Federal Deposit Insurance CorporationFederal Deposit Insurance CorporationFDIC_67344b23-fc15-4ab4-ba09-4e1878e557b8The FDIC is a leader in developing and implementing sound public policies, identifying and addressing new and existing risks in the nation’s financial system, and effectively and efficiently carrying out its insurance, supervisory, and receivership management responsibilities._ba90b65a-f9eb-483c-9f04-3bae8b63c948The Federal Deposit Insurance Corporation (FDIC) is an independent agency created by the Congress that maintains the stability and public confidence in the nation’s financial system by insuring deposits, examining and supervising financial institutions, and managing receiverships._b38cdd50-55b1-4dbb-ba17-88e6eca9a048IntegrityFDIC employees adhere to the highest ethical standards in the performance of their duties and responsibilities.CompetenceThe FDIC maintains a highly skilled, dedicated, and diverse workforce.TeamworkFDIC employees work cooperatively with one another and with employees in other regulatory agencies to accomplish the Corporation’s mission.EffectivenessThe FDIC responds quickly and successfully to identified risks in insured financial institutions and in the broader financial system.Financial StewardshipThe FDIC acts as a responsible fiduciary, consistently operating in an efficient and cost-effective manner on behalf of insured financial institutions and other stakeholders.FairnessThe FDIC treats all employees, insured financial institutions, and other stakeholders with impartiality and mutual respect.Deposit InsuranceInsured depositors are protected from loss without recourse to taxpayer funding._5bb40d50-ab01-4338-886b-c79239265ea61Program Description: Deposit insurance is a fundamental part of the FDIC’s commitment to maintain stability and public confidence in the U.S. financial system. Promoting industry and consumer awareness of deposit insurance helps the FDIC protect depositors at banks and savings associations of all sizes. When insured depository institutions fail, the FDIC ensures that financial institution customers have timely access to their insured deposits and other services. To keep pace with the evolving banking industry and maintain its readiness to promptly protect insured depositors, the FDIC prepares and maintains contingency plans to address a variety of insured depository institution failures. The deposit insurance funds must remain viable so that adequate funds are available to protect insured depositors in the event of an institution’s failure. The FDIC maintains sufficient deposit insurance fund balances by collecting risk-based insurance premiums from insured depository institutions and through prudent fund investment strategies. The FDIC continually evaluates the adequacy of the deposit insurance funds. It identifies risks to the insurance funds by analyzing regional, national, and global economic, financial, and financial institution developments, and by collecting and evaluating information through the supervisory process. The FDIC is engaged in a comprehensive review of the deposit insurance system. Statutory requirements constrain the FDIC’s ability to charge institutions for the risk they pose to the insurance funds and require potentially high deposit insurance premiums during downturns, when institutions can least afford to pay. In addition, the existing process for adjusting coverage levels to keep pace with inflation is not automatic, unlike other important government programs for which the benefits are indexed to well-understood benchmarks.Access to Funds and ServicesCustomers of failed insured depository institutions have timely access to insured funds and financial services._6d63e439-2e48-4ae8-ac69-81017b45f60b1.1Means & Strategies: When an institution fails, the FDIC fulfills its role as insurer by either facilitating the transfer of the institution’s insured deposits to an assuming institution or by paying insured depositors directly. The FDIC’s goal is to provide customers with access to their insured deposits within one to two business days. The FDIC continually monitors changes in financial institution operations and products to ensure its ability to handle potential financial institution failures. The FDIC develops, tests and maintains contingency plans to be prepared to handle potential failures, including the failure of a large financial institution; simultaneous, multiple failures; and technological failures (for example, an Internet bank failure). To educate consumers and institutions about deposit insurance coverage, the FDIC maintains a toll-free call center2 to respond to questions related to deposit insurance. The FDIC provides a list of all FDIC-insured institutions and an Electronic Deposit Insurance Estimator (EDIE), which is an interactive tool to help determine deposit insurance coverage amounts, on its Web site, www.fdic.gov. The FDIC conducts training on various aspects of deposit insurance for financial institution employees. The FDIC also provides financial institutions with educational tools and materials that are designed to assist the institutions in providing their customers with information they need to understand their deposit insurance coverage. External Factors: The failure of a large, complex institution or a sudden failure due to fraudulent activities could affect the FDIC’s goal of paying insured depositors within one to two business days. However, no