Skip to end of metadata
Go to start of metadata

17 March 2010 : Nathan Dors, UW Technology

Executive Summary

Overview

Several UW units have partnered with UW Technology and the Office of Information Management (OIM) to evaluate whether and how institutional data might suffice to represent groups of UW employees by unit. The analysis has focused on data quality and usefulness, as assessed by the participating units themselves.

Results

The initial results have generated an informed optimism: that from an organization code or set of budget numbers, the people typically identified by a unit as its faculty, staff, and student employees can be derived from institutional HR/Payroll data. Additional patterns have emerged that indicate feasible approaches to employee group provisioning based on existing data integration and architecture.

Recommendations

We recommend the implementation of a nine-step action plan representing the positive application of this research to deliver near-term and strategic benefits to the participating units and other interested UW units. (See Section 11.)

1.  Introduction

This report describes research on automated provisioning of employee groups from institutional data. This research helps answer a long-standing question whether innovative use of current HR/Payroll data, processes, and information management architectures might enable widespread operational efficiencies by improving group management at the individual unit level. This hypothesis was tested by extending existing data integration (see Figure 1.1), so that data quality and usefulness could be evaluated by the participating units.

2.  Participants

The research participants represent a cross section of units, both large and small, administrative and academic, including some from health sciences. The participants are described in the following table:

Participating Unit

Type

Relative Size

Office of Research

Admin

Small

Office of Information Management

Admin

Medium

Educational Outreach

Admin

Large

Office of UW Technology

Admin

Large

College of Built Environments

Academic

Medium

Foster School of Business

Academic

Large

School of Forest Resources

Academic

Medium

Information School

Academic

Medium

Law School

Academic

Medium

Health Sciences Academic Services & Facilities

Admin/Health

Small

Department of Ophthalmology

Academic/Health

Medium

School of Public Health

Academic/Health

Large

Department of Pathology

Academic/Health

todo: size?

3.  Problem Statement

Most UW units use information technology to maintain groups consisting of their employees. Common reasons for doing so include: employee email lists, online collaboration, controlling access to "intranet" websites, purchasing software, lab and computer security, and access control to other online resources.

In many cases these business purposes require distinct groups representing smaller organizational subsets of employees, for example differentiating current faculty, staff, and student employees. At the same time composite groups representing all of a unit's employees are also common (see Figure 3.1).

In many units, significant time and effort is required to maintain the accuracy of the group memberships over time. In some units, processes for managing employee groups are aligned with the unit's administrative HR/Payroll processes: when a new employee is hired or when a current employee leaves, he or she is added to or removed from the appropriate groups. However, in practice these processes often aren't aligned (see Figure 3.2) and even when they are, they're often manual and duplicative, requiring additional coordination and communication between the unit's administrative and information technology (IT) staff. Therefore, it can take days and sometimes weeks for appropriate memberships to be assigned to new employees. Similarly, former employees regularly retain their memberships long after they have changed jobs or have separated from the institution.

The problem of aligning HR/Payroll processes with IT processes is widely acknowledged as solvable and worth solving, but only within the last year has it become compelling enough to warrant in-depth analysis based on institutional data the UW already maintains through its HR/Payroll processes.

4.  History

This research is well informed by existing uses of institutional data for provisioning group memberships. For example, UW course enrollment data from the Student Database (SDB) has been used for years to provision and deprovision UW course groups used by instructors and other authorized users via the UW Groups service [groups:1]. More recently, groups representing students by major have been piloted for wider use by employees.

There is even some precedence for using institutional HR/Payroll data to provision group memberships. For instance, employment data provisioned from the Higher Education Personnel/Payroll System (HEPPS) [groups:2] has enabled bulk email delivery to all UW faculty and staff for many years and to smaller populations based on UW mailbox numbers.

Similarly, during the spring of 2008 three units piloted the use of an institutional data element that hadn't previously been used for deriving group memberships: Home Department Budget Number, which is better suited to capturing unit-level memberships. In fact, the resulting memberships proved accurate enough, as assessed by the units, to support successful employee email migrations to UW Exchange. The success of these units established a more practical perspective toward provisioning employee groups: that the memberships don't need to be perfect to be useful, that there is real value in simply being good enough to serve the business needs.

