include the following:

• Does the institution have a replacement plan for servers, appliances, network devices, and other hardware? Does it negotiate prepaid or long-term maintenance agreements? Has the institution compared lease and purchase options?
• Is the institution planning and budgeting for "environmental" upgrades? Does the institution know the power, generator, UPS, air-conditioning, floor-space, and fire-suppression requirements for the next three years—or for an appropriate planning horizon?
• Does the institution have good monitoring and benchmarking practices? Does it perform trend analysis to assist with capacity and upgrade planning?
• Do network and systems administrators have the tools and training to automate problem detection and notification? Does the institution have end-to-end component and service-level monitoring agents or tools in place? Are problem-resolution processes integrated throughout the IT infrastructure?
• Do network and critical applications servers have built-in redundancy? Does the institution have test environments for use when upgrading hardware and software?
• Is the institution effectively managing the accelerating requirements for systems and storage? Does it have a plan to deal with the development and growth of more and larger data warehouses, institutional repositories, and digital collections? Does the institution have an information life-cycle management plan to ensure the continued availability and usability of information?
• Is the institution evaluating or deploying virtualization techniques for storage, network, or server consolidation?
• Does the institution have adequate planning, staff and infrastructure resources, and funding to support research computing?
• Does the institution account for the dynamic change and pace of policy, security, and compliance requirements?
• Is the institution effectively meeting the current demand for both wired and wireless connectivity and mobile applications?

Issue #8: Strategic Planning

Developing an IT strategic plan may seem, to some, to be close to impossible to achieve. How can planners create effective strategies for IT environments that change rapidly and will continue to change over time? Within the context of the strategic direction of the institution, IT certainly can play its role in supporting institutional directions. Institutional mission, vision, and values must drive the strategic priorities not only of IT but of all units. The way to craft an IT strategy is to engage key stakeholders in dialogues to answer the question, "How can IT help the institution achieve its strategic goals?" In addition, any IT strategic plan will have to be a living document updated periodically to reflect changes in institutional priorities or technologies themselves.

Building the IT strategic plan should be a collaborative effort across academic, research, and administrative units. The strategic plan should consider the roles of students, faculty, staff, and administration. However, the plan must be much more than a reflection of institutional goals. It is the roadmap for investments in IT, and it publicly affirms the major thrusts of IT.

Critical questions for Strategic Planning include the following:

• How can the institution become engaged in building the IT strategic plan, when so many users may just want 24x7 services?
• Is the strategic plan connected to the mission-critical foci of the institution? Does the plan address teaching and learning, research, outreach, and engagement goals? Are these constituencies actively involved in the planning process? How do deans and other executives participate in the process?
• Is there a communication plan to inform all constituents about IT planning activities? Does it include conversations with members of the cabinet, regents or trustees, advisory groups, academic leadership, and student leaders? Do articles about the IT plan appear in the faculty/staff newsletter and the student newspaper? Is there an IT strategic plan Web site?
• Which tactics for multi-channel communication and engagement should be deployed for the range of IT strategic plan stakeholders on campus: surveys, newsletters, student and administrative newspapers, town meetings, focus groups, interviews, blogs, others?
• Does the strategic plan drive IT budget priorities and investments?
• Are the goals of the strategic plan realistic and reachable? Does it include "stretch" goals intended to push the institution beyond current capabilities?
• Is accountability built into the strategic plan, with credible metrics for gauging progress? Are benchmarks included as short- and long-term yardsticks of success?
• How often is the strategic plan reviewed and updated? Does the review process include constituents from across the institution? How is progress reported to the institution?
• Is the strategic planning process aligned with how the institution makes decisions?

Issue #9: Course/Learning Management Systems

Possibly spurred by concerns over the Blackboard/WebCT merger and Blackboard's patent suit, as well as the continuing maturity of open-source options, Course/Learning Management Systems (C/LMSs) have appeared for the first time among the top-ten issues facing higher education CIOs. It may also be the case, as suggested in the beginning of this article, that this visibility can be attributed to the evolution of C/LMS technology as a mission-critical enterprise system, to its accelerating use as a critical teaching and learning resource by institutions of all kinds, and to the technology's impact on IT funding, in terms of both licensing and local support.