depositor would lose an insured deposit.RisksThe FDIC promptly identifies and responds to potential risks to the insurance funds._1167d0bb-5a98-4131-aa44-3404c38efa0e1.2Means & Strategies: The FDIC, in cooperation with the other primary federal regulators, proactively identifies and evaluates the risk and financial condition of every insured depository institution. The FDIC also identifies broader economic and financial risk factors that affect all insured institutions. The availability of timely banking information is critical to ensuring the FDIC's ability to assess risk to insured financial institutions and the deposit insurance funds. The FDIC is committed to providing accurate and timely bank data related to the financial condition of the banking industry. Industry-wide trends and risks are communicated to the financial industry, its supervisors and policymakers through a variety of regularly produced publications and ad hoc reports. Risk-management activities include approving the entry of new institutions into the deposit insurance system, off-site risk analysis, assessment of risk-based premiums, and special insurance examinations and enforcement actions. Risk management begins with the FDIC’s review of applications for deposit insurance to ensure that the applying institution is well-capitalized, possesses a qualified management team, and is capable of operating in a safe and sound manner. Off-site risk analysis activities include reviewing examination reports and using a variety of information system models and tools. The purposes of these activities are to understand the risk profile of individual financial institutions and to identify trends and emerging risks affecting groups of financial institutions and the insurance funds. The information may be used to target institutions for examination or other follow-up activities; focus the scope of an examination; assist in setting risk-based premiums for individual institutions; determine the adequacy of the deposit insurance funds; develop new policy initiatives; and determine corporate strategies for supervision, staffing, communication and other resource decisions. The FDIC assesses risk-based insurance premiums by assigning a risk classification to each insured institution. The risk classifications are adjusted periodically to reflect the relative risk posed by institutions. Accordingly, institutions that represent greater supervisory risks to the insurance funds pay higher premiums, subject to the statutory requirements constraining the FDIC’s ability to charge appropriate premiums to these institutions. In fulfilling its role as insurer, the FDIC has special insurance examination over all insured institutions and, at times, participates in examinations with the other federal regulators. In order to prevent or minimize losses to the funds, the primary federal regulator is required to take prompt corrective action when an FDIC-insured institution is determined to have capital problems. Depending on the institution’s capital classification, these actions range from imposing restrictions or requirements on an institution’s operations to the appointment of a receiver or conservator. External Factors: A sudden or large fraud perpetrated on a financial institution could result in an unforeseen loss to the insurance funds. Also, natural disasters, public policy changes, and sudden economic financial market crises could cause losses to financial institutions and pose risk to the deposit insurance funds.ViabilityThe deposit insurance funds and system remain viable._e2fb2775-c3f1-4dcc-a6f8-36d97e1755de1.3Means & Strategies: The FDIC maintains separate insurance funds for banks and for savings associations. It maintains the viability of each fund by investing the funds, monitoring the reserve requirements, collecting riskbased premiums, and evaluating the deposit insurance system in light of an evolving financial services industry. The FDIC analyzes the growth or shrinkage of estimated insured deposits, the current assessment base, loss expectations, interest income earned on the funds and operating expenses. This information is used to estimate the level of assessment revenue necessary to cover projected losses while maintaining the designated reserve ratio (DRR).3 Assessment revenue is provided through the collection of risk-based deposit insurance premiums assessed on individual institutions by the FDIC. The FDIC has identified four aspects of the current deposit insurance system that need to be addressed. Deposit insurance is provided by two insurance funds at potentially different prices; deposit insurance cannot be priced effectively to reflect risk; deposit insurance premiums are highest at the wrong point in the business cycle; and the value of insurance coverage does not keep pace with inflation in a predictable fashion. The FDIC solicited and analyzed the input from its stakeholders and developed the following recommendations: • Merge the Bank Insurance Fund (BIF) and the Savings Association Insurance Fund (SAIF). • Eliminate the statutory restriction on the FDIC's ability to charge riskbased premiums to all institutions; the FDIC should charge regular premiums for risk regardless of the level of the fund. • Eliminate sharp premium swings triggered when the reserve ratio deviates from the DRR. If the fund falls below a target level, premiums should increase gradually. If it grows above a target level, funds should