On March 24, 2010, Jim Davis, as chair of UC's IT Leadership Council, requested that the ITAG produce a report for the ITLC containing the following:
A planning group was formed in June to address these issues. The membership represents ITAG, the UCTrust Work Group, and the ITLC's project management office:
We propose the design, development and implementation of an infrastructure that provides multi-campus applications with identity information about their users from any UC location. The first two such applications might be:
As illustrated in [User Provisioning Use Cases|ucprovisioning:User Provisioning Use Cases], this infrastructure addresses a pain point that has plagued nearly every UCTrust-integrated application: the need to create records within the application for the authorized users. The Connexxus travel booking system and the SumTotal training management system are both examples of applications that could have benefited from this project. By implementing now, we curb the continued proliferations of ad hoc user data provisioning solutions in the applications that might be deployed as part of the Regents' administrative efficiency initiative.
A high-level technical and organizational design of this infrastructure is presented in User Provisioning High-Level Design. We also present the High-Level User Provisioning Project Tasks required to build this infrastructure, including
As can be seen in High-Level User Provisioning Project Tasks, we anticipate completion of the first two phases of this project in 15 months to develop and deploy the software at the first two campuses, assuming 7 FTE can be assigned to the project. For the third phase, we estimate that each remaining campus will require 1-3 FTE over a period of 8 months, depending on the specifics of that campus's existing identity management infrastructure and other local choices made.
We have structured the third phase of this project to enable the remaining campuses to deploy the software according to their local needs. However, given the time and resource required, we encourage adoption of this strategy sufficiently before any anticipated projects that would require it to be in place.
There should be gating checkpoints at the ends of the first two phases to report progress to the ITLC and obtain approval to continue with the next phase. The ITLC Project Office should manage this project, once it has been approved by the ITLC to move forward. The project will continue to be governed by the ITLC, although the final selection of the middleware suite and review of the gating checkpoints should involve endorsement by the ITAG.