Handbook of Operating Procedures · 3 February 2011 Introduction Trust and integrity are critical...
Transcript of Handbook of Operating Procedures · 3 February 2011 Introduction Trust and integrity are critical...
1
Handbook
of
Operating Procedures
for the use of IFIA Member Companies
providing Social Auditing Services
2
IFIA Handbook of Operating Procedures: Social Auditing Services
Table of Contents
Page
Introduction....................................................................................................3
1. IFIA Basic CSR Audit Integrity Guidelines..........................................4 – 6 2. IFIA Guidelines – CSR Auditor Training.............................................7 – 12
3. Integrity Presentation..........................................................................13 – 16
4. IFIA Compliance Code........................................................................17 – 21
3
February 2011
Introduction
Trust and integrity are critical components of IFIA members’ brand equity. In order to
protect this in the market of social auditing, the IFIA members delivering this service
have agreed to implement common operating procedures designed to underpin the
integrity of the service. This has resulted in development of the following suite of
documents.
These documents outline working procedures that support the provision of Social
Auditing services. They do not detract from, or take precedence over, any legal or
contractual duties undertaken by the IFIA member company, and IFIA accepts no
responsibility for acts or omissions of members or others who may make use of the
Procedures.
1. The Basic CSR Audit Integrity Guidelines set out the basic parameters of
an IFIA Audit and should be communicated to all clients.
2. The CSR Auditor Training Guidelines should be used when establishing a
training programme.
3. The Integrity Presentation is for use with employees, customers and other
stakeholders and sets out the basics of IFIA members’ integrity compliance
programmes.
4. The IFIA Compliance Code is a requirement of IFIA membership and all IFIA
member companies must abide by it (the full Code is available at www.ifia-
federation.org).
Supporting Operating Procedures (Please note, these are not publicly available)
Annex A: Standard letter to clients
Annex B: the Factory Integrity Acknowledgment for use on arrival at an inspection or audit
Annex C: the Factory Integrity Declaration Form for use on departure from an inspection or audit
Annex D: the Employee Integrity Declaration Form for use if non-compliant behaviour is detected
Annex E: the Company Standard Letter: Factory Integrity Non Compliance for use where non-compliance of the subject company has been detected during an inspection or audit
Annex F: the Integrity Complaint Form for use where a complaint has been made against an IFIA member inspector or auditor
Annex G: the Recommendation Letter for use with all company leavers of good standing
4
IFIA Basic CSR Audit Integrity Guidelines
The following IFIA Member companies, as listed below
Bureau Veritas
Intertek
SGS and
TÜV Rheinland,
have all commited to have procedures in place to manage and govern the Integrity Compliance of CSR Audits process. These procedures cover the following three intents:
Intent 1: Integrity Compliance Measures
Intent 2: Integrity Non Compliance Reporting
Intent 3: Integrity Complaint and Investigation
Intent 1: Integrity Compliance Measures
XYZ Company Factory Integrity Acknowledgment and Declaration Form: The Acknowledgment and Declaration Form are issued to factories every time an XYZ Company employee executes a CSR Audit service. This acknowledgment and declaration stipulate XYZ Company’s policy on integrity. The XYZ Company employee on arrival presents the acknowledgment and declaration. We ask suppliers to read it, understand it, sign it and adhere to it. The intent of this acknowledgment and declaration is to get the factories commitment to abide by the IFIA and XYZ Company policy, be honest in their declaration and not to provide benefits to our employees. Should the need arise; suppliers should contact the XYZ Company Compliance Team for raising concerns over the conduct of our employees. Random Factory Telephone Follow-up Calls: Random telephone calls shall be conducted in selected countries based on our risk assessment. The objective of these activities is to:
Provide surveillance and effective implementation of the XYZ Company Integrity Compliance Program.
Monitor the performance and integrity conduct of XYZ Company employees and the factory
Re-enforce and educate factories on the XYZ Company Integrity Compliance Policy and
Provide an avenue for factories to report and comment on the performance of XYZ Company employees
Unannounced or Surprise Onsite Integrity Audit – These shall be done to verify the Integrity performance of the auditor against the XYZ Company Compliance Procedures.
Mystery Audits – An approved Mystery Auditor will be sent to the factory to conduct a normal Audit which is unknown to the factory. The auditor will observe the integrity practices of the factories. Factories observed colluding to offer or give benefits to the XYZ Company representative shall be reported to the clients.
5
The purpose of this activity is to understand what is happening in the industry and provide a strong deterrent against non-complying factories that give benefits and do not follow the intent and spirit of the XYZ Company Factory Integrity Declaration policy.
