Skip to content
BOL Conferences
Thread Options
#80978 - 05/16/03 03:00 PM GLBA Workpapers
Anonymous
Unregistered

Does anyone have a set of workpapers for GLBA, Privacy Audit, that they can share with me. I am regulated by FDIC and would like to review some sample workpapers so I may develop a set for our bank. Thank you....John....

Return to Top
Audit
#80979 - 05/16/03 03:05 PM Re: GLBA Workpapers
SkyDiver Offline
Gold Star
SkyDiver
Joined: Jul 2002
Posts: 274
Northeast
The FDIC privacy examination procedures are good for your audit program/workpapers. They are available on the FDIC website.

Return to Top
#80980 - 05/16/03 05:37 PM Re: GLBA Workpapers
Lawrence T. Levine Offline
Junior Member
Lawrence T. Levine
Joined: May 2003
Posts: 37
Troy, VA
Have a look at:

The new IT-MERIT Procedure -
http://www.fdic.gov/news/news/financial/2002/FIL02118.html
Note the two links on the bottom of the page.

Also - http://www.ffiec.gov/ffiecinfobase/html_pages/it_01.html is the most recent FFIEC IT Security Workprogram.

Hope these help...


_________________________
Lawrence T. Levine Managing Director SecurePipe, Inc. Direct: 4342932454 www.SecurePipe.com

Return to Top
#80981 - 05/16/03 06:15 PM Re: GLBA Workpapers
Anonymous
Unregistered

Thanks for the information. It is overwhelming to say the least. I did not know that auditors had to be computer systems gurus also. I wonder if I am the only one who does not speak "systems" and is lost as a goose?

Return to Top
#80982 - 05/16/03 06:31 PM Re: GLBA Workpapers
rexinaudit Offline
Gold Star
rexinaudit
Joined: Dec 2001
Posts: 292
New England
Be aware that the examiners' privacy program may not cover all the bases for GLBA information security requirements. These are related but not identical issues.
_________________________
My opinions are not legal advice, not my employer's, and may change anytime.

Return to Top
#80983 - 05/16/03 10:52 PM Re: GLBA Workpapers
complyguy Offline
Gold Star
complyguy
Joined: May 2001
Posts: 494
PA
Quote:

Be aware that the examiners' privacy program may not cover all the bases for GLBA information security requirements. These are related but not identical issues.




Our recent OCC audit included privacy, but did not include information security.

Return to Top
#80984 - 05/19/03 04:50 PM Re: GLBA Workpapers
Patsy Cline Offline
Diamond Poster
Patsy Cline
Joined: Sep 2002
Posts: 1,117
On the road...
How recent was your exam? Did they check your third party contract/agreements for the privacy and information security clauses?
_________________________
Michelle CRCM

"What would you attempt to do if you knew you could not fail?" ~ unknown


Return to Top
#80985 - 05/30/03 05:50 AM Re: GLBA Workpapers
Princess Romeo Offline

Power Poster
Princess Romeo
Joined: Jun 2001
Posts: 8,272
Where the heart is
The Privacy Exam procedures are completely separate from the Information Security exam procedures.

I don't know how the division is split among OCC examiners, but FDIC has Safety and Soundness review Information Security, and Compliance reviews Privacy.
_________________________
CRCM,CAMS
Regulations are a poor substitute for ethics.
Just sayin'

Return to Top

Moderator:  Andy_Z