Blog

Higher Education Innovation In Action

  • Registrars: Consider Adding an Information System Specialist to Your Team

    by Natalie Spooner, Sales Consultant | Feb 20, 2017

     
    When campus technologies change, Registrars are often the first to feel the growing pains. Converting from legacy software takes time, and new tools don’t always do everything you need right out of the box. That’s why it’s helpful to have someone on your staff who can work with your student information system to run ad hoc reports, manage bolt-on solutions, and bridge communication between your department and IT personnel.

    Enter the Information System Specialist (also sometimes known as a “Student Information System Specialist” or “Information Systems Technician”). This position is not new, but it is becoming increasingly more important in an era where budgets are shrinking and technology continues to grow at a rapid pace. As a former Registrar, I’d like to share my insights and advice on the particular skills you should look for in an Information System Specialist, in addition to some bigger-picture considerations.

    Technical skills. Although the ideal candidate for this position does not need to be a diehard programmer, he or she should at least have a solid aptitude for technology. Some of the “hard skills” for this position include:

    • Expertise in word processing and spreadsheets
    • A working knowledge of database programming
    • Experience running and modifying reports
    • A solid understanding of data analysis (whether from coursework or direct experience)

    Soft skills. The so-called “soft skills” for this position are just as important as the hard skills. Analytical and problem-solving skills are desirable, but more than that, this individual should be proactive and be able to work independently to improve technological efficiency within your office.

    Think of an Information System Specialist as a liaison between you and the IT department (and in some cases your technology vendors). Be sure to look for excellent written and verbal communication skills, especially an ability to translate technical concepts into plain English. An understanding of both the inner workings of a Registrar’s Office and the IT department would be helpful as well — at the very least a job candidate should demonstrate an ability to adapt quickly to your day-to-day needs and routine.

    Additional considerations. Spring is right around the corner, and many institutions are about to start planning for their next fiscal year. If you’re thinking about adding an information system specialist to your staff, consider lobbying for this position to be part of your budget. A dedicated role would be ideal because of the highly specialized work your office performs. However, this is not always possible due to budget constraints, and instead you may have to share the position with IT or enrollment management. You might also consider asking an existing member of your staff to take on this role in addition to his or her other responsibilities.

    If you’re a Registrar who has experience working with an Information System Specialist, or if you’re planning to hire one, we’d love to hear from you!

  • What Brought You To Higher Ed? - Survey

    by Mindy Starcher, Vice President | Feb 10, 2017

     
    Whether they call you a “Student Records Director,” “Enrollment Management Director,” or “Registrar,” your job is to supervise the student records office – and it’s likely that you juggle many other tasks besides that. It’s also likely that you found your way into your current position through some other career path. We’ve heard many stories from registrars over the years about their diverse backgrounds – from unusual postgraduate degrees (a PhD in Sanskrit) to completely unrelated jobs (University Groundskeeper).

    Now we’d like to pose this question to the registrars in our blog and newsletter audience: What brought you to Higher Ed?

    Please tell us your story (the link below will take you to a quick and easy form on Survey Gizmo). We’ll publish your responses in a blog post next month.

    How did you find your way into Higher Ed? 

    We look forward to hearing from you!

  • Credentials Explains: What is SOC 2?

    by Rose Addison, Manager of Documentation & Training | Feb 01, 2017

     
    SOC 2® is the next generation of globally recognized SAS 70 auditing standards, which were set forth by the AICPA in 1992 and centered around financial reporting.[1] As the Internet grew and cloud computing and web services became ubiquitous, the AICPA updated its standards to meet the needs of the information age and its new business models.

    Today, many universities automate or outsource administrative tasks: student portals, transcript orders and degree verification are just a few examples. While transcripts on demand and round-the-clock access to information are certainly convenient for students, the decentralization of data increases the risk for its exposure. SOC 2 is designed to mitigate this risk through independent auditing of technology service providers (also known as “service organizations”) and their systems.[2]

    Trust Services Principles

    A SOC 2 Report is performed by a certified, independent auditor (e.g., an accounting firm), and focuses on a set of Trust Services Principles, including:[3]

    • Security – Both physical and virtual access to systems and data are protected from unauthorized users
    • Availability – Products and/or services are available for use as set forth in the vendor agreement
    • Processing Integrity – A system works the way it’s supposed to: login credentials are verified, transcripts are processed on time, accurate results are returned, etc.
    • Confidentiality – Sensitive information is kept secure as agreed in the vendor contract and in compliance with any regulatory standards
    • Privacy – The disclosure, retention and disposal of personal data complies with Generally Accepted Privacy Principles (GAPP) that are published and maintained by the American Institute of Certified Public Accountants (AICPA) and CPA Canada

    An Extra Layer of Assurance

    Universities are ultimately responsible for any and all data breaches, and though they may already have a set of requirements in place for their service providers, SOC 2 certification offers an extra layer of assurance. A wide range of vendors – from cloud storage firms to SaaS (“Software as a Service”) companies – may voluntarily undergo a SOC 2 audit. Upon successful completion and certification, audits are typically performed on an annual basis.[4]