As a result, these units and others represented by the UW Computing Directors Group [groups:3] encouraged further analysis of employee group provisioning based on other institutional data elements related to employment, elements that might provide even better, more useful memberships. These opinion leaders offered continued engagement, support, and time and cited appointment data as a strategic direction for further analysis. The Data Management Committee concurred with this direction, and in late July 2008 the relevant Data Custodians approved provisional access to the UW Operational Data Store (ODS) [groups:4] to accommodate this pilot research program.

5.  Benefits

This research is motivated by a set of timely yet broadly strategic benefits which would stem from better integration of institutional HR/Payroll data into operational group management processes. These benefits would advance several areas of UW information management strategy and information technology strategy, while also helping units with limited resources weather current fiscal challenges.

5.1  Reduce Costs and Help Units Weather Budget Cuts

As the budget for the 2009-2011 biennium was being developed, President Mark Emmert asked the UW community to review priorities and promote innovative ideas for reducing waste in order to weather the economic downturn. He asked for cost-saving suggestions to help the University save money in its operations. He anticipated the need to improve operational processes and envisioned a transition toward more online forms of business, including an increase in University communications delivered by email.

This economic context gives new urgency to the basic question of this research - whether current HR/Payroll processes can improve how units manage employee groups - because improved automation often leads to marked increases in operational efficiency and supports streamlined business processes that are more cost effective in terms of human and financial resource investments.

5.2  Support UW Strategic Roadmap for Information Management and Administrative Systems

One objective of the UW Strategic Roadmap for Information Management and Administrative Systems [groups:5] is to redesign information management processes over time to maximize efficiencies and enable stakeholder success.

In the short term, significant efficiencies and cost-saving opportunities could be realized by applying existing processes and information architectures in new, more innovative ways. Case in point, current HR/Payroll processes may already be sufficient to realize widespread improvements to the way employee groups are managed at the unit level.

By participating in this collaborative research, OIM is making a small upfront investment to help determine the feasibility of a solution based on data integration that already exists between HEPPS and the Enterprise Data Warehouse. A simple midlevel innovation - namely, using the ODS as a group information source - may enable and distribute efficiency improvements across the institution. This would allow OIM to enhance the value of current HR/Payroll data, even while HEPPS and other legacy administrative systems are being renewed and/or replaced as part of the roadmap's long-term redesign efforts.

Additionally, this research and any solutions derived from it may provide the roadmap working teams with a source of broadly relevant information management use cases, relating institutional data management to operational processes, employment data to group data, and organizational codings to group names. These use cases would support the long-term roadmap effort, and help demonstrate increased agility, particularly at the intersection of institutional data, group information, and application integration.

5.3  Advance UW Identity and Access Management Program

One of the objectives of the UW Identity and Access Management program [groups:6] is to provide effective enterprise solutions to group management and application integration. For many organizations, automated provisioning and deprovisioning of group memberships is essential to organizational IT efficiency, access management, and security. At the UW, manually adding and removing faculty, staff, and student employees (as well as students and alumni) to and from appropriate email lists and security groups takes staff time and is prone to errors and delays. Units that are able to automate these group management processes (based, for example, on existing unit-level employment processes or, as envisioned here, on institutional HR/Payroll processes) benefit not only from time and cost savings, but also from better security, accountability, and customer service resulting from more accurate and timely management of memberships.

5.4  Advance UW Payroll Office Strategic Objectives

The UW Payroll Office recognizes how payroll processes and data can contribute to operational excellence, not only at the institutional level but at the unit level as well. New hires, leave of absence changes, separations, and retirements - all these events trigger updates to the Online Payroll Updating System (OPUS) [groups:7] by departmental payroll coordinators.

