While I don't have a template for you to follow, this guidance from the FDIC (https://www.fdic.gov/system/files/2024-07/siwinter09-article3.pdf) outlines the goals, as outlined in updated interagency guidance (https://www.ecfr.gov/current/title-16/chapter-I/subchapter-C/part-314), and common gaps examiners see when reviewing customer information risk assessments, which may provide additional guidance for you, if you've not reviewed it. I'm interested in what other members may comment, as every FI should be performing this step as a basis for protecting customer information.
Original Message:
Sent: 08-02-2024 08:13 PM
From: Anonymous Member
Subject: Customer Information Risk Assessment
This message was posted by a user wishing to remain anonymous
Hi,
I have been tasked with completing my institution's Customer Information Risk Assessment (GLBA). The one that is currently in place is fairly basic and does not have much besides the threat, probability, impact, controls. Does anyone have a template they would be willing to share that might be more thorough?
Thanks!