<html>
<head>
<meta http-equiv="content-type" content="text/html; charset=utf-8">
</head>
<body bgcolor="#FFFFFF" text="#330033">
Hi<br>
<br>
There are several mentions of a whistleblower function in both the
ATRT1 and in the ATRT2 report.<br>
<br>
This includes discussion of transparency annual reports, audits of
the function, a role for the ombudsman, and possible enhancement of
the ICANN hotline, i.e the current implementation of ICANN's
whistleblower policy.<br>
<br>
(all quotes from <a
href="https://www.icann.org/en/about/aoc-review/atrt/final-recommendations-31dec13-en.pdf">ATRT2
report</a>)<br>
<br>
Under <br>
<blockquote type="cite">9.3. Review Ombudsman Role (p13, 58)</blockquote>
<blockquote type="cite">c. A role in fair treatment of ICANN
Anonymous Hotline users and other<br>
whistleblowers, and the protection of employees who decide there
is a<br>
need to raise an issue that might be problematic for their
continued<br>
employment.</blockquote>
<br>
and (p 14,59)<br>
<br>
<blockquote type="cite">9.5. The Board should arrange an audit to
determine the viability of the ICANN<br>
Anonymous Hotline as a whistleblowing mechanism and implement any<br>
necessary improvements.<br>
</blockquote>
<blockquote type="cite">The professional external audit should be
based on the Section 7.1 and<br>
Appendix 5 - Whistleblower Policy of the One World Trust
Independent<br>
Review of 20076 recommendations to establish a viable
whistleblower<br>
program, including protections for employees who use such a
program, and<br>
any recent developments in areas of support and protection for the<br>
whistleblower. The professional audit should be done on a
recurring basis,<br>
with the period (annual or bi-annual, for example) determined upon<br>
recommendation by the professional audit.<br>
The processes for ICANN employee transparency and whistleblowing
should<br>
be made public.</blockquote>
<br>
These had been derivative of ATRT1 <br>
<br>
<blockquote type="cite">ATRT1 Recommendation 26<br>
...<br>
ATRT2, under the terms of its mandate, also determined that the
following issues78<br>
should be addressed in this analysis of accountability and
transparency in policy<br>
development and implementation processes:<br>
a. Publication of yearly statistical reports on transparency.<br>
b. Enhancement of the employee Hotline that allows relevant
information to<br>
become transparent (Whistleblower Policy).Which had been
derivative <br>
</blockquote>
<br>
And<br>
<br>
<blockquote type="cite">In 2007, One World Trust concluded94 that:<br>
ICANN should consider implementing processes that act as
deterrents<br>
to abuses of power and misconduct which would protect staff who<br>
might want to raise such instances. Specifically, ICANN should<br>
consider developing a whistleblower policy that enables staff to
raise<br>
concerns in a confidential manner and without fear of retaliation;
and<br>
developing appropriate systems to foster compliance.95</blockquote>
--<br>
<blockquote type="cite">94 See
<a class="moz-txt-link-freetext" href="http://www.icann.org/en/about/transparency/owt-report-final-2007-en.pdf">http://www.icann.org/en/about/transparency/owt-report-final-2007-en.pdf</a><br>
95 In fact, One World Trust made many recommendations, including:<br>
To ensure compliance with any organizational policy, it is
important that there is high level oversight<br>
and leadership. Without this, implementation will only ever be
piecemeal. To ensure implementation of<br>
the information disclosure within ICANN therefore, responsibility
for overseeing the policy should be<br>
assigned to a senior manager.<br>
Supporting this, a set of indicators should be developed to
monitor the implementation of the policy,<br>
and an annual review should be undertaken which identifies how
ICANN is complying with the policy,<br>
where there are problems, and the steps that are to going be taken
to address these (see<br>
recommendation 5.1 in section 8).<br>
While ICANN has three mechanisms for investigating complaints from
members of the ICANN<br>
community, the organization does not have a policy or system in
place that provides staff with channels<br>
through which they can raise complaints in confidentiality and
without fear of retaliation. Having such<br>
a policy (often referred to as a whistleblower policy) is good
practice among global organizations. A<br>
whistleblower policy that provides such protections serves as an
important means of ensuring<br>
accountability to staff as well as preventing fraudulent behavior,
misconduct and corruption within an<br>
organization.<br>
While the Ombudsman, Reconsideration Committee and the Independent
Review Panel provide<br>
complaints-based approaches to compliance, to generate greater
trust among stakeholders, ICANN<br>
needs to take a more proactive approach.<br>
To address this issue, ICANN should consider a regular independent
audit of their compliance with<br>
accountability and transparency commitments. Alternatively, it
could develop a permanent compliance<br>
function to emphasize prevention by identifying shortcomings as
they emerge and before they become<br>
systemic problems. In either case, a regular report on compliance
should be produced and publicly<br>
disseminated.</blockquote>
<br>
There are longer discussions in the document that may be useful
references when this work begins in WS2. I do not know the status of
the ATRT2 recommended, and Board approved, audit. did a search,
but have not found anything yet. I am sure there is some trace of
something on it somewhere.<br>
<br>
avri<br>
<br /><br />
<hr style='border:none; color:#909090; background-color:#B0B0B0; height: 1px; width: 99%;' />
<table style='border-collapse:collapse;border:none;'>
<tr>
<td style='border:none;padding:0px 15px 0px 8px'>
<a href="http://www.avast.com/">
<img border=0 src="http://static.avast.com/emails/avast-mail-stamp.png" alt="Avast logo" />
</a>
</td>
<td>
<p style='color:#3d4d5a; font-family:"Calibri","Verdana","Arial","Helvetica"; font-size:12pt;'>
This email has been checked for viruses by Avast antivirus software.
<br><a href="http://www.avast.com/">www.avast.