INSIDE THIS ISSUE:July2006ISIS Tips & Tricks: Profile Values PAGE 3What’s New in ISIS Reporting PAGE 4Upcoming ISIS Training Classes PAGE 4Appropriate Uses Of Social Security Numbers PAGE 5 & 6SHARING PROJECT UPDATES AND TIPSFOR GETTING THE MOST OUT OF THESYSTEM AND ADDRESSING THE NEEDSOF DIVERSE CONSTITUENTS.ISIS focus is a monthly newsletter to share project progress, useful advice, and more.ISIS Self-Service Billing Has Successful Go-Live!On June 5, 2006, the ISIS Self-Service Billingsystem went live. For most students, this wastheir first direct contact with the ISIS system.Prior to go-live, the ISIS team conducted extensive research and made significant improvementsto how information is presented and used by theStudent Billing Self-Service users. Althoughfuture enhancements are expected, the initial golive provided users with many additional featuresand benefits. The ISIS Self-Service system nowfeatures a number of online services, includingsecure credit card and eCheck (ACH) payments,and account summary functionality. The accountsummary includes the student’s current balance,most recent charges, payments, financial aiddisbursements, and any refunds that have beenprocessed. The system also allows authorizedpayers, such as students’ parents and sponsors, to and fees through the online bill pay and is readypay students’ bills online and is available 24to service an even larger user population in Julyhours a day, 7 days a week. Payments made2006.through ISIS Self-Service are posted to the student’s account and are visible immediately.On June 15, 2006, the ISIS team successfullydispatched over 10,000 student bill notifications,welcoming students to their new home for onlinestudent accounts. In an effort to facilitate thepayment handling process, the ISIS administrative application has also been extended to includecredit card payment and refund capabilities, fundamentally eliminating the need to use a thirdparty system and ultimately double-entry.As of June 26th 2006, the ISIS self-service systemhad collected over one million dollars in tuitionISIS Self-Service Billing system went live 6/5/06.Billing Updates [SBS]The ISIS SelfService Billingsystem went liveon June 5, 2006and has beenprocessing payments and displaying students’ account histories on a 24/7 basis.The SBS Team members have reported acceptable responses from students, and will continuesoliciting feedback from the students on ways toimprove the system. The SBS Functional Teamand SIS are developing more reporting capabilities and communication tools to advertise theSelf-Service website.card payments, and credit card refunds for ourstudents.We have developed a notification broadcast thatnot only alerts students of their current activity,but also “reminds” all students who still oweOne current challenge is the billing notificationprocess for Authorized Users (such as parents or tuition and fees of their outstanding debts. Thissponsors) who are not classified as “Persons” in will improve our ability to contact those formerstudents who have left JHU with debt balances,ISIS and therefore we can not use the robustcommunication engine in ISIS. We also continue before they may be placed with collection agento improve the capabilities for Student Accounts cies. We have Jason Astrinsky and his team toOffices staff to process electronic e-checks, credit thank for that added attraction!!Page 1 of 6

IT @ JOHNS HOPKINS—STUDENT INFORMATION SYSTEMSJULY 2006ISIS focusAdmissions Updates [SMS]Records & RegistrationUpdates [SSS]As of June 15, Nicole Westrick, the ISIS Training Coordinator, has agreed to serve as the SMSFunctional Lead and will lead the SMS User'sgroup and serve as the central contact for alladmissions users across the university. Herresponsibilities as the SMS Functional Leadinclude:Work continues on multiple initiatives to support Nursing as an SSS earlyadopter in March 2007 and broad use in Summer 2007. In the past month,some of the significant milestones include: Completed testing for, a minor release that fixes numerousdefects which went to production June 20 Facilitated business use-case scenario discussions with Nursing Completed design of the report model for student data and began asection/enrollment model. Both will utilize SQL Server ReportingServices' Report Builder to facilitate easy-to-use ad-hoc queries2) Providing functional leadership in the ISIS production support/changecontrol model, screening divisional requests and working with the usersto prioritize those requests for SIS and/or the vendor; Met