This distributed responsibility for data management results in reliable, accurate data that not only supports core payroll processing but also might help units streamline their own operations if the data can be appropriately integrated into unit-level processes. So delivering accurate institutional payroll data efficiently to customers is a strategic objective of the Payroll Office, and this is a key reason for its support for this research as a strategic partner and custodian of the data.

Automated provisioning and deprovisioning of employee groups, based in part by institutional payroll processes, will help the Payroll Office offer more dynamic, customized solutions to departments, which advances one of its strategic objectives by enabling efficiencies at the unit level. Doing so may benefit the institution in other ways as well. For example, reapplying unit-level payroll processes to support employee group provisioning may help reduce the number of "shadow" systems units maintain themselves to track employee memberships by storing institutional appointment data locally.

5.5  Promote Institutional Data Management Practices

The Data Management Committee [groups:8] is charged with providing consistent approaches to institutional data management, including data governance policy, procedures, and guidelines; clear, reusable definitions and models that support coordination, collaboration, effective decisions, and efficient operations; and guidance and recommendations concerning the use of institutional data related to access, quality, planning, security, and business performance.

By involving the Data Management Committee in this research, institutional data management principles can be applied more consistently to the earliest stages of service design and delivery, including analysis of business need; data integration and security; and the envisioning and formulation of mechanisms for operational provisioning and deprovisioning of employee groups, including appropriate roles, responsibilities, and guidelines related to use.

5.6  Support Online Collaboration Initiatives

Collaboration within, between, and among units is key to the UW mission. Due to governing rules and policies some forms of online collaboration require organizational oversight and control. Therefore, these initiatives often maintain an openness toward participation that spans no further than the members of the organizations involved. Examples include enabling appropriate access to organizational resources and calendars in UW Exchange; enabling group email discussion via UW Mailman and UW Exchange; enabling shared access to collaborative web sites such as UW SharePoint sites, Wikis, Content Management Systems, and other similar web publishing technologies; enabling collaborative use of Catalyst Tools, such as WebQ surveys, CommonView workspaces, QuickPoll voting, Collect It dropboxes, and GoPost discussions.

Automated provisioning and deprovisioning of employee memberships based on HR/Payroll data supports collaboration in a couple of indirect ways. First, by providing well-maintained groups of faculty, staff, and student employees, it increases the likelihood that collaborators can identify and reference each other collectively when establishing and setting up new collaborations. Simplifying these start-up tasks allows collaborative ideas to develop more quickly, drawing in other collaborators sooner and producing results earlier. Next, by deriving memberships from existing HR/Payroll processes, IT staff can focus more of their time on facilitating and enhancing online collaboration and less time on managing and updating groups comprising their employees. By making these administrative tasks more efficient, IT staff can invest more time toward higher-level tasks that support collaboration.

6.  Hypothesis

A simple hypothesis underlies this research: that institutional HR/Payroll data is a compelling source of data for provisioning employee groups. There are two primary reasons for this: first, that HR/Payroll data is inherently and almost uniquely well-suited to deriving accurate representations of a unit's current employees; second, that reliable business processes already exist to maintain this data.

The most compelling prediction of this hypothesis is that provisioning employee groups from HR/Payroll data will produce accurate, useful group memberships. This research has attempted to deduce this prediction empirically by partnering with units who already maintain similar employee groups on their own. As such, statements about quality and usefulness of HR/Payroll data as a group information source can be put to test by comparing two representations of the same group: one produced from existing HR/Payroll data and processes, and another maintained by unit level data and processes, as illustrated in Figure 6.1.

The interesting part of this comparison is its ability to expose whether discrepancies exist between the two representations. If there are discrepancies (members in one group but not the other), it may reveal something about the quality and usefulness of the data produced by each process. It may also reveal patterns related to the expectations and notions defining what it means to be an employee of a unit, which may in fact differ at the unit level from what it means at the institutional level or between one unit and another.

7.  Methodology

This section describes the method used to conduct the research including definitions, assumptions, and processes.

