Although at this point Law has no plans to use this service, we reserve the right to create a customized SLA specific to our needs with mutually-agreed upon consequences for both Law and UNM IT.
Cyndi Johnson

Although at this point Law has no plans to use this service, we reserve the right to create a customized SLA specific to our needs with mutually-agreed upon consequences for both Law and UNM IT.
Cyndi Johnson

Two things:
1) Page 3, 2.1.1 End-User Requirements, bullet 3 referencing password standards. Since the reality is that many people use either INB or Opinio, it would be prudent to include a bullet point stating that while you can use several special characters, use of INB or Opinio limits you to just _ and #

2) Page 4, 3.1 UNM Responsibilities – Buttle 5 re: deleting NetID accounts. Current policy is that UNM Retirees keep their NetIDs indefinitely. as per http://it.unm.edu/accounts. The SLA states that they are set to inactive after separation. I assume that being set to inactive is not what happens when someone retires?

Cyndi

Echoing Elisha and Greg, I’m a little confused about the whole concept of the Enterprise services. Are these SLAs being written because there is a mandate that everything considered Enterprise must only be offered by Central IT or is there an exception process by which a unit/department can maintain their autonomy, perhaps by meeting a standard (which at this point, doesn’t exist)? When I look at the list of Recommended Enterprise Services (which I understand are now accepted/approved, not simply recommended) as documented in the Business Model memo dated 10/7/15 from the Main Campus IT Strategic Advisory Committee to the Main Campus IT Executive Governance Committee, I see 26 services, many of which could well have multiple sub-services, covering a multitude of areas. As an example, Individual Software Purchases, Mobile Device Management and Web Page Development are all listed. It’s hard for me to wrap my brain around these services being only offered via an Enterprise model. Can someone please clarify?

Thanks,
Cyndi Johnson

I have concerns about the SLA process. The ones I’ve read so far are too general with a significant amount of boilerplate language simply carried from one SLA to the other. Although I understand that the timeline was set by President Frank for SLA generation, it’s not clear to me that the President set the timeline for the comment period. It seems highly unlikely that busy IT employees have the time to read, consider, and respond to these critically important documents. Several of the SLAs will need tweaked to satisfy specific departmental needs and that language needs built into every SLA produced during this process. However, my biggest concern is the lack of consequences if the terms of the SLA are not met. I attended an IT UNM meeting last fall where the CIO spoke about SLAs back when SLA generation was to be a collaborative effort with involvement from IT Agents and others from the UNM IT community. When asked about consequences if the SLA terms were not met, the CIO’s response was that people would lose their jobs. Perhaps the CIO didn’t anticipate that meeting attendees would have questions about consequences but such a superficial reply to a serious question is troubling to me. The bottom line is that there needs to be specific, well-defined consequences for not meeting the SLA terms for both the customer and Central IT on every SLA.
This particular SLA has serious issues and needs work but others have commented on the specifics. I simply don’t have time to do so right now and therefore am limiting my comments to the overall process.

• This reply was modified 8 years, 3 months ago by cdean.

I have concerns about the SLA process. The ones I’ve read so far are too general with a significant amount of boilerplate language simply carried from one SLA to the other. Although I understand that the timeline was set by President Frank for SLA generation, it’s not clear to me that the President set the timeline for the comment period. It seems highly unlikely that busy IT employees have the time to read, consider, and respond to these critically important documents. Several of the SLAs will need tweaked to satisfy specific departmental needs and that language needs built into every SLA produced during this process. However, my biggest concern is the lack of consequences if the terms of the SLA are not met. I attended an IT UNM meeting last fall where the CIO spoke about SLAs back when SLA generation was to be a collaborative effort with involvement from IT Agents and others from the UNM IT community. When asked about consequences if the SLA terms were not met, the CIO’s response was that people would lose their jobs. Perhaps the CIO didn’t anticipate that meeting attendees would have questions about consequences  but such a superficial reply to a serious question is troubling to me. The bottom line is that there needs to be specific, well-defined consequences for not meeting the SLA terms for both the customer and Central IT.
2.1.3 – Bullet 2 – “All services and devices…”. Audio conferencing devices (ie, “Polycom”) units should be explicitly excluded from being purchased through UNM IT if they are supported by departmental IT.
3.1 Bullet 8 and 3.2 Bullet 2 – Both pertain to the Pinnacle billing system. Pinnacle desperately needs an update. For example, the Reports/Usage by Org shows all reports that have ever been generated. For one of our orgs, those date back to 2004. Since we are required by policy to look at the reports monthly, that’s 144 reports that I must scroll through in order to run a report for the current month. Additionally, the departmental reports listed within the My Reports tab are useless. The Auth Codes by Index does NOT return the current/active codes. I was told by someone within Telecomm that there isn’t a way to determine what codes are deployed and that I should look at the monthly reports to see if they are used. That obviously is not a good answer for codes that are not regularly used or were assigned to employees who have left either the department or UNM. Although Networking isn’t covered by this SLA, they also use Pinnacle for their billing. There is no relationship between a service desk ticket number, the actual work order number, and the Pinnacle report. When a charge appears, the only way to determine what it’s for is to have someone in Central IT decipher what job was billed. Please consider updating the billing system.

3.2 Bullet 9 – The policy for provisioning long distance codes needs changed so that departmental IT can take on the role and responsibility for tracking actual long distance codes, not just the Auth Code. It seems silly that we are entrusted to manage PII and other sensitive data yet we can’t be trusted to manage long distance codes. If a user forgets their code, a ticket must be submitted to the service desk yet the user must have needed to place a long distance call right then, or they would not have been trying to use their code. It seems obvious to me that they will simply “borrow” someone else’s code in spite of that being a policy violation. If departmental IT is provided with the LDC and Auth Code, the user can simply call the local help desk and can use their personal code for the call(s).
Cyndi Johnson
School of Law