FDIC Information Technology Strategic Plan: 2017 - 2020: Appendix A - Glossary

Application Programming Interface (API)

A set of routines, protocols, and tools for building software applications. An API specifies how software components should interact and APIs are used when programming graphical user interface (GUI) components. APIs makes it easier to develop a program by providing the building blocks. (Source: http://www.webopedia.com/TERM/A/API.html)

Authoritative Data

Officially recognized data that can be certified and provided by an authoritative source. Authoritative Data Source (ADS) is an information technology (IT) term system designers use to identify a system process that ensures the veracity of data sources when a database is created. (Source: http://www.IAAO.org)

Cloud Computing

Cloud computing is defined by the National Institute of Standards and Technology (NIST) as “a model for enabling convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction. (Source: Federal Cloud Computing Strategy, February 8, 2011)

Cloud First

Federal policy intended to accelerate the pace at which the government will realize the value of cloud computing by requiring agencies to evaluate safe, secure cloud computing options before making any new investments. (Source: Federal Cloud Computing Strategy, February 8, 2011)

Cloud Native

A cloud native application is simply an application designed from its inception to leverage cloud-computing technologies and run in a cloud environment.

Cloud Service Broker (CSB)

In general, CSBs are intended to provide technology that ensures interoperability of public and private cloud services, as well as provide common management, governance, and security services (in some cases). (Source: http://www.infoworld.com/)

Continuous Availability

The infrastructure (or the applications running on it) cannot be interrupted at all. Essentially, there is no allowance for any outage, either unplanned or planned This availability level is often referred to as the "Five 9s" or 99.999% availability, which translates into just over 5 minutes per year of planned or unplanned outages in total. (Source: http://www.ibm.com/developerworks/websphere/techjournal)

Customer Relationship Management (CRM)

A business strategy that optimizes revenue and profitability while promoting customer satisfaction and loyalty. CRM technologies enable strategy, and identify and manage customer relationships, in person or virtually. CRM software provides functionality to companies in four segments: sales, marketing, customer service and digital commerce. (Source: http://www.gartner.com/it-glossary/customer-relationship-management-crm)

Data Loss Prevention (DLP)

A strategy for making sure that end users do not send sensitive or critical information outside the corporate network. The term is also used to describe software products that help a network administrator control what data end users can transfer. (Source: http://whatis.techtarget.com/definition/data-loss-prevention-DLP)

Deposit Insurance Fund (DIF)

The primary purposes of the DIF are: (1) to insure the deposits and protect the depositors of insured banks and (2) to resolve failed banks. The DIF is funded mainly through quarterly assessments on insured banks, but also receives interest income on its securities. The DIF is reduced by loss provisions associated with failed banks and by FDIC operating expenses. (Source: https://www.fdic.gov/deposit/insurance/)

Enterprise Architecture (EA)

Is a discipline for proactively and holistically leading enterprise responses to disruptive forces by identifying and analyzing the execution of change toward desired business vision and outcomes. (Source: http://www.gartner.com/it-glossary/enterprise-architecture-ea/)

Enterprise Data Warehouse (EDW)

A storage architecture designed to hold data extracted from transaction systems, operational data stores and external sources. The warehouse then combines that data in an aggregate, summary form suitable for enterprise-wide data analysis and reporting for predefined business needs. (Source: http://www.gartner.com)

Federal Financial Institutions Examination Coun-cil (FFIEC)

The Federal Financial Institutions Examination Council (FFIEC) was established on March 10, 1979, pursuant to title X of the Financial Institutions Regulatory and Interest Rate Control Act of 1978 (FIRA), Public Law 95-630. The Council is a formal inter-agency body empowered to prescribe uniform principles, standards, and report forms for the federal examination of financial institutions by the Board of Governors of the Federal Reserve System (FRB), the Federal Deposit Insurance Corporation (FDIC), the National Credit Union Administration (NCUA), the Office of the Comptroller of the Currency (OCC), and the Consumer Financial Protection Bureau (CFPB) and to make recommendations to promote uniformity in the supervision of financial institutions. (Source: https://www.ffiec.gov/about.htm)

