Assessment Project for HEMIS Implementation at the Institutional Level Assessment Project for HEMIS Implementation at the Institutional Level Survey Questionnaire Version 3.2 This Survey Questionnaire will require approximately 40 minutes to complete, especially if the respondent has an updated copy of their Information Systems Strategic Plan (ISSP) or similar document. For inquiries on any of the items, the respondent may get in touch with CHED through the contact details indicated below. The Survey Questionnaire is to be accomplished by all Higher Education Institutions (HEIs) in the Philippines and submitted to CHED on or before 18 December 2015. Contact: Office of Policy, Planning, Research and Knowledge Management (OPRKM) Telephone: +632 441 1169 Email address: [email protected] Part I of the Survey is patterned after the DOST-ICTO ISSP template. Page 0 of 47. Assessment Project for HEMIS Implementation at the Institutional Level Table of Contents ABBREVIATIONS AND ACRONYMS ................................................................................................................... 2 INTRODUCTION ........................................................................................................................................... 3 PART I INFORMATION SYSTEM (IS)-SPECIFIC .................................................................................................... 5 SECTION 1 ORGANIZATIONAL PROFILE ........................................................................................................ 5 SECTION 1.1 INSTITUTION’S PROFILE ...................................................................................................... 5 SECTION 1.2 THE HEI AND ITS ENVIRONMENT (FUNCTIONAL INTERFACE CHART) ........................................... 8 SECTION 1.3 PRESENT ICT SITUATION (STRATEGIC CHALLENGES) ................................................................ 9 SECTION 1.4 STRATEGIC CONCERNS FOR ICT USE ................................................................................... 10 SECTION 2 RESOURCE REQUIREMENT ....................................................................................................... 11 SECTION 2.1 DEPLOYMENT OF ICT EQUIPMENT AND SERVICES ................................................................. 11 SECTION 2.2 ICT ORGANIZATIONAL STRUCTURE ..................................................................................... 15 SECTION 3 DEVELOPMENT AND INVESTMENT PROGRAM .............................................................................. 18 SECTION 3.1 SUMMARY OF INVESTMENTS ............................................................................................. 18 PART II ICT INFRASTRUCTURE INVENTORY ..................................................................................................... 20 PART III OTHER RELATED CONCERNS ............................................................................................................ 30 PART IV BEST PRACTICES ............................................................................................................................ 37 SECTION 1 ICT BEST PRACTICES ............................................................................................................... 37 SECTION 2 IS BEST PRACTICES ................................................................................................................. 42 SECTION 3 LEVEL OF MATURITY ............................................................................................................... 42 ANNEX A DEFINITION OF TERMS .................................................................................................................. 45 CHED Survey Questionnaire Page 1 of 51. Assessment Project for HEMIS Implementation at the Institutional Level ABBREVIATIONS AND ACRONYMS CHED Commission on Higher Education CHEDCO CHED Central Office CHEDRO CHED Office CMO CHED Memorandum Order DOST-ICTO Department of Science and Technology – Information and Communications Technology Office HEI Higher Education Institution HEMIS Higher Education Management Information System ICT Information and Communications Technology IS Information System ISSP Information Systems Strategic Plan LUCs Local Universities and Colleges MFO Major Final Output MIL Maturity Indicator Level MITHI Medium-term Information and Communications Technology Harmonization Initiative PHEI Private Higher Education Institution PhP Philippine Peso RUS Regional University System SO Special Order SUCs State Universities and Colleges CHED Survey Questionnaire Page 2 of 51. Assessment Project for HEMIS Implementation at the Institutional Level INTRODUCTION This project of the Commission on Higher Education (CHED) supports the implementation of the CHED Information Systems Strategic Plan (ISSP) 2013-2017 which is a 5-year Information and Communications Technology (ICT) successor plan of CHED focusing on the requirements of providing connectivity of Higher Education Institutions (HEIs) and linkage of systems and databases to the Commission. In this regard, CHED enjoins your Institution in accomplishing the Assessment Project for the Higher Education Management Information System (HEMIS) Implementation at the institutional level. All HEIs are to participate in this project as this will lead to the preparation of the Philippine Higher Education ISSP, which when implemented, shall provide quality applications that will aid not only CHED in its developmental projects and programs but also the HEIs in their day to day operations. This Nationwide Survey (“the Survey”) intends to collect data from all HEIs to assess their overall capacity and situation with regard to ICT utilization. The project aims to prepare the conceptual framework, policies and requirements specifications for implementing the HEMIS at the institutional level taking into consideration the best practices among the HEIs or model institutions that exemplify the use of ICT-enabled services in higher education. This research project is expected to specifically provide the following: Levels of ICT readiness of the State Universities and Colleges (SUCs), Local Universities and Colleges (LUCs), other Government Schools offering Higher Education Programs, and Private Higher Education Institutions (PHEIs) in relation to the implementation of HEMIS in terms of detailed inventory and analysis of the assessment conducted taking off from the MITHI Survey of 2012; Compendium of best practices on ICT initiatives to support the SUCs, LUCs, other Government Schools offering Higher Education Program, and PHEIs; ICT Strategic Plan for the Philippine Higher Education as part of the Higher Education Strategic Plan and Public Higher Education Reform including the possible input for the Regional University System (RUS) and typology projects; and Policies and requirements specifications for the SUCs, LUCs, PHEIs and other Government Schools offering Higher Education Program to fully implement the HEMIS, complementing to the CHED ISSP 2013-2017 leading to the integration of the Philippine Higher Education System. The Survey covers different aspects of ICT in HEI setting, divided into four (4) parts. Part I is focused on the organizational profile of the HEI as well as its ICT resource requirement. As CHED is a government agency the same as the SUCs which are funded by the government, Part I of the Survey is patterned after the DOST-ICTO ISSP (Revised 2014) Template. Part II covers the existing ICT infrastructure like the hardware, software, network and other ICT resources that are being used to manage information in the HEI. Data gathered from this portion of the Survey shall serve as an input to developmental activities and for budget purposes. Part II basically adopted the entire Annex 5A of DOST-ICTO ISSP (Revised 2014) Template for ease of harmonization and consolidation of the government project. Part III deals with system functions that may already be present in the prevailing Information Systems currently being used in the HEI. It also deals with data sets that may be available from these systems which the HEI uses in developing their policies and aid in their decision-making. CHED Survey Questionnaire Page 3 of 51. Assessment Project for HEMIS Implementation at the Institutional Level Part IV is a template that the HEI can use to share the IS best practices that are already in place in their Institution. These best practices shall be collated and shared to all HEIs after the survey. To facilitate in accomplishing the completion of the survey, we provided examples that you can use as reference. In which case, you should replace these examples with what is applicable to your Institution. Instructions in filling out the tables are provided as footnotes or just below the table. Your feedback is essential to this project. Please answer each item as accurate as possible. We highly appreciate your taking the time to complete the Survey. Please submit the accomplished Survey on or before 18 December 2015 to CHEDCO. Softcopy should be stored on a CD and a hardcopy signed by the respondent and Head of the Institution. CHED Survey Questionnaire Page 4 of 51. Assessment Project for HEMIS Implementation at the Institutional Level PART I INFORMATION SYSTEM (IS)-SPECIFIC SECTION 1 ORGANIZATIONAL PROFILE SECTION 1.1 INSTITUTION’S PROFILE Name of Institution Type of Institution State University/College (SUC) Local University/College (LUC) Other Government School offering Higher Education Program Private HEI Address URL/Website Name of the Head of Institution Position / Designation Contact Number (include Area Code) Email Address Signature Name of Respondent (CIO/MIS Head, IS Planner) Position / Designation Organizational Unit / Department Contact Number (include Area Code) Email Address Signature Current Organizational Budget PhP Current Annual ICT Budget1 PhP Other Sources of Funds PhP 1 Indicate the Total Annual ICT Budget for the current fiscal year. Other possible sources of funds should be indicated separately. NB: Part I of the Survey is patterned after the DOST-ICTO ISSP (Revised 2014) Template Page 5 of 51. Assessment Project for HEMIS Implementation at the Institutional Level 1. Organizational Structure: [Insert your Institution’s Organizational Structure here or on a separate page.] Total No. of Employees2 Number of Extension Campuses (if any) Number of Provincial Campuses (if any) Number of Other Offices (e.g. other facilities 2 Indicate the total number of employees including those on part-time or full-time basis, regular, contractual and casual employees and those assigned to regional/extension, provincial and other offices/campuses. Indicate the number of regional offices, provincial offices and other offices/campuses, if any. NB: Part I of the Survey is patterned after the DOST-ICTO ISSP (Revised 2014) Template Page 6 of 51. Assessment Project for HEMIS Implementation at the Institutional Level outside the campus.) NB: Part I of the Survey is patterned after the DOST-ICTO ISSP (Revised 2014) Template Page 7 of 51. Assessment Project for HEMIS Implementation at the Institutional Level For HEIs owning other Institutions like review centers, research facilities, etc. ORGANIZATIONAL UNIT1 NAME OF INSTITUTION/ AGENCY HEAD2 DESIGNATED IS PLANNER3 NAME3a DESIGNATION/ POSITION3b E-MAIL ADDRESS3c NUMBER OF EMPLOYEES4 CURRENT ANNUAL ICT BUDGET5 CONTACT NUMBER3d For each organizational unit: 2 - List all campuses, regional/extension/field/provincial offices/campuses (if any) under the control and supervision of the Institution. 2 - Indicate the complete name of the Institution head. 3 - Indicate the complete name of the IS Planner of each unit, their respective plantilla position, e-mail address/es and contact number/s. 4 - Indicate the total number of employees to include part-time or full-time basis, regular, contractual and casual employees. 5 - State the Total Annual ICT Budget (as reported per GAA for SUCs) for the current fiscal year. NB: Part I of the Survey is patterned after the DOST-ICTO ISSP (Revised 2014) Template Page 7 of 51. Assessment Project for HEMIS Implementation at the Institutional Level SECTION 1.2 THE HEI AND ITS ENVIRONMENT (FUNCTIONAL INTERFACE CHART)3 Example (CHED) 3 Illustrate the Institution and its linkages with its clientele, stakeholders, beneficiaries and other organizations/institutions whether in government, private or non- government institutions that greatly help/contribute in the attainment of the Institution’s MFOs. NB: Part I of the Survey is patterned after the DOST-ICTO ISSP (Revised 2014) Template Page 8 of 51. Assessment Project for HEMIS Implementation at the Institutional Level SECTION 1.3 PRESENT ICT SITUATION (STRATEGIC CHALLENGES)4 Example: Mission Critical The University has 3 campuses in the same city but not yet interconnected. For each of the campuses, ICT infrastructure supports teachers and administrators to effectively plan, design, deliver, assess and report for contemporary learning. Over the years, however, reliability of the ICT infrastructure has declined and response times for technical support have been long. This present situation has limited the provision of a highly accessible and efficient use of ICT for learning, teaching and Administration. It is deemed beneficial for the University to upgrade its IT Infrastructure and interconnect the 3 campuses within the City. 4 Briefly describe in narrative form the current level of computerization of the Institution in terms of: (1) mission critical/frontline services, (2) office automation, and 3) web presence. Institution should be able to assess the extent of ICT use within the organization, indicate percentage (%) of computer literacy, and computer ratio/density. The narrative description presents the macro view of business operations and ICT situation e.g. inter-school or -agency applications, interoperability, standards, etc. NB: Part I of the Survey is patterned after the DOST-ICTO ISSP (Revised 2014) Template Page 9 of 51. Assessment Project for HEMIS Implementation at the Institutional Level SECTION 1.4 STRATEGIC CONCERNS FOR ICT USE5 MAJOR CRITICAL FINAL OUTPUT1 MANAGEMENT/OPERATING/ Example: Enrollment Services 1. Pre-enrollment 2. Assessment 3. Scheduling 4. Enrollment 5 BUSINESS SYTEMS2 Example: Assessment, Enrollment and Scheduling PROBLEMS3 INTENDED USE OF ICT4 Example: Example: Difficulty in manually administering pre-enrollment; scheduling of subjects and classrooms as well as faculty workload; manual assessment and enrollment process. Computerized Integrated Assessment, Enrollment and Scheduling System. Difficulty in monitoring and manually adjusting schedules and subjects enrolled Instructions (Examples are provided in each column for your reference): 1 - List each MFO which can be enhanced or facilitated by the adoption of ICT. In case the MFO approved by DBM is too broad, please cite the specific product or service under each MFO that can be enhanced or facilitated through ICT. 2 - Describe the actual business operations/activities performed by the organization in relation to Col. 1. 3 - Refers to the barriers/obstacles that hinder or cause delay in the performance of the business operations/activities identified in Col. 2. 4 - Indicate the intended ICT solution to address the problems cited in Col. 3. NB: Part I of the Survey is patterned after the DOST-ICTO ISSP (Revised 2014) Template Page 10 of 51. Assessment Project for HEMIS Implementation at the Institutional Level SECTION 2 RESOURCE REQUIREMENT SECTION 2.1 DEPLOYMENT OF ICT EQUIPMENT AND SERVICES6 I T E M1 NAME OF OFFICE/ Existing PROPOSED NUMBER ORGANIZATIONAL UNITS2 Number of OF UNITS3 Units YEAR 1 YEAR 2 YEAR 3 1. Hardware Mainframe Server File Server Database Server Application Server Web Server Antivirus Server Gateway Firewall Email Server Domain Name Service Server DHCP Server Desktop PC 6 Instructions: 1. Describe in general terms the ICT equipment to be deployed (e.g. laptop, desktop). Please do not include detailed technical specifications. Existing ICT inventory should be listed separately. Please refer to Part II. For those who have accomplished the 2012 MITHI ICT Resources Survey, kindly update, complete and transfer the data to Part II of this survey (Annex A-5 in the 2012 MITHI ICT). 2. Indicate the location where the ICT equipment will be deployed. 3. Specify the number of units to be deployed. NB: Part I of the Survey is patterned after the DOST-ICTO ISSP (Revised 2014) Template Page 11 of 51. Assessment Project for HEMIS Implementation at the Institutional Level I T E M1 NAME OF OFFICE/ Existing PROPOSED NUMBER ORGANIZATIONAL UNITS2 Number of OF UNITS3 Units YEAR 1 YEAR 2 YEAR 3 Laptop / Notebook / Notebook PC Lightweight Laptop Tablet PC Printer Multi-function Printer Wide-format Printer or Plotter Network Printer Printer only 2. Other IT Equipment and Peripherals Book Scanner Microfiche / Microfilm Reader Mobile Phone (incl. smart phones) Digital Camera Small Scanner (e.g. flatbed scanner) Storage Array Hard Disk for Storage Array Heavy Duty Duplicating Equipment Hard Disk (SCSI) Hard Disk (SATA/PATA) Enclosure. Rack Mount External Hard Drive Smart Card Reader Multimedia Projector CCTV System NB: Part I of the Survey is patterned after the DOST-ICTO ISSP (Revised 2014) Template Page 12 of 51. Assessment Project for HEMIS Implementation at the Institutional Level I T E M1 NAME OF OFFICE/ Existing PROPOSED NUMBER ORGANIZATIONAL UNITS2 Number of OF UNITS3 Units YEAR 1 YEAR 2 YEAR 3 Generator Set 3. Network and Telecommunications Router Core Switch Switch Hub Firewall Uninterruptible Power Supply (UPS) , Rack Mount Digital Line Subscription Structured Cabling Internet Connectivity (in MBPS) 4. Software Requirements Desktop OS Network OS Development Languages DBMS MySQL/LSV PosgresSQL/LSV MariaDB MS SQL Server Office Productivity Open Office MS Office Desktop Publishing NB: Part I of the Survey is patterned after the DOST-ICTO ISSP (Revised 2014) Template Page 13 of 51. Assessment Project for HEMIS Implementation at the Institutional Level I T E M1 NAME OF OFFICE/ Existing PROPOSED NUMBER ORGANIZATIONAL UNITS2 Number of OF UNITS3 Units YEAR 1 YEAR 2 YEAR 3 GIS Software Antivirus Web Browser Mozilla Firefox Opera Other Software Package OpenProj / LSV MS Visio 2010 (latest Version) 5. ICT Services Student Information & Accounting System Human Resource Information System Faculty Development InformationSystem Equipment and Supplies Inventory System Project Management System Document Tracking System Knowledge Portal Electronic New Government Accounting System (ENGAS) Others, please specify (continue on a separate sheet if necessary) NB: Part I of the Survey is patterned after the DOST-ICTO ISSP (Revised 2014) Template Page 14 of 51. Assessment Project for HEMIS Implementation at the Institutional Level SECTION 2.2 ICT ORGANIZATIONAL STRUCTURE 2. Existing ICT Organizational Structure7 7 Draw your existing ICT Organizational Structure. Indicate number of permanent, contractual, outsourced or project-based manpower by position. (Example: Computer Programmer III: permanent = 0, contractual = 10, outsourced = 5, project-based = 2) NB: Part I of the Survey is patterned after the DOST-ICTO ISSP (Revised 2014) Template Page 15 of 51. Assessment Project for HEMIS Implementation at the Institutional Level 3. Proposed ICT Organizational Structure8 8 Illustrate your proposed ICT Organizational Structure. Indicate number of permanent, contractual, outsourced or project-based manpower by position NB: Part I of the Survey is patterned after the DOST-ICTO ISSP (Revised 2014) Template Page 16 of 51. Assessment Project for HEMIS Implementation at the Institutional Level 4. Placement of the Proposed ICT Organizational Structure in the Institution’s Organizational Chart9 9 Show how your proposed ICT organizational structure will be placed in the Organizational Chart. Specify what office will have direct supervision and control over it. NB: Part I of the Survey is patterned after the DOST-ICTO ISSP (Revised 2014) Template Page 17 of 51. Assessment Project for HEMIS Implementation at the Institutional Level SECTION 3 DEVELOPMENT AND INVESTMENT PROGRAM SECTION 3.1 SUMMARY OF INVESTMENTS BUDGET ITEM/ ACCOUNT1 EXISTING PHYSICAL COST YEAR 12 PHYSICAL TARGETS YEAR 22 COST PHYSICAL TARGETS YEAR 32 COST PHYSICAL TARGETS COST 1. Office Productivity A. Maintenance and Other Operating Expenses (MOOE) LEASE OF LAPTOPS Office productivity tools 2. Internal ICT Project 1 A. CAPITAL OUTLAY Hardware Other office equipment Civil works B. Maintenance and Other Operating Expenses (MOOE) Software subscription Internet service Systems development Office supplies Fill-out Instructions: 1- Please include continuing costs of existing operational applications/information systems/databases. 