FDICís Approach to Data Sensitivity for Legacy Applications

February 27, 2004
Audit Report No. 04-011

Summary

This report presents the results of our evaluation of the FDICís approach to identifying and protecting sensitive data in legacy applications.

Generally, we concluded that the FDICís approach to identifying and protecting sensitive data in legacy applications was consistent with applicable federal standards for categorizing information and information systems. Further, the FDIC has actions underway to more closely align the existing policy and procedure used for determining the sensitivity of data in legacy applications with the applicable federal standards.

Recommendations

The report contained no recommendations.

Management Response

The FDIC had no comments on the report.

This report addresses issues associated with information security. Accordingly, we have not made nor we intend to make, public release of the specific contents of the report.



Last updated 03/19/2004