be rebated gradually. The FDIC Improvement Act of 1991 requires each fund to maintain a reserve ratio of 1.25% of estimated insured deposits. • Base rebates on past contributions to the fund, not on the current assessment base. • Index the deposit insurance coverage level to maintain its real value. External Factors: Industry consolidation presents benefits and risks to the deposit insurance funds. While the risks to the funds are diminished because of the diversification benefits of consolidation (along geographic and product lines), the concentration of deposits in fewer insured depository institutions increases the risks to the funds in the event a large insured depository institution fails. Implementation of the FDIC’s recommendations to revise the deposit insurance system will require legislative action by the Congress.Safety and SoundnessFDIC-supervised institutions are safe and sound._3c57d2cb-f267-4b46-9e8b-0c5b4c6037bb2Program Description: As insurer, the FDIC is concerned with the safety and soundness of all insured institutions. However, a distinction is made between the FDIC’s role as an insurer and its role as the primary federal supervisor for state non-member banks.4 Nonetheless, it is important to note that the FDIC’s roles as an insurer and as a primary supervisor are complementary and that many activities support both the insurance and supervision programs. In fulfilling its primary supervisory responsibilities, the FDIC pursues two strategic goals: • FDIC-supervised institutions are safe and sound; and • Consumers’ rights are protected and FDIC-supervised institutions invest in their communities. The FDIC promotes safe and sound financial institution practices through examinations, regular communication with industry officials, and the review of applications submitted by FDIC-supervised institutions to expand their activities or locations. When appropriate, the FDIC has a range of informal and formal enforcement options available to resolve problems identified at an FDIC-insured institution. The FDIC also promotes institution compliance with consumer protection and fair lending laws. The FDIC engages in a variety of activities related to consumer protection and fair lending, including: 1) providing consumers with access to easily understood information about their rights and the disclosures due them under consumer protection and fair lending laws; and 2) examining FDIC-supervised institutions to determine their compliance with consumer protection and fair lending laws and evaluating their performance under the Community Reinvestment Act of 1977 (CRA).Risk ManagementFDIC-supervised institutions appropriately manage risk._b285523b-5c02-4d2a-a478-a9d7ad077fa52.1Means & Strategies: The FDIC performs safety and soundness, trust, Bank Secrecy Act (BSA), and information system examinations of FDICsupervised institutions. The majority of the states participate with the FDIC in an examination program under which certain examinations are performed on an alternating basis by the states and the FDIC. The examinations are conducted to assess an institution’s overall financial condition, management practices and policies, and compliance with applicable laws and regulations. Through the examination process, the FDIC also assesses the adequacy of management and internal control systems to identify, measure and control risks. Procedures normally performed in completing examinations may disclose the presence of fraud or insider abuse. The FDIC regularly reviews examination methodologies and adjusts them as necessary to remain effective. If the examination process reveals weaknesses in an FDIC-supervised institution’s operations or conditions, the FDIC takes appropriate action. Informal or formal enforcement actions may be issued for FDICsupervised institutions that have significant weaknesses or that are operating in a deteriorated financial condition. The actions remain in effect until corrective actions are taken and the identified weaknesses are cured. If the problems remain unresolved, the FDIC may take further steps to encourage or compel institutions to comply. If these efforts are unsuccessful or if other weaknesses are evident, the institution would be instructed to seek additional capital or merger. If problems remain unresolved, the chartering authority might close the institution, and the FDIC would oversee the resolution of the institution. Informal enforcement actions require the institution’s acknowledgement and commitment to correct the problem. Informal actions include board resolutions or memoranda of understanding. Formal enforcement actions are taken when an informal action is ineffective or inappropriate. Formal enforcement actions include written agreements, cease and desist orders, the suspension or removal of officers and directors, and civil money penalties. Communication is an important component of the FDIC’s safety and soundness program. Risks identified during an examination are discussed with the institution’s management and its board of directors. In addition to examinations, the FDIC provides information on a variety of issues through the publication of financial institution letters and financial institution outreach programs. The FDIC’s Risk Analysis Center (RAC), established in March 2003 to coordinate corporate-wide risk-related activities, also offers examiners and other FDIC personnel valuable information about potential risks that