The overall aim of this policy is to give confidence to all parties that rely on ABAC Center of Excellence Limited, herein referred to as ABAC Certification. The main principles for inspiring confidence are independence, impartiality and competence both in action and appearance. This policy concerns itself with issues relating to the threats and safeguards to independence and impartiality.
Impartiality and objectivity are the basic prerequisites for effective and consistent Auditing service. This policy illustrates good behavioral practices for the benefit of both the Auditors themselves and of ABAC Certification.
Commitment to Impartiality
The organizational structure and procedures of ABAC Certification demonstrate how the primary requirement of impartiality is fulfilled. ABAC Certification demonstrate, by means of policies, procedures and training how it deals with the pressures and other factors that can compromise or can reasonably be expected to compromise objectivity and which may arise from a wide variety of activities, relationships, and other circumstances as well as from various personal qualities and characteristics of Auditors that may be sources of bias.
Through this impartiality policy, ABAC Certification aim to ensure continued impartiality, independence and transparency during all management system certification activities. We as an organization understand the importance of impartiality and the threats it poses to our business should our position be compromised and are always committed to safeguarding and protecting the integrity of this Policy. We shall continue to identify, analyze, evaluate, monitor and document the potential for conflicts of interest arising from provision of quality management certification activities.
ABAC Certification shall not,
- Provide certification where cases of unacceptable threats to impartiality cannot be eliminated.
- Certify another certification body for its management system compliance.
- Provide any type of management system consultancy services which may present a conflict of interest.
- Promote the activities of any consultancy body or organization.
- Enter into a relationship or agreement with any management system consultancy body or organization.
- Offer or provide services related to internal audit to its certified clients and shall not certify a management system on which it provided internal audits for a minimum of two years after the completion of the internal audits.
- Provide certification to clients who have received management system consultancy in last 2 years from a body that has relationship with ABAC Certification.
- Provide certification to clients who have contracted any or part of ISO37001 management system to CRI Group
- Outsource audits to a management system consultancy organization or be linked to an organization that provides management system consultancy.
- Market or offer activities that are linked with activities of an organization that provides management system consultancy.
- State or imply certification would be simpler, easier, faster and less expensive if a specified consulting organization was used.
- When a relationship poses an unacceptable threat to impartiality (such as a wholly owned subsidiary of the certification body requesting certification from its parent).
ABAC Certification will act to correct any false, or inappropriate links or claims by a management system consultancy organization that states or implies certification will be simpler, easier, faster and less expensive if ABAC Certification services were used. In order to remove any conflict of interest, audit staff are prohibited from participating in the audit of any organization where they have provided management system consultancy, internal audits, assisted in document preparation or have any financial or commercial interest for a period of 2 years prior to the date of application of the organization for certification. ABAC Certification will act to respond to any threats to its impartiality arising from actions of other persons, bodies or organizations.
ABAC Certification shall ensure that all its personnel, internal or external, or committees, who could influence the certification activities, shall act impartially and shall not allow commercial, financial or other pressures to compromise this impartiality. All direct employees and subcontractors who perform audits shall sign and submit confidentiality agreements and conflict of interest forms prior to participating in each audit. We shall not use any personnel for certification activities unless it has been confirmed and documented that there is no conflict of interest.
Threats to Impartiality
Threats to impartiality are sources of potential bias that may compromise or may reasonably be expected to compromise the ability to make unbiased observations and conclusions.
Because threats may, or may reasonably be expected to, compromise the ability to make unbiased observations and conclusions, ABAC Certification identifies and analyzes the effects of threats that are sources of potential bias.
Threats are posed by various types of activities, relationships and other circumstances. In order to understand the nature of those threats and their potential impact on impartiality, ABAC Certification identify the types of threats posed by specific activities, relationships or other circumstances. The following list provides examples of the types of threats that may create pressures and other factors that can lead to biased behavior.
Although the list is not mutually exclusive or exhaustive, it illustrates the wide variety of types of threat that ABAC Certification will consider when analyzing independence and impartiality issues:
- Self-interest threats: threats that arise from Auditors acting in their own interest. Self-interests include emotional, financial, or other personal interests. Auditors may favor, consciously or subconsciously, those self-interests over their interest in performing an audit. For example, ABAC Certification relationships with clients create a financial self-interest because the clients pay the ABAC Certification fees. Auditors also have a financial self-interest if they own shares in an auditee and may have an emotional or financial self-interest if an employment relationship exists.
- Self-review threats; threats that arise from reviewing the work done by themselves or by their colleagues. It may be more difficult to evaluate without bias the work of one’s own organization than the work of someone else or of some other organization. Therefore, a self-review threat may arise when reviewing judgements and decisions they, or others in their organization, have made
- Familiarity (or trust) threats: threats that arise from being influenced by a close relationship with a person. Such a threat is present if Auditors are not sufficiently skeptical of a person’s assertions and as a result, too readily accepts their viewpoint because of their familiarity with or trust in the person. For example, a familiarity threat may arise when an Auditor has a particularly close or long-standing personal or professional relationship with a person
- Intimidation threats: threats that arise from being, or believing that they are being, openly or secretly coerced by other interested parties. Such a threat may arise, for example, if an Auditor or ABAC Certification is threatened with replacement over a disagreement with an application of a specific requirement of the normative document being used as the reference
- Advocacy threats; e.g. a body or its personnel acting in support of, or in opposition to, a given organization which is at the same time its customer, in the resolution of a dispute or litigation
- Competition threats; ABAC Certification and/or the Auditor may be concerned about risking the audit contract.