with faculty to gather feedback about ISIS Self-Service 3) Providing a leadership role in the functional testing of new releasesand builds, ensuring that each school's issues are addressed; andInterdivisional registration workgroup finalized workflow and creditconversion logic Began development of student data migration from USIS Staged Nursing configuration for final testingNicole Westrick1) Convening and leading the SMS user groupmeetings;4) Working with the vendor to present recommendations to assist withtheir formulation of a long range strategy for the product.Throughout July, Nicole will beUpcoming SMS Go Live Datesmeeting with SMS functional users inevery division. The next SMS Users’ SAIS-DCAUG 2006Group meeting is scheduled for TuesNursingOCT 2006day, August 2nd. The agenda (withDEC 2006time and place) will be distributed in SAIS-Bolognaearly July.A Look at SSSUpcoming EventsThe SSS project team, comprised of registrars andtheir staff as well as dedicated project staff have numerous activitiesplanned for this month: *Check out the ISIS - Full Team Meeting7/6 - Configuration and Rule Writing7/7 - Workshop 6, SAIS7/10 - Workshop 5, EPP7/10 - Workshop 8, SPSBE7/11 - Workshop 7, Peabody7/12 - Workshop 5, AS/EN7/13 - Full Team Meeting7/13 - Configuration and Rule Writing7/14 - Workshop 6, AAP7/14 - Workshop 8, Nursing7/17 - Workshop 7, SAIS7/17 - Workshop 8, Public Health7/20 - Full Team Meeting7/20 - Configuration and Rule Writing7/27 - Full Team Meeting7/27 - Configuration and Rule Writing7/31 - Workshop 6, EPP7/31 - Workshop 9, Public HealthGet a snapshot of events that affect ISIS — databaserefreshes, scheduled server maintenance, trainingclasses, school registration dates, etc.Send your updates and posts for the calendar to:[email protected]* Be sure to check the SSS Confluence space for specific locations andtimes as well as any schedule changes.Page 2 of 6

IT @ JOHNS HOPKINS—STUDENT INFORMATION SYSTEMSISIS Tips and TricksJULY 2006ISIS focusGot ideas for the Tips & Tricks section? Have you found a creativeway to use ISIS to improve your business process? Email [email protected] are Profile Values?Profile values allow you to set default values for specific fields on many ISIS windows. By setting profile values, you will no longer have to select valuesfor these fields each time you open a window.To Define Profile Values1.button in the ISIS toolbar. The User Profiles – Web Page Dialog appears. Note: By default the ProWithin any window, click the Profilefile values for the current window are displayed.2.3.4.In the User Value field for the profile you wish to set, use the list of values (LOV) to select your default value.Click Save to save your profile values.Click Close to close the User Profiles – Web Page Dialog and return to the window.Clear this checkbox, select an Application, and click Find to display the profile values for the selected Application.You can restore the system defaultsby clicking Restore Defaults.NOTE: The defaults will take effect the next timeyou enter the window. You can restore the defaultprofile values by clicking the Restore Defaults onthe User Profiles – Web Page Dialog.User Profiles – Web Page Dialog (Extract Letters)Important SSS Profiles to make your job easierProfile NameProfile DescriptionWindowENROLLMENTSSS STUDENT ENROLLMENT DEFAULT ENROLLMENTSDefault Enrollment Type to filter enrollmentsStudent EnrollmentsSSS STUDENTENROLLMENT DEFAULT ACADEMIC PERIODDefault Academic Period to filter enrollmentsStudent EnrollmentsSSS STUDENTENROLLMENT DEFAULT STATUSDefault Enrollment Status to filter enrollmentsStudent EnrollmentsSSS DEFAULT ENROLL STATUSDefault Enrollment StatusCourse RegistrationSSS DEFAULT INDEPENDENT ENROLL STATUSDefault Enrollment Status for Independent StudyCourse RegistrationSSS StudentLookupDefaultStartAcademicPeriodDefault Start Academic Period for Student LookupPROGRAM OF STUDYSSS StudentPOS DegreeStatusDefaultDefault status for a Degree on the Student Program of StudyscreenProgram of StudySSS StudentPOS MajorStatusDefaultDefault status for a Major on the Student Program of StudyscreenProgram of StudySSS StudentPOS MinorStatusDefaultDefault status for a Minor on the Student Program of StudyscreenProgram of StudySSS StudentPOS POSStatusDefaultDefault POS status on the Student Program of Study screenProgram of StudyPage 3 of 6

