WASHINGTON–The FDIC has been given eight recommendations for improving its information technology.
The recommendations were made by the agency’s Office of Inspector General, and recommend that the bank regulator and insurer:
- Coordinate with FDIC stakeholders to develop an implementation plan that supports the IT Strategic Plan
- Incorporate cloud strategy principles into the IT governance framework
- Implement an enterprise architecture (EA) as part of the IT governance framework and use the EA to guide IT decision-making
- Revise the FDIC’s governance processes, including roles and responsibilities for governance bodies
- Incorporate revisions to IT governance processes into applicable FDIC policies, procedures, and charters
- Define and document roles and responsibilities for information security within the IT governance framework and processes
- Identify and document the IT resources and expertise needed to execute the IT Strategic Plan
- Define and document procedures for evaluating the costs and potential benefits associated with cloud projects
In all, the report from the FDIC’s OIG runs 51 pages and says its audit found that the agency had neither fully developed a strategy to migrate IT services and applications to the cloud nor obtained the acceptance of key business stakeholders before taking steps to initiate cloud projects.
The result, says the report, is limitations on the “FDIC’s ability to communicate to business stakeholders how it intended to implement its new IT strategies. In turn, this caused stakeholders to question the decision to adopt new cloud technologies and their impact on their business processes.”