My first GLBA/Privacy Audit is nearing and I have yet to find a good set of workpapers. Does anyone have a set they would be willing to share?

If so please e-mail to rrussell@denalistatebank.com

Thanks!

I have an OTS compliance exam coming up and what they ask for is:
Sample initial notice
Sample initial and annual notices
Notice to existing customers
If using a short form, a copy of the long form of notice provided upon request
Any separately provided opt-out notice and procedures for providing it.

I would also include evidence of Board approval, I think the board had to designate a responsible officer and you should check whether everyone was trained on the privacy program. Oh, don't forget information security.

Just my thoughts - I don't have any workpapers yet either.

Our bank was just examined by the FDIC. They did not look at disclosures however did make suggestions about having a formal program, risk assessment, annual testing, annual reporting. There is a work progam covering these areas Auditnet GLBA and some great information on BOL BOL Security Tools and the OCC has published examination procedures OCC 2001-35

The OCC has issued a small bank compliance guide for Privacy. You can find it on their website.

I've tried to find this guide on the OCC site without success. Can you provide a link or describe how to get to it?

Try here. It is under the 2001 News Releases.

Thanks, Ron.