Raising Complaints – General
Reporting Security & Confidentiality
Tips & Best Practices
About EthicsPoint
What is EthicsPoint?
EthicsPoint is a comprehensive and confidential reporting tool created by NAVEX that enables complaints to be securely raised, managed and responded to.
Raising Complaints – General
What types of issues, situations or concerns should I report?
The EthicsPoint system allows complaints to be raised regarding:
- Membership and Certification status of an ASI Member
- Conduct of an ASI Member
- Accreditation status of an Audit Firm, Auditor or Registered Specialist (including ASI’s conduct)
- Conduct of an Audit Firm or Auditor relating to an audit
- Conduct of a Registered Specialist supporting a Member or an audit team
- Conduct of ASI with regard to its assurance process, governance, rules and policies
- Conduct of individual(s) involved in ASI management or governance (including the ASI Board)
- Any other matter, the resolution of which, ASI considers is a matter that ASI should become involved in.
If I see a problem, shouldn't I just report it to my manager, the relevant company, or an ASI contact and let them deal with it?
Prior to submitting a complaint, you are encouraged to make reasonable attempts to resolve their complaint at the lowest and most appropriate level. Where possible, this includes raising the complaint directly with the organisation or person subject to the complaint, and giving them an opportunity to respond and/or rectify the situation. We recognize, however, that there may be circumstances when you are not comfortable reporting the issue in this manner. It is for such circumstances that we have partnered with NAVEX. We would rather you report anonymously than keep the information to yourself.
Does ASI really want me to raise concerns?
We certainly do. You may have initial knowledge of an activity that may be cause for concern. Your reporting can minimize the potential negative or ongoing impact of this, and provide opportunities for it to be addressed and improved.
Where do these reports go? Who can access them?
Reports are entered directly on the EthicsPoint secure server. NAVEX makes these reports available only to specific individuals within ASI who are charged with evaluating the report. Each of these report recipients has had training in keeping these reports in the utmost confidence.
What will happen to my complaint?
Every Complaint submitted to ASI will be carefully reviewed and responded to. In general terms, there are a range of possible outcomes of submitting a complaint:
- A Complaint may not be within the scope of the ASI Complaints Mechanism; or
- Where a Complaint is within scope, it follows the ASI’s published procedures which may result in one or more of the following:
- The matter may be resolved through dialogue or mediation
- ASI may decide in favour or against the person making the complaint
- The matter may be required to be considered as part of the next scheduled audit
- Corrective action may be undertaken by the Respondent, either voluntarily or as required by a determination made under the complaints process
- Disciplinary procedures may be initiated and sanctions may be applied, which can include loss of ASI Certification and/or Membership for ASI Members, or loss of ASI Accreditation for Auditors
- If the decision involves a loss of ASI membership or certification, or serious harm to people, it can be appealed against
What complaints have been made so far?
Where agreed by the parties, tracking of Complaints under investigation will be available on the ASI website, including a summary of the issue(s), the steps and processes underway/used to resolve the Complaint, and the outcome(s) reached. The ASI Board will be kept updated on Complaints in process, including recommendations from the ASI Complaints Officer, an Assessor or the Indigenous Peoples Advisory Forum for addressing these.
Reporting Security & Confidentiality
Will server logs or cookies identify me as the report originator?
NAVEX does not generate or maintain any internal connection logs with IP addresses, so no information linking your PC or mobile to EthicsPoint is available.
I am concerned that the information I provide EthicsPoint will ultimately reveal my identity. How can you assure me that will not happen?
The EthicsPoint system protects your anonymity. However, if you wish to remain anonymous, you - as a reporting party - need to ensure that the body of the report does not reveal your identity by accident. For example, “From my previous email on…” or “In my role as…”.
What if I want to be identified with my report?
There is a section in the report to identify yourself, if you wish.
Tips & Best Practices
I am not sure if I should raise a complaint, but it just does not look right to me. What should I do?
File a report. NAVEX can help you prepare and file your report so it can be properly understood. We'd rather you report a situation that turns out to be harmless than let possible problems go unchecked.
What if my boss or other managers are involved? Won’t they get the complaint and start a cover-up?
The EthicsPoint system and report distribution ensure that implicated parties are not notified or granted access to reports in which they have been named.
What if I remember something important after I file the complaint? Or what if ASI has further questions for me?
When you file a report at the EthicsPoint website, you receive a unique, randomized number called a “Report Key” and are asked to choose a password. You can return to the EthicsPoint system again and access the original report to add more detail or answer questions posed by ASI. We strongly suggest that you return to the site in the time specified to answer ASI questions. You and ASI have now entered into an “anonymous dialogue,” to work through and resolve the complaint.
Are these follow-ups on reports as secure as the first one?
All EthicsPoint correspondences are held in the same strict confidence as the initial report, continuing under the umbrella of anonymity.
What if I lose my Report Key or forget the Password I created?
To ensure that security and confidentiality is maintained, if you lose your report key or password, you will need to file a new report. Mention in the new report that it is related to a report or question you previously submitted.