Compliance Education: All XYZ Company employees sign a code of conduct and are trained and inducted on our Integrity and Bribery Policy when they join the organization. In addition to this standard training, all auditors are re-trained and inducted AT LEAST once every year.
Intent 2: Integrity Non Compliance Reporting
Specific guidelines have been developed to handle Integrity Non Compliance cases to ensure a formal and fact based investigation can take place.
Intent 3: Integrity Complaint and Investigation
All IFIA Members shall have a formal Integrity Complaint Handling Procedure to ensure that all investigations are conducted in an impartial manner and based on facts and evidence. In order to achieve this IFIA Members have adopted the IFIA Member Integrity Complaint Form in order to collect the necessary information for a fact based investigation.
IFIA Integrity Compliance Program
• Trust & Integrity are critical components of IFIA members’ brand equity
• We will not tolerate breaches of our Integrity Compliance policy which provides the basis for honesty & transparency
• IFIA Members regard a facilitator, a receiver and a giver of a bribe or benefit equally guilty through association of such transaction
• Integrity issues must be managed by all parties in the supply chain
Integrity Basics – Program Pre-requisites
• Human Resources
– Recruitment check & background screening between IFIA members
– Check previous employer and industry network for Integrity
– Integrity Induction Training
• Culture
– Code of Conduct signed by all employees
– Zero Tolerance policy
• Independence
– Dedicated Compliance & Risk Management team independent from daily operations
• Effective Implementation & Rules
– Integrity Compliance Handling Procedure
6
– Job scheduled – Independent & Rotational based on Skills and Competency matrix
– Final findings and reports are NOT issued and concluded by Inspectors or Auditors
– All findings MUST have objective evidence. Factories are able to challenge results.
IFIA Member Integrity - Golden Rules
• Compliance to IFIA Integrity Policy guidelines is the responsibility of everyone in the supply chain
• IFIA members views all parties guilty of non compliance irrespective whether facilitator, giver or receiver of benefits
• Individuals are duty bound by the Codes of Conduct and declarations they sign.
• IFIA members company employees MUST never collude, demand, request or be involved in a facilitation payment, bribe, gift or benefit.
• Factories should NEVER under any circumstances give in to requests for benefits or payments from inspectors or auditors
• IFIA member employees MUST never ask for money, benefits or gifts
• All meals and travel benefits provided for whatever reason must be declared for full transparency purposes.
• Factories must not offer to give benefits
• If clients or suppliers have any doubt or concerns with any suspicious demands and integrity behaviour, please contact XYZ Compliance hotline or the contact details provided in the IFIA member Factory Integrity declaration form WITHOUT DELAY
IFIA Guidelines - Key Integrity Tools
• Letter to client for introducing IFIA Member Integrity Compliance procedure
• Compliance Education
• IFIA Factory Integrity Acknowledgment and Declaration Form
• Telephone Audit
• On-site Integrity Audit
• Mystery Audit
• Employee Integrity Declaration Form
• Letter to customer to report factory integrity non compliance issue
• IFIA Member Integrity Complaint Form
• Compliance Investigation process
7
IFIA Guidelines for Corporate Social
Responsibility (CSR) Auditor Training
8
TABLE OF CONTENTS
1. About International Federation of Inspection Agencies (IFIA)………...9
2. IFIA Auditor Training Guidelines Overview………………..……………...9 - 12
2.1 Aims………………………………………………………………………………….…..9
2.2 Training Plan and Training / Assessment Objectives………….……………………9 - 11
2.3 Qualification Criteria……………………………………………………………..........11 - 12
9
1. About The International Federation of Inspection Agencies (IFIA)
Founded in 1982, IFIA – the International Federation of Inspection Agencies – is the trade association for inspection agencies and other organisations that provide inspection, testing and certification services, internationally. IFIA currently represents around 40 of the world’s leading international testing, inspection and certification bodies. These have a combined workforce of over 160,000 employees. One of the requirements for IFIA membership is that each member company has to implement a Compliance Programme throughout its organisation that is approved by IFIA as meeting all the requirements of IFIA’s Compliance Code. This Code addresses:
Integrity
Conflicts of interest
Confidentiality
Anti-bribery
Fair marketing
The operation of each member company’s Compliance Programme is subject to annual external
audit, the results of which are submitted to IFIA.
2. IFIA Auditor Training Guidelines Overview
2.1 Aims of the Training Guidelines
The IFIA Guidelines for CSR Auditor Training is designed to ensure participants achieve the required skills and knowledge in order to conduct independent CSR audits against predefined requirements.