2- Indicate the physical targets and corresponding estimated cost needed for each budget item. NB: Part I of the Survey is patterned after the DOST-ICTO ISSP (Revised 2014) Template Page 18 of 51. Assessment Project for HEMIS Implementation at the Institutional Level BUDGET ITEM/ ACCOUNT1 EXISTING PHYSICAL COST YEAR 12 PHYSICAL TARGETS YEAR 22 COST PHYSICAL TARGETS YEAR 32 COST PHYSICAL TARGETS COST 3. Cross-Agency ICT Project 1 A. CAPITAL OUTLAY Hardware Civil Works B. Maintenance and Other Operating Expenses (MOOE) Software subscription Professional services Training 4. Continuing Expenses for Existing Systems A. Maintenance and Other Operating Expenses (MOOE) Software subscription Internet service NB: Part I of the Survey is patterned after the DOST-ICTO ISSP (Revised 2014) Template Page 19 of 51. Assessment Project for HEMIS Implementation at the Institutional Level PART II ICT INFRASTRUCTURE INVENTORY INSTITUTION NAME:_____________________________________________________________________________ Respondent (IS Planner/CIO/MIS Head) 10: _________________________________________________________ Position / Désignation: __________________________________________________________________________ Division/Section/Unit:___________________________________________________________________________ Mobile/Telephone/Fax Number: _________________________________________________________________ Respondent’s Email Address: ____________________________________________________________________ OBJECTIVES: 1. To identify the hardware, software, network and other ICT resources being used to manage information by SUCs and HEIs; 2. To update existing benchmark and standards; and 3. To provide inputs to the MITHI Steering Committee in determining the ICT budget requirements of the agency. 1. HARDWARE / OTHER ICT EQUIPMENT Fill-out Instruction: Please count all existing computing devices and peripherals owned or leased by your office that are functioning including those acquired through projects. In case of multi-year contract for leased units, then just write the number of units under the appropriate year when the leased units were acquired. Do not include in succeeding years unless another batch was leased. Reference year is last year. Kindly replace “last year” and preceding years by the actual year number. For example, if last year is 2014, then write 2014 under the 1st column. For last 2 years, write 2013 and for last 3 years, write 2012. 10 In case all three positions are occupied by different persons, then the IS Planner should have priority in answering this survey. NB: The whole Part II of this Survey is from Annex A5 of the DOST-ICTO ISSP (Revised 2014) Template Page 20 of 51. Assessment Project for HEMIS Implementation at the Institutional Level 1.1 Number of Computing Devices and Peripherals by Type and by Year Acquired TOTAL NUMBER OF FUNCTIONING UNITS BY YEAR ACQUIRED TYPES <Last Year> Owned Leased <Last 2 Years> <Last 3 Years> Owned Owned Leased Leased More than 3 years Mainframe Servers Desktop PC Laptop / Notebook / Netbook PC Mobile Phone11 (incl. smart phones) Tablet PC Multi-function printer (print, copy, etc.) Printer only Digital Camera (Include DSLR, if any) Wide-format Printer or Plotter Small Scanner (ex. flatbed scanner) Smart Card Reader Wide-format Scanner External Hard Drive Generator Set Others, please specify (continue on a separate sheet if necessary) 11 Count only the mobile phones owned or leased by your Institution. NB: The whole Part II of this Survey is from Annex A5 of the DOST-ICTO ISSP (Revised 2014) Template Page 21 of 51. Assessment Project for HEMIS Implementation at the Institutional Level 1.2 Number of Computing Devices and Peripherals by Usage General Administration and Operations Support Services TYPES Employees Training Frontline Support to Services13 Operations12 Projects (Not agencyfunded) Servers Desktop PC Laptop / Notebook / Netbook PC Multi-function printer (print, copy, etc.) Printer only 1.3 Number of Servers by Capacity and by Location TOTAL CAPACITY OF HDD LOCATION IN-HOUSE CO-LOCATED Above 4 TB 2 TB to 4 TB Below 2TB 2. SOFTWARE, APPLICATION SYSTEMS, INFORMATION SYSTEMS AND DATABASES 2.1 Operating Systems 2.1.1 OS for Stand-alone PCs (desktops and laptops) OPERATING SYSTEM Lifetime License?14 If not, write below the year of expiration Older than Windows XP Windows XP Windows Vista Windows 7 Windows 8 and up Linux Mac OS 12 Those used in planning, coordination, internal training, monitoring and evaluation. 13 Those used by external clients. 14 Mark if yes. Examples are OEM license (software is already installed in the hardware) and Enterprise (Perpetual) license, which does not require renewal and is for life long. (Source: http://www.manageengine.com/products/servicedesk/help/adminguide/configurations/software/software-license-type.html) NB: The whole Part II of this Survey is from Annex A5 of the DOST-ICTO ISSP (Revised 2014) Template Page 22 of 51. Assessment Project for HEMIS Implementation at the Institutional Level OPERATING SYSTEM Lifetime License?14 If not, write below the year of expiration Mac OS X Others, please specify (continue on a separate sheet if necessary) 2.1.2 OS for Workstations (desktops and laptops) OPERATING SYSTEM Lifetime License? If not, write below the year of expiration Lifetime License? If not, write below the year of expiration Older than Windows XP Windows NT Windows XP Windows Vista Windows 7 Windows 8 and up Solaris Linux Mac OS Others, please specify (continue on a separate sheet if necessary) 2.1.3 OS for Servers OPERATING SYSTEM Windows NT Windows 2000 Windows Server 2003 Windows Server 2008 Windows Server 2012 Solaris OpenSolaris OS/2 Linux Mac OS X Server Others, please specify (continue on a separate sheet if necessary) NB: The whole Part II of this Survey is from Annex A5 of the DOST-ICTO ISSP (Revised 2014) Template Page 23 of 51. Assessment Project for HEMIS Implementation at the Institutional Level 2.2 Office Automation Software SOFTWARE / APPLICATION PACKAGE Lifetime License? If not, write below the year of expiration Older than MS Office 2003 MS Office 2003 MS Office XP MS Office 2007 MS Office 2010 MS Visio MS Project Open Project Open Office Others, please specify (continue on a separate sheet if necessary) 2.3 Operational15 Oversight / Administrative Systems (please refer to the examples16 below). NAME OF SYSTEM (Please list down the name/s of your administrative system/s) Own Intellectual Property, Y or N?17 DEVELOPMENT PLATFORM (ex.LAMP, .Net, Java) WORKING ENVIRONMENT 18 (Use codes below) USE19 MAINTENANCE COST (Pls. write codes only; refer below) 15 Include only those currently being used by your office or agency. 16 Payroll System, 201 File Information and Promotion System, Vehicle Monitoring System, Document Tracking System, Attendance and Leave Monitoring System, Financial Management Information System, Inventory System, Records Management System 17 Write Y for Yes if your agency has intellectual property right to the system. Write N for No. 18 WORKING ENVIRONMENT: S - Stand alone; C – Client-Server; W - Web-based 19 USE: 1 – Public Financial Management; 2 – Citizen Frontline Services; 3 – Ease of Doing Business; 4 – Higher Education; 5 – Basic Education; 6 - Health; 7 – Justice, Peace and Order; 8 – Energy; 9 – Land and Other Geospatial Information; 10 – Disaster and Climate Change Management; 11 – Public Works and Transport; 12 – iGov and ICT Infrastructure; 13 – Transparency and Citizen’s Participation; 14 – Citizen Registry; 15 – Others, please specify. NB: The whole Part II of this Survey is from Annex A5 of the DOST-ICTO ISSP (Revised 2014) Template Page 24 of 51. Assessment Project for HEMIS Implementation at the Institutional Level NAME OF SYSTEM (Please list down the name/s of your administrative system/s) Own Intellectual Property, Y or N?17 DEVELOPMENT PLATFORM (ex.LAMP, .Net, Java) WORKING ENVIRONMENT 18 (Use codes below) USE19 (Pls. write codes only; refer below) MAINTENANCE COST (please continue on a separate sheet if necessary) 2.4 Operational20 Strategic Information Systems (please refer to the examples21 below). NAME OF SYSTEM (Please list down the name/s of your strategic system/s) Own Intellectual Property, Y or N?22 DEVELOPMENT PLATFORM WORKING ENVIRONMENT23 (ex. LAMP, .Net, Java) (Use codes below) USE24 MAINTENANCE COST (Pls. write codes only; refer below) (please continue on a separate sheet if necessary) 20 Include only those currently being used by your office or agency. 