Austen Puleston, head of IT, Birmingham Diocesan Multi-Academy Trust, on how you can use the new DfE standards to simplify conversations around infrastructure and cyber-security
Read the full article below or on page 28 in our February magazine
The DfE has now released two sets of digital and technology standards for schools and colleges, with more in the pipeline. I believe these standards are sorely needed and can be used in your organisation to elevate the discussion around technology.
Historically, the education sector has suffered from a few conceptual misunderstandings when thinking about IT and how it supports learning:
Schools have underestimated the value technology brings to the business and operations side of an organisation, and how that then empowers teaching and learning.
Schools have invested in exciting new technologies without the proper planning, infrastructure and security to enable them to work correctly and safely.
These are multi-variant problems, but it is possible to identify a common theme; too often, IT is not taken seriously by an organisation, and most organisations don’t really know what ‘good’ looks like.
The fact that many schools lack an appreciation of how dramatically technology could assist them is not surprising; budgets are always challenging, time is precious, and the other pressures upon schools are significant. This is also compounded by the fact that the education sector finds it difficult to recruit and retain technical staff with the relevant expertise, as well as the natural doubts that arise when engaging third party suppliers for strategic advice. Are their goals sufficiently aligned with your own?
The DfE’s digital and technology standards go a long way towards addressing these problems. Firstly, they start in the correct place – connectivity, infrastructure and security form the bedrock of any provision of technology in education. It is not advisable to invest significant money into some of the more exciting tech before you’ve got these fundamentals right. To use an analogy from the road network, no matter how fast the race car is, all vehicles travel at the same speed through the traffic jam at rush hour.
The standards are impartial and were developed in consultation with IT professionals from around the education sector, including some ANME members. Each of the standards clearly indicates when you should be meeting them, allowing you to rate your school (or schools if you’re a trust or service provider) to see how you’re doing.
Senior leadership impact
These standards are likely to have the most significant impact at senior leadership, executive leadership, and board levels because they allow you to quickly simplify some of the conversations around infrastructure and cyber-security. Questions such as:
Are we meeting all the standards?
Which gaps are most concerning to us?
How will we target investment over the coming years to bridge these gaps?
can focus conversations on these critical areas and help to highlight the importance of investing capacity and money in them.
At the Birmingham Diocesan Multi-Academy Trust we have developed a self-assessment tool that allows us to show our current position against the standards and record progress over time as any resulting actions are completed. This now forms part of our reporting to our board, and supports us in demonstrating the reasoning behind our decisions on cyber-security, connectivity and infrastructure.
For those IT technicians and managers who feel like they are lone voices in their organisations when asking for investment in infrastructure, you now have an official yardstick that you can use to help steer the conversation and decisions. Governors and board members with an interest or responsibility for IT now have a tool they can use to gain a high-level overview of the risks and opportunities in your organisation.
Getting started
So, what can you do if you’ve not properly looked at the standards yet, or you’re struggling to get the traction that you need in your school?
Start with the Cyber-Security Standards. In my opinion, these are the most important as they indicate how well-prepared you are to deal with a cyber-attack and how well-protected you are against some of the current threats. Identify which actions are critical, and resolve those immediately. Look at the RPA cyber-protection requirements and include these in your efforts if you have that cover.
Once you’ve done this, start working your way through the other standards, identifying which gaps need addressing in the short term, and making notes on the technical specifications that any new projects should meet.
Finally, return to the remaining actions required to meet the Cyber-Security Standards and work your way through these, adapting your plans to pair up with any connectivity and infrastructure projects you identified in step two.
For those schools and trusts that already have existing tools and standards, the DfE standards provide valid confirmation and reinforcement of your actions. For those just starting to think about technology, they give you a way to catch-up much more quickly and with less effort.
There is still work to do on the use of these standards, and there is still not a clear understanding across the sector of how central technology will be to education outcomes over the next ten years. Enhancing this understanding and knowledge will be a considerable undertaking, but at least the DfE standards give a decent idea of what the underlying infrastructure should look like.
Be the first to comment