FDIC Enterprise Architecture Framework: Difference between revisions

Browse history interactively

← Previous edit

Content deleted Content added

VisualWikitext

Revision as of 20:32, 11 January 2011 edit Will20036 (talk \| contribs) 10 edits →Future IT Development ← Previous edit		Latest revision as of 09:10, 3 May 2025 edit undo 7804j (talk \| contribs) Extended confirmed users 3,647 edits Rewrite lead to fix outdated tag Tag: Visual edit
(41 intermediate revisions by 21 users not shown)
Line 1: {{Short description\|none}} [[Image:FDIC’s Enterprise Architecture Framework.jpg\|thumb\|320px\|~~FDIC’s~~FDIC's Enterprise Architecture Framework from 2005.<ref>OIG (2005). [http://www.fdicoig.gov/reports05/05-018-508.shtml Implementation of E-Government Principles] {{Webarchive\|url=https://web.archive.org/web/20090114041340/http://fdicoig.gov/reports05/05-018-508.shtml \|date=2009-01-14 }}. May 2005</ref>]] ~~'''FDIC Enterprise Architecture Framework''' is the [[Enterprise Architecture framework]] of the [[Federal Deposit Insurance Corporation]] (FDIC).~~ The '''FDIC Enterprise Architecture Framework (FDIC EAF)''' was an [[enterprise architecture]] framework developed by the [[Federal Deposit Insurance Corporation]] (FDIC) to align its business processes and information technology systems. Introduced in 2002 and formalized around 2005, it was based on the [[Zachman Framework]] and the [[Federal Enterprise Architecture Framework]] (FEAF), with a strong emphasis on security to protect financial data and systems. By 2011, the framework was considered outdated,{{citation needed\|date=January 2013}} and it was likely deprecated as part of the federal government’s shift toward standardized enterprise architecture practices, such as the "Common Approach to Federal Enterprise Architecture" introduced in 2012, which aimed to enhance interoperability and reduce agency-specific frameworks.<ref name="CA FEA">whitehouse.gov (May 12, 2012)[https://obamawhitehouse.archives.gov/sites/default/files/omb/assets/egov_docs/common_approach_to_federal_ea.pdf The Common Approach to Federal Enterprise Architecture]. Accessed January 10, 2013</ref> == Overview == The FDIC's framework for implementing its [[Enterprise Architecture]] was based on Federal and industry best practices, including the Chief Information Officer (CIO) Council's [[Federal Enterprise Architecture Framework]] (FEAF) and the [[Zachman Framework]] for Enterprise Architecture. FDIC's framework was tailored to emphasize [[security]]. The historic FDIC EA framework complies with the FEAF and highlights the importance of security to all other components of the architecture.<ref name="FDICOIG05">[http://www.fdicoig.gov/reports05/05-018-508-figure1.shtml Implementation of E-Government Principles] {{Webarchive\|url=https://web.archive.org/web/20090114045425/http://fdicoig.gov/reports05/05-018-508-figure1.shtml \|date=2009-01-14 }} AUDIT REPORT, Report No. 05-018, May 2005</ref> ~~The information about the FDIC's enterprise architecture is out-of-date and inaccurate.~~ The FDIC EA framework included five components. The first component, the Business Architecture, focused on FDIC's business needs. The next three components, the [[Data Architecture]], Applications Architecture, and Technical Infrastructure Architectures, focused on the technological capabilities that support the business and information needs. The final component, the [[Security Architecture]], focused on specific aspects of interest to the Corporation that span the enterprise and must be integral parts of all other architectures.<ref name="FDICOIG05"/> ~~Please visit www.fdic.gov for more current information.~~ == History == Historically, Federal agencies ~~have~~ managed IT investments autonomously. Until the new millennium, there ~~has been~~was little incentive for agencies to partner to effectively reuse IT investments, share IT knowledge, and explore joint solutions. AStarting in the second half of 1990 a collective, government-wide effort, supported by the Federal CIO Council, utilizing the [[Federal Enterprise Architecture]] (FEA), ~~has been~~was undertaken in an effort to yield significant improvements in the management and reuse of IT investments, while improving services to citizens, and facilitating business relationships internally and externally. ~~The FEA is a business-based framework that provides the Office of Management and Budget~~<ref>FDIC (~~OMB~~2003). ~~and~~''[http://www.iriboffice.ir/LinkClick.aspx?fileticket=up56ppcNQ4M%3D&tabid=246&mid=634 ~~Federal~~Information ~~agencies~~Technology aStrategic ~~way~~Plan to2004–2007] ~~monitor, analyze, and control Federal IT investments~~{{Webarchive\|url=https://web.archive.org/web/20090422214155/http://www.iriboffice.ir/LinkClick.aspx?fileticket=up56ppcNQ4M%3D&tabid=246&mid=634 \|date=2009-04-22 }}''</ref>▼ ~~The information in this section is more appropriately about the Federal government's former policy on enterprise architecture and has little or nothing to do with the FDIC.