Treasury CIO Tackles Bank Bailout, Data Center Consolidation
Michael Duffy talks with InformationWeek about navigating the financial crisis, leading a government-wide data center consolidation effort, and managing Treasury's IT infrastructure.
The Department of Treasury has played a central role in working to pull the American economy out of the recession, perhaps most prominently by managing the bank bailout, the $700 billion Troubled Asset Relief Program.
The Department's CIO, Michael Duffy, has overseen the IT-related aspects of TARP while at the same time serving as a leader of a government-wide data center consolidation initiative and continuing work on major projects like replacing the Internal Revenue Service master taxpayer database. InformationWeek Government recently chatted with Duffy about the recession, data center consolidation, and Treasury's broader IT efforts.
InformationWeek Government: Can you give me a sense of the scope of Treasury's IT operations and your role as CIO at Treasury?
Treasury CIO Michael Duffy: We have an overall IT budget of a little over $3 billion. A substantial portion goes to fund IT at the Internal Revenue Service. We have several other organizations that also do quite a bit of data processing: our Bureau of Public Debt and our Financial Management Service are the next two in terms of size. Treasury IT needs span from high end transactional data processing -- whether it's tax returns, payments to beneficiaries, issuances of debt -- to IT that supports Treasury's currency and coin manufacturing environments, IT that supports our investigative offices, and then of course the meat and potatoes of office automation: e-mail, word processing, etcetera.
InformationWeek Government: How much of that is centralized?
Duffy: We run a consolidated wide-area network. We have a consolidated human resources system. We have a department-wide directory, and a department-wide public key infrastructure. Some of the administrative systems we run centrally, such as a database that we use to manage our FISMA requirements. We have also gradually moved the department toward a uniform suite of financial management systems. At the highest level, we have a central financial management system we use for the purposes of reporting general ledger information. For the bureau level, transactional financial management functions, we are striving towards two systems there.
InformationWeek Government: How would you classify your role?
Duffy: At the Department level, it's a combination of policy development, enforcement, and advocacy: everything from security policy to high-level policies on how to manage IT. We're in the midst of re-invigorating our enterprise architecture program, and initiatives like data center consolidation are integral to that, as is our initiative to deploy standardized identity management capabilities.
In the capital planning investment control arena, we collect project management information from the bureaus and the project managers, review that, and decide when and where there is a need for the department to engage with the bureaus. Key questions we ask include: "Is the project on track and on schedule?" and "Are there issues/opportunities we need to discuss about consolidation or some type of joint effort?" We perform these reviews during the development of the budget as well as after the budget's been approved and the projects are underway.
How Enterprises Are Attacking the IT Security EnterpriseTo learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
IT Strategies to Conquer the CloudChances are your organization is adopting cloud computing in one way or another -- or in multiple ways. Understanding the skills you need and how cloud affects IT operations and networking will help you adapt.