32 CFR 701.124 - PA self assessments/inspections.
(a) Self assessments. DON activities are encouraged to conduct annual self-assessments of their PA program. This serves to identify strengths and weaknesses and to determine training needs of personnel who work with privacy records/information. A PA self-assessment evaluation form is provided at http://www.privacy.navy.mil (Administrative Tools) for use in measuring compliance with the PA.
(b) Inspections. During internal inspections, DON inspectors shall be alert for compliance with this instruction and for managerial, administrative, and operational problems associated with the implementation of the DON's PA program.
(1) DON inspectors shall document their findings in official reports furnished to the responsible DON officials. These reports, when appropriate, shall reflect overall assets of the activity's PA program inspected, or portion thereof, identify deficiencies, irregularities, and significant problems. Also document remedial actions taken to correct problems identified.
(2) Inspection reports and follow-up reports shall be maintained in accordance with established records disposition standards (see SECNAVINST 5210.8D). These reports shall be made available to PA program officials and to CNO (DNS-36)/CMC (ARSF) respectively.
(c) Retention of reports. Retain staff visit reports and follow-up reports per established records disposition standards contained in SECNAVINST 5210.8D. Retain self-assessment reports until the next self-assessment is completed. Make these reports available, upon request, to CNO (DNS-36) or CMC (ARSF).