ICT Futures Summary EXECUTIVE BRIEF

ICT Futures Summary EXECUTIVE BRIEF

STRENGTHS SWOT Summary 17 meetings across the NMSU system Total of 945 responses Coded into 7 categories: 1. Cyber/Data Security 2. Services 3. Workforce (28% of all responses) 4. Funding 5. Organizational Structure 6. Infrastructure 7. Governance WEAKNESSES TOP THREE Workforce (44%) Services (28%) Infrastructure (13%) TOP THREE Governance (20%) Infrastructure (19%) Workforce (19%) BOTTOM TWO Governance (3%) Funding (3%) BOTTOM TWO Services (12%) Cyber/Data Security (1%) OPPORTUNITIES THREATS TOP THREE Infrastructure (27%) Governance (24%) Workforce (20%) TOP THREE Workforce (25%) Governance (19%) Infrastructure (16%) BOTTOM TWO Organizational Structure (10%) Services (8%) BOTTOM TWO Cyber/Data Security (12%) Services (5%)

ICT Futures Process Kick Off: First week of March 2021 Included Core Working Team supported by 9 Tiger Teams External CIO Assessment Report ICT Futures Team Strategic Support Team Provided: Project Management / Strategy Coordination / ProblemSolving Information dissemination Organizational Structure and Work Environment Getting to the Cloud/Physical Security ICT Strategic Planning ICT Operations Systems Integration and Needs Risk Management, Privacy, and Security Institutional Data User Experience Budget, Finance, Business Model Tiger Teams

Tiger Team Recommendations Improving Internal Business Practices Process Improvement Create business process redesign capability to conduct analyses and create alignment across the NMSU system and champion a process improvement and process documentation. TIGER TEAMS CLOUD / PHYSICAL SECURITY SYSTEMS INTEGRATION INSTITUTIONAL DATA Customer Service & Communication Identify a dedicated ICT communication resource reporting to the CIO who, as a designated member of the ICT leadership team, is charged with developing and executing a strategic communication plan. IT OPERATIONS ORGANIZATIONAL STRUCTURE AND WORK ENVIRONMENT

TIGER TEAMS Tiger Team Recommendations Build Organizational Capacity Organizational Structure Establish an effective and efficient org structure that can be sustained over time. Risk and Information Security ORGANIZATIONAL STRUCTURE AND WORK ENVIRONMENT SYSTEMS INTEGRATION Create dual reporting line for Chief Information Security Officer (CISO) to the Regents Audit and Risk Committee (RARC). Create reporting lines between community college IT Directors and the CIO. Create I&G funding to facilitate the addition of essential positions. INSTITUTIONAL DATA Project Management Identify PMs within the IT units at all four community college campuses. Establish a future-focused project management office. IT OPERATIONS Institutional Data Relocate the OIA office to report directly to executive leadership. Increase number of staff (FTEs) in OIA to reflect peer organization staffing. Establish and fill a senior level position overseeing OIA. Create an IT Operations Work Unit with sub-departments for Customer Service & Support Operations, Application Development Operations, Infrastructure Operations, and Enterprise Managed Service Operations. Create a business relationship management function and professional track dedicated to customers outside of the IT operations work unit. IT Operations RISK MANAGEMENT, PRIVACY & SECURITY

TIGER TEAMS Tiger Team Recommendations Build Organizational Capacity Work Environment Invest in IT staff. Design a comprehensive training and development program for ICT employees, inclusive of development in the areas of leadership, employee engagement, and customer experience. Create a workforce development plan for ICT staff. Sourcing Catalog all ICT applications and identify vendor versus locally developed applications and services. For locally developed solutions, include a support and replacement strategy that includes as a priority, vendor supplied solutions. For existing vendor supplied solutions, monitor the marketplace for new or enhanced options. Inform decisions to adopt vendor developed solutions. ORGANIZATIONAL STRUCTURE AND WORK ENVIRONMENT IT OPERATIONS RISK MANAGEMENT, PRIVACY & SECURITY