~~ The Federal Deposit Insurance Corporation (FDIC) first realized the value of Enterprise Architecture in 1997, when two business executives had to reconcile data that had come from different systems for a high-profile report to the banking industry. The FDIC's first EA blueprint was published in December 2002.<ref>Gregg Kreizman, Cathleen E. Blanton (2005) "[http://www.aea-dc.org/resources/2006-7-12-Gail-Verley-FDIC-EA-Business-Alignment-Gartner.pdf The FDIC Is Aligning IT to Business Through Enterprise Architecture] {{Webarchive\|url=https://web.archive.org/web/20090320115109/http://www.aea-dc.org/resources/2006-7-12-Gail-Verley-FDIC-EA-Business-Alignment-Gartner.pdf \|date=2009-03-20 }}" Gartner, Inc.</ref> ▲Historically, Federal agencies have managed IT investments autonomously. Until the new millennium, there has been little incentive for agencies to partner to effectively reuse IT investments, share IT knowledge, and explore joint solutions. A collective, government-wide effort, supported by the Federal CIO Council, utilizing the [[Federal Enterprise Architecture]] (FEA), has been undertaken in an effort to yield significant improvements in the management and reuse of IT investments, while improving services to citizens, and facilitating business relationships internally and externally. The FEA is a business-based framework that provides the Office of Management and Budget (OMB) and Federal agencies a way to monitor, analyze, and control Federal IT investments. In 2004 the ~~Federal Deposit Insurance Corporation (~~FDIC), received a 2004 Enterprise Architecture Excellence Award from the [[John Zachman\|Zachman Institute for Framework Advancement]] (ZIFA) for its initiative to manage corporate data collaboratively. [[John Zachman]], an expert on enterprise architecture, founded ZIFA, a network of information professionals supporting enterprise architecture's role in helping organizations operate from a corporate perspective.<ref>[http://www.fdic.gov/news/news/press/2004/pr13104.html FDIC Receives Technology Award]</ref> == EA framework topics == === Example of an EA framework ===▼ An EA framework can include the following five components.▼ ▲=== ~~Example~~Historical ~~of an~~FDIC EA framework === * ''[[Business Architecture]]'' : The Business Architecture describes the activities and processes performed by the Corporation to achieve its mission and to realize its vision and goals. Developing the Business Architecture is the first step in creating an Enterprise Architecture (EA) that links the Corporation's business needs to its Information Technology (IT) environment. Maximizing IT support for these requirements will optimize Corporate performance. ▲AnThe FDIC EA framework ~~can include the~~from ~~following~~2005 included five components. * ''[[~~Data~~Business Architecture]]'' : The ~~Data~~Business Architecture ~~describes~~described the activities ~~required to obtain~~ and ~~maintain~~processes ~~data~~performed ~~that supports~~by the ~~information~~corporation ~~needed~~to byachieve ~~the~~its ~~Corporation’s~~mission ~~major~~and ~~business~~to ~~areas.~~realize ~~Data~~its vision and ~~information are different~~goals. ~~Data is~~Developing the ~~foundation~~Business ofArchitecture ~~information. Data is~~was the ~~raw~~first ~~material~~step ~~that~~in iscreating ~~processed~~an ~~and~~Enterprise ~~refined~~Architecture to(EA) ~~generate~~that ~~information.~~linked ~~Information~~the ~~consists~~corporation's ofbusiness aneeds ~~collection~~to ofits ~~related~~Information ~~data~~Technology ~~that~~(IT) ~~has~~environment. ~~been~~Maximizing ~~processed~~IT ~~into~~support afor ~~form~~these ~~that~~requirements iswas ~~meaningful~~intended to ~~the~~optimize ~~recipient~~Corporate performance.<ref name="FDICOIG05"/> * ''[[Data Architecture]]'' : The Data Architecture described the activities required to obtain and maintain data that support the information needed by the corporation's major business areas. Data and information are different. Data is the foundation of information. Data is the raw material that is processed and refined to generate information. Information consists of a collection of related data that has been processed into a form that is meaningful to the recipient.<ref name="FDICOIG05"/> * ''[[Applications Architecture]]'' : The Applications Architecture ~~describes~~described the major types of applications that manage data to produce the information needed to support the activities of the ~~Corporation~~corporation. The Applications Architecture ~~provides~~provided a framework that ~~enables~~enabled the migration from the ~~current~~ applications catalog and software development environment in use at the time to the target integrated applications, development and engineering environments. The target architecture ~~promotes~~promoted the use of commercial and government off-the-shelf products, consolidating applications, where applicable, and the use of emerging technologies where appropriate.