7.1  Definition of Terms

This report refers to several terms related to employment used during the research. These terms are described in the following table:

Term

Description

Appointment

A unique combination of a person, a job classification, and an organizational unit

Appointment Begin Date

The first day of an individual's appointment

Appointment End Date

The last day of an individual's appointment

Appointment Status

A status code that indicates whether an appointment is currently active

Job Classification Code

A 4-digit code assigned to each appointment referencing a set of job characteristics

Organization Code

A 10-digit code which represents organizational structure

Pay Rate Code

A code that distinguishes appointments paid monthly from those paid hourly

Earn Type Code

A 3-character code which indicates earnings type

ECS Code

A code for employment type (e.g. faculty, professional, classified, student)

Home Department Org Code

An organization code relating a budget to its administrative home department

Home Department Budget Number

The budget indicating the administrative home department of an employee

Appointing Department Budget Number

The budget indicating the primary administrative department of an appointment

Distribution Budget Number

The budget from which an appointment's pay is debited

These descriptions are based on Institutional Definitions [groups:9] and several discussions with subject matter experts. (See also Appendix A: Data Definitions for expanded notes on usage.)

7.2  Assumptions

The methods used in this research depend on the following assumptions about institutional HR/Payroll data:

  • An employee can hold more than one appointment at the same time.
  • A set of business processes exists to create and maintain institutional HR/Payroll data. (Our paychecks attest to this.)
  • An appointment is assigned a Home Department Budget Number which identifies the administrative home department for the employee.
  • An appointment is assigned an Appointing Department Budget Number which identifies the budget for the appointing department authority.
  • In terms of UW Minimum Data Security Standards [groups:10], UW employees can view organization codes, budget numbers, and group memberships comprising the UW NetIDs of employees associated with a particular unit, identified by its organization code and/or budget numbers.

7.3  Research Process

The following steps describe the basic process used to provision groups for evaluation by participating units:

  1. Obtain baseline organizational filters from participating unit.
  2. Search HR/Payroll source data using basic query with baseline organizational filters provided by participating unit.
  3. Provision a basic set of faculty, staff, and student employees based on query results.
  4. Analyze group membership quality against data maintained by participating unit.
  5. Review and discuss discrepancies; if needed, adjust baseline organizational filters and repeat analysis.
  6. Rate and record perceived accuracy and usefulness of group memberships.
  7. Pilot the use of the group memberships for proof-of-concept buiness needs.
  8. If desirable, explore, provision, and analyze groups based on custom queries with additional data filters.

8.  Data Evaluation

This section describes the provisioning process by which participating units have been able to evaluate the quality and usefulness of employee group memberships based on institutional HR/Payroll data for their organization.

8.1  Source Data Provisioning

The system of record for institutional HR/Payroll data is HEPPS, one of the University's legacy administrative systems. For the purposes of this research, rather than drawing source data directly from HEPPS, it has been obtained from the development version of the ODS. As a component of the Enterprise Data Warehouse, the production version of the ODS contains well maintained HR/Payroll data updated nightly from HEPPS. The development version is updated intermittently, but it has been refreshed as needed to support this research.

The resulting flow of source data from HEPPS to the ODS and from the ODS to the groups service models a feasible architecture for source data access and integration, one that enables employee group provisioning and appropriate use of the source data through a series of well maintained systems and business processes.

8.3  Data Integration

In order to support the group data evaluation, UW Technology reserved "uw_org" as a new home group in the organization/affiliation stem defined by the UW Group Naming Plan [groups:11]. This group namespace would be used to identify the set of individual pilot subgroups provisioned from HR/Payroll data for each participating unit. Current employment data would be used to provision the group memberships and additional source data would be integrated into the group metadata (such as identifiers, display names, and descriptions).

This method of creating the "auto-provisioned" employee groups would allow the participants to reference, evaluate, and pilot the use of their groups independent from each other, while also maintaining a consistent method of source data integration across the entire set of groups so that overall patterns, as well as divergences, could be discerned during the evaluation.