IT @ JOHNS HOPKINS—STUDENT INFORMATION SYSTEMSJULY 2006ISIS focusFinancial Aid Updates [SAS]Earlier this month, SunGard Higher Education delivered the first in a seriesof four planned HERA (Higher Education Reauthorization) releases. Thissoftware upgrade was successfully applied to production, and supportschanges that were made to the Federal Needs Analysis formula.The IDOC (Institutional DocumentationService) team is meeting weekly to implement an imaging service for the financialaid offices. We are finalizing the design,scope and time-line for this ISIS add-onservice.'Tis the season for reporting, and with the 2005-2006 school year windingdown, the aid community will begin to produce many year-end reports.This year, (for the first time!) all of the underlying data will come from the Finally, on Friday, June 23rd the School ofISIS system. Some reports, such as the Fiscal Operations Report and Appli- Nursing went live with online financial aidSelf-Service in ISIS. Congratulations to everyone involved in this effort!cation to Participate (FISAP), will be produced centrally. This is an areawhere we hope to reap the benefits of the naming conventions and codestandards established during our regular implementation.What’s New in ISIS Reporting?In the coming months, report developers for ISISwill have the choice of designing and developingreports in Crystal Reports or SQL Server ReportingServices (SSRS).With the latest release of the product, SSRS hasbecome an additional integrated reporting option.Several divisional techs attended a four-day classon SSRS and expressed interest in utilizing SSRSfor reporting in future deployments. Crystal Reports will remain available to developers of all modules for some time. Endusers may notice subtle differences in report viewer appearance; however,the report viewers have the same basic functionality.Additionally, SSRS offers end users the Report Builder, a new ad-hocreporting tool that enables them to create their own reports and exploredata. The Report Builder application is deployed from your browser. Theuser interface derives its ease of use from other Microsoft products such asExcel or PowerPoint. Reports are based upon pre-built models thatdiminish the need for knowledge of database design by providing meaningful business names for fields and tables, defining relationships between dataentities, and grouping data elements logically.Users begin by selecting a model and layout of a report and then drag-anddrop report items from the report model to the design area. Users can setconstraints to filter the data and sort the data. New fields and calculationscan be created from the model. Users can preview and print their reportsand export data to Excel and other formats.For more information on Report Builder or SSRS, please contact your divisional tech resource or Paul Coffelt from SIS.Upcoming ISIS TrainingCourse TitleCourse IDDateLocationDepartmental Graduate Aid (DGA) IS01.110.02.2008/02/06Eastern B104Admissions TrainingIS03.130.01.0808/07/06Eastern B104Astra Manager OverviewAS01.100.400.03 08/14/06Eastern B104Astra Event SchedulingAS01.001.200.05 08/15/06Eastern B104Astra ReportingAS01.100.300.03 08/15/06Eastern B104Astra ScheduleAS02.001.100.06 08/16/06Eastern B104Creating and Maintaining CoursesIS02.300.10.09Eastern B10408/21/06E-Learning CoursesThere are also several E-Learningcourses available for anyone to take atany time. Each of these courses takeabout an hour to go through.ISIS: 100 - Navigating in ISIS (ID: ISIS.100.01)ISIS: 110 - Departmental Graduate Aid (DGA) (ID: ISIS.110.01)ISIS: 120 - Financial Aid Inquiry (ID: ISIS.120.01)ISIS: 130 - Student Billing Inquiry (ID: ISIS.130.01)To RegisterTo register for any of these courses, call the Office of Training and Education at 443-997-6453 or visit them on the web @ 4 of 6

IT @ JOHNS HOPKINS—STUDENT INFORMATION SYSTEMSJULY 2006ISIS focusAppropriate Uses of Social Security NumbersThe ConcernsAwareness over the dangers of identity theft are widely reported in themedia and from law enforcementagencies. For instance, you may recall, the report of the Department ofVeterans Affairs analyst’s laptop thatwas stolen in a May 3 burglary fromhis home in Aspen Hill, Maryland.That laptop, which was taken home without authorization, contained theSocial Security Numbers of 26.5 million veterans, among other sensitivepersonal data. There is currently a class-action lawsuit brought in thiscase which seeks 1,000 in damages to each person affected by the datatheft, totaling up to 26.5 billion.SSNs as a personal identifier has been commonplace in most organizations.Student SSNs can not be completely eliminated since they are, for instance,required for some state and federal government reporting