Top-Ten IT Issues, 2010

© 2010 Bret L. Ingerman, Catherine Yang, and the 2010 EDUCAUSE Current Issues Committee. The text of this article is licensed under the Creative Commons Attribution-NonCommercial-NoDerivs 3.0 License (http://creativecommons.org/licenses/by-nc-nd/3.0/).

EDUCAUSE Review, vol. 45, no. 3 (May/June 2010): 46-60

The eleventh annual EDUCAUSE Current Issues Survey shows some very familiar themes among the top-ten IT issues of strategic importance to technology leaders in higher education. Indeed, all ten of the issues from the 2009 survey are back, albeit in a slightly different order. In addition, Strategic Planning returns as an issue of renewed importance after a two-year hiatus (there are actually eleven issues on the list this year, since two issues tied for sixth place). However, even though the issues remain basically the same, the underlying context of why these issues are on the list, and the impacts that the issues are having on IT leaders, differ this year.

Administered by the EDUCAUSE Current Issues Committee, the electronic survey was conducted in December 2009.¹ Survey participants — typically CIOs of EDUCAUSE member institutions — were asked to select the five most-important IT issues out of a selection of twenty-seven in each of four areas: (1) issues that are critical for strategic success; (2) issues that are expected to increase in significance; (3) issues that demand the greatest amount of the campus IT leader's time; and (4) issues that require the largest expenditures of human and fiscal resources.

Many of the issues that IT leaders face today reflect a fundamentally changed technology and educational climate. For example, one interesting finding is that although Outsourcing/Insourcing/Cosourcing/Crowdsourcing did not rank in the top ten as an issue of strategic importance, it appears poised to become one. It is #3 on the list of issues with the potential to become more significant. This should come as no surprise, since it seems that not a day goes by without an article appearing in the trade press, educational press, or popular press about some new service being offered in the "cloud." Likewise, more of the IT leader's time is being consumed by Governance, Organizational Management, and Leadership (#2) and Strategic Planning (#4), whereas these two issues are #6 and #9, respectively, on the list of issues critical for strategic success. IT leaders are spending an increased amount of time plotting long-term responses to both the acute pressures and the systemic changes that they and their institutions face, and IT leaders must work to make sure there are appropriate campus bodies from whom they can solicit input and vet new directions in services and support.

Yet despite all of the changes taking place in higher education and the world at large, the primary responsibility of IT leaders remains the same: to deliver the essential services that underlie the institutional mission. Thus, keeping the enterprise systems running (Administrative/ERP/Information Systems), maintaining a robust and secure technological infrastructure (Infrastructure/Cyberinfrastructure), and supporting the learning management systems that provide essential academic support (Learning Management Systems) remain the top consumers (#1, #2, and #3, respectively) of financial and human resources within the IT organization, even though these issues may not be of high strategic importance (#2, #10, and #8, respectively). Clearly, the role of the IT leadership is to keep the technological ship afloat even as the course may be changing. It is a testament to leaders of the IT organization that they are able to continue to do so during a time of uncertainty.

The remainder of this article focuses on the first of the four areas noted earlier: the top-ten issues that IT leaders identified as the most important for their institutions to resolve for strategic success.² For each issue, the members of the 2010 EDUCAUSE Current Issues Committee offer a few thoughts and a set of questions. The questions are not meant to be comprehensive; they are intended to encourage further thinking and discussion.

Issue #1: Funding IT

Funding IT has been a top-ten issue of strategic importance since the inception of the Current Issues Survey in 2000. Historically, IT leaders have felt that technology needs are underfunded. But last year, due to the global economic crisis, concerns about funding shifted to how to reduce technology budgets, or increase the revenue from technology-related endeavors, while at the same time enhancing effectiveness.

It is clear that technology budgets will remain flat (or even decrease) for the foreseeable future as higher education institutions continue to grapple with the effects and after-effects of the downturn in the economy. Given this reality, now may be the time to turn this issue completely on its head. That is, rather than bemoaning insufficient funding for present and planned IT services and initiatives and trying to find the best ways to seek increased funds, perhaps the time has come for IT leaders to accept the level of funding for technology as a given and begin to work with others on campus to determine what services can be offered within the allocated budget. Rather than seeing the perceived (or real) lack of funding as a problem, perhaps IT leaders can see it as an opportunity to engage with other campus leaders in a meaningful discussion about priorities. By turning lemons into lemonade, IT leaders can embrace the current fiscal climate and use it as a catalyst to begin a conversation — one that is good to have at any time but that is especially important now.

