Doing Business With Federal Deposit Insurance Corp.

Full title: Chief information officer and director of division of information resources management



Took the job: November 2003



Hometown: Fairfax, Va.



Home now: Fairfax, Va.



Family: Wife, Susan; three children: Katie, 16; Chris, 14; Jenny, 12



Hobbies: Does some furniture refinishing. Has a "good size" home network, is involved with his children's sports


Currently reading: "Guns, Germs and Steel: The Fates of Human Societies" by Jared Diamond

Alma mater: Bachelor's degree in business and finance, Mount St. Mary's College and Seminary

WT: The agency's Web site states that part of your mission is to "maintain a stable and sound banking system." Has technology helped with this mission, and in what ways?

Bartell: One thing is for sure: we have several hundred applications systems in use at the FDIC. Everyone I've talked to, every office I've visited, I'm hard pressed to see where technology is not playing a roll in literally every aspect of our mission and day-to-day business processes. You really can't separate technology from anything that people do here. It's embedded in every aspect of our mission. It's critical, it is not a separate component or function within the agency. It's very much intertwined. In some cases it's helping, and in some cases there are some technology solutions that are not very effective and need attention.

WT: What concern is there regarding the security of this country's banking system against any terrorist attack?

Bartell: That's a huge concern and an area where we've put tremendous focus and energy, especially in the last year, both from an operations standpoint and a policy and procedures standpoint to make sure we have good, solid procedures. We do a number of things with the FDIC on security, things that we think are best practices.

We have a centralized IT security team. We also have a physical security team in a different division where we develop IT security policies and procedures. We have a number of operational security processes, such as managing firewalls and intrusion detection.

But we also have established procedures, where other aspects of our IT program are responsible for security, so it's not just centralized. Some of it's centralized, a lot of it is distributed, and then that security team also does compliance checks.

Patch management is a real issue for us, keeping our operating systems up to date. Microsoft may come out in any given week with three or four vulnerabilities and patches. Some of those are very critical as viruses are coming out all the time.

Trying to get those patches and systems updated on such a rapid timetable is a real challenge, not only for the FDIC but for everybody. We have a very aggressive patch management process. A quarter of our work force is examiners in the field, and they're mobile, and they're not connected to the FDIC network all the time. Trying to get them to connect so we can patch them is a real challenge for us.

WT: What is the biggest technology issue on your mind these days?

Bartell: Wireless is a concern for us. I consider wireless and security in the same area. Secure wireless is a challenge for everyone. We're not pursuing wireless too aggressively right now. We're waiting for wireless security to improve. But security is very important to us, and we feel we're making great improvements. But it's a constant. It's one of those things that keep you up nights thinking about it.

Enterprise architecture is one of our really important areas.

We're trying to make sure we don't develop systems and propose IT solutions that are random technically, that there is some form and shape, some structure and a plan that we adhere to, a common set of standards throughout the agency so that we're looking at IT solutions from an agency level, not an office-by-office level. [We're looking to] pick some key enabling standards and try to conform our solutions to those.

WT: Enterprise architecture is on the minds of a lot of CIOs I've spoken to lately. Many have cited it as one of their agency's goals.

Bartell: It should be. If EA is done properly, it ensures alignment between the work the IT shops are doing and the business needs. It starts with business needs and works its way down to applications, data and infrastructure. It's predicated on an alignment model, but more importantly, it shows you where there are gaps and overlaps in solutions, and where you have consistent and inconsistent technologies.

If you have all of that information about your systems, applications, business processes, infrastructure and so forth in a framework that you can look at, you can make better business decisions. By doing that, you're going to lower costs and improve efficiency. So we think that is a great decision tool as it matures.

I would say some of the biggest challenges going forward aren't necessarily technical ones. I think some of the biggest challenges we're facing in the IT area at FDIC are more enterprise management, managing our systems, trying to maximize capacity, trying to reduce costs, and, sort of a governance concern more than anything else, effective management of our IT resources. Budgets aren't getting bigger, and demand for more IT is growing. I think everyone is looking for technology to help do things better, faster and cheaper.

WT: What do you look for in companies with which you are thinking of doing business?

Bartell: I'm looking not so much for the technical expertise but rather the corporate culture, how they deal with their customers, what values they place on those relationships. Past success and performance, proven track records not only of producing good technical solutions but also innovative ones. Characteristics such as being able to produce solutions on time, being cost effective, concerned about quality, being able to produce solutions defect free, showing innovation, being motivated.

Those are characteristics of good companies, in my mind, and there are a lot of them out there.

WT: For a company that is new to working with the FDIC and has something to offer you, where is a good place to start?

Bartell: I read a lot, and I don't mind reading corporate prospectuses or capability statements, examples of past work they've done for other organizations, federal or private.

But I would much rather read about the company before I got a lot of phone calls. I simply don't have the time, and it's usually not an effective way to introduce each other. I would much prefer to get corporate capability statements in the mail. That's the best way, and if I see something interesting, I discuss it with the staff here to see if there is a fit, and then we'd make the call. We do that a lot.

WT: A year from now, where would you like to see FDIC's technology capabilities?

Bartell: We just completed a four-month, top to bottom, comprehensive IT program review. We had an outside consultant come in and help us look at our business processes, organizational structure, budget, infrastructure, applications, a whole lot of things and make some recommendations for improvement. ? We have a long list of suggestions that came from that study, and we are laying out an action plan for implementing a lot of changes. We'll be working on that for next year.

On the other end of those tasks, we will see a very different IT program that will be able to produce much better solutions, improved quality, more cost effectiveness. I think we will be more innovative. I wouldn't [point to] one thing technically, but I think we're going to be a much better run organization.

A lot has happened in the industry technically, and I think our organizational structure hasn't necessarily evolved with those changes.

So we're going to go through a major set of changes this year that will make us more efficient, better managed and more on top of our game. We want to become a strategic partner and more aligned with the divisions.