purposes. However, in the wake of increasing reports of personal identity fraud and theft ithas become increasingly clear that indiscriminate use of the SSN can occurin the absence of proper business practices and that we must take action toreduce our use of it as much as possible. In May of 2003, the Provost issued a letter to all members of the JHU community to set the stage for SSNchanges to come; for more information, please see: gazette/2003/05may03/05social.html.As a university that deals with enormous amounts of data, much of whichcontains sensitive information, JHU must take every precaution to be vigilant and proactive in safeguarding our students’ data.What you can doA recent article on CNET News, University server in hackers' hands for ayear, highlighted data theft by hackers at Ohio State University on severalcampus servers, which held over 137,000 social security numbers. CNETwriter Greg Sandoval interviewed Avivah Litan, security analyst withresearch firm Gartner. Litan estimated that a third of all data leaks are atuniversities. Litan stated that “. information bandits are preying on thenation's colleges for three reasons. First, the school’s possess Social Security Numbers and other information useful in committing identity theft.Secondly, she says universities don't take security serious enough. Lastly,universities are at a disadvantage because they must keep information freeflowing. Part of their mission is to share knowledge. While the Internethas simplified that task, it has also presented greater risks.”The Associated Press has also reported numerous cases of data securitybreaches at universities in the recent years. A department chairwoman from the University of South Carolinaaccidentally attached a database file to a mass email she sent outabout summer classes. The database file contained students’ SocialSecurity Numbers. Montclair State University in New Jersey warned about 9,000 students in October that they had accidentally posted their names andSocial Security Numbers on the Internet for four months. In March 2005, a laptop was stolen from the University of California-Berkley that contained the SSNs of about 100,000 alumni, graduate students, and past applicants. Please refrain from including SSNs in emails, letters, and JIRA issues. When a student needs to be uniquely identified, please use theISISID or HopkinsID as an alternative identifier. See page 6 formore details on both IDs. When working with screenshots in JIRA, emails, etc., remember toremove any SSNs that may be on your screenshots. (See detailedinstructions in Confluence — Dispose properly of any sensitive information that has been printedout by using a paper shredder when you are finished with the hardcopy. Avoid saving any documents that may contain sensitive informationlocally – this includes in emails, laptops, desktops, CDs, and flashUSB drives. These items are easily stolen or lost so please take extraprecautions to keep them free of all sensitive information. Take timeto go back through your locally stored emails and files and deletefiles that contain SSNs. If you feel you must store sensitive information on a mobile device, please make sure that the directory or file isencrypted and password-protected. Talk with your IT administratorabout possible encryption tools and options that will work best foryou. (See Encryption Tips: ml) If you use a laptop.make sure you keep it properly locked with asecurity cable at your desk at all times. If you take your laptophome, do not leave it visible in your car —that is an invitation forsomeone to break in. Keep it in your trunk instead. If thieves can'tsee a laptop, they can't steal a laptop.There are numerous news reports, magazine articles, and websites designed to educate people about what they can do to protect themselvesfrom identity theft. At the top of every list on how to minimize the risk ofidentity theft is the need to protect your Social Security Number (SSN). If you need to step away from your desk, remember to lock yourIt is of no surprise then that concerns have been raised over the last fewyears about inappropriate uses of students’ Social Security Numbers byfaculty and administrative staff here at JHU. For many years the use of When possible, do not request SSN's electronically on web sites orcomputer to prevent unauthorized access to university systems. Youcan lock your computer by using [CTRL ALT DEL] and select“Lock Workstation” or [WINDOWS KEY L].through email.Alternatives to SSN in ISISPage 5 of 6Continues on page 6.

