Skip to main content
U.S. flag
An official website of the United States government
Dot gov
The .gov means it’s official.
Federal government websites often end in .gov or .mil. Before sharing sensitive information, make sure you’re on a federal government site.
The site is secure.
The https:// ensures that you are connecting to the official website and that any information you provide is encrypted and transmitted securely.
This page is no longer active. Its content has expired or been rescinded by the FDIC.
Financial Institution Letter

Uniform Rating System for Information Technology

SUBJECT: FFIEC Adopts Updated Uniform Rating System for Information Technology

The Federal Financial Institutions Examination Council's (FFIEC) Task Force on Supervision adopted the attached Uniform Rating System for Information Technology (URSIT). The updated statement replaces the 1978 Uniform Interagency Rating System for Data Processing Operations.

The URSIT is an internal rating system used by federal and state regulators for assessing the safety and soundness of information technology in financial institutions, and service providers that furnish these services to financial institutions. The URSIT reflects changes in the data processing services industry and in supervisory policies and procedures since the rating system was first adopted in 1978.

The primary changes include:

  • Conformance to the language and tone of the rating definitions of the Uniform Financial Institution Rating System (UFIRS), commonly referred to as the CAMELS rating system (see FIL-105-96);

  • Reformatting and clarification of the component rating descriptions;

  • Emphasis on the quality of risk-management processes in each of the rating components;

  • The addition of two new component categories, Development and Acquisition, and Support and Delivery, as replacements for Systems Development and Programming, and Operations; and

  • Explicit identification of the type of risks that are considered in assigning component ratings.

The FDIC's Division of Supervision has instructed its examiners to begin using the URSIT rating system for all Information Systems examinations started on or after April 1, 1999.

For further information, please contact your Division of Supervision Regional Office or Stephen A. White, Review Examiner (Information Systems) in the Division of Supervision, at (202) 898-6923.

James L. Sexton

Attachment : Federal Register, January 20, 1999, pages 3109-3116

Distribution: FDIC-Supervised Banks (Commercial and Savings)

NOTE: Paper copies of FDIC financial institution letters may be obtained through the FDIC's Public Information Center, 801 17th Street NW, Room 100, Washington, DC 20434 (800-276-6003 or (703) 562-2200).

Last Updated: February 5, 1999