FDICís Approach to Data Sensitivity for Legacy Applications
February 27, 2004
Audit Report No. 04-011
This report presents the results of our evaluation of the FDICís approach to identifying and protecting sensitive data in legacy applications.
Generally, we concluded that the FDICís approach to identifying and protecting sensitive data in legacy applications was consistent with applicable federal standards for categorizing information and information systems. Further, the FDIC has actions underway to more closely align the existing policy and procedure used for determining the sensitivity of data in legacy applications with the applicable federal standards.
The report contained no recommendations.
The FDIC had no comments on the report.
This report addresses issues associated with information security. Accordingly, we have not made
nor we intend to make, public release of the specific contents of the report.