could affect the institutions they supervise. The FDIC invites outside speakers into the RAC, including university representatives and law enforcement. The FDIC also evaluates an FDIC-supervised institution’s ability to manage risk when reviewing applications or notices for new or expanded activities. In order for the FDIC to expedite the review of an institution's application or notice, it must be well-capitalized, possess a qualified management team, be capable of operating in a safe and sound manner, be compliant with applicable laws and regulations, and represent no undue risk to the deposit insurance funds. External Factors: The development and implementation of effective riskmanagement policies and practices are the responsibility of individual financial institutions. As institutions enter new lines of business and activities, implement new technologies, or face changing economic conditions, risk-management policies and oversight become increasingly important. Although the FDIC prepares its examination staff to recognize indicators of fraudulent activity, fraud is often difficult to detect, and losses may occur before the fraudulent activity is detected. Under the alternate examination program, certain examinations are conducted in alternate periods by the appropriate state supervisory authority. Constraints outside of the FDIC’s control may affect the completion of examinations by state authorities. However, the FDIC will conduct the examination within a reasonable time frame from the originally scheduled examination date if the state is unable to do so.Consumer RightsConsumers’ rights are protected and FDIC-supervised institutions invest in their communities._438e2869-64eb-4f11-b3bb-1c4c0f7aa2cc3Consumer InformationConsumers have access to easily understood information about their rights and the disclosures due them under consumer protection and fair lending laws._cb2d2ce8-cf31-473d-86ce-51725d85500b3.1Means & Strategies: The FDIC makes available information about consumer protection, fair lending and deposit insurance to help consumers understand their rights. This information is provided in brochures and through other media, including the FDIC’s Web site, www.fdic.gov. The FDIC frequently conducts or participates in focus groups, educational seminars and conferences. The FDIC maintains a toll-free call center to respond to questions from consumers related to consumer protection laws and regulations. External Factors: If a severe economic downturn resulted in an increased number of troubled institutions, the FDIC might have to reallocate staff resources to respond adequately to supervisory issues posed by troubled institutions. This could result in temporary adjustments to the FDIC’s various examination programs.Institutional ComplianceFDIC-supervised institutions comply with consumer protection, CRA and fair lending laws._2543e079-b885-4ade-a7bb-2559946de7583.2Means & Strategies: The FDIC participates in various outreach activities and provides technical assistance to the institutions it supervises and to community-based organizations. These activities facilitate their understanding of, and compliance with, CRA and fair lending laws and regulations. The compliance and CRA examination process evaluates FDIC-supervised institutions’ practices regarding consumer protection, CRA, fair lending laws and regulations, and consumer privacy. In addition to the examination process, the FDIC investigates consumer complaints about unfair or deceptive practices. Non-compliance with consumer laws can result in civil liability and negative publicity as well as informal or formal enforcement actions by the FDIC to correct the identified violations. An institution’s compliance with consumer protection, CRA and fair lending laws and regulations is considered when an institution seeks to engage in new or expanded activities. External Factors: If a severe economic downturn resulted in an increased number of troubled institutions, the FDIC might have to reallocate its examiner resources to enable it to respond adequately to safety and soundness issues posed by troubled institutions. This could result in temporary adjustments to the FDIC’s various examination programs, including its compliance and CRA examinations.Creditor RecoveryRecovery to creditors of receiverships is achieved._eb305a51-6bef-47f1-a929-3e5e0a865b324Program Description: The Receivership Management Program is designed to ensure that claims against the receiverships are satisfied consistent with applicable laws and the resources of individual receivership estates. When an institution fails, the FDIC is appointed receiver and assumes responsibility to recover, as quickly as it can, the maximum amount possible on the receivership's claims. Having fulfilled its obligations as deposit insurer, the FDIC is often the largest creditor. The receiver may have valid claims against former directors, officers, attorneys, accountants or other professionals who may have caused harm to the institution. Funds collected through the pursuit of valid claims and the sale of assets are distributed to the creditors according to priorities set by law. Once the FDIC sells the receivership’s assets and resolves its obligations, claims and any legal impediments, the receivership is terminated and a final distribution is made to its creditors.Failure ResolutionThe FDIC resolves failed insured depository institutions in the least-costly