Critical questions for Funding IT include the following:

• Has the IT organization worked to create a multi-year operating and capital budget, however imperfect, so that both the IT organization and the broader campus can understand and effectively plan within fiscal realities?
• Has IT leadership strategically leveraged the economic downturn to create opportunities for meaningful discussions of collaboration and cooperation across the campus?
• Has the IT organization engaged with the campus broadly to better understand how others perceive their technology needs and to learn more about which services they value most highly?
• Does the governance structure provide a framework for engaging in a meaningful conversation about institutional priorities for information technology, given limited financial resources?
• Are IT leaders prepared to make the cognitive leap from identifying strategies to obtain additional funds to seeking to create consensus about what can be done given a stable (and limited) level of funding?

Issue #2: Administrative/ERP/Information Systems

The survey results for 2010 indicate that the Administrative/ERP/Information Systems issue continues to garner some of the highest rankings in three out of the four survey categories: "Strategic Importance" (#2); "Consuming CIO's time" (#3); and "Consuming Financial/Human Resources" (#1).

These results are consistent with the Current Issues Survey in previous years, and they probably would not surprise any experienced CIO. On the other hand, the survey results also indicate that CIOs don't rank these systems as high in the "Potential to Become More Significant" category (#5). In other words, these systems are clearly of strategic importance to CIOs, consume much of their time, and are one of the largest expenditures in the IT budget, but they are generally viewed as stable operations — until perhaps the next major upgrade or system integration challenge.

What isn't clear from the survey is how new developments are affecting CIOs' perceptions and plans for future administrative, ERP, and information systems. Specifically, in an era of flat or declining financial and human resources, can these systems be streamlined, or are they too large and complicated? While IT departments review other operations and services for cutbacks, such as computer labs and classroom technologies, can they apply the same wary eye and sharp scalpel to these large systems?

What role will the ERP providers play in this essential reevaluation? As they seek to be more responsive to the growing need for and expectation of modern Web 2.0 technologies, will they continue to increase their costs and complexity or will they offer a different kind of solution? Further, will any cost increases in this area cause IT organizations to take a fresh look at smaller, more nimble companies and offerings, which may also be less expensive?

Critical questions for Administrative/ERP/Information Systems include the following:

• How do IT organizations obtain and incorporate Web 2.0 functionalities when these aren't available from the incumbent ERP provider?
• What constitutes the core elements of an administrative/ERP system, and what options exist for "bolting on" features and products from other providers?
• With the cost-benefit analyses of administrative/ERP systems becoming more complex and challenging in an era of shrinking resources, what degree of customization can be accommodated and at what long-term financial and personnel costs?
• Whereas the previous IT departmental mantra was to encourage or even require disparate systems to integrate with the central administrative/ERP system, does such integration make economic sense if the upgrade cycle for the central ERP system is every twelve to eighteen months?
• Are there some components of the campus information systems that can be outsourced or acquired via SaaS (Software as a Service) while IT leaders and campus constituents determine what services are absolutely necessary to integrate?
• What add-ons to the central ERP system (e.g., access via mobile devices) should IT organizations expect from providers, and which can be developed by using the expertise of existing IT staff resources?

Issue #3: Security

Information security remains in the #3 spot in this year's survey. As security threats grow in severity and as institutions continue to face limited resources to combat them, it seems likely that security will remain a top concern for higher education for years to come. Some reports indicate a slight slowing of recorded incidents, but most agree that the cost per incident is increasing. One recent study by the Ponemon Institute stated: "Data breach incidents cost U.S. companies $204 per compromised customer record in 2009." Another report, by the Identity Theft Resource Center, noted that data breaches are changing: "Malicious attacks have surpassed human error for the first time in three years."³

Years of awareness efforts seem to be resulting in some progress in combating these threats; however, keeping up with evolving threats can be difficult. Higher education communities that once faced mass mailings about lottery winnings are now dealing with harder-to-recognize, more-targeted scams such as fake requests for funds using the name of a known faculty member and describing a seemingly believable issue with overseas travel. It can be challenging for even the most astute community member to stay informed and protected.