IT @ JOHNS HOPKINS—STUDENT INFORMATION SYSTEMSJULY 2006ISIS focusAppropriate Uses of Social Security Numbers (continued)Alternatives to the SSN in ISISBefore we can go into which identifiers you can use as an alternative tothe SSN, it is helpful to take a step back and go in to the explanation ofthe different IDs used in ISIS and their purposes.HopkinsID— Beginning in 2004, the Johns Hopkins Enterprise Directory(JHED) began generating six-character alphanumeric identifiers for allJHU faculty, staff, students, and alumni. This is known as the HopkinsID(e.g. FGB3E1).ISIS ID— The ISIS ID is an eight-character alphanumeric identifier assigned to all ISIS users; faculty, staff, students, alumni, and prospectivestudents (e.g. TC1234BX).Person ID1, Person ID2— In ISIS, there are two fields called Person ID1and Person ID2. Person ID1 will contain either the ISIS ID or the HopkinsID, depending on the status of the user (student/staff/etc. vs. prospects/applicants). Person ID2 will always contain the ISIS ID.Why do we have so many identifiers? In ISIS, the HopkinsID is notassigned to prospective students — only to those who eventually matriculate. Since Financial Aid and Admissions offices routinely correspondwith prospective students, the ISIS ID has been developed to help safeguard this population against the inadvertent disclosure of their SocialSecurity Numbers. The value of the ISIS ID will be initially stored inboth the Person ID1 and Person ID2 fields in ISIS. If a prospective student eventually enrolls at JHU, the value stored in Person ID1 (which isoriginally their ISIS ID) will be replaced with their new HopkinsID. TheISIS ID will always be accessible in the Person ID2 field. See the tablebelow for explanations on the different labels used on ISIS screens andwhat the values are.Labels Used on ISIS ScreensGovt IDPerson ID*orIdentifier*orPerson ID1On the Person Summary screen, the Person ID 1 field is shown next to the Govt IDin the top blue bar.In the gray area, the Person ID1, Person ID2, and Person ID3 fields are shown. Inthis example, the Person ID1 field contains the user’s HopkinsID (6 char.). ThePerson ID2 field contains the user’s ISIS ID (8 char.). The Person ID 3 field is areserved field for system administrators.Look for the “Person ID” or “Identifier” labels on Search screens. Theysearch the same value (Person ID1). Enter the student’s HopkinsID, or if theyare a prospective student, enter their ISIS ID.Person ID2Remember.Where appropriate, especially in external communications,ISIS administrative users should use the ISIS ID or HopkinsID in placeof SSNs on letters, reports, etc.Value(If a student, faculty,staff, or alumni)SSNHopkinsIDISIS IDValue(If a prospective student)SSNorJHU Temp SSN(e.g. 899-XXXXXX)ISIS IDISIS IDSearchable?YESYESNOThere is an official university policy in development that will outlinemore specific guidelines on SSN usage. Your cooperation in thiseffort to increase our awareness and reduce our reliance on studentSSNs is very much appreciated and important.ISIS FOCUS CONTRIBUTORSSpecial thanks to this month’s ISIS Focus Contributors:* Note: The labels “Person ID” and “Identifier” use the value contained in PersonID1. Person ID, Person ID1, and Identifier all contain the same value; the labelsare just different.Jason AstrinskyNatalya BankovaBeth BishopPaul CoffeltGeof CorbPage 6 of 6Kelly HeeseSteve HellenTom McDermottBarbara ShafferJason SmithNicole Westrick

Additionally, SSRS offers end users the Report Builder, a new ad-hoc reporting tool that enables them to create their own reports and explore data. The Report Builder application is deployed from your browser. The user interface derives its ease of use from other Microsoft products such as Excel or PowerPoint.