manner._5352dc97-5cc3-4573-bf05-b1bff2cf32804.1Means & Strategies: When an institution fails, the FDIC facilitates an orderly and least-cost resolution.5 The FDIC obtains an accurate valuation of the failing institution by valuing and assessing its assets and liabilities. Using this information, the FDIC markets the institution to potential bidders. The FDIC analyzes the bids received, conducts a least-cost test determination and selects the least-cost strategy to pursue. External Factors: Industry consolidation presents both benefits and risks. While the risks to the deposit insurance funds are diminished because the risks are diversified through consolidation (along both geographic and product lines), the concentration of deposits into fewer insured depository institutions increases the risks to the funds in the event one of these larger insured depository institutions fails. In accordance with law, if a failure threatens serious adverse effects on economic conditions or financial stability, resolution strategies other than the least-cost resolution may be employed.Receivership ManagementReceiverships are managed to maximize net return toward an orderly and timely termination._e71c8068-5e89-4d7a-a710-1c1eada40d3d4.2Means & Strategies: The oversight and prompt termination of the receivership preserves value for the uninsured depositors and other receivership claimants by reducing overhead and other holding costs. When the FDIC is appointed receiver, the FDIC establishes an action plan for each receivership that is executed by a team of asset, marketing, finance and legal staff in support of the receivership. Once appointed receiver, the FDIC immediately works to identify and notify potential creditors of the failed insured depository institution about the failure and the process for submitting claims against the receivership. Receivership liabilities include, for example, secured creditors, unsecured creditors (including general trade creditors), subordinated debt holders, shareholders of the institution, uninsured depositors, and the insurance fund as subrogee. The FDIC reviews the validity of each claim and determines a suitable resolution. In order to fulfill its responsibilities to creditors of the failed institution, the FDIC, as receiver, manages and sells the assets through a variety of strategies and identifies and collects monies due to the receivership. The FDIC’s goal is to expedite the return of assets to the private sector by marketing most of the assets soon after an insured institution fails. Returning assets to the private sector quickly allows the FDIC to maximize net recoveries and to minimize any disruption to the local community. The FDIC uses a number of information technology applications, including Internet auctions, to facilitate the management and marketing of assets. A list of loans and real estate for sale is available on the FDIC’s Web site, www.fdic.gov. Receivership staff provides oversight and monitors the execution of individual receivership action plans. Once all assets have been disposed of, all liabilities resolved, and no material financial or legal risks to the FDIC remain, a final distribution to the receivership’s creditors is made and the receivership is terminated. External Factors: A severe economic downturn could lead to an increased number of institution failures, and experienced staff might have to be diverted from other work to handle closings on a priority basis. Such a diversion of staff might affect the pace at which the FDIC markets assets and terminates receiverships. Economic and other factors could affect the achievement of specific targets expressed in annual performance plans. For example, factors such as litigation and receivership properties being tainted by environmental contamination could delay the termination of a receivership.Investigation and ResolutionPotential recoveries, including claims against professionals, are investigated and are pursued and resolved in a fair and cost-effective manner._4b5f7016-1bc1-416e-a878-1f4308ee1b174.3Means & Strategies: When an insured depository institution fails, the FDIC, as receiver, acquires a group of legal rights, titles and privileges generally known as professional liability claims. The FDIC's attorneys and investigators work together to assure that valid claims arising from a failure of an insured institution are properly pursued. The team conducts a factual investigation of the events that contributed to losses at the institution as well as legal research and analysis of the facts and potential claims. The team prepares additional analysis to determine the likelihood of a recovery exceeding the estimated costs of pursuing claims. Finally, the team prepares a memorandum recommending that claims be pursued or that an investigation be closed. The FDIC believes that the prompt investigation and evaluation of potential claims against professionals who may have caused losses to the institution (such as directors, officers, attorneys and accountants) enhance the fairness of the process and lead to more cost-effective results. External Factors: No external factors were identified that could affect the accomplishment of this objective.Resource ManagementEFFECTIVE MANAGEMENT OF STRATEGIC RESOURCES_100ec01d-7dbc-4260-9b1f-8cf35a5dd74f5The FDIC recognizes that it must effectively manage and utilize a number of critical strategic resources in order to successfully carry out its