Federal Information Security Modernization Act (FISMA)

Updates the federal government's cybersecurity practices by -- codifying Department of Homeland Security (DHS) authority to administer the implementation of information security policies for non-national security federal Executive Branch systems, including providing technical assistance and deploying technologies to such systems; amending and clarifying the Office of Management and Budget's (OMB) oversight authority over federal agency information security practices; and by requiring OMB to amend or revise OMB A-130 to "eliminate inefficient and wasteful reporting." (Source: https://www.dhs.gov/fisma)

Federal Risk and Authorization Management Pro-gram (FedRAMP)

A government-wide program established in 2011 to provide a standardized approach to security assessment, authorization, and continuous monitoring for cloud products and services. (Source: https://www.fedramp.gov)

Full-time equivalent (FTE)

Equivalent to one employee working full-time

Insured Depository Institution (IDI)

Any depository institution whose deposits are insured pursuant to the Federal Deposit Insurance Act (12 U.S.C. 1811 et seq.), including a foreign bank having an insured branch. (Source: CFR-2012-title12-vol5-part330)

Mission Essential Functions (MEFs)

A broader set of essential functions that organizations must continue throughout or resume rapidly after a disruption of normal activities. MEFs are those functions that enable an organization to provide vital services, exercise civil authority, maintain the safety of the public, and sustain the industrial/economic base. (Source: Continuity Guidance Circular 2 (CGC 2), FEMA P-789, October 2013)

Mobile Device Management (MDM)

Is the administrative area dealing with deploying, securing, monitoring, integrating and managing mobile devices, such as smartphones, tablets and laptops, in the workplace. The intent of MDM is to optimize the functionality and security of mobile devices within the enterprise, while simultaneously protecting the corporate network. (Source: http://searchmobilecomputing.techtarget.com)

Multi-factor Authentication (MFA)

A security system that requires more than one method of authentication (process of determining whether someone or something is, in fact, who or what it is declared to be) from independent categories of credentials to verify the user’s identity for a login or other transaction. (Source: http://searchsecurity.techtarget.com/definition)

National Institute of Standards and Technology (NIST) Cybersecurity Framework

Provides a structure that organizations, regulators and customers can use to create, guide, assess or improve comprehensive cybersecurity programs. Developed in response to Executive Order 13636: Improving Critical Infrastructure Cybersecurity, which called for the development of a voluntary, risk-based Cybersecurity Framework—a set of existing standards, guidelines and practices to help organizations manage cyber risks. (Source: https://www.nist.gov)

Personal Identity Verification (PIV) Card

Adopted as the standard credential for federal employees and contractors for access to federal information systems and federally controlled facilities, as driven by Homeland Security Presidential Directive 12 (HSPD-12). (Source: https://www.idmanagement.gov)

Platform-independent

Software that can run on a variety of hardware platforms or software architectures. Platform-independent software can be used in many different environments, requiring less planning and translation across an enterprise. For example, the Java programming language was designed to run on multiple types of hardware and multiple operating systems. If Java platform independence becomes a reality, organizations with multiple types of computers will be able to write a specialized application once and have it be used by virtually everyone, rather than having to write, distribute and maintain multiple versions of the same program. (Source: http://www.gartner.com/it-glossary/platform-independent) Presidential Policy Directive/PPD 40 This directive is the comprehensive national policy on the conti-nuity of Federal Government programs, capabilities, and opera-tions.

Presidential Policy Directive/PPD 40

This directive is the comprehensive national policy on the conti-nuity of Federal Government programs, capabilities, and opera-tions.

Security Perimeter

The boundary of necessary safeguards placed at the border of a privately owned network to secure it from intruders. (Source: http://study.com/academy/lesson)

Use the .PDF file for a Printable version.
FDIC Information Technology Strategic Plan: 2017-2020 - PDF 2,889KB (PDF Help)