A multipronged approach to information security remains the best defense. This includes ongoing community awareness and shared ownership of the information security responsibilities, maintenance of institution-wide information security policies and procedures, physical security of information assets, and dedicated resources and technical tools to allow for prevention, detection, and remediation of issues. Institutions do not have to face this concern as isolated entities. As the information security field continues to mature, it remains ripe for peer, community, corporate, and law enforcement collaborations, which can keep costs down and allow for solution sharing.

Critical questions for Security include the following:

• How are IT leaders discussing growing threats and compliance needs with the campus community? How are they discussing expectations for privacy and confidentiality and the ways in which those expectations might change in the face of more significant information security threats?
• How is the IT organization engaging faculty, staff, and student communities to increase information security awareness and ownership? Are campus real-life incidents being used to create "lessons learned" and to prevent similar instances? Are low-cost educational programs being used — such as student video contests about social networking risks — to keep costs down and impact high? How is the effectiveness of awareness campaigns being measured?
• How is the right amount of campus information security investment being determined, and how does this amount compare with that being spent by peer institutions? Is the institution leveraging resources such as the EDUCAUSE Core Data Service in this regard?
• How are the options for an information security infrastructure being evaluated?
• Is the IT organization participating in and leveraging local, national, and global information security communities and resources such as the EDUCAUSE/Internet2 Higher Education Information Security Council (http://www.educause.edu/security), REN-ISAC (http://www.ren-isac.net), and the Internet Crime Complaint Center (http://www.ic3.gov/preventiontips.aspx)?

Issue #4: Teaching and Learning with Technology

Because teaching and learning technologies affect virtually every current educational environment, CIOs and other IT leaders encounter increasingly complex role expectations. Often these expectations conflict with each other. For example, the task of evaluating, providing, and sustaining effective academic learning technologies expands the CIO's job description, while he or she must also maintain responsibility for high-quality IT infrastructures, privacy, security, communication, and institutional information. More than ever, emerging trends pull IT professionals further into the academic mix, where they make decisions about the viability and scalability of a seemingly endless array of new instructional assets. These dynamic environments redefine the CIO as an indispensable learning technology resource for faculty members, departments, programs, colleges, and institutions that look to this CIO position for responsiveness and leadership in developing and maintaining quality educational programs.

A natural side effect of these trends is that IT leaders are cast in faculty-development roles, where they work with organizations such as faculty centers and other units that support effective pedagogical use of technology and the scholarship of teaching and learning. They inherit responsibility for informing academic units about the potential value and challenges of the technologies that instructors and students consider for adoption. These expectations encompass multiple venues that accommodate varying modalities, including virtual environments. CIOs become primary for assisting academic units in developing evaluation protocols that provide authentic summative and formative information about institutionally supported and ad hoc technologies.

These instructional demands on CIOs play out in an environment of growing information fluency, bringing libraries, IT organizations, and academic units to a common ground where they assist students to effectively find, evaluate, and use information and to take active roles in the learning process. Helping the academic community to make sense out of the overwhelming amount of information that technology enables can create a boundary role for IT professionals: they can mediate the conversation among several loosely connected constituencies that embrace the information fluency concept but that define it differently in educational practice. The CIO's role in the assessment of student learning and in program evaluation is growing because technology plays a critical function in data gathering, analysis, and interpretation. Academic units turn to the CIO for counsel on technologies that support more reflective and authentic learning assessment methods such as simulations, e-portfolios, and evidence-based practice. All of these factors place CIOs and other IT leaders in an emerging and increasingly important position in the transformation of the educational enterprise.

Critical questions for Teaching and Learning with Technology include the following:

• How can IT professionals best meet the technology needs of the institution while providing and developing the best-possible institutional infrastructure?
• How can CIOs organize or participate in communities of practice to address strategic technology initiatives that include teaching and learning?
• How can IT leaders mediate the conversation about the academic needs of the community and the capabilities of various technology platforms?
• How can CIOs best advise the academic community about decision processes for assessing proposed instructional technologies?

