Budgeting for Yale’s IT needs

As in past years, our FY23 Budget proposal remains focused on meeting the diverse and evolving needs of the Yale community. There are good signs that the time we have spent over the last five years building our current foundation has transformed ITS into a more resilient and reliable unit that is more responsive to those evolving needs; and an ITS that is nimbler and more transparent. In the coming five years, our budget will support three Operational strategic initiatives (recruiting, learning, and One Finance ) and additional areas of need.

FY23 introduces the first comprehensive rate model update in more than ten years, with most of our rates reduced. We are also working on expanding support for the project management function to provide broader coverage and capacity to cover University operations. Revenue targets have been kept largely whole to better understand the impact of our rate model changes and their impact on consumption, and we anticipate a modification request for the FY24 budget cycle.

Strategically, we continue to struggle with balancing the desire to slow annual growth and the University’s increased dependency in categories like software (subscriptions), cloud computing, and infrastructure services, which are driving up costs faster than parameter growth. In addition, through discussions during the long-range planning review, this budget submission includes a tapered-in three-year incremental increase ($5MM annually, stabilizing at $15MM incremental over FY22 budget) in our renew and replace program, to better reflect the actual useful life of assets in production.

Programmatically, our budget submission includes requests totaling $7.7MM covering six initiatives:

• Capital asset refresh
• The creation of a university-wide Operational Portfolio Management Office (OPMO)
• Software growth above parameter growth
• The Information Security Program, to cover higher than expected actual contract costs for Endpoint Detection and Response (EDR) contract signed in FY22
• One new FTE to support EHS/Research Core
• A/V equipment to support 31 additional classrooms

Despite careful planning, the IT Finance Team has identified several potential risks for FY23 and beyond, including:

• Supply chain shortages and associated delivery delays continue to drive adjustments to staffing, and implementation and purchasing strategies, ultimately forcing adjustments to timelines.
• Commodity pricing changes continue to drive up costs at an unprecedented pace.
• Our quest to secure warehouse space, systems, and staffing to protect and adequately account for delivered, installed, and retired Yale Assets continues to meet challenges. While not budgeted for in FY23, we are working on a strategy and intend to present such as soon as we are able.
• Information security has been an area of risk requiring incremental investment to enhance our ability to identify areas of risk, implement protective controls, detect attempted intrusions, and respond to cybersecurity incidents. Our NIST Cybersecurity Framework initiative to right-size Yale’s security program is making significant progress on its planned three-year buildout.
• Software costs continue to increase above parameter growth (running more than 5% annually, excluding new licenses in project tails). While mechanisms were introduced to better account for and manage industry rate pressure and approved project tails, spend increases due to Yale population growth and price increases remain problematic.
• The university phone system modernization effort continues throughout campus– including the effort of retiring the legacy telephone system serving the Medical Campus. As part of a CTS long-range plan in sync with the NGN initiative, the entire infrastructure, including blue phones, is under analysis for replacement.

The IT Finance team has also offered opportunities for FY23 and beyond, including:

• The updated Telecom infrastructure/network will continue to become more stable, experience better quality and less interruptions; and introduce a differentiated service model with targeted deployment of high availability services only where required.
• As our NIST Cyber Security Framework (CSF) security strategy continues to mature, we are seeing clearer security responsibilities, stronger data protections, and increased detection capabilities. Besides reducing financial, legal, and reputational risk for the institution, these improvements are also increasing Yale’s ability to meet University regulatory requirements quickly and comprehensively for administration and research.
• As our Enterprise Monitoring initiative matures, ITS continues to shift from a reactive to a proactive stance ultimately reducing outage timing and impact.
• FY23 introduces the first comprehensive rate model update in more than 10 years. Our goal was to review and develop a simple model and mechanism that is easy to understand, transparent, sustainable, easily updated and one that aligns with our peers and the market. All told, more than 120 rates were reviewed, and an update cycle was developed to ensure that the rates remain current and relevant.

In anticipation of the approved budget, IT’s Director of Finance and Administration, Mark Manton, congratulated his team on “simplifying the budgeting process, identifying important budgetary risks and opportunities, and collaborating to support Yale’s technology needs.”