Saturday, February 4, 2012
By John Kyriazoglou*
This is complemented by Business Ethics Policy Example and Business Fraud Management Checklist. See my blog: http://businessmanagementcontrols.blogspot.com/
1. Does the organization have an ethics policy?
Consider: Formal approval process and contents: Guidance should be provided on how to handle issues such as, conflict of interest, gratuities and gifts, outside employment, contacts with external parties, confidentiality of information, personal obligations and commitments, etc., on the principles of fairness, openness, trust, integrity, responsibility, and mutual respect. Inclusion of the ethics and anti-fraud policy statements
2. Does the organization have a meaningful anti-fraud policy statement?
Consider: Instructions should be provided on how to manage potential fraud issues in vendor relationships and competitors, making illicit proposals and payments to get sales and contracts, proper maintenance of corporate books, systems and records, and effective management and control of corporate assets.
3. Does the organization have an ethics office and is it properly established?
Consider: Office space and computer facilities, ethics officer, support staff, ethics incidents register, office for confidential discussions and conference room.
4. Has a communication plan for ethics been formulated, approved and executed?
5. Has a training plan for ethics been formulated, approved and executed?
Consider: Budget, issues covered, attendance by all staff (Board, Executives, Managers, Employees).
6. Is an ethics culture apparent at all levels of the organization?
Consider: Behaviour of Board Members, Executives, Managers, Employees, existence of an open style of communication, a positive work environment, the procedure for getting ethics advice, the operation of an ethics hot line, the procedure for resolution of conflict, incident investigation process, etc.
7. Is an anti-fraud ethics culture apparent at all levels of the organization?
Consider: Strong commitment of Board Members, Executives, Managers, and Employees with the vision, mission and values of the organization, anti-fraud policy statement, compliance issues for ethics and fraud, and commercial crime prevention techniques.
8. Are all of the major players -- including stakeholders, shareholders, management, employees, customers, key suppliers, etc. participating?
9. Is there meaningful participation by board members at all stages?
10. Is a strong management committee in place to manage policy development and implementation?
11. Does the industry have a good record of similar initiatives in the past?
12. Are the organization leaders demonstrating strong commitment?
13. Have the background conditions and motivations been clearly identified?
14. Are the policy proponents inviting meaningful third-party representation and involvement by consumer groups, other standard-setting bodies, and are they prepared to pay for this involvement?
15. Are the processes for developing and implementing the policy open and transparent?
16. Is there a clear articulation and understanding of the rights and responsibilities of all stakeholders?
17. Is there clear evidence that the policy will promote the corporate interest in areas such as confidentiality, fraud protection, conflict of interest, and other ethics concerns?
18. Does the policy include effective complaints-handling and redress mechanisms accessible to everyone, effective programs to inform consumers and the public, and an evaluation framework to track progress and provide credible evidence of success and failure?
19. Will a reputable third party regularly monitor the policy?
20. Does the policy have the capacity to mature through time and respond to new learning and developments?
John Kyriazoglou, CICA, B.A(Hon), is an International IT and Management Consultant, author of the book ‘IT STRATEGIC & OPERATIONAL CONTROLS’ (published in 2010 by www.itgovernance.co.uk), and co-author of the book CORPORATE CONTROLS’ ( to be published in 2/2012 by www.theiic.org), with Dr. F. Nasuti and Dr. C. Kyriazoglou.
Blogs:Articles, Opinions, etc.: http://businessmanagementcontrols.blogspot.com/