Issue #5: Identity/Access Management

Every institution of higher education creates, licenses, and reposes data and resources that require controlled access, limited to certain individuals or groups. Moreover, legal and ethical constraints impose limits on access to student records, financials, research data, and other proprietary information. Accordingly, every institution needs a clearly articulated identity/access management (I/AM) strategy, linking physical and electronic identities. The goal of such I/AM policies and procedures should be to securely and seamlessly enable authenticated end users to access data and applications within an institution's extended network. Electronic identity is much more than just logon credentials — it encompasses everything institutions "know" about individuals and how that information is stored, shared, and utilized.

Robust I/AM strategies should be based on emerging standards and best practices — for example, public key infrastructure (PKI), digital certificates, tokens, federation, single sign-on, support for multiple devices, and the elimination of dependence on Social Security numbers. Institutions should establish clear credentialing processes for diverse constituencies including guests. They should also regularly inventory, audit, and revise directories and access rights.

Many campus I/AM strategies have their roots in e-mail systems, but the I /AM landscape now also includes portals, ERP software, learning management systems, and numerous other networked applications. Outsourced, hosted, and cloud computing solutions present new I/AM challenges. Although maintaining identity-credentialing systems on campus predominates, institutions are increasingly confronted with the reality and challenge of managing data stores and identity systems outside their direct control. This federation of identity facilitates the portability of identity information across security domains, including institutional, agency, and corporate service providers, yet it also increases the complexity of the I/AM solution. I/AM challenges in the world of permeable institutional networks include the management and support of multiple user IDs, passwords, and information repositories. Third-party applications vary in their ability to seamlessly integrate and share data with other applications in a federated I/AM environment. Institutions must weigh the pluses and minuses of using such systems and the costs associated with integrating identity and access solutions with them. The need for comprehensive I/AM strategies grows as networked teaching and research resources multiply, many of which require authenticated remote access. When identity credentials and other sensitive data are stored by third parties, institutions should require and carefully monitor service level agreements (SLAs) that guarantee the security of that data.

Critical questions for Identity/Access Management include the following:

• What is the institution's documented process for verifying the identity of individuals and linking physical and electronic identities?
• What standards, trust systems, or existing federations (e.g., InCommon) can be used to ensure that an institution can trust another institution's electronic identities?
• Are I/AM policies and processes adaptable and flexible to allow for changes in roles and access rights over time?
• How should institutions strike the balance between carefully managing identity and access and utilizing broadly distributed networked resources?
• Do current I/AM strategies account for federation and single sign-on with third-party hosted and cloud-based applications?
• How can institutions create stronger linkages between physical and electronic identities?

Issue #6 (tie): Disaster Recovery / Business Continuity

IT leaders have once again voted Disaster Recovery / Business Continuity as one of the top-ten IT issues of strategic importance. Business continuity (BC) — keeping the institution functional during and after a crisis — includes disaster recovery (DR), which encompasses the planning and activities needed to restore the institution to operational status. Sadly, it is often a catastrophe experienced by another institution that sends a strong reminder to all institutions that business interruptions can occur at any time and that preparation and planning should be well documented and tested before disaster hits.

To be effective, a comprehensive plan must define risks and the time-critical recovery priorities that are needed to restore the institution to both academic and business operational status after a disaster. The CIO's role is to be a DR/BC advocate, ensuring that the institution includes this plan as part of its regular planning process. Every campus department should be included in the plan in order to understand its own responsibilities to keep the institution functional in the event of an emergency. Training, documentation, simulation, and testing are all elements of a well-developed plan. However, given today's economic situation, many senior administrators might find that their institutions are not in a position to make a financial commitment to the DR/BC plans they develop. With budget cuts, furloughs, and hiring freezes, today's education institutions have had to make significant changes and adjustments to campus budgets just to make ends meet. CIOs must develop and implement a DR/BC plan that facilitates continuity and recovery of the institution's operations within the confines of a tight and restrictive budget.

