FDIC’s Approach to Data Sensitivity for Legacy Applications
February 27, 2004
Audit Report No. 04-011
Summary
This report presents the results of our evaluation of the FDIC’s approach to identifying and protecting sensitive data in legacy applications.
Generally, we concluded that the FDIC’s approach to identifying and protecting sensitive data in legacy applications was consistent with applicable federal standards for categorizing information and information systems. Further, the FDIC has actions underway to more closely align the existing policy and procedure used for determining the sensitivity of data in legacy applications with the applicable federal standards.
Recommendations
The report contained no recommendations.
Management Response
The FDIC had no comments on the report.
This report addresses issues associated with information security. Accordingly, we have not made
nor we intend to make, public release of the specific contents of the report.
|