<ref name="FDICOIG05"/>▼ * ''[[Technical Infrastructure Architecture]]'' : The IT infrastructure ~~provides~~provided access to application systems and office automation tools used in performance of the business processes. The Corporation ~~places~~placed high priority on maintaining a consistent, available, and reliable technical infrastructure. The Technical Architecture ~~describes~~described the underlying technology for the ~~Corporation~~corporation's business, data, and application processing. It ~~includes~~included the technologies used for communications, data storage, application processing, and computing platforms.<ref name="FDICOIG05"/>▼ * ''[[Security Architecture]]'' : The Security Architecture ~~establishes~~established a framework for integrating safeguards into all layers of the FDIC's Enterprise Architecture. The security architecture ~~uses~~used a risk management and information assurance strategy that provides access control, confidentiality, integrity, and non-repudiation for the ~~Corporation~~corporation's information and systems.<ref name="FDICOIG05"/>▼ === Self-Funding Model for Reinvestment in IT=== ▲* ''[[Applications Architecture]]'' : The Applications Architecture describes the major types of applications that manage data to produce the information needed to support the activities of the Corporation. The Applications Architecture provides a framework that enables the migration from the current applications catalog and software development environment to the target integrated applications, development and engineering environments. The target architecture promotes the use of commercial and government off-the-shelf products, consolidating applications, where applicable, and the use of emerging technologies where appropriate. [[Image:Self-Funding Model for Future IT Development.jpg\|thumb\|320px\|Self-Funding Model for Future IT Development, 2008.<ref name="FDIC08">CIO Council (2008) [http://www.fdic.gov/about/strategic/it_plan/IT_Strategic_Plan_2.pdf Information Technology Strategic Plan 2008–2013], January 23, 2008. {{webarchive \|url=https://web.archive.org/web/20110103174554/http://www.fdic.gov/about/strategic/it_plan/IT_Strategic_Plan_2.pdf \|date=January 3, 2011 }}</ref>]] The banking business model ~~has~~of 2008 had become more complex, giving rise to financial instruments such as [[collateralized debt ~~obligations~~obligation]]s (CDOs) and [[structured investment vehicle]]s (SIVs) to manage risk. These instruments ~~have~~ created greater dependencies between the domestic and international financial markets. Financial institutions ~~must~~of that time should have, therefore, ~~strike~~struck a balance between regulatory, legislative and banker concerns while appropriately managing risk.<ref name="FDIC08"/>▼ AsNotionally, as cost savings are realized from a simplified IT environment and more efficient processes, the savings ~~will~~can be reinvested for IT improvements or accrue to the ~~entity~~corporation. This self-funding model is shown on the right.<ref name="FDIC08"/>▼ ▲* ''[[Technical Infrastructure Architecture]]'' : The IT infrastructure provides access to application systems and office automation tools used in performance of the business processes. The Corporation places high priority on maintaining a consistent, available, and reliable technical infrastructure. The Technical Architecture describes the underlying technology for the Corporation's business, data, and application processing. It includes the technologies used for communications, data storage, application processing, and computing platforms. === 2008 - 2013 technology roadmap === ▲* ''[[Security Architecture]]'' : The Security Architecture establishes a framework for integrating safeguards into all layers of the FDIC's Enterprise Architecture. The security architecture uses a risk management and information assurance strategy that provides access control, confidentiality, integrity, and non-repudiation for the Corporation's information and systems. The technology roadmap ~~outlines~~outlined the major initiatives for standardizing the IT environment and increasing ~~IT’s~~IT's efficiency and effectiveness over ~~the next~~ five years. The initiatives were determined by various sources including business-side IT roadmaps, executive management planning meetings, client planning sessions, and client year-end reviews. The three major initiatives identified ~~are~~were enterprise architecture, security and privacy programs, and fiscal discipline.<ref name="FDIC08"/>▼ [[Image:Five-Year Technology Roadmap.jpg\|thumb\|360px\|Five-Year Technology Roadmap, 2008.]]