GAO said in a report published Wednesday that it discovered potential lapses on the authorization controls, boundary protection, identification and authentication capacity of the FDIC’s financial systems.
FDIC has established multiple information security controls in a push to defend its financial systems and the agency also implemented a comprehensive framework for the organization’s information security program.
The government watchdog agency noted that the FDIC was able to identify security categories for general support systems, evaluate control deficiency risks and conduct disaster recovery tests on its systems and applications.
GAO noted that FDIC must work to mitigate reported control deficiencies to protect sensitive financial information and resources from being disclosed, destroyed, misused or modified.