Critical questions for Disaster Recovery / Business Continuity include the following:

• Who has responsibility for coordinating and maintaining the DR/BC planning? Are plans in place in case these individuals cannot be reached during an emergency? Are all critical departments at the institution involved in the planning?
• How will the DR/BC plan be financed, and is there a continuing entry in the budget for maintaining the plan? What activities of the plan are critical and must be kept within the realm of the campus budgets even in difficult financial times?
• Have likely threats that might cause disruption of the institution's operations been identified and potential mitigation factors explored?
• Has the institution conducted a risk-evaluation and business-impact analysis? Has it defined mission-critical systems that must be recovered immediately, and has it agreed to reasonable and acceptable times for other operations that are not as critical? Have acceptable workarounds or alternative processes been identified?
• Have backup and recovery sites been identified by the institution? Has the possibility of partnering with other local or regional organizations for sharing the cost of offsite storage or facility and equipment use been explored?
• Does the institution have a documented DR/BC plan for each mission-critical application? Have these plans been distributed? Have they been tested under realistic circumstances — or in theory only? What activities are needed to actually test the plans?

Issue #6 (tie): Governance, Organizational Management, and Leadership

Governance, Organizational Management, and Leadership continued as a top-ten issue of strategic importance this year, with a slow climb to #6 (tied) from #10 in 2007. CIOs are facing challenges that can be synthesized into three key points:

1. Given ongoing fiscal challenges, CIOs must focus on the wise stewardship and inclusion of all available resources, the appropriate restructuring of the IT organization, and the rationalizing and right-sourcing of the IT systems and service portfolio.
2. IT organizations must use project portfolio management to identify critical projects, establish true priorities, and ensure project alignment with institutional missions.
3. CIOs must build and maintain strategic partnerships, participate on key executive and campus committees, collaborate with peers across institutions, and develop new partnerships with state organizations.

Disruptive change calls for extraordinary leadership. Inventive leadership skills are needed to create the "new normal" for the IT organization. From a leadership perspective, CIOs continue to face difficult decisions due to the economic crisis. But with ongoing challenges from the consumer and "prosumer" markets, IT leaders recognize there are many available options for right-sourcing, including an internal organization or an external provider. Another option is to stop a service altogether. Maintaining the traditional organization — with the usual staffing, services, devices, and locations — will not position the IT organization for the "new normal."

IT organizations are likely seeing permanent systemic change. Budget constraints can no longer be handled with simple or temporary cuts; the elimination of budget "fluff" has already been accomplished. Significant service re-visioning and unprecedented resource alignment are now needed. These are very difficult decisions that require strong involvement from broad campus constituent groups in strategic partnership. Visionary leadership, coupled with strong collaboration and negotiation skills, is required.

CIOs must use the language that effectively connects information technology with the campus mission. They need to actively participate in strategic groups that are key to creating the future. The IT organization needs to be cognizant of external value measurements and public perception when building strategic partnerships with key constituent groups. Quality, efficiency, and effectiveness remain important objectives for projects selected for the project portfolio. CIOs need to connect to strong value structures during this time of disruption.

Critical questions for Governance, Organizational Management, and Leadership include the following:

• With ongoing increased scrutiny of budgets and priorities, what reusable and supportive frameworks can be developed with constituent groups and strategic partners?
• How can CIOs lead discussions about priorities using language and techniques that are amenable to broad campus constituencies?
• Are IT leaders seeking opportunities to understand quality, efficiency, and effectiveness in a wide institutional context and determining how technology might offer solutions?
• How can IT leaders influence external controlling bodies, such as boards and state-level governing agencies, about the importance of information technology and the significance for teaching, learning, and operations?
• How are IT leaders applying right-sourcing strategies and a rethinking of core services in alignment with the institutional mission?
• How are IT leaders thinking creatively about the "new normal"?
• What strategies will CIOs use to lead their organizations in new directions?

Issue #7: Agility, Adaptability, and Responsiveness

Identified as Change Management in surveys through 2008, the issue of Agility, Adaptability, and Responsiveness aptly describes the challenges that IT organizations face. Keeping one foot in the present and the other in the future is the charge to which IT organizations and leadership must answer. Cloud-based applications and services, such as Gmail, as well as sophisticated consumer technologies, such as smartphones that rival the features of laptop computers, are entering campus technological environments at unprecedented rates. As more stakeholders seek the flexibility, functionality, and convenience of these new devices and systems, IT organizations must strive to meet their evolving needs and expectations. Such changes in behavior not only impact traditional IT support models but also challenge deeply rooted institutional policies, business processes, and operational practices.

