150 likes | 155 Vues
Data, Policy, Stakeholders, and Governance. Amy Brooks Enterprise Directory Project Director University of Michigan – Ann Arbor akbrooks@umich.edu. The University of Michigan. Research I Institution 19 Schools and Colleges 21 Libraries 3 Campuses and Major Medical Center
E N D
Data, Policy, Stakeholders, and Governance Amy Brooks Enterprise Directory Project Director University of Michigan – Ann Arbor akbrooks@umich.edu
The University of Michigan • Research I Institution • 19 Schools and Colleges • 21 Libraries • 3 Campuses and Major Medical Center • Identity Management for • 100,000 Campus users (40,000 A2 students) • Worldwide collaborators, prospective students • Portion of 425,000 living alumni • Representing the Big Schools 2
Enterprise Directory Services • Outgrowth of previous campus working group • Team formed in February 2004 • Charge to Team • Determine campus needs • Define scope of EDS and resource needs • Develop business case and funding proposal • Develop a plan for campus governance • Define an architecture, recommend software • Determine campus commitment 3
What we Learned • Campus requirements - we want more than a Directory! • Fix problems with Identities • Provide better, more timely data • Provide roles information • One stop directory data shop • The service is the key - provisioning • How soon can we have it? 4
The Identity Management Component • Current Environment – Uniqname System • Key is SSN – violates our own policy • Difficult to create identities for international visitors • Not tied directly to our UMID (primary identifier in PeopleSoft) • Not tied to our authoritative data source for students, faculty, staff • Basic biographical data not collected • No formalized controls, standards, or training for uniqname administrators 5
Future Identity Management • Included in Enterprise Directory Services (no single directory) • Allow for distributed creation of identities with minimal set of bio data • Must not require a physical presence • Must allow for creation of identities for loosely affiliated people • Must not allow duplicate entries for individuals • Allow for expiration of identities if desired • Work with existing authoritative data sources and regional campuses 6
What about Data? • It’s all about the Data! • Leverage our integrated data infrastructure • Get more data to the campus and faster • The current environment is ugly – data feeds are everywhere • Departments have to deal with data discrepancies • Solution? Create their own directory (not a good thing) 7
How about Policy? • Build on existing policy (if you have it) • Data management policies • Privacy policies • Access management processes • Data precedence setting (if you’ve implemented an ERP you’ve already dealt with this) 8
Stakeholders? • They’re everywhere (even in surprising places) • Data managers/stewards • System Administrators • Registrars, Human Resources, Alumni/Development • Students, Faculty, Staff, Alumni • Help Desks and Accounts offices 9
Engaging the Stakeholders • Talk to the campus – discover requirements • Publish materials • Town Hall meeting – showing the sausage making • Governance Board for Enterprise Directory Services 10
And Finally - Governance • Who should help Govern? • Data stewards from each major data area • Registrars from all 3 campuses • Office of Development (Alumni) • Representatives of major IT areas • Representatives of Schools, Colleges, others • Core Board with advisory group • Existing Privacy Committee 11
What will they Govern? • Board Responsibilities • Who is in Directory? • Where is the authoritative data? • What data and what source takes precedence? • What is user modifiable? • Who gets to see what? • How is data maintained? 12
Board Responsibilities (continued) • Who can create identities • What are the minimum standards for creation? • Who can update entries? • Who can have higher level access? • What training is required? • Define institutional roles • Determine priorities • Apply funding model for centrally funded versus unit-funded enhancements 13
Not in the Board’s Purview • Defining or approving technical architecture • Selecting hardware • Selecting software • Defining directory schema 14
What about Data, Policy, Stakeholders and Governance for Large Institutions? • Multiple authoritative data sources (3 ERPs) • Hordes of stakeholders • Decentralization makes decision making difficult – crossing the cultural divide • Making the case for Enterprise Directory and Identity Management (case studies) • Not just $$$ but saved opportunity • Who is the caretaker for the IdM/EDS? 15