The aims of the Training Guidelines are to:
Establish a standard training curriculum that can be executed globally and consistently;
Establish a relevant criteria for CSR auditors from IFIA members to ensure that CSR audits are carried out effectively, uniformly and to a high industry standard;
Ensure that CSR auditors from IFIA members are competent to conduct CSR audits based on predefined requirements;
Assess the ability of a CSR auditor against the criteria defined herein.
2.2 Training Plan and Training / Assessment Objectives
2.2.1 Training MUST have a mechanism which defines
1) Training Plan
2) Training Objectives
3) Test and Evaluation mechanism for qualification
4) Periodic evaluation and continuous education process to ensure qualifications remain relevant
5) Maintenance of training records files for auditors
2.2.2 The IFIA CSR Auditor Training Guideline is composed of two parts
Part I – Classroom Training
Part II – On-site Practical Job Training
10
2.2.3 Part I – Classroom Training
CSR Audit Introduction
i. Definition State the definition of CSR audit
ii. Obtaining object evidence Describe the main methods of obtaining objective evidence in a CSR audit:
Management Interview Employee Interview Document & Record Review Factory Tour
iii. Audit criteria / standards List common CSR audit criteria / standards:
Local Regulation and Laws Typical CSR audit schemes (BSCI, ICTI, etc)
iv. COC elements List the typical CSR COC elements and define each:
Child labour Involuntary labour Coercion and Harassment Non-discrimination Association Health and Safety Working Hours Wages and Benefits Protection of the Environment Subcontracting Monitoring and Compliance
v. Auditor professionalism List the main characteristics of auditor professionalism and explain each:
No Bribery Independence Objectivity
vi. Overall audit workflow Describe overall CSR audit workflow process:
Audit Request Confirmation & Preparation On-Site Audit Complete Report Report Review Report Submission
vii. On-site audit process Describe the on-site CSR audit process:
Opening Meeting Document Review Factory Tour Employee Interview Pre-closing Meeting Closing Meeting Report Preparation
viii. Audit tools List commonly used audit tools in a CSR audit and describe the function of each:
11
Document check list Interview questionnaire / guidelines Corrective Action Plan (CAP) Audit report Factory Integrity Declaration Form
Opening Meeting
Employee Interview
Document Review including but not limited to working hours, wage and social insurance, Management systems, production records, HR related documents, Health & Safety & Environment.
Factory Tour (Health & Safety, Environment)
Closing Meeting, CAPAR & Audit Report Writing
Content Focus of Classroom Training
Integrity Management Understanding of how to carry out the “Bribery Policy” in an actual audit.
Client Specific Audit Requirement Understanding of a Client Specific Audit Requirement. This will include standard process elements and also additional specific special requirements as stipulated by the client.
2.2.4 Part II – On-site Training
On-site training will provide participants the chance of real live practice. Participants will have the
opportunity to observe and perform audits on site with the delegated trainers. The trainers will
demonstrate and teach the participants the necessary skills to conduct a CSR audit. The trainers
will also comment on participants’ performance and provide appropriate advice for their
improvement. Through this field training, participants will consolidate their learning and improve
their audit skills on the way to becoming qualified CSR auditors.
2.3 Qualification Criteria
2.3.1. Purpose and Scope
Establishes and defines the minimum knowledge and competence objectives for being an XYZ Auditor in order to ensure that trainings and assessments are carried out effectively and with consistency and reliability.
2.3.2. Requirements
Auditors should be properly trained and assessed to ensure they have the competence and knowledge required for carrying out a CSR audit. Training shall include code of conduct elements, audit processes, local laws and regulations, client specific work instructions, integrity management, interview techniques, report writing and other necessary skills.
2.3.3. Language
Auditors are not allowed, in any form, to conduct audits in a language they are not fluent in
12
without translation support. In such situations a translator who is independent of the party to be audited must be with the auditor at all times. The translator must work as a neutral party and not have any conflict of interest that could affect the performance of the audit.
2.3.4. On-going Training
Ongoing training to ensure skills remain relevant shall be documented and communicated to the specific auditor.
2.3.5. Records
Attendance records and participant’s assessment records (examination papers and auditor witness reports) shall be maintained in the auditor personnel file as records of the training program.
2.3.6. Qualified auditors must go through a formal and documented programme covering:
Achievement of all competence objectives through a documented examination process. Auditor Criteria – Pass examination and participate in at least 60 hours onsite auditing under
the guidance of a qualified lead auditor. Lead Auditor Criteria - Successfully conduct at least 8 CSR audits (totalling 60 hours at the
minimum) and lead in at least 3 of these audits.
Ends
13
Integrity Presentation
Slide One
Slide Two
14
Slide Three
Slide Four
15
Slide Five
Slide Six
16
IFIA Compliance Code Third Edition
April 2007
IFIA Compliance Code
17
IFIA Compliance Code
Third Edition
April 2007
This Third Edition of the IFIA Compliance Code and its supporting Guidelines enter
into force on 1 April 2007 and supersede the Second Edition published in July 2005.