Further, many of the "efficiencies" that functional units seek to implement under strained economic conditions often involve technology; at the same time, IT organizations are seeking their own ways of responding to these financial challenges. Now more than ever, IT leaders need to be an integral part of campus-wide discussions to help avoid the inevitable conflicts that can arise when departments plan as silos or the subsequent "unfunded mandates." Having IT leaders present during institutional discussions and active in the decision-making process can allow the institution to discover even more efficient solutions to common problems. Institutions will be best served by IT organizations that have a clear vision of the future, a willingness and capacity for transformation, and a renewed ability to effectively communicate complex technological initiatives and opportunities to the institutional community at large.

Critical questions for Agility, Adaptability, and Responsiveness include the following:

• Are IT leaders integral to campus-wide discussions about the institution's needs to adapt and respond to the changing world? Do they fully understand the institutional context of the changes they are being asked to make?
• To what extent do other campus leaders view the IT leader as a strategic partner rather than simply a service provider?
• How does the IT organization foster a climate in which change is an integral part of its operational practice?
• Are IT leaders taking advantage of the tools available to them to gain an understanding of how others are addressing similar issues? Have they interacted with peers, using resources such as the EDUCAUSE Constituent Group listservs, to conduct quick surveys regarding specific issues?

Issue #8: Learning Management Systems

The learning management system (LMS) or course management system (CMS) has become increasingly more mission-critical at all levels of higher education, as evidenced by the move of Learning Management Systems from issue #10 of strategic importance in the 2009 survey to issue #8 this year. With the expansion of distance learning and the ubiquity of access to the Internet, educational institutions have come to rely on the LMS as the 24/7 engine that drives delivery of course content not only for online instruction but also for hybrid and web-enhanced courses.

But the LMS is not just a tool for delivering course content. At an increasing number of institutions, the LMS is a vehicle for providing online counseling and online tutoring services for students and has become the document-sharing repository and meeting space for faculty committees and student organizations. There is also a growing use of the LMS for instructional continuity during campus emergencies.⁴

The tools and features of the LMS have remained basically the same over the past few years, adhering to the familiar paradigm of managing course content and class communication. However, asynchronous discussions, synchronous chat sessions, blog and wiki spaces (to a limited extent in some LMSs), assessment delivery, assignment management, e-portfolios, and student activity tracking are now integrated in a majority of today's commercial and open-source LMSs.

Now that students and many faculty are familiar with social networking sites and Web 2.0 tools for creating and sharing content, however, the LMS may be perceived as inflexible and "cookie-cutter" in its method of organizing instruction. The LMS has also been described as falling behind in its ability to support the trend toward personalized learning environments.⁵ This is because the LMS has focused primarily on teaching efficiency and course management, perhaps at the expense of teaching and learning innovation, and has not taken advantage of new ways of interacting with content, ideas, and people.⁶

In addition to a growing awareness of the limitations of the traditional LMS, the economic recession and shrinking budgets are forcing educational institutions to take another look at their LMS options. The expense of licensing and hosting LMSs has prompted a growing number of CIOs to look for savings strategies by considering alternatives such as "dis-integrating" the learning management system⁷ and moving to more open-source applications and cloud systems for web-based learning.

It is also important to note the growth in various external modular applications that complement the LMS, enabling students to create a more personalized learning environment. These new applications have the potential to become the building blocks to a dynamic open learning environment that moves beyond the course-centric organization and stays with students throughout their academic career.

Critical questions for Learning Management Systems include the following:

• What strategy should the institution pursue for choosing among proprietary systems, open source, or cloud-based components? What are the actual costs to the institution of implementing an open-source LMS, including training and support?
• If a change will be made to a new system, what plan is in place to ensure the smooth migration of existing materials to the new system?
• Is there a need to choose between an LMS and a personal learning or open learning environment, or can there be an integrated approach?
• Does the institution have the development and support expertise either to utilize an open-source LMS or to integrate open-source components into a commercial LMS?
• What systems need to be integrated with the LMS: portal? e-portfolio? ERP? library resources? Does the LMS support the integration of these systems, and how will the integrations be managed?
• What strategies are needed to encourage those faculty who are resistant to new technologies to attend training and to consider innovative methods to enhance student engagement and promote learning outcomes?

