FDIC Enterprise Architecture Framework: Difference between revisions

[[Image:FDIC’s Enterprise Architecture Framework.jpg|thumb|320px|FDIC’sFDIC's Enterprise Architecture Framework from 2005.<ref>OIG (2005). [http://www.fdicoig.gov/reports05/05-018-508.shtml Implementation of E-Government Principles] {{Webarchive|url=https://web.archive.org/web/20090114041340/http://fdicoig.gov/reports05/05-018-508.shtml |date=2009-01-14 }}. May 2005</ref>]]

The '''FDIC Enterprise Architecture Framework (FDIC EAF)''' iswas thean [[Enterpriseenterprise Architecture frameworkarchitecture]] offramework thedeveloped Unitedby Statesthe [[Federal Deposit Insurance Corporation]] (FDIC) to align its business processes and information technology systems. AIntroduced lotin of2002 theand formalized around 2005, currentit articlewas isbased abouton the [[Zachman Framework]] and the [[Federal Enterprise Architecture Framework]] developed(FEAF), aroundwith 2005,a andstrong currentlyemphasis annoon 2011security out-of-date.{{citationto needed|date=Januaryprotect financial data and systems. 2013}}

The FDIC's framework for implementing its [[Enterprise Architecture]] iswas based on Federal and industry best practices, including the Chief Information Officer (CIO) Council's [[Federal Enterprise Architecture Framework]] (FEAF) and the [[Zachman Framework]] for Enterprise Architecture. FDIC's framework has beenwas tailored to emphasize [[security]]. The historic FDIC EA framework complies with the FEAF and highlights the importance of security to all other components of the architecture.<ref name="FDICOIG05">[http://www.fdicoig.gov/reports05/05-018-508-figure1.shtml Implementation of E-Government Principles] {{Webarchive|url=https://web.archive.org/web/20090114045425/http://fdicoig.gov/reports05/05-018-508-figure1.shtml |date=2009-01-14 }} AUDIT REPORT, Report No. 05-018, May 2005</ref>

The FDIC EA framework includesincluded five components. The first component, the Business Architecture, focusesfocused on FDIC's business needs. The next three components, the [[Data Architecture]], Applications Architecture, and Technical Infrastructure Architectures, focusfocused on the technological capabilities that support the business and information needs. The final component, the [[Security Architecture]], focusesfocused on specific aspects of interest to the Corporation that span the enterprise and must be integral parts of all other architectures.<ref name="FDICOIG05"/>

Historically, Federal agencies have managed IT investments autonomously. Until the new millennium, there has beenwas little incentive for agencies to partner to effectively reuse IT investments, share IT knowledge, and explore joint solutions. Starting in the second half of the 1990 a collective, government-wide effort, supported by the Federal CIO Council, utilizing the [[Federal Enterprise Architecture]] (FEA), has beenwas undertaken in an effort to yield significant improvements in the management and reuse of IT investments, while improving services to citizens, and facilitating business relationships internally and externally.<ref>FDIC (2003). ''[http://www.iriboffice.ir/LinkClick.aspx?fileticket=up56ppcNQ4M%3D&tabid=246&mid=634 Information Technology Strategic Plan 2004–2007] {{Webarchive|url=https://web.archive.org/web/20090422214155/http://www.iriboffice.ir/LinkClick.aspx?fileticket=up56ppcNQ4M%3D&tabid=246&mid=634 |date=2009-04-22 }}''</ref>

The Federal Deposit Insurance Corporation (FDIC) first realized the value of Enterprise Architecture in 1997, when two business executives had to reconcile data that had come from different systems for a high-profile report to the banking industry. The FDIC's first EA blueprint was published in December 2002.<ref>Gregg Kreizman, Cathleen E. Blanton (2005) "[http://www.aea-dc.org/resources/2006-7-12-Gail-Verley-FDIC-EA-Business-Alignment-Gartner.pdf The FDIC Is Aligning IT to Business Through Enterprise Architecture] {{Webarchive|url=https://web.archive.org/web/20090320115109/http://www.aea-dc.org/resources/2006-7-12-Gail-Verley-FDIC-EA-Business-Alignment-Gartner.pdf |date=2009-03-20 }}" Gartner, Inc.</ref>

In 2004 the FDIC received a 2004 Enterprise Architecture Excellence Award from the [[John Zachman|Zachman Institute for Framework Advancement]] (ZIFA) for its initiative to manage corporate data collaboratively.<ref>[http://www.fdic.gov/news/news/press/2004/pr13104.html FDIC Receives Technology Award]</ref>