21 eCensus, Electronic Filing and Payment System, eTIN, Government e-Procurement System, Automated Customs Operations System, Electronic Customs Clearance Facility, Licensure Examination & Registration Integrated System, Machine Readable Passports and Visas, Philippine Land Registration and Information System, Government Employees Management Information System, e-GSIS, eReal Property Tax System, Business Permit & License System, iRegister, Hospital Operations and Management Information System 22 Write Y for Yes if your agency has intellectual property right to the database. Write N for No. 23 WORKING ENVIRONMENT: S - Stand alone; C – Client-Server; W - Web-based 24 USE: 1 – Public Financial Management; 2 – Citizen Frontline Services; 3 – Ease of Doing Business; 4 – Higher Education; 5 – Basic Education; 6 - Health; 7 – Justice, Peace and Order; 8 – Energy; 9 – Land and Other Geospatial Information; 10 – Disaster and Climate Change Management; 11 – Public Works and Transport; 12 – iGov and ICT Infrastructure; 13 – Transparency and Citizen’s Participation; 14 – Citizen Registry; 15 – Others, please specify. NB: The whole Part II of this Survey is from Annex A5 of the DOST-ICTO ISSP (Revised 2014) Template Page 25 of 51. Assessment Project for HEMIS Implementation at the Institutional Level 2.5 Databases (please include only existing databases) NAME OF DATABASE Own Intellectual Property, Y or N? BRIEF DESCRIPTION AND KEY FIELDS25 DATABASE MANAGEMENT SOFTWARE26 USED USE MAINTENANCE COST (Pls. write codes only; refer below) (please continue on a separate sheet if necessary) 3. NETWORK 3.1 3.2 3.3 3.4 3.5 3.6 3.7 3.8 Does your agency have a Local Area Network (LAN)? YES Does your agency have an Intranet? YES If yes, does your agency have a Virtual Private Network (VPN)? YES Does your agency have a Wide Area Network (WAN)? YES Does your agency have a Private Automatic Branch Exchange (PABX or PBX)? YES If yes, what is the PBX set up? Private Hosted VoIP PBX or IP-PBX Is your agency connected to the Internet? YES What is/are your agency’s mode/s of access to the Internet? (Check all items that are applicable) Dial-up DSL ISDN NO NO NO NO NO Hosted IP NO Leased line Mobile phone Satellite WiFi Others, please specify________________________________ 3.9 Who is (are) your Internet Service Provider(s)? If more than one, please state who is the primary and who is the secondary provider? ______________________________________________________ 3.10 What is the combined internet bandwidth (voice and data)? ____________________________________________ 3.11 How many employees have access to the Internet in the office?_________________________________________ 3.12 How many employees have their own official e-mail address?___________________________________________ 3.13 Does your agency have a web site? YES NO 3.14 If YES, what is the URL of your agency’s web site? http://______________________________________________ 4. SECURITY, DISASTER RECOVERY & BACK-UP 4.1 Does your agency have a protection scheme for your ICT resources? 4.2 If YES, what is/are the measure/s being used by your office? (Check all applicable) YES NO 25 Briefly describe the purpose or importance of the database . 26 Examples of DBMS are MS Excel, MS Access, MS SQL Server, MySQL, IBM’s DB2, Oracle SQL, Sybase SQL, Informix, FoxPro NB: The whole Part II of this Survey is from Annex A5 of the DOST-ICTO ISSP (Revised 2014) Template Page 26 of 51. Assessment Project for HEMIS Implementation at the Institutional Level Security Policy / Guideline Disaster Recovery Plan Back-up power unit (e.g. UPS, Generator) Digital signatures Encryption Off-site back-up Hardware firewall Physically restricted access to critical ICT equipment Software firewall Secure servers Subscription to a security service (e.g. anti-virus software, intrusion alert) Regular ICT security training of employees 5. Storage of back-up media in localities other than the operating environment Others, please specify ____________________________ DATA ARCHIVING 5.1 Does you agency have a data archiving system? 5.2 If yes, what type of data archiving system does your agency use? Manual Electronic Both/Combination YES NO 5.3 If electronic data archiving is being utilized, what is the mode? Conventional Cloud 5.4 If conventional mode, what is the medium of storage of the archived data? Optical disks (e.g. CD-Rom, DVD) Hard Disk Tape External Hard Drive Microfiche Diskette Others, please specify ______________________________________________________________ 5.5 What information is archived by your agency electronically? (Check all items that are applicable) Publications (Annual Report, Statistical Report, etc.) Letters, memorandum orders, communications, etc. Audio-visual recordings Unprocessed/Raw Data Maps Photographs Public documents (civil registration forms, passports, land titles, etc.) Others, please specify ____________________________ _________________________________________________ NB: The whole Part II of this Survey is from Annex A5 of the DOST-ICTO ISSP (Revised 2014) Template Page 27 of 51. Assessment Project for HEMIS Implementation at the Institutional Level 6. SPECIAL SOLUTIONS AND OTHER SERVICES USE27 SPECIAL SOLUTIONS PACKAGE (Pls. write codes only; refer below) MAINTENANCE COST Geographic Information System Automated Fingerprint Identification System Cloud computing CCTV System Others, please specify 7. DATA CENTER 7.1 7.2 7.3 7.4 8. Does your agency have a data center? YES NO If yes, how many sites? _______________________________________________________________________ Please check applicable maintenance set-up: In-house Outsourced Does it have a back-up site? YES NO ICT PROJECTS 8.1 Details of Ongoing ICT Projects PROJECT NAME28 DESCRIPTION PERIOD COST29 (in mm/dd/yyyy) (in pesos) Start Date 27 End Date DEVELOPMEN T STRATEGY30 (Please write codes only; refer below) STATUS31 USE32 (Please write codes only; refer below) (Pls. write codes only; refer below) USE: 1 – Public Financial Management; 2 – Citizen Frontline Services; 3 – Ease of Doing Business; 4 – Higher Education; 5 – Basic Education; 6 - Health; 7 – Justice, Peace and Order; 8 – Energy; 9 – Land and Other Geospatial Information; 10 – Disaster and Climate Change Management; 11 – Public Works and Transport; 12 – iGov and ICT Infrastructure; 13 – Transparency and Citizen’s Participation; 14 – Citizen Registry; 15 – Others, please specify. PROJECT NAME: In case an ICT project is divided in phases and its budget is given by phases, kindly list each phase as a separate project tagged as <Project Name> Ph. 1, <Project Name> Ph. 2, and so on. 29 COST: For ICT projects and project phases that ended in 2013 or earlier, kindly provide the actual cost in pesos and not the proposed cost. 30 DEVELOPMENT STRATEGY: I – In-house; O – Outsourced; C – Combination 31 STATUS: U – Under Development; D – For Deployment; O - Operational 32 USE: 1 – Public Financial Management; 2 – Citizen Frontline Services; 3 – Ease of Doing Business; 4 – Higher Education; 5 – Basic Education; 6 - Health; 7 – Justice, Peace and Order; 8 – Energy; 9 – Land and Other Geospatial Information; 10 – Disaster and Climate Change Management; 11 – Public Works and Transport; 12 – iGov and ICT Infrastructure; 13 – Transparency and Citizen’s Participation; 14 – Citizen Registry; 15 – Others, please specify. 28 NB: The whole Part II of this Survey is from Annex A5 of the DOST-ICTO ISSP (Revised 2014) Template Page 28 of 51. Assessment Project for HEMIS Implementation at the Institutional Level PROJECT NAME28 DESCRIPTION PERIOD COST29 (in mm/dd/yyyy) (in pesos) Start Date End Date DEVELOPMEN T STRATEGY30 (Please write codes only; refer below) STATUS31 USE32 (Please write codes only; refer below) (Pls. write codes only; refer below) 8.2 Issues Encountered in the Implementation of ICT Projects No budget or insufficient budget Delay in the release of projects funds Opposition or reluctance of stakeholders Lack of support by management Difficulty in recruiting and/or retaining qualified ICT personnel Low level of ICT skills among employees Unavailability of required bandwidth to support system/s Not used or seldom used by intended users and/or clients Problems in contract management for outsourced services Problems in procurement Others, please specify ______________________________________________________________________________________________________ ______________________________________________________________________________________________________ NB: The whole Part II of this Survey is from Annex A5 of the DOST-ICTO ISSP (Revised 2014) Template Page 29 of 51. Assessment Project for HEMIS Implementation at the Institutional Level PART III OTHER RELATED CONCERNS Items in Part III deal with system functions that may already be present in the prevailing Information Systems currently being used in the HEI. It also deals with data sets that may already be available from these systems which the HEI uses in developing their policies and aid in their decision-making. 1. Does your Institution have a website? If YES, what is your Uniform Resource Locator (URL)? 2. Does your Institution have an email domain? If YES, what is your email domain? YES NO ___________________________________ YES NO ___________________________________ (e.g. @up.edu.ph) 3. Do you provide the following information to the public? A. Enrollment Statistics YES NO B. Course/ Curriculum YES NO C. Research YES NO D. Awards/achievements YES NO E. School facilities YES NO F. Faculty members YES NO G. Graduate statistics YES NO H. Announcement/news YES NO I. Admission procedures YES NO CHED is looking at developing new systems that will enable HEIs for efficient administration of their work and to improve CHED’s data gathering process for decision-making, planning and budgeting. Salient features of these systems are indicated in the succeeding items. 