Any words and expressions which are defined in the IFIA Articles of Association
dated 12 October 2001 shall have the same meaning in this Code unless otherwise
stated.
Published by:
International Federation of Inspection Agencies Ltd.,
22-23, Great Tower Street,
London, EC3R 5HE,
United Kingdom.
Tel. : +44.20.7283.1001
Fax : +44.20.7626.4416
E-mail : [email protected]
www.ifia-federation.org
Copyright © 2007 International Federation of Inspection Agencies Ltd. All rights
reserved.
18
Introduction
The International Federation of Inspection Agencies (IFIA) is an association of
companies whose business is to verify their clients’, or third
parties', products, services or systems.
The value that IFIA Members provide to their clients is trust. For this reason IFIA
has chosen to adopt and implement a Compliance Code that enshrines the
substance of the integrity that IFIA membership stands for.
The Compliance Principles address technical and business professional conduct and
ethics in relation to the following areas:
Integrity
Conflicts of interest
Confidentiality
Anti-bribery
Fair marketing.
It is a condition of IFIA membership that Members implement and abide by the
Compliance Code. This entails:
approval of the Member’s implementation by IFIA
a Compliance Programme throughout the Member’s organisation
policies and procedures in accordance with the Code
training of staff globally, and
regular monitoring of compliance with the Code.
To ensure the effectiveness of their implementation, Members are required to submit
their Compliance Programme to an annual independent examination whose results
are reported to IFIA.
The result is a sound and verified basis for trust.
19
IFIA Compliance Principles
1. Integrity
The Member shall operate in a professional, independent and impartial manner in all
its activities.
The Member shall carry out its work honestly and shall not tolerate any deviation
from its approved methods and procedures. Where approved test methods make
provision for tolerances in results, the Member shall ensure that such tolerances are
not abused to alter the actual test findings.
The Member shall report data, test results and other material facts in good faith and
shall not improperly change them, and shall only issue reports and certificates that
correctly present the actual findings, professional opinions or results obtained.
2. Conflicts of interest
The Member shall avoid conflicts of interest with any related entity in which it has a
financial or commercial interest and to which it is required to provide services.
The Member shall avoid conflicts of interest between the Member's companies and/or divisions engaged in different activities but which may be providing services to either the same client or each other.
The Member shall ensure that its employees avoid conflicts of interest with the
activities of the Member.
3. Confidentiality
The Member shall treat all information received in the course of the provision of its
services as business confidential to the extent that such information is not already
published, generally available to third parties or otherwise in the public domain.
4. Anti-bribery
The Member shall prohibit the offer or acceptance of a bribe in any form, including
20
kickbacks on any portion of a contract payment.
The Member shall prohibit the use of any routes or channels for provision of
improper benefits to, or receipt of improper benefits from, customers, agents,
contractors, suppliers, or employees of any such party, or government officials.
5. Fair marketing
The Member shall only present itself and conduct marketing, including any
comparisons with or references to competitors or their services, in a manner that is
truthful and not deceptive or misleading or likely to mislead.
21
Requirements for Implementation
Each Member of IFIA shall:
1. Commit itself at board level to implement the Compliance Principles throughout its organisation through operation of a Compliance Programme which has been approved by IFIA
2. Appoint a Compliance committee and Compliance officer to oversee and manage the Programme
3. Train staff, ensure their continuing understanding of the Compliance Programme and consult them on its development
4. Provide help lines for staff and encourage the reporting of violations on a confidential basis and free from reprisal except in malicious cases
5. Publicly disclose its Compliance Principles and facilitate enquiries, complaints and feedback
6. Investigate and record all reported violations and apply corrective and disciplinary measures.
7. Protect the security of confidential business information 8. Maintain accurate books and records which properly and fairly document all
financial transactions 9. Ensure that its Compliance Programme is applied to the extent appropriate to its
business partners 10. Monitor the effectiveness of its Programme through the use of annual
management declarations and internal auditing 11. Arrange for the effectiveness of the implementation of the Programme to be
examined at least annually by a competent independent external audit firm 12. Submit copies of the independent assurance report, including any reportable
conditions, annually to IFIA within six months of the end of its financial year.
These requirements are supported by Guidelines which are published separately and which provide IFIA Members with an approved means of meeting the requirements. Members whose Compliance Programmes do not follow the Guidelines in a particular respect may still have their Programme approved by IFIA so long as they can demonstrate to the Director General that their Programme meets the relevant requirements of the Code in an equivalent way to that set out in the Guidelines.
April 2007