=== Historical FDIC EA framework ===

* ''[[Business Architecture]]'' : The Business Architecture describesdescribed the activities and processes performed by the Corporationcorporation to achieve its mission and to realize its vision and goals. Developing the Business Architecture iswas the first step in creating an Enterprise Architecture (EA) that linkslinked the Corporationcorporation's business needs to its Information Technology (IT) environment. Maximizing IT support for these requirements willwas intended to optimize Corporate performance.<ref name="FDICOIG05"/>

* ''[[Data Architecture]]'' : The Data Architecture describesdescribed the activities required to obtain and maintain data that supportssupport the information needed by the Corporation’scorporation's major business areas. Data and information are different. Data is the foundation of information. Data is the raw material that is processed and refined to generate information. Information consists of a collection of related data that has been processed into a form that is meaningful to the recipient.<ref name="FDICOIG05"/>

* ''[[Applications Architecture]]'' : The Applications Architecture describesdescribed the major types of applications that manage data to produce the information needed to support the activities of the Corporationcorporation. The Applications Architecture providesprovided a framework that enablesenabled the migration from the current applications catalog and software development environment in use at the time to the target integrated applications, development and engineering environments. The target architecture promotespromoted the use of commercial and government off-the-shelf products, consolidating applications, where applicable, and the use of emerging technologies where appropriate.<ref name="FDICOIG05"/>

* ''[[Technical Infrastructure Architecture]]'' : The IT infrastructure providesprovided access to application systems and office automation tools used in performance of the business processes. The Corporation placesplaced high priority on maintaining a consistent, available, and reliable technical infrastructure. The Technical Architecture describesdescribed the underlying technology for the Corporationcorporation's business, data, and application processing. It includesincluded the technologies used for communications, data storage, application processing, and computing platforms.<ref name="FDICOIG05"/>

* ''[[Security Architecture]]'' : The Security Architecture establishesestablished a framework for integrating safeguards into all layers of the FDIC's Enterprise Architecture. The security architecture usesused a risk management and information assurance strategy that provides access control, confidentiality, integrity, and non-repudiation for the Corporationcorporation's information and systems.<ref name="FDICOIG05"/>

The banking business model hasof 2008 had become more complex, giving rise to financial instruments such as [[collateralized debt obligation]]s (CDOs) and [[structured investment vehicle]]s (SIVs) to manage risk. These instruments have created greater dependencies between the domestic and international financial markets. Financial institutions mustof that time should have, therefore, strikestruck a balance between regulatory, legislative and banker concerns while appropriately managing risk.<ref name="FDIC08"/>

AsNotionally, as cost savings are realized from a simplified IT environment and more efficient processes, the savings willcan be reinvested for IT improvements or accrue to the Corporationcorporation. This self-funding model is shown on the right.<ref name="FDIC08"/>

=== Five2008 -year 2013 technology roadmap ===

The technology roadmap outlinesoutlined the major initiatives for standardizing the IT environment and increasing IT’sIT's efficiency and effectiveness over the next five years. The initiatives were determined by various sources including business-side IT roadmaps, executive management planning meetings, client planning sessions, and client year-end reviews. The three major initiatives identified arewere enterprise architecture, security and privacy programs, and fiscal discipline.<ref name="FDIC08"/>

The enterprise architecture initiative will focusfocused on simplifying the environment to ensure stable and economical performance for mission-critical applications. Simplifying the environment to decrease costs will includeincluded activities, such as decreasing the number of application systems and migrating applications off the mainframe. Efficiencies willwere also hoped to be gained by expanding capabilities for manipulating large data sets and storing traditional paper-based files electronically. The SOA service center willwas intended to manage code (or services) for all development teams to discover and use, which willwas expected to save time and costs in application development, testing and deployment.<ref name="FDIC08"/>

The organization willplanned to continue to enhance IT security and privacy programs to address new and evolving risks by improving controls over sensitive data. In some cases, technology, such as scanning outgoing e-mail for sensitive information and encrypting removable storage devices, cancould mitigate potential risks. The other cornerstone of mitigating risk iswas educating employees of emerging security and privacy issues.<ref name="FDIC08"/>

Lastly, in order to continue sound fiscal discipline and responsibility, the organization willplanned to establish IT baselines and metrics, study steady-state costs, manage service level agreements, and more judiciously choose new development projects. These three areas – enterprise architecture, security and privacy programs, and fiscal discipline – are shown below with the estimated time frames.<ref name="FDIC08"/>

* Gartner (2005) ''[https://web.archive.org/web/20090320115109/http://www.aea-dc.org/resources/2006-7-12-Gail-Verley-FDIC-EA-Business-Alignment-Gartner.pdf The FDIC Is Aligning IT to Business Through Enterprise Architecture]''. Industrial research paper.