4. Do you have an existing system that has the following features? 4.1. Curriculum Management a. Allows users to add, create and edit information on programs offered by the institution. CHED Survey Questionnaire YES NO Page 30 of 51. Assessment Project for HEMIS Implementation at the Institutional Level b. Allows users to add create and edit information Courses offered by the institution. YES NO equivalencies, credit transfer information, etc. YES NO d. Provides information on unit, course, and miscellaneous fees. YES NO e. Other features that you think are essential for Curriculum Management: c. Provides information on transfers such as; possible transfers, course _________________________________________________________________________________________ _________________________________________________________________________________________ _________________________________________________________________________________________ _________________________________________________________________________________________ 4.2. Student Management f. Contain Student Details such as name, birthday, contact detail, etc. g. Manage a student’s financial profile including tuition fees paid, YES NO YES NO YES NO researches, patents applied for and awarded, etc. YES NO j. Facilitate section/block management of student. YES NO k. Ability to keep track of any additional degrees. YES NO l. Other features that you think are essential for Student Management: miscellaneous fees, etc. h. Manage a student’s academic profile such as educational background, transfers if any, final grades, etc. i. Allow students to list publications, ongoing and completed _________________________________________________________________________________________ _________________________________________________________________________________________ _________________________________________________________________________________________ _________________________________________________________________________________________ 4.3. Faculty Management m. Contain Faculty personal profile such as name, birthdate, contact n. details, etc. YES NO Capture qualifications and employment profile of faculty such as YES NO CHED Survey Questionnaire Page 31 of 51. Assessment Project for HEMIS Implementation at the Institutional Level educational attainment, publications, ongoing and completed researches, patents applied for and awarded, and his overall curriculum vitae. o. Creation of organizational charts. YES NO p. Monitor Faculty Workload both instructional and non-instructional. YES NO q. Facility for the faculty member to update his/her personal profile. YES NO r. Ability to cater to all Time allocation of faculty members such as, YES NO advising time, research, extension, committee membership, etc. s. Other features that you think are essential for Faculty Management: _________________________________________________________________________________________ _________________________________________________________________________________________ _________________________________________________________________________________________ _________________________________________________________________________________________ 5. Do you have an existing system that has the following features? 5.1. Graduate Tracer Study Information System a. Keeps the data of the graduate which includes: personal data, educational background, performance on school, field of work. YES NO YES NO deployment of graduates. YES NO d. Allow companies to have accounts and post job openings. YES NO e. Allow companies to post feedbacks on the graduates of the HEI. YES NO f. Other features that you think are essential for Graduate Tracer Study Information System: b. Allow the graduates to maintain a personal profile with a track record of his achievements with regards to his education and employment. c. Keeps a profile of companies collaborating with HEIs for the _________________________________________________________________________________________ _________________________________________________________________________________________ _________________________________________________________________________________________ _________________________________________________________________________________________ CHED Survey Questionnaire Page 32 of 51. Assessment Project for HEMIS Implementation at the Institutional Level 6. What information do you currently have with regard to your graduates? Personal Information Certificates / Trainings / Seminars Educational background Scholarships / Awards / Achievements Researches Employment Details Company Position Address Email Telephone Number Others, pls. specify: ____________________________________________________________________________________________________ ____________________________________________________________________________________________________ 7. What information do you currently have with regard to your faculty and researchers? (Research and Extension Management) Research Name or Subject Research Contents Industry / Category of the Research Research Requirements Researcher’s Name Research Funding Researcher’s Position Publications Involvement of Community Commercial Application Practical Application Others, pls. specify: ____________________________________________________________________________________________________ ____________________________________________________________________________________________________ 8. Do you have an existing system that has the following features? 8.1. Research and Extension Management System a. Users can apply for research grants. YES NO b. Users can send their research proposals for approval. YES NO c. An inventory of the research facilities of the HEI. YES NO d. Allow companies to have accounts and post job openings. YES NO e. Allow companies to post feedbacks on the graduates of the HEI. YES NO g. Other features that you think are essential for Research and Extension Management System: _________________________________________________________________________________________ _________________________________________________________________________________________ CHED Survey Questionnaire Page 33 of 51. Assessment Project for HEMIS Implementation at the Institutional Level 9. Based on your institution’s experience, when applying for a research grant, how long does CHED usually take to approve an application? 1 month 2 months 3 months 4 months 5 months 6 months 7-12 months 10. What are your institution’s basic requirements for each teaching rank? In the table below tick the corresponding box whether or not your institution uses this standard as a requirement. Should you tick yes, please indicate the specific number your institution requires. 10.1 Requirement for INSTRUCTOR a. Number of Publications in ISI/Scopus indexed journals YES NO YES NO YES NO YES NO YES NO YES NO If YES, enter the required number: __________ b. Number of Publications in ISI/Scopus indexed Conference Proceedings If YES, enter the required number: __________ c. Number of Publications in Refereed Journals If YES, enter the required number: __________ d. Number of years of service If YES, enter the required number: __________ e. Number of patents If YES, enter the required number: __________ f. Total amount of research funds If YES, enter the required number: __________ CHED Survey Questionnaire Page 34 of 51. Assessment Project for HEMIS Implementation at the Institutional Level 10.2 Requirement for ASSISTANT PROFESSOR a. Number of Publications in ISI/Scopus indexed journals YES NO YES NO YES NO YES NO YES NO YES NO YES NO YES NO YES NO YES NO YES NO YES NO If YES, enter the required number: __________ b. Number of Publications in ISI/Scopus indexed Conference Proceedings If YES, enter the required number: __________ c. Number of Publications in Refereed Journals If YES, enter the required number: __________ d. Number of years of service If YES, enter the required number: __________ e. Number of patents If YES, enter the required number: __________ f. Total amount of research funds If YES, enter the required number: __________ 10.3 Requirement for ASSOCIATE PROFESSOR a. Number of Publications in ISI/Scopus indexed journals If YES, enter the required number: __________ b. Number of Publications in ISI/Scopus indexed Conference Proceedings If YES, enter the required number: __________ c. Number of Publications in Refereed Journals If YES, enter the required number: __________ d. Number of years of service If YES, enter the required number: __________ e. Number of patents If YES, enter the required number: __________ f. Total amount of research funds If YES, enter the required number: __________ CHED Survey Questionnaire Page 35 of 51. Assessment Project for HEMIS Implementation at the Institutional Level 10.4 Requirement for PROFESSOR a. Number of Publications in ISI/Scopus indexed journals YES NO YES NO YES NO YES NO YES NO YES NO If YES, enter the required number: __________ b. Number of Publications in ISI/Scopus indexed Conference Proceedings If YES, enter the required number: __________ c. Number of Publications in Refereed Journals If YES, enter the required number: __________ d. Number of years of service If YES, enter the required number: __________ e. Number of patents If YES, enter the required number: __________ f. Total amount of research funds If YES, enter the required number: __________ CHED Survey Questionnaire Page 36 of 51. Assessment Project for HEMIS Implementation at the Institutional Level PART IV BEST PRACTICES SECTION 1 ICT BEST PRACTICES Below is a checklist33 that the panel judges may use to evaluate the HEI who have institutionalized some ICT Best Practices. Tick the corresponding box whether or not a specific best practice is standard praxis in your Institution. REF RISK AREA No. 1 Financial Management BEST PRACTICE / ASSOCIATED PRACTICED IN CONTROLS THE INSTITUTION 1.1 Appropriate budgeting process set to enable provision of ICT services; e.g. ICT project costs for the prevailing academic year is in congruence to the requirements set out in the ISSP. Review for overspend or underspend in the previous academic year is conducted so that it taken into account when producing the prevailing year’s budget. YES NO YES NO YES NO Consequences if control is not in place: insufficient budget to meet ICT requirements. 