A closer look at the A in AIO

A couple of weeks ago we blogged about the Federal Financial Institutions Examination Council’s (FFIEC) recently issued Architecture, Infrastructure, and Operations (AIO) booklet. Because of the length of the booklet, the blog examined how the new AIO Booklet differed from the Operations booklet, which was retired after being around since 2004, without getting into too much detail. Today’s blog will take a closer look at what architecture means and FFIEC’s expectations for managing risk associated with architecture.

What is Architecture?

The AIO booklet explains what FFIEC means when it refers to architecture:

“Architecture refers to the manner in which the strategic design of the hardware and software infrastructure components (e.g., devices, systems, and networks) are organized and integrated to achieve and support the entity’s business objectives. Planning and designing an effective IT architecture facilitate management’s ability to implement infrastructure that aligns with the entity’s strategic goals and business objectives.”


continue reading »