Following the pattern of library and ERP systems, C/LMSs are fast becoming a campus utility, expected to be available 24x7. There is a growing body of literature and research on student and faculty use of and attitudes toward this technology. The findings suggest that overall penetration in higher education has increased by a factor of three since 2000; more than 90 percent of campuses support at least one C/LMS, with nearly 70 percent standardized on a single commercial C/LMS; and although more faculty are using C/LMSs, they are selective and, more often than not, are focused on administrative tools and less on interactive features.¹⁶

C/LMSs are still relatively young. As the technology matures, it is evolving more toward Learning Management Systems, encompassing content management and groupware tools, as well as assessment tools and e-portfolios to track learning across courses and semesters. Likewise, the systems are becoming more student-centered, giving students greater control over content and supporting more higher-order learning activities.

Critical questions for Course/Learning Management Systems include the following:

• Should the institution buy a commercial C/LMS, or can it support an open-source application? Does the institution have the development expertise to implement and support open source?
• Does the institution have opportunities to reduce C/LMS costs through a consortium arrangement?
• What will be integrated with the C/LMS: portal? portfolio? ERP? library resources?
• Does the institution have training/support resources available to help faculty and students make effective use of the C/LMS features?
• Has the institution conducted, or is it planning, an assessment of how the C/LMS affects teaching and learning at the institution?
• If the institution is changing systems, is there a plan in place to ensure smooth migration of existing materials to the new system?
• Has the institution planned for a high-availability hardware system for the C/LMS with sufficient failover capability to prevent the shutdown of a critical service?

Issue #10: Governance, Organization, and Leadership for IT

The pervasiveness and strategic value of IT in higher education make effective guidance of IT essential. In addition, IT must be an integral part of an institution's culture. Governance, Organization, and Leadership for IT is a critical issue if an institution wants to be successful in using IT to achieve its goals.

For more than twenty years, various organizations, including EDUCAUSE, have collected and disseminated data about IT environments in higher education.¹⁷ These data and analyses can help higher education executives make judicious decisions about IT in their institutions.

The IT organizational structure manages the allocation of IT resources (human resources especially) in performing operational work, influences information flow throughout the organization, and optimizes the efficiency of knowledge work. Governance, Organization, and Leadership for IT undergirds all of the other current issue areas and is the foundation for good/best practices—for processes and procedures to ensure that the IT services and staff both support and advance the organization's goals and objectives.

In higher education, a balance must be achieved between the needs of academic IT and administrative IT. In larger institutions, an added dimension of balance is required because of large divisions/departments competing for limited IT resources. Although governance structures will differ across sizes and types of campuses, Jack McCredie suggests that "to achieve a higher level of coordination, campuses should consider moving toward more 'federated' structures in which areas that overlap can be defined and governed more collaboratively, efficiently and effectively."¹⁸

Beyond institutional structures, state governing bodies influence all higher education institutions, whether public or private. Coordinating and aligning with state-level governance structures will allow an institution to offer excellent services as well as access to vital statewide information that the IT organization needs to be successful within the region.

Critical questions for Governance, Organization, and Leadership for IT include the following:

• Does the current governance structure, including advisory committees, facilitate or impede planning, prioritizing, and implementing IT initiatives? sharing expensive resources? actions that could improve campus IT services?
• Does the institutional executive team understand that the role of an IT leader is not about technology itself but is about the ability of a campus to achieve its goals and objectives through technology? Does the IT leader interact frequently with campus executives and academic leaders? Does he/she sit on the president's cabinet and participate on institutional strategic planning bodies? To whom does the IT leader report?
• Has the institution established IT advisory structures that are broadly representative?
• Are IT leaders for the future being developed? Does the IT organization have a leadership-development path in place?
• How well does the IT organization coordinate with state-level governance structures?

Summary

The most dramatic change in the EDUCAUSE Current Issues Survey since last year was that Course/Learning Management Systems moved into the top-ten ranking of strategic issues, as number nine. Also in 2007, the split of last year's number-one strategic issue, Security and Identity Management, into two distinct issues resulted in a more accurate sorting: Security as number two, and Identity/Access Management as number four. Disaster Recovery/Business Continuity, after making a dramatic appearance last year as number four, continues in the top ten this year, as number five.

Like the previous seven surveys, the 2007 EDUCAUSE Current Issues Survey shows the ebb and flow of a profession that is responsive in adapting services and organizations to emerging technologies and rising information appetites. Just as there are the predictable "big" issues that continue to make the largest blips on the collective radar, there are those that are surpassed or replaced by the newer issues that now shape the learning enterprise and figure more centrally in the institutional mission. The 2007 EDUCAUSE Current Issues Survey reflects the global forces of an increasingly connected and "flatter" world. But it also reveals the special needs and opportunities of U.S. colleges and universities, which—despite dramatic changes in the sources, form, and delivery of instructional and research services—remain the focal point of the nation's investment in education.