1.2 Budget monitoring of ICT costs on a regular and ongoing basis. Appropriate action is taken to address potential overspends. Consequences if control is not in place: overspend on some projects that would adversely impact other ICT projects in the pipeline. 2 33 Value for Money 2.1. Value for money is taken into consideration when ICT services or equipment are procured; e.g. the Institution’s procurement guidelines are followed, value for money taken into account when choosing current technical support, extended warranties or service agreements are taken out Wakefield Council, September 2014, ICT Arrangements – Best Practice, pp. 2-8. CHED Survey Questionnaire Page 37 of 51. Assessment Project for HEMIS Implementation at the Institutional Level if there is sufficient reason that these do not provide value for money. Consequences if control is not in place: value for money may not be obtained. 3 Strategic / Operational Management of the ICT Function 3.1. The Institution has an approved ISSP or similar document that is periodically updated. YES NO YES NO YES NO YES NO YES NO Consequences if control is not in place: the Institution may not have the most appropriate ICT resources. 3.2. IT Management and Staff are suitably qualified and experienced. Consequences if control is not in place: ICT services provided may not be up to standards. 3.3. IT functions are underpinned by appropriate policies and procedures covering the acceptable limits of IT activities; e.g. a policy on Use of Electronic Equipment. Consequences if control is not in place: it may make it difficult to impose discipline on misuse of electronic equipment by the staff. 4 Software License Agreements 4.1 Record of software licenses and regular checking to ensure all relevant software licenses have been obtained. Consequences if control not in place: software licenses may be either not in place or no longer valid. 4.2 Facilities for software installation are restricted to authorized CHED Survey Questionnaire Page 38 of 51. Assessment Project for HEMIS Implementation at the Institutional Level personnel or System Administrators. Consequences if control not in place: unauthorized or unlicensed software may be installed onto the Institution’s system. 5 Protection of the Server 5.1. Adequate protection against fire, flood, humidity, power failure, etc. (E.g. the server room has such items as fire alarms, fire extinguishers, humidity detectors, air conditioning units, UPS units) YES NO YES NO YES NO YES NO Consequences if control not in place: the file server may be damaged, resulting in the Institution’s ICT network being inoperative. 5.2. Disaster recovery / BCP plans are in place and periodically tested. Consequences if control not in place: the HEI may not be able to quickly recover ICT facilities in the event of a disaster. 6 Protecting Electronic Equipment from Theft 6.1. An up-to-date inventory of electronic equipment. Consequences if control is not in place: theft of ICT or electronic equipment may not be detected. 6.2. Security marking of all ICT and electronic equipment. Physical security measures are in place including alarms, location of equipment on upper floors, locks on doors, etc. Consequences if control is not in place: increased likelihood of theft occurring. CHED Survey Questionnaire Page 39 of 51. Assessment Project for HEMIS Implementation at the Institutional Level 6.3. Adequate insurance of ICT or electronic equipment. YES NO YES NO YES NO YES NO YES NO Consequences if control is not in place: insufficient insurance coverage to replace ICT equipment in the event of theft or damage. 7 Security of IT Systems 7.1. There is a policy enforced over the use of portable media. Consequences if control is not in place: data may be lost if not backed up or if the portable media is lost or gets corrupted. Data might also be stored on external equipment that is not secure. 7.2. Firewalls are configured by competent personnel and installed on ICT systems. Firewalls are physically protected from damage or tampering, etc. Consequences if control is not in place: unauthorized access may be gained to the Institution’s network from the internet. 7.3. Individual password controls on computers and ICT systems which are regularly changed. Consequences if control is not in place: unauthorized access may be gained to computers and ICT systems. 7.4. Monitoring software installed on ICT equipment in order to identify any unauthorized access attempts or inappropriate use of equipment. Consequences if control is not in place: misuse of ICT equipment or CHED Survey Questionnaire Page 40 of 51. Assessment Project for HEMIS Implementation at the Institutional Level attempted misuse may not be readily identified. 7.5. Network administration and maintenance by qualified personnel; e.g. there is a contract or SLA for computer network maintenance, which includes the timescales for rectifying faults; periodic meetings with the contractor are held. YES NO YES NO YES NO YES NO YES NO Consequences if control is not in place: network administration and maintenance provided may not be up to standard. 7.6. Standard patching procedures are in place. Consequences if control is not in place: software patches and upgrades may not be readily identified and installed in a timely manner. 7.7. Antivirus software with updated virus signatures are installed on all computers and servers. Consequences if control is not in place: computer viruses may infect computer systems, causing damage, loss of data or compromising system security. 7.8. Secure website access controls are in place. Consequences if control is not in place: inappropriate or inaccurate information may be published on the Institution’s website. 7.9. Backup arrangements are in place. Consequences if control is not in place: data may be lost. CHED Survey Questionnaire Page 41 of 51. Assessment Project for HEMIS Implementation at the Institutional Level 8 Disposal of ICT Equipment 8.1. All computer files are scrubbed during decommissioning of ICT equipment. YES NO Consequences if control is not in place: confidential or sensitive data may fall into the wrong hands. SECTION 2 IS BEST PRACTICES Based on your Institution’s experience, below is a template that may be used to document the IS Best Practices that are being adopted in the Institution. Continue on a separate sheet or provide additional page. Attach a copy of supporting documents like pictures, Certificates among others, for each IS entry. IS Name: Description: Benefits: Target Users / Beneficiaries: Number of Users Year Implemented: Budget: Source of Fund: SECTION 3 LEVEL OF MATURITY Grounded on the overall assessment of ICT implementations in your Institution, rate the level of maturity based on the criteria defined in the succeeding text. This has been adopted from Carnegie CHED Survey Questionnaire Page 42 of 51. Assessment Project for HEMIS Implementation at the Institutional Level Mellon University – Software Engineering Institute’s CERT® Resilience Management Model (CERT-RMM) which is focused on the maturation of organizational maturity and reflects best practices from industry and government for managing operational efficiency and resilience across the disciplines of information management, management. business continuity management, and aspects of IT operations Definitions and attributes of each of the six Maturity Indicator Levels (MILs) are as follows: 1. MIL0 Incomplete indicates that processes are not institutionalized. 2. MIL1 Performed indicates that some best practices are being performed. MIL1 means that there is sufficient and substantial support for the existence of the practice. Once MIL1 is attained, questions related to higher MILs can be asked to determine if the practice is institutionalized to higher degrees of maturity. 3. MIL2 Planned indicates that a specific practice is not only performed but is supported by sufficient planning, stakeholders, and relevant standards and guidelines. A planned process or practice is 4. a. established by the Institution; b. planned; c. supported by stakeholders; and d. supported by relevant standards and guidelines. MIL3 Managed indicates that a specific practice is performed, is planned, and has the basic infrastructure in place to support the process. A managed process or practice a. is governed by the Institution; b. is appropriately staffed and funded; c. is assigned to staff who are responsible and accountable for the performance of the practice; d. is performed by staff who are adequately trained to perform the practice; e. produces work products that are expected from performance of the practice and are replaced under appropriate levels of configuration control; and f. 5. is managed for risk. MIL4 Measured indicates that a specific practice is performed, planned, managed, monitored, and controlled. A measured process or practice is 6. a. periodically evaluated for effectiveness; b. monitored and controlled; c. objectively evaluated against its practice description and plan; and d. periodically reviewed with higher level management. MIL5 Defined indicates that a specific practice is performed, planned, managed, monitored, controlled, and consistent across all internal constituencies who have a vested interest in the performance of the practice. A defined process or practice ensures that the Institution reaps the benefits of its consistent performance across organizational units and that all organizational units can benefit from the improvements realized in any organizational unit. At MIL5, a process or practice a. is defined by the Institution and tailored y individual operating units within the Institution for their use; and CHED Survey Questionnaire Page 43 of 51. Assessment Project for HEMIS Implementation at the Institutional Level b. is supported by improvement information that is collected by and shared among operating units for the overall benefit of the Institution. 