Issue #9: Strategic Planning

Over the past eleven years, Strategic Planning has made the top-ten list of issues of strategic importance every year except for the last two (2008 and 2009). It reemerged this year as issue #9. Why the two-year hiatus, and why does Strategic Planning return in the 2010 survey? One possible explanation is that strategic planning is viewed as most important under two different sets of circumstances: when there is plenty of money to spend, and when budgets are so tight that the institution needs a plan to determine where to cut.

In the years 2002 through 2005, Strategic Planning was a top-five issue three times. During those same four years, budgets were generally in good shape. Strategic Planning dropped to issue #7 in 2006 and then to #8 in 2007, before disappearing altogether from the top-ten list for the next two years. Interestingly, during this four-year period, budgets were in trouble. However, it was not until this past year that the true depth of the budget crisis was felt by every level of higher education. The fact that Strategic Planning is back on the list this year may imply a recognition that a comprehensive strategy is necessary both to determine where cuts must be made and where targeted IT investments could help dampen the effects of the budget crisis across the institution.

Critical questions for Strategic Planning include the following:

• Have IT leaders begun a technology planning process, and have they obtained support from the institution's executive and faculty leadership for the plan? Is IT planning and budgeting aligned with the institutional plan and budget?
• What will the value proposition and value framework be for information technology to deliver institutional benefits that would not exist without the outcomes of the planning process?
• Are the planning process and the resulting outcomes flexible and adaptable to changing circumstances once the plan is in place and implementation begins?
• What metrics of success are built into the plan so that there are objective measures for use by members of the campus community to determine for themselves the progress and success of the plan?
• Is there a balance between short-term "low-hanging fruit" projects with early deliverables and medium- and longer-term initiatives?
• Is there an aggressive communications program in place to inform stakeholders in the campus community of the milestones reached and the progress made in the development and then in the implementation of the plan?

Issue #10: Infrastructure/Cyberinfrastructure

Infrastructure/Cyberinfrastructure ranked #4 among issues of strategic importance in last year's survey. This year, economic concerns may have slowed the pace of advanced infrastructure implementations. With the maturing of cloud computing offerings, many institutions are exploring the idea of outsourcing services to the cloud. Yet campus networks remain a critical part of the infrastructure, both as a means to deliver local services and as a way to enable access to the cloud. Institutions still need to support a growing campus infrastructure that is now more likely to include a fully built-out wireless network in addition to a mature wired network; a robust, redundant network core; and secure firewalls guarding the institution's edge as well as protecting internal applications. Fast, reliable access to the Internet continues to be essential due both to the proliferation of external services being used for learning management and other communications and to the insatiable demand for bandwidth-intensive applications (e.g., streaming video), which are becoming essential for many campus needs. As a result, routine bandwidth increases are clearly the norm, requiring more sources of funding. The growing adoption of smartphones and handheld wireless devices on campus means not only managing an increasing number of internal network access points but also ensuring that carrier wireless networks are fully covering the campus. A focus on green computing initiatives will continue, due in part to costs but also to institutional climate commitments.

Critical questions for Infrastructure/Cyberinfrastructure include the following:

• Does the institution have a fully developed plan for maintaining the campus network (both wired and wireless)? Does the plan include the necessary improvements that will need to be made over the next three to five years to meet customer demand for bandwidth and services? Does it take into account mobile devices?
• What metrics are being used to ensure appropriate network performance and reliability?
• How are privacy and regulatory concerns (e.g., FERPA, HIPAA) being managed, both with internal applications and networks and with external providers?
• How does the IT organization preserve a branded IT identity with a combination of onsite and externally hosted services?
• What decisions need to be made with respect to supporting user-supplied devices on the campus network, and how will those decisions and results be articulated and enforced?
• Does the institution's membership in regional and advanced network consortia ensure the proper level of access to support the high-performance networking needed by constituents?

