Summary

Pursuant to a congressional request, GAO reviewed Federal Information Resources Management Regulation (FIRMR) Bulletin C-22, which provides guidance to federal agencies on the security and privacy protection of federal computer resources. GAO noted that the guidance: (1) is intended for general use by federal agencies; (2) does not address the various types of sensitive information disclosure; and (3) does not address all the methods available for removing highly sensitive information from computers.