mission and realize the strategic goals outlined in the preceding sections.Financial ResourcesImplement an enhanced cost management program and explore the use of performance scorecards_63dee6fe-9f6a-4e32-984a-2a7d64490a615.1The FDIC’s operational expenses are largely paid from the insurance funds, and the Corporation seeks to operate cost effectively in fulfillment of its fiduciary responsibility to the funds. To that end, the Corporation engages in a rigorous planning and budgeting process that is designed to ensure that budgeted resources are properly aligned with projected workload. The Corporation also reviews spending variances on a continuous basis and provides an analysis of spending variances to the FDIC Board of Directors on a quarterly basis. The FDIC will implement an enhanced cost management program in 2005 that will provide managers with additional cost information, including the fully loaded cost of key business processes. The FDIC has also begun to benchmark the cost of selected business processes with those of peer organizations and to use that information to identify possible business process improvements. During the period covered by this plan, the Corporation will explore the use of performance scorecards to assess performance against appropriate cost, timeliness, quality and customer service standards. Approximately 65 percent of the Corporation’s annual operating expenses are for salaries and other compensation for FDIC employees. For that reason, the Corporation carefully reviews staffing and workload on an ongoing basis and makes appropriate adjustments to authorized staffing, as needed. As indicated below, the FDIC is actively planning for a smaller, more flexible workforce in the future.Human CapitalReshape our workforce to better align it with anticipated future human resource requirements._5eb82d52-5033-495c-bef9-150d64bb672d5.2The FDIC’s employees are its most important strategic resource. For that reason, it seeks to continue to be the employer of choice within the financial regulatory community and to operate a human resources program that attracts, develops, evaluates, rewards and retains a high quality, results-oriented workforce. This was a difficult challenge over the past 12 years because the Corporation was in a continuous downsizing mode as it completed the residual workload from the banking and thrift crises of the late 1980s and early 1990s. FDIC staffing declined from approximately 23,000 (including employees assigned to the Resolution Trust Corporation) in 1992 to fewer than 5,100 at year-end 2004. Over the past three years the Corporation has focused considerable resources on human capital planning and has reached several important conclusions about its future human resource requirements. It has determined that the FDIC will need a smaller, more adaptable permanent workforce that is capable of responding in the future to significant unexpected events or changes in workload priorities; that it will require a somewhat different mix of skill sets than are available in the current workforce; and that a more collaborative approach will be required in the future to fulfill critical mission functions. During the period covered by this plan, the FDIC will pursue opportunities to begin reshaping its workforce to better align it with anticipated future human resource requirements. The FDIC is already in the process of developing and implementing several key structural components of its human capital strategy for the future: • Implementation of pay-at-risk compensation and bonus programs. • Implementation of a restructured executive and managerial program. • Enhancement of employee training and development through a recently established Corporate University. • Pursuit of new personnel authorities that will provide greater flexibility in managing the Corporation’s human resources. • Establishment of a new Corporate Employee Program that encourages and rewards cross-organizational mobility and promotes experience in multiple FDIC business lines. • Identification of succession planning and management strategies. Much more remains to be accomplished over the next several years. The Corporation must continue to refine its future workforce requirements and to identify strategies for attracting and retaining employees from a more diverse and competitive employee pool.Information TechnologyUse information technology (IT) to improve the operational efficiency of our business processes_d9b0665e-e326-46f2-b4b9-adcd6c413f5f5.3The Corporation is committed to using information technology (IT) to improve the operational efficiency of its business processes. Over the past three years, the Corporation has made great strides in making the IT capital planning and investment management (CPIM) process more effective. The CPIM process is overseen by the Corporation’s Capital Investment Review Committee, which is chaired jointly by the Chief Information Officer and the Chief Financial Officer and includes key senior managers. IT investments are strategically directed and are judged by their impact on the effectiveness and/or efficiency of the FDIC’s mission critical functions. Proposals for new investments are considered against gaps in current capabilities. The revised CPIM process is integrated with the FDIC’s Enterprise Architecture (EA) process. The initial foundation work for the EA was completed in 2003. During the period covered by this plan, the FDIC