Tiger Team Recommendations TIGER TEAMS IT OPERATIONS Securing resources (funding, time, space, etc.) Enhanced Financial Support Tie budgets to priorities and planning decisions, rather than units in ICT. Fund the cost of Enterprise Applications and widely used software packages offthe-top, allocating I&G funds to this before other allocations occur. Expand the Communications Rate to a Technology Support Rate and eliminate recovery of costs through secondary rates wherever possible and build an allowance for those costs. Increase ICT operating funding by 1- 1.5M over time. Provide funding to eliminate backlog in network equipment maintenance. Identify allocations needed for other key areas within ICT to determine feasibility of increase Information Security budget to 6-8% of total IT budget. RISK MANAGEMENT, PRIVACY & SECURITY BUDGET, FINANCE AND BUSINESS MODEL

Tiger Team Recommendations TIGER TEAMS IT OPERATIONS Develop an effective IT Governance Model Governance Create an effective strategic IT governance framework to include the “right” people, timeline, and budget. Adopt a “buy versus build” strategy that includes a cloud-first principle. Develop and publish IT Operations business and efficiency KPIs to track success, identify opportunities for improvement and demonstrate how IT can support NMSU and improve its ability to meet strategic targets. Adopt organizational design principles to help guide governance and reorganization efforts, leveraging vision and mission statements to help communicate aspirations. CLOUD / PHYSICAL SECURITY RISK MANAGEMENT, PRIVACY & SECURITY

Funding Gap current funding gap is 5-7% above current spending levels. Bottom Line: The dollars necessary to bring staffing up to minimal levels required to support the services that ICT currently delivers is between 1M - 1.5M. The gap does not include equipment replacement costs. As an example, ICT has a 1.6M backlog of network equipment which needs to be replaced. Only 205K in HEERF funds are allocated to address this need. Reference Points Distribution of vacancy dollars FTE gaps for current services (re: Transforming Team 3 project) HelioCampus benchmarking

ICT Strategy Map for 2021 – 2026 MISSION VISION ICT provides leadership and access for NMSU faculty, staff and students services and high-quality technologies that meet our teaching, research and service missions ICT aspires to be a strategic, thoughtful and trusted partner in creating innovative solutions Crimson is priority VALUES Outstanding service Accountability Communication Innovation Trustworthy Proactive Collaboration Agility Integrity Security FOCUS ON WHO WE SERVE (STUDENTS, FACULTY, STAFF, CAMPUSES) Create a one stop approach to meeting student, faculty and employee service needs Enhance the user experience across the system IMPROVING INTERNAL BUSINESS PRACTICES Maximize enterprise solutions, including cloud opportunities, to inform data-driven decisions Improve business processes, manage projects and measure efficiency and effectiveness Build system capacity and user expertise, including training Improve communication and responsiveness BUILD ORGANIZATIONAL CAPACITY Increase investment in keeping NMSU cyber safe Optimize IT Organizational Structure Invest in staff recruitment, development, cross training, pay, and career advancement SECURING RESOURCES (FUNDING, TIME, SPACE, ETC.) Invest in up-to-date technology Create sustainable business model and identify funding sources Develop an effective IT Governance Model, including strategy, prioritization and funding Create and implement risk management structure (DRAFT 6/8/21)

Next Steps Strategic Priority Actions Process Improvement Establish a business process redesign capability to conduct analyses and create alignment across the NMSU system and champion a process improvement and process documentation. Customer Service & Communication Identify a dedicated staff member to take on the ICT Communication role. Organizational Structure Advocate for additional ICT staffing and operations investment from NMSU system. Identify current trained PMs within the system. Perform an ICT staff skill assessment to identify potential FTEs that may be leveraged to fill new position needs or service roles. Work Environment Develop a plan to address retention within the ICT organization. Complete staff salary assessment for ICT positions. Sourcing Catalog all ICT applications and identify vendor versus locally developed applications and services. Enhanced Financial Support & Allocation Develop a 5-year business plan for ICT that proposes how to transition changes in funding mechanisms and how to build up required resources. Identify allocations needed for other key areas within ICT to determine feasibility of increase Information Security budget. Governance Establish an IT Governance council membership and process with NMSU system stakeholders and ICT expertise. Determine baseline business KPIs including the percentage of resources dedicated to key capabilities and percentage of resources dedicated to strategic priorities and initiatives. Budget Assess the implications for budgets and funding recommendations and conduct a review of Helio and other comparative information in more depth to refine estimates of staffing gaps. Timing