    [1] Evolution of SAS 70 to SOC Reports. (2012). American Institute of Certified Public Accountants (AICPA). Retrieved from https://www.aicpa.org/interestareas/frc/assuranceadvisoryservices/downloadabledocuments/sas70_soc_reportsinfographic.pdf 
    [2] Service Organization Controls (SOC) Reports for Service Organizations. AICPA. Retrieved from   https://www.aicpa.org/InterestAreas/FRC/AssuranceAdvisoryServices/Pages/ServiceOrganization'sManagement.aspx
    [3] Explaining SOC: Easy as 1-2-3. (2012). James C. Bourke, AICPA. Retrieved from https://www.aicpastore.com/Content/media/PRODUCER_CONTENT/Newsletters/Articles_2012/CPA/Jun/Easy123.jsp      
    [4] Expanding Service Organization Controls Reporting. (2011). Chris Halterman, Journal of Accountancy. Retrieved from http://www.journalofaccountancy.com/Issues/2011/Jul/20103500 

  • ERP Worst Practices

    by Josh Hoagland, Vice President | Jan 17, 2017

     
    When it comes to ERP practices, there are some definite no-nos. Avoiding these potential pitfalls will save you time, money, and headaches in the future and allow you to work smarter, not harder.

    One Size Fits All Thinking

    Don’t try to make your ERP solution fit all your current business practices. Allow yourself, and your team, to correct broken processes and replace them with current, system-enabled, advanced models. Presumably there will be some resistance along the way but really ask yourself (and others), is there another valid reason to keep said practice in place other than “we’ve always done it that way.”?

    Avoiding Documentation

    Believe me. We get it. Documentation is tedious, time-consuming, and often falls to the bottom of the to-do list, however, it is immensely important to the health of your ERP system and your department’s success. If your institution has allowed for modifications to be made to your ERP, make sure correct documentation is provided so that system upgrades don’t become a hassle.

    Trying to Do it All Yourself

    ERPs can be tricky so sometimes you need expert advice to get the job done. Justifying bringing in specialists is most likely already a tedious battle so make sure you have (in writing) a straightforward exit strategy planned for any outside consultants. Consulting gets expensive and the next time you need a specialist, you don’t need to up the ante in a conversation that’s hard enough as it is. 

    Data in the Wind

    Data conversion is a challenge. Is it cost effective to push all data online? Does it make sense to add older data to the Student Information System as needed? Who is responsible for ensuring the data is correct? Create a plan of attack when it comes to legacy data and define standard operating procedures for how you’re going to handle it.

    Trying to Please Everyone

    Recognize out of the gate that you can’t please everyone. You’re going to have to say no more often than you may care to but trying to make everyone happy with ERP solutions will most likely equate to a rapid amount of modifications. Modifications are going to cost your institution more money and will most likely be harder to keep current as future system upgrades take place. Think about the big picture (and circle back to our first point).

    Allow your ERP to work for best for you and your organization. Check out our other post, ERP Best Practices.

  • ERP Best Practices

    by Josh Hoagland, Vice President | Jan 17, 2017

     
    We can all use a little guidance now and then, especially when it comes to ERP best practices. Consider the following tips to promote a culture of engagement and reduce stress along the way.   

    Phone a Friend

    Your ERP vendor can provide you with the names of institutions similar in size and complexity. Open lines of communication throughout the Higher Education community will help you consider new solutions to old problems and may save you from suffering through similar trials and tribulations.

    Consider asking these questions of peers at other institutions:

    • Have you modified your systems and if so, how?
    • Have you lived through a legacy to ERP migration? What worked and what didn’t?
    • Have you lost any tools when transitioning from a legacy to ERP system? If so, how has this affected your workflow?
    • What workarounds have you created for utilizing your ERP with standard, out-of-the-box usage?    

    You might even consider more specific questions like these:

    • What processes do you have in place when role-based access permissions need to change?
    • Do you have defined standards in place for adopted middleware?
    • How do you deal with passwords and password management?
    • What data standards have you applied?

    The Gold Standard

    If you don’t already have defined data standards, consider their importance. A cross-functional committee can help you emphasize clean data while considering different departments’ needs. Once implemented, evaluate to ensure data is stored in proper fields, tables, and databases and that records are not missing, incorrect, or duplicated. Revisit any cumbersome nuances discovered and re-train, when needed.

    Crystal Clear Persuasion

    Ensure everyone understands what they need to do and where they need to do it. For example, be sure to clearly define new processes and structure such as new budget approval procedures, centralized locations of documentation, and electronic form use versus paper use. If you’re met with resistance to said changes, consider providing examples on how the new and improved way will help everyone access accurate information faster and improve workflow.

    Teach a Man to Fish

    We all know the importance of education, so remove gaps in knowledge by providing ERP training and mentorship at all levels. Using our examples above, once you’ve defined the process and documented it, spend the time and resources teaching the preferred formats. Be sure to allow the time it takes for people to get comfortable with new guidelines, allow room for error, and consider refresher courses or inter-departmental training as well.

    Dear Diary

    We talked about failing to put it in writing in our ERP Worst Practices blog posting. Good documentation is so important, we’re really driving this point home. If your ERP system has been or will be customized, be sure to document all modifications. As ERP system upgrades are made and versions come and go, you’ll be glad you took the time to document all the specific nuances.

    Remember, practice makes pattern, not perfection. Adopting these best practices may benefit you in more ways than one but allow time for change to settle in.