Conclusion

For the first time, the EDUCAUSE Current Issues Survey this year asked IT leaders to look beyond the annual timeframe of the survey. In the 2010 survey, IT leaders were asked to articulate issues of potential significance in the future. The following were among the topics that IT leaders identified as emergent:

• Succession Planning. Although the financial downturn may have delayed the retirement of existing higher education leadership, within the next five years significant changeover at the highest level will occur.⁸ IT leaders must prepare staff and institutional C-level management for leadership transition.
• New IT Core Competencies. With the advent of so many outsourced services, IT staff skills that were previously pervasive (e.g., systems administration) will need to be redirected to different competencies (e.g., application integration and provisioning solutions). Indeed, the EDUCAUSE issues brief The Evolution of the CIO states: "Negotiating, contracting, and working with suppliers has grown significantly and will increase further as institutions move to above-campus sourcing."⁹
• External Partnerships. IT organizations will need to leverage traditional, nontraditional, and regional partnerships in order to successfully and more efficiently deliver existing and new services to campuses.
• Analytics. The need to demonstrate efficiency and effectiveness and to identify areas for improvement by using data from administrative systems will become more critical as IT funding constraints evolve into the institutional norm.

Similar to the top-ten issues of strategic importance in 2010, these developing concerns reflect the tension between needing to keep operations running efficiently and needing to plan and prepare for an uncertain future. Indeed, the 2010 EDUCAUSE Current Issues Survey clearly reveals that societal, demographic, and economic changes have converged at unprecedented speed to create a higher education environment very different from that of a few years ago. What are the implications for current and future IT leaders? A recent CIO study conducted by IBM argues that successful IT leaders should think about framing this tension along three seemingly contradictory but in fact complementary pairs of roles: (1) an insightful visionary and an able pragmatist; (2) a savvy value creator and a relentless cost cutter; and (3) a collaborative business leader and an inspiring IT manager.¹⁰ Current and future IT leaders in higher education must adapt to and also balance these new demands — by remembering lessons from the past, by using the top-ten IT issues of strategic importance as a guide for the present, and by noting the emergent issues while planning for the future.

1. Of the 1,909 EDUCAUSE primary member representatives who received an e-mail invitation to complete the survey, 424 (22%) responded.
2. Complete details of the 2010 Current Issues Survey are being published online, on the EDUCAUSE 2010 Current Issues website <http://www.educause.edu/2010IssuesResources/>.
3. "Ponemon Study Shows the Cost of a Data Breach Continues to Increase," press release, PGP Corporation, <http://www.pgp.com/insight/newsroom/press_releases/2009_annual_study_cost_of_data_breach.html>; "Data Breaches: The Insanity Continues," Identity Theft Resource Center, press release, January 8, 2010, <http://www.idtheftcenter.org/artman2/publish/lib_survey/ITRC_2009_Data_Breaches.shtml>.
4. I. Elaine Allen and Jeff Seaman, "Learning on Demand: Online Education in the United States, 2009," Babson Survey Research Group and The Sloan Consortium, January 2010, <http://www.sloan-c.org/publications/survey/pdf/learningondemand.pdf>.
5. Niall Sclater, "Web 2.0, Personal Learning Environments, and the Future of Learning Management Systems," EDUCAUSE Center for Applied Research (ECAR) Bulletin, vol. 2008, issue 13 (June 24, 2008), <http://www.educause.edu/ir/library/pdf/ERB0813.pdf>.
6. Jon Mott, "The Genius of 'And': Reconciling the Enterprise and Personal Learning Network," EDUCAUSE Learning Initiative (ELI) annual conference, Austin, Texas, January 20, 2010, <http://educause.mediasite.com/mediasite/SilverlightPlayer/Default.aspx?peid=29421747f419474c82268c040956d410>.
7. Lanny Arvan, "Dis-Integrating the LMS," EQ, vol. 32, no. 2, 2009, <http://www.educause.edu/library/eqm09211>.
8. Philip J. Goldstein, "Leading the IT Workforce in Higher Education," EDUCAUSE Center for Applied Research (ECAR) Research Study, vol. 7, 2008, <http://www.educause.edu/ECAR/LeadingtheITWorkforceinHigherE/163201>.
9. The Evolution of the CIO, an EDUCAUSE issues brief, October 2009, p. 2, <http://www.educause.edu/Resources/TheEvolutionoftheCIOAnEDUCAUSE/188629>.
10. The New Voice of the CIO, IBM Global CIO Study, December 2009, <http://www-935.ibm.com/services/us/cio/ciostudy/>.