Safeguards to Impartiality
ABAC Certification have in place safeguards that mitigate or eliminate threats to impartiality. Safeguards may include prohibitions, restrictions, disclosures, policies, procedures, practices, standards, rules, institutional arrangements, and environmental conditions.
These are regularly reviewed to ensure their continuing applicability.
Note: safeguards exist in the environment in which projects are performed or can be mandated by independent decision makers in response to threats posed by various activities, relationships, and other circumstances. One way in which safeguards can be described is by where they reside.
Examples of safeguards that exist in the environment in which projects are performed include:
- the value ABAC Certification and an individual place on their reputations
- accreditation for ABAC Certification assess organization-wide compliance with professional standards and regulatory requirements regarding impartiality
- general oversight by ABAC Certification governance structures (for example, boards of directors) concerning compliance with impartiality criteria
- other aspects of corporate governance, including the ABAC Certification culture that supports the certification process and impartiality
- rules, standards, and codes of professional conduct governing behavior
- the raising of sanctions, and the possibility of such actions, by accreditation bodies
- the legal liability faced by ABAC Certification
Examples of safeguards that exist within the ABAC Certification management system include:
- maintaining a culture in ABAC Certification that stresses the expectation that staff will act in the wider interest and the importance of impartiality
- maintaining a professional environment and culture in ABAC Certification that supports behavior of all personnel that is consistent with impartiality
- management systems that include policies, procedures, and practices directly related to maintaining impartiality
- other policies, procedures, and practices, such as those concerning the rotation of staff, internal audit, and requirements for internal consultation on technical issues
- personnel hiring, training, promotion, retention, and reward policies, procedures, and practices that emphasize the importance of impartiality
- safeguards that relate to threats arising in circumstances – for example, prohibitions against certain employment relationships between family members and ABAC Certification
- safeguards whose effects are to deter violations of other safeguards by punishing violators – for example, a zero-tolerance policy enabling accreditation bodies to immediately suspend or withdraw accreditation
An alternative way in which safeguards can be described is by the extent to which they restrict activities or relationships that are considered threats to impartiality, such as prohibiting Auditors from providing consultancy to the clients.
In assessing the impartiality of its auditors ABAC Certification consider:
- the pressures and other factors that might result in, or might reasonably be expected to result in, biased behavior – here described as threat to impartiality
- the significance of those pressures and other factors and the effectiveness of those controls
- the likelihood that pressures and other factors, after considering the effectiveness of controls, will reach a level where they compromise, or may reasonably be expected to compromise, and Auditors ability to maintain an unbiased behavior
Assessing the Level of Impartiality Risk
ABAC Certification assesses the level of impartiality risk by considering the types and significance of threats to Auditors impartiality and the types and effectiveness of safeguards. This basic principle describes a process by which ABAC Certification identify and assess the level of impartiality risk that arises from various activities, relationships, or other circumstances.
Note that the level of impartiality risk can be expressed as a point on a continuum that ranges from ‘no risk’ to ‘maximum risk’. One way to describe those endpoints, the segments of the impartiality risk continuum that fall between those endpoints, and the likelihood of compromised objectivity to which the endpoints and segments correspond, is as follows:
Table 1: Level of impartiality risk
Note also that although it cannot be measured precisely, the level of risk for any specific activity, relationship, or other circumstances that pose a threat to Auditors impartiality can be described as in one of the segments, or at one of the endpoints, on the impartiality risk continuum.
Determining the Acceptability of the Level of Impartiality Risk
ABAC Certification determine whether the level of impartiality risk is at an acceptable position on the impartiality risk continuum. ABAC Certification evaluate the acceptability of the level of impartiality risk that arises from specific activities, relationships, and other circumstances. That evaluation requires us to judge whether safeguards eliminate or adequately mitigate threats to Auditors impartiality posed by those activities, relationships, or other circumstances. If they do not, ABAC Certification decides which additional safeguard, (including prohibition) or combination of safeguards would reduce the risk, and the corresponding likelihood of compromised objectivity, to an acceptably low level.
Given certain factors in the environment in which audits take place ABAC Certification will always accept some risk that audit objectivity will be compromised. Nevertheless, in the presence of threats to the audit impartiality, ABAC Certification considers only a very low level of risk to be acceptable. Only such a small likelihood of compromised objectivity is consistent with both the definition and the goal of audit impartiality.
Some threats to audit impartiality may affect only certain individuals or groups within ABAC Certification and the significance of some threats may be different for different individuals or groups. To ensure that the risk is at an acceptably low-level ABAC Certification identify the individual or groups affected by threats to impartiality and the significance of those threats. Different types of safeguards may be appropriate for different individuals and groups depending on their roles in the Company.
ABAC Certification ensure that the benefits resulting from reducing the impartiality risk by imposing additional safeguards, exceed the costs of those safeguards. Although benefits and costs are often difficult to identify and quantify, ABAC Certification consider them when they make decisions about impartiality issues.
Various parties bear a variety of costs in maintaining impartiality. Some of those costs relate directly to developing, maintaining, and enforcing safeguards, including the costs of ABAC Certification impartiality-related quality controls and costs related to the systems of accreditation and self-regulation of impartiality. Other, indirect costs of maintaining impartiality, sometimes called second-order effects or unintended consequences, also may exist. Those costs relate to possible reductions in quality or other negative outcomes that may result from safeguards that prohibit or restrict activities and relationships.
The direct and indirect costs of maintaining impartiality may be affected by many variables, including the number of individuals in an organization who will be affected by a safeguard. Because the impartiality of Auditors is important not only in its own right but also in helping ensure that broad public interest objectives are met, ABAC Certification consider second-order effects or unintended consequences that go beyond the direct impact of their decisions on the impartiality.
Managing Director ABAC Center of Excellence