▼ The enterprise architecture initiative ~~will focus~~focused on simplifying the environment to ensure stable and economical performance for mission-critical applications. Simplifying the environment to decrease costs ~~will include~~included activities, such as decreasing the number of application systems and migrating applications off the mainframe. Efficiencies ~~will~~were also hoped to be gained by expanding capabilities for manipulating large data sets and storing traditional paper-based files electronically. The SOA service center ~~will~~was intended to manage code (or services) for all development teams to discover and use, which ~~will~~was expected to save time and costs in application development, testing and deployment.<ref name="FDIC08"/>▼ The ~~Corporation~~organization ~~will~~planned to continue to enhance IT security and privacy programs to address new and evolving risks by improving controls over sensitive data. In some cases, technology, such as scanning outgoing e-mail for sensitive information and encrypting removable storage devices, ~~can~~could mitigate potential risks. The other cornerstone of mitigating risk iswas educating employees of emerging security and privacy issues.<ref name="FDIC08"/>▼ ~~=== Future IT Development ===~~ ▲The banking business model has become more complex, giving rise to financial instruments such as collateralized debt obligations (CDOs) and [[structured investment vehicle]]s (SIVs) to manage risk. These instruments have created greater dependencies between the domestic and international financial markets. Financial institutions must, therefore, strike a balance between regulatory, legislative and banker concerns while appropriately managing risk. Lastly, in order to continue sound fiscal discipline and responsibility, the ~~Corporation~~organization ~~will~~planned to establish IT baselines and metrics, study steady-state costs, manage service level agreements, and more judiciously choose new development projects. These three areas – enterprise architecture, security and privacy programs, and fiscal discipline – are shown below with the estimated time frames.<ref name="FDIC08"/>▼ ▲As cost savings are realized from a simplified IT environment and more efficient processes, the savings will be reinvested for IT improvements or accrue to the entity. This self-funding model is shown on the right. ~~=== Five-Year Technology Roadmap ===~~ ▲The technology roadmap outlines the major initiatives for standardizing the IT environment and increasing IT’s efficiency and effectiveness over the next five years. The initiatives were determined by various sources including business-side IT roadmaps, executive management planning meetings, client planning sessions, and client year-end reviews. The three major initiatives identified are enterprise architecture, security and privacy programs, and fiscal discipline.<ref name="FDIC08"/> ▲[[Image:Five-Year Technology Roadmap.jpg\|thumb\|360px\|Five-Year Technology Roadmap.]] ▲The enterprise architecture initiative will focus on simplifying the environment to ensure stable and economical performance for mission-critical applications. Simplifying the environment to decrease costs will include activities, such as decreasing the number of application systems and migrating applications off the mainframe. Efficiencies will also be gained by expanding capabilities for manipulating large data sets and storing traditional paper-based files electronically. The SOA service center will manage code (or services) for all development teams to discover and use, which will save time and costs in application development, testing and deployment.<ref name="FDIC08"/> ▲The Corporation will continue to enhance IT security and privacy programs to address new and evolving risks by improving controls over sensitive data. In some cases, technology, such as scanning outgoing e-mail for sensitive information and encrypting removable storage devices, can mitigate potential risks. The other cornerstone of mitigating risk is educating employees of emerging security and privacy issues.<ref name="FDIC08"/> ▲Lastly, in order to continue sound fiscal discipline and responsibility, the Corporation will establish IT baselines and metrics, study steady-state costs, manage service level agreements, and more judiciously choose new development projects. These three areas – enterprise architecture, security and privacy programs, and fiscal discipline – are shown below with the estimated time frames.<ref name="FDIC08"/> == See also == Line 49 ⟶ 50: == Further reading == * Gartner (2005) ''[https://web.archive.org/web/20090320115109/http://www.aea-dc.org/resources/2006-7-12-Gail-Verley-FDIC-EA-Business-Alignment-Gartner.pdf The FDIC Is Aligning IT to Business Through Enterprise Architecture]''. Industrial research paper. * Pallab Saha (2007). ''Handbook of Enterprise Systems Architecture in ~~Practice‎~~Practice''. Chapter IX gives a detailed case study of the FDIC. == External links == {{~~Commonscat~~Commons category\|FCIC Enterprise architecture}} * [http://www.fdic.gov/index.html FDIC] Homepage. {{DEFAULTSORT:Fdic Enterprise Architecture Framework}} [[Category:Enterprise architecture frameworks]] [[Category:Federal Deposit Insurance Corporation]]