will continue to enhance the EA program. This will facilitate the identification of duplicative resources/investments, gaps, and opportunities for internal and external collaboration and will result in operational improvements and cost-effective solutions to business requirements. This enterprise focus will permit the Corporation to reduce its application systems inventory and consolidate its technology platforms. In addition, the Corporation will implement an IT research and development program in order to promote an environment where IT research and innovation activities support business strategies. The FDIC will also embrace the principles associated with the Capability Maturity Model Integration (CMMI) developed by the Carnegie Mellon Software Engineering Institute. CMMI helps organizations increase the maturity of their people, processes and technology assets to improve longterm business performance. The FDIC’s target is to reach level 3 of the 5- step maturity range, which represents a considerable commitment to the achievement of quality processes. Starting in 2005, the Corporation will employ the Rational Unified Process (RUP), a flexible, iterative system development methodology. FDIC’s adoption of RUP will provide an improved system development methodology that will minimize risk, provide predictable results, and deliver high quality software on time and within budget. The Corporation is also strongly committed to maintaining an effective IT security program which provides a continuous cycle for assessing risk and implementing effective security procedures to proactively ensure the reliability, availability and confidentiality of information. IT security for major enterprise systems has been identified as a reportable condition by the Government Accountability Office (GAO) in its audits of the FDIC’s annual financial statements for several years, and the Corporation is committed to the ongoing improvement of its IT security program in order to eliminate that reportable condition. The most recent assessment by the GAO indicates that the FDIC has made significant progress in addressing previously identified weaknesses in information systems controls. The Corporation has substantially increased the resources devoted to IT security and will continue to appropriately address the constantly changing federal security requirements and the evolving needs of the FDIC.Business Continuity PlanningImprove our Emergency Preparedness Program and develop long-range goals_9bc76056-f3cd-4700-875d-9706c67e9ddd5.4After September 11, 2001, corporate business continuity planning was elevated to an enterprise-wide level and has undergone continuous improvements. Enterprise-wide business continuity planning is more than the recovery of the technology; it is the recovery of the business, regardless of the nature of the disruption. The FDIC has developed an Emergency Preparedness Program (EPP) that provides for the safety and security of its personnel through the Emergency Response Plan and ensures that its critical business functions remain operational during any emergency, following the guidelines of the Business Continuity Plan. During 2004, a number of initiatives were completed to strengthen the EPP, including conducting a business impact analysis (BIA) with all FDIC divisions and offices that resulted in enhanced planning for recovery of information technology and other critical business functions. During each year from 2005 through 2010, the FDIC plans similar initiatives to improve the EPP and develop long-range goals. In addition, the FDIC intends to expand its testing program to include more functional and “live” testing to ensure that every participant understands his/her responsibilities.Enterprise Risk ManagementEnhance our internal control and risk management program by adding an enterprise risk management focus_8e382a3a-bb29-47bd-80d5-e66333253c945.5The FDIC has traditionally had a strong internal control and risk management program that has contributed to the efficient and effective operation of the Corporation. Under the program, various sources of FDIC and industry information are analyzed to identify emerging internal control and risk-management issues. In addition, FDIC divisions and offices conduct scheduled internal control reviews in order to monitor risks and to verify that corrective actions have resolved any previously identified internal control weaknesses. During the period covered by this plan, the Corporation will enhance this program by adding an enterprise risk management focus. Another component contributing to the Corporation’s enterprise risk management program is the Office of Inspector General which is addressed in the following section.Office of Inspector GeneralAlign with the FDIC’s strategic goals and objectives and focus on adding value to FDIC programs and activities_061681c0-0536-4c0a-824e-86c52cc083a45.6The Office of Inspector General (OIG) is an independent office within the FDIC that was established under the Inspector General Act of 1978 and promotes the economy, efficiency, effectiveness and integrity of FDIC programs and activities. The OIG has developed a strategic plan that aligns with the FDIC’s strategic goals and objectives and focuses on adding value to FDIC programs and activities.2005-10-012010-09-302010-02-08http://www.fdic.gov/about/strategic/strategic/strategic_plan05_10.pdfArthurColman (www.drybridge.com)colman@drybridge.com