7. MIL6 Shared indicated that a specific practice is performed, planned, managed, monitored, controlled, and consistent across all internal and external constituencies who have a vested interest in the performance of the practice. A shared process or practice ensures that the community reaps the benefits of consistent performance of the practice across many organizations bund by the community (e.g. because they collectively provide shared service such as the use of common Enrollment and Accounting System deployed on hybrid cloud used by 5 HEIs in a geographical region) and that all of the community’s organizations can benefit from improvements realized in any community organization. At MIL6, a process or practice is a. Defined by the community and tailored by the community’s organizations for their use; and b. Supported by improvement information that is collected by and shared among organizations for the overall benefit of the community. Level of Maturity (tick one only): MIL0: Incomplete MIL1: Performed MIL2: Planned MIL3: Managed MIL4: Measured MIL5: Defined MIL6: Shared CHED Survey Questionnaire Page 44 of 51. Assessment Project for HEMIS Implementation at the Institutional Level ANNEX A DEFINITION OF TERMS34 The terms and phrases used in the Survey shall be understood to mean as follows: Agency Refers to any bureau, office, commission, authority, or instrumentality of the national government, including government-owned or–controlled corporations (GOCC), authorized by law or by their respective charters to contract for or undertake information and communications technology networks and databases, infrastructure or development projects. Application System Refers to a group of related activities or processes designed to support a very specific function (e.g. Payroll System, Accounting System, etc.). It is referred to as “computer-based information system” prepared for the organization to process tasks that are unique to the particular needs or “tailor fit” for the particular operation Biometrics The science and technology of measuring and statistically analyzing biological data. In ICT, it refers to technologies for measuring and analyzing human body characteristics such as fingerprints, eye retinas and irises, voice patterns, facial patterns and hand measurements, especially for the authentication of someone. (“What is?Com’s Encyclopedia of technology Terms; Que Publishing 2002) Business Process A collection of business transactions between business partners and/or internal activities within one business. These transactions and/or activities together support the objective of the business process. Computing Scheme May be classified into two, namely stand-alone or independent systems, and networked systems. A. Stand-alone or Independent Systems - a computing scenario wherein a computer system runs an application system or IS independent of other systems. The operating system, application program and database are resident in the same computer and not dependent on other computer systems. B. Networked Systems - a computing scenario wherein computers, printers and other devices are linked together, allowing users to exchange and share information and resources. Networking is classified as follows: 1. Local Area Networking (LAN) – This is confined to moderate sized geographic areas such as one office, building, warehouse or campus. LAN can operate in different computing scenarios, namely: 34 ‘Definition of Terms’, DOST-ICTO ISSP Template (Revised 2014), pp. ii-a – ii-e. CHED Survey Questionnaire Page 45 of 51. Assessment Project for HEMIS Implementation at the Institutional Level i. Centralized - is a networking characterized by: One site supplying all information processing Information integrated at one location Development of software and control are integrated at one location ii. Centralized-Distributed - where the database in a central server is divided into disjoint (nonoverlapping) partitions. Each partition (also called a fragment) is assigned to a particular remote site. In this scenario, the data is moved closer to local users and is more accessible. iii. Open Systems - can be ported across a wide range of systems and inter-operate with other application on local and remote systems and interact with other users, which facilitate user portability. iv. Client-Server - the most recent approach in networking wherein the logic of the application is divided between a front-end computer (called the client) and a back-end computer (called a server). The client generally provides and uses information while the server retrieves, selects, sorts, calculates, sends only needed data and manages the database. 2. Wide Area Networking (WAN) - which usually consists of a series of complex packet switches interconnected by communication lines and spans large geographical distances. Content Management Software used to manage the content of the website and consists of two Software (2) elements: the content management application (CMA) and the content delivery application (CDA). It enables one to add/or manipulate content on a website. (p.5 NCC Government Website Workshop Manual) Data Warehouse Stores data from current and previous years that has been extracted from the various operational and management databases of an organization. Data Archiving An effort to avoid database chaos, intended to let organizations cull old data from their rational databases in a way that allows it to be easily restored if necessary. This could be in the form of: (1) print media like records, photos, films and negatives; (2) electronic media like videos, diskettes, magnetic tape, databases, CD-ROM and Web page snap shots. Archiving, in general, is a process that will ensure that information is CHED Survey Questionnaire Page 46 of 51. Assessment Project for HEMIS Implementation at the Institutional Level preserved against technological obsolescence and physical damage. It will also help conserve very expensive resources and ensure that the research potential of the information is fully exploited. In the Philippines Statistical System (PSS), the adoption of archiving measures has been identified by the NSCB through Resolution No. 11 (s. 1997) as a key policy to ensure the preservation, systematic storage and retrieval of statistical data including records on their methodology, concepts and other metadata. Database Management Viewed as a system software package that controls the development, use, System (DBMS) and maintenance of the databases of computer–using organizations. Database (DB) An organized group or set of inter-related information about a subject that can be processed, retrieved, analyzed and used in drawing conclusions and making decisions. Firewall A system designed to prevent unauthorized access to or from a network. Firewalls can be implemented in both hardware and software, or a combination of both. Firewalls are frequently used to prevent unauthorized Internet users from accessing private networks connected to the Internet, especially Intranets. Hardware The electronic and physical components, boards, peripherals and equipment that make up a computer system as distinguished from the programs (software) that tell these components what to do. It is the physical component consisting of the input devices, central processor, output devices and storage devices. Hub A central connecting device in a star topology network that allows the network to add workstations by extending the transmission signal. A central point of connection between media segment that organizes and transmits incoming signals to the other media segments. Information and Is the totality of the electronic means employed to systematically collect, Communications process, store, present and share information to end-users in support of Technology (ICT) their activities. It consists of computer systems, office systems, consumer electronics and telecommunications technologies, as well as networked information infrastructure the components of which include the telephone system, the Internet, fax machines, computers and its accompanying methodologies, processes, rules and conventions. A combination of computer technology, microelectronics applications, and communications and information techniques and methods. It encompasses the use of computers, data communications, office systems technologies, as well as any technology that deals with modern day application of computing and/or communication. It can also be seen as the marriage of information technology and data communication. ICT Solutions The various ICT technologies that currently exist or will be proposed to run the information systems. Examples of ICT solutions are: for Network – CHED Survey Questionnaire Page 47 of 51. Assessment Project for HEMIS Implementation at the Institutional Level Virtual Private Network, Thin Client; Wireless; for Security – Firewall, Public Key Infrastructure (PKI); for Storage – Storage Attached Network (SAN), Imaging, Warehousing; for Data Capture – Biometrics, Finger Scan, Optical Scan, Optical Mark Reader (OMR), Optical Character Recognition (OCR). Information System (IS) A system of major processes or operations which facilitates the storage, processing, retrieval and generation of information for decision-making, planning, controlling and monitoring purposes. It also refers to a group of related processes (manual or computerized) designed to generate information for the exclusive support of a major functional area of an organization (e.g. Personnel Management Information System, Logistics Management Information System, Financial Management Information System, etc.). Information Systems Designated by the department secretary/agency head or the President of Planner (IS Planner) the HEI who shall work with the management and Chief Information Officer (CIO) and mainly responsible for the formulation, development and implementation of an Information Systems Strategic Plan (ISSP). Information Systems Refers to a three (3) to five (5) year computerization framework of an Strategic Plan (ISSP) agency which describes how the organization intends to strategically use ICT in pursuit of its mission and functions. A written expression of how an agency intends to use ICT to support its data processing and decisionmaking processes. In-house Development The user (within the agency or HEI ) is involved in the design and operations of IS, actively participates in the change process and the user’s knowledge and expertise is incorporated. Internet a worldwide interconnection of millions of computer networks and databases. It is popularly referred to as the Information Superhighway, the Web, or simply as the Net. Internet Service Provider An entity or company that provides connection services to the Internet. (ISP) Access to the Internet is provided through its facility linked to the Internet. Such service provider may be a commercial entity, an institution, a university, or any other entity that has already a link to the Internet. Management Information Information systems which include external information in addition to the Systems internal information about the agency's operation. This information will be used for goal setting, and decision-making purposes of the different levels of management in the organization. Mission-Critical Frontline Basically transactional, customer-driven business processes designed to Services provide direct public access to government services, reduce the processing and approval time of government transactions with the public, electronically organize and store vital data/information for easy retrieval or updating, processing, and sharing with government monitoring or CHED Survey Questionnaire Page 48 of 51. Assessment Project for HEMIS Implementation at the Institutional Level statistical agencies; and ensure greater transparency, accountability and integrity of government operations and transactions. Modem A device that converts digital signals from the computer into analog signals to be transmitted over communication media to be transmitted back to digital signals read by computer. It can be either external or internal. It is an electronic device that makes possible the transmission of data to or from a computer via telephone or other communication lines. Network A computer-based communication and data exchange systems created by electronically connecting two or more computers/workstations. It is composed of two or more computers that can communicate with each other. Network Layout The logical or physical diagram of both the existing and proposed interconnection of computers and associated devices to provide end-users with a means of communicating and receiving information electronically without being limited by geographical distance. Office Automation Collect, process, store and transmit information in the form of electronic System (OAS) office communications. Online Systems Real-time processing systems that process data immediately after they are generated and can provide immediate output to users. Operating System Software that supervises and controls tasks on a computer. The software that directs a computer’s operations, as by controlling and scheduling the execution of other programs and managing storage and input/output. Original Equipment Covers software for stand-alone desktop PCs and laptops and MUST stay Manufacturer (OEM) bundled with the computer system and NOT distributed as a separate (or License stand-alone) product. This software will be identified or labeled "For Distribution Only With New Computer Hardware."35 Outsource An arrangement in which one company provides services for another company. (“What is?Com’s Encyclopedia of Technology Terms; Que Publishing 2002) Oversight or Are those application software that support development planning, fiscal Administrative Systems and financial management and operations, auditing, personnel administration, and assets and supplies management. PABX Stands for private automatic branch exchange and is a telephone switching system used within a business or organization. It works by interconnecting 35 http://www.auditnet.org/articles/softwarelicenses.htm#What%20Types CHED Survey Questionnaire Page 49 of 51. Assessment Project for HEMIS Implementation at the Institutional Level telephone extensions to each other and to the outside public telephone network. 36 Personal Digital Refers to wide variety of handheld and palm-sized PCs, electronic Assistant (PDA) organizers, and smart phones. It is also called a Palmtop. Printer A device that prints text or illustrations on paper. There are many different types of printers. In terms of technology utilized, printers are categorized into the following: (1) daisy wheel, (2) dot matrix, (3) ink-jet, (4) laser, (5) line printer, and (6) thermal printer. Router A device that physically connects two networks, or a network to the Internet, converting address and sending on only the message that need to pass to other network. Server A computer that shares its resources, such as printers and files, with other computers on the network, an example of this is a Novell Network Server which shares its disc space with a workstation that does not have a disk drive of its own. A computer that makes services, as access to data files, programs and peripheral devices, available to workstations on a network. Smart Card Reader An electronic device that reads smart cards and can be an external device or a built-in feature of a keyboard, PC or laptop.37 Software A set of instructions to a computer (and its peripheral equipment) to execute a command or process data. It uses a computer-understandable language. The non-physical components, which maybe an operating system, a development language, database management system, network management software, set of computer tools and utilities, or an application package, as well as the machine coded instructions that direct and control the different hardware facilities. Software License Agreement between a user and a software house, giving details of the rights of the user to use or copy software (www.petercollin.com); a legal right granted for a company/agency to run a software program. For every software program used, a license is needed and granted to the user (company or agency) and is documented in a license agreement (www.microsoft.com/indic/licensing). Software Packages Also called “canned program” is a set of programs prepared for applications that are common to the needs of many organizations. This is made available to users by the software manufacturer to include the operating instructions and documentation of the programs as part of the packages. 36 37 http://www.ehow.com/facts_7267523_definition-pabx.html http://en.wikipedia.org/wiki/Card_reader CHED Survey Questionnaire Page 50 of 51. Assessment Project for HEMIS Implementation at the Institutional Level Stand-alone PCs These are independent computer units. They are not connected to any other PC or to the network and operate independently. Strategic Information These are client-driven application software that support mission-critical Systems operations and provide direct public access to government services. Tablet A mobile computer, larger than a mobile phone or personal digital assistant, integrated into a flat touch screen rather than using a physical keyboard. It often uses an onscreen virtual keyboard, passive stylus pen, or a digital pen.38 Telecommunication Refers to the transmission of electronic signals; electronic transmission of any type of electronic information (voice, image, video, data, etc.). The movement of information in the form of voice, text, image, video or all of these multimedia using electrical, electromagnetic wave and light technology. Voice Over Internet Is a phone service over the Internet. 39 Protocol (VOIP) Web Hosting The business of housing, serving, and maintaining files for one or more (“What is?Com’s Encyclopedia of Technology Terms; Que Publishing 2002). websites Website It is an entity’s presence on the Internet environment. Wide Area Network This is similar to a Local Area Network (LAN), but unlike LANs, WANs are (WAN) not limited to a single location. Workstation A networked personal computing device with more power than a standard IBM PC or Macintosh. Typically, a workstation has an operating system such as UNIX that is capable of running several tasks at the same time. It has several megabytes of memory and a large high-resolution display. It is categorized as a PC attached to an office network (usually a Local Area Network) to differentiate it from a Stand-alone PC. 38 39 http://mashable.com/follow/topics/tablets http://www.voip-info.org/wiki/view/What+is+VOIP CHED Survey Questionnaire Page 51 of 51.
© Copyright 2026 Paperzz