8.4  Data Evaluation

Once a set of employee groups was provisioned for a participating unit, it was up to the unit to assess the accuracy and usefulness of the groups. Some units compared their auto-provisioned memberships against existing group information maintained at the unit level. Others would also involve their HR/Payroll data specialists to better understand what to expect and how to interpret the memberships and any discrepancies.

This evaluation process was often iterative and incremental. First, a participating unit would evaluate the quality of a "basic" set of current faculty, staff, and student employee groups. This might reveal gaps requiring adjustments to the initial set of baseline organizational filters such that a new set of groups would be provisioned. After a round or two of adjustments, the participating unit would have its basic set of groups, which it could rate, at least initially, for overall accuracy and perceived usefulness. In several cases, this completed the initial evaluation.

In some cases, a participating unit pointed out drawbacks with the basic set of groups and envisioned other ways to make them more useful by changing the baseline organizational filters. This direction was then explored as a "custom" set of groups, which would be assessed and rated for accuracy and usefulness separate from the basic set of groups. In this way, commonalities between units could be preserved through the evaluation of the basic set of groups, even while some units were exploring and evaluating more customized variations.

9.  Results

This section summarizes the key findings, patterns, and exceptions which emerged collectively from the data evaluation process used by the participating units.

9.1  Key Findings

Several key findings related to data quality and usefulness emerged from the overall evaluation of employee groups provisioned for the participating units:

9.1.1  Employee group memberships provisioned from HR/Payroll data in the ODS rate high in quality and are consistently accurate enough to provide immediate usefulness to academic and administrative units alike.

9.1.2  Employee group memberships based on Appointing Department Budget Number provide greater value than those based on Home Department Budget Number, since many employees hold more than one appointment, and each appointment identifies a potential membership in a particular unit.

9.1.3  Employee group memberships representing smaller, more distinct organizational subsets (e.g. just the staff appointments tied to a particular budget) provide more of the recomposibilty that units need for group use, management, and appropriate access control.

9.1.4  Employee group updates aligned with the ODS's nightly extract, transform, and load schedule are acceptable to units in terms of timeliness, since employment processes at the unit level add, transition, and separate employees at a comparable or slower update frequency.

9.1.5  Employee group naming based on current UW organizational codings, biennium year, and budget numbers provides sufficient coherence and flexibility for units to identify auto-provisioned memberships and then reuse them within their own group namespaces.

9.2  Basic Patterns

Some patterns emerged from the evaluation of basic sets of employee groups, which didn't diverge when custom filters were added:

9.2.1  Appointing Department Budget Number(s) provided by a unit or derived from an Organization Code can be used to derive a basic set of relevant appointments used to provision memberships.

9.2.2  Current appointments are useful for determining group membership: i.e. only those appointments for which the current date falls between the Appointment Begin Date and Appointment End Date.

9.2.3  Appointment Status is not useful for determining group membership: i.e. changes between Active, Leave, and Inactive status generally shouldn't affect membership.   

9.2.4  ECS Code (Employee Type) can be used effectively to differentiate between faculty, staff, and student employees.

9.2.5  Organization Code, Biennium Year, and Appointing Department Budget Number are useful for identifying memberships when used as components of group names.

9.2.6  Large sets of employee group memberships can be provisioned and reconciled using existing infrastructure and system resources. 

9.3  Custom Patterns

Some patterns also emerged from the evaluation of custom sets of employee groups provisioned using additional filters:

9.3.1  When provisioning faculty groups, filtering appointments by Job Class Code helps identify different types of faculty and thereby increases data usefulness for academic units.

9.3.2  When provisioning staff groups, filtering appointments by ECS Code and Pay Rate Code can increase data quality and usefulness for some units.