1. Of the 1,785 EDUCAUSE primary member representatives who received an e-mail invitation to complete the survey, 591 (33%) responded.

2. John S. Camp, Peter B. DeBlois, and the 2007 EDUCAUSE Current Issues Committee, "Current IT Issues Survey Report, 2007," EQ: EDUCAUSE Quarterly, vol. 30, no. 2 (2007), http://www.educause.edu/eq/eqm07/eqm0723.asp. Links to the six previous Current Issues Survey articles and related resources can be found at http://www.educause.edu/issues.

3. See Barbara I. Dewey, Peter B. DeBlois, and the 2006 EDUCAUSE Current Issues Committee, "Top-Ten IT Issues, 2006," EDUCAUSE Review, vol. 41, no. 3 (May/June 2006): 58–79, http://www.educause.edu/er/erm06/erm0633.asp.

4. See the 2006 EDUCAUSE Catalyst Award: http://www.educause.edu/2006/10958.

5. William H. Graves, "Improving Institutional Performance through IT-Enabled Innovation," EDUCAUSE Review, vol. 40, no. 6 (November/December 2005): 79–98, http://www.educause.edu/er/erm05/erm0564.asp.

6. U.S. Department of Education, A Test of Leadership: Charting the Future of U.S. Higher Education, a Report of the Commission Appointed by Secretary of Education Margaret Spellings (Washington, D.C., 2006), final report, September 2006, http://www.ed.gov/about/bdscomm/list/hiedfuture/reports/final-report.pdf.

7. John Voloudakis, "Hitting a Moving Target: IT Strategy in a Real-Time World," EDUCAUSE Review, vol. 40, no. 2 (March/April 2005): 44–55, http://www.educause.edu/apps/er/erm05/erm0522.asp.

8. Philip J. Goldstein, "Information Technology Funding in Higher Education," EDUCAUSE Center for Applied Research (ECAR) Research Study, vol. 7 (2004), http://www.educause.edu/LibraryDetailPage/666?ID=ERS0407.

9. A key resource for security managers and stakeholders in higher education is the Web site of the EDUCAUSE/Internet2 Computer and Network Security Task Force: http://www.educause.edu/security.

10. Brian L. Hawkins and Julia A. Rudy, EDUCAUSE Core Data Service Fiscal Year 2005 Summary Report (Boulder, Colo.: EDUCAUSE, 2006), 49–50, http://www.educause.edu/coredata/reports/2005/.

11. Marti Harris, Michael Zastrocky, and Jan-Martin Lowendahl, Magic Quadrant for Higher Education Administrative Suites, 2006, http://www.gartner.com/DisplayDocument?id=496548&ref=g_sitelink.

12. Crow quoted in "Managing IT from the Top Down," Chronicle of Higher Education, January 5, 2007, http://chronicle.com/weekly/v53/i18/18b01601.htm.

13. The New Media Consortium and the EDUCAUSE Learning Initiative, The Horizon Report: 2007 Edition, http://www.nmc.org/pdf/2007_Horizon_Report.pdf.

14. Anne H. Moore, John F. Moore, and Shelli B. Fowler, "Faculty Development for the Net Generation," chapter 11 in Diana G. Oblinger and James L. Oblinger, eds., Educating the Net Generation (Boulder, Colo.: EDUCAUSE, 2005), e-book, http://www.educause.edu/educatingthenetgen/.

15. Carol R. Holder, "New Media and New Literacies: Perspectives on Change," EDUCAUSE Review, vol. 41, no. 6 (November/December 2006): 76, http://www.educause.edu/er/erm06/erm0668.asp.

16. See "Faculty and Student Computing," chapter 3 in Hawkins and Rudy, 2005 Summary Report, http://www.educause.edu/coredata/reports/2005/, and Kenneth C. Green, 2006 Campus Computing Survey Summary (Encino, Calif.: Campus Computing Project, 2006), http://www.campuscomputing.net/. For additional resources on C/LMSs, see http://www.educause.edu/Browse/645?Parent_ID=493.

17. See "Historical Context," Appendix A in Hawkins and Rudy, 2005 Summary Report, 61–62, http://www.educause.edu/coredata/reports/2005/.

18. Jack McCredie, "Improving IT Governance in Higher Education," EDUCAUSE Center for Applied Research (ECAR) Research Bulletin, vol. 2006, issue 18 (2006), p. 10, http://www.educause.edu/LibraryDetailPage/666?ID=ERB0618.