9.4  Exceptions

Some exceptions or anti-patterns also emerged from the evaluation of custom sets of employee groups:

9.4.1  In one case, extra filtering of appointments by Earn Type Code prevented retired faculty from being provisioned as current group members. (Law faculty)

9.4.2  In one case, extra filtering of appointments by Home Dept Org Code helped to identify staff in an administrative unit and thereby increased data quality and usefulness . (OIM staff)

10.  Recommendations

This research demonstrates that automated provisioning of UW employee groups is feasible using existing HR/Payroll data in the ODS as a group information source. The feedback from the participating units also indicates that automated provisioning would provide immediate value, as the assessment of data quality and usefulness has shown. We therefore recommend the positive application of this research to current service strategy and design, so that near-term operational efficiencies and long-term strategic benefits can be more widely realized. To achieve these goals, we offer and recommend the implementation of the following action plan.

11.  Action Plan

This section outlines an action plan for delivering near- and long-term benefits through automated employee group provisioning:

  1. Update stakeholders : review the research goals and results with a broader set of stakeholders and potential sponsors.
  2. Form working team : identify a preliminary working team to refine this action plan and drive its implementation.
  3. Obtain sponsorship : identify sponsors to advise on strategy, outcomes, key milestones, and communication plans.
  4. Define outcomes : determine near- and long-term outcomes from which to derive objectives, alternatives, constraints, and consequences.
  5. Resolve risks : identify and resolve risks related to architecture, data security, and privacy, including access control on employee group memberships.
  6. Scope project iteration : scope, prioritize, and identify resources for an initial project iteration to reach key near-term milestones.
  7. Execute project iteration : enhance employee group provisioning capabilities for current milestones; update service levels, use guidelines, and support structures.
  8. Review results : benchmark use of current service design against anticipated near- and long-term benefits; review results with stakeholders and sponsors.
  9. Iterate : communicate results, realign with strategy, and identify next objectives; scope, prioritize, and implement the next project iteration.

One of the key near-term deliverables from this action plan is a communication to the units that participated in the research and to those that were interested but couldn't participate. This communication will enable these units to make IT planning decisions based on the potential continuation of this research project toward a production service available to them.

12.  Conclusion

The benefits of integrating institutional HR/Payroll data into operational group management processes are clear and timely but heretofore unrealized. By involving several UW units as customer-stakeholders and by introducing a mid-level innovation that allowed them to assess the quality and usefulness of improved integration, this research project has established the feasibility of this service strategy and has demonstrated that the benefits of employee group provisioning are indeed realizable. As the research period concludes, the real work envisioned by this report can begin.

Appendix A : Data Definitions

Note: It is unclear whether including data definitions will help or hinder the delivery of the core message of this report, which concerns the research findings, results, and related recommendations. Including data descriptions that have the appearance of being authoritative definitions might detract from the core message. For now, brief defintions are included above (see Section 7.1) and expanded on in this appendix.

Home Department Budget Number : A budget number assigned for organizational purposes, referring to the administrative home department responsible for handling information related to an employee (e.g. where his/her paycheck is sent) rather than related to an appointment.

Appointing Department Budget Number : A budget number assigned for organizational purposes, referring to the department that has primary administrative (hiring, firing, performance monitoring, etc.) responsibility for an appointment.

Appendix B : Data Evaluation Results

todo: include detailed results data here

References

[groups:1] UW Groups Service : https://wiki.cac.washington.edu/x/VDiD

[groups:2] Higher Education Personnel/Payroll System (HEPPS) : todo: find a link or remove reference?

[groups:3] UW Computing Directors Group : http://depts.washington.edu/compdirs/

[groups:4] Operational Data Store : todo: find a link or remove reference?

[groups:5] UW Strategic Roadmap for Information Management and Administrative Systems : http://www.washington.edu/provost/oim/roadmap/report/

[groups:6] UW Identity and Access Management program : todo: link to IAM services wiki?

[groups:7] Online Payroll Updating System : http://f2.washington.edu/fm/payroll/systems/opus

[groups:8] Data Management Committee : http://www.washington.edu/provost/oim/dmc/

[groups:9] Institutional Definitions : https://www.washington.edu/provost/oim/dmc/institutional/definitions.html

[groups:10] UW Minimum Data Security Standards : http://www.washington.edu/admin/rules/APS/02.10TOC.html

[groups:11] UW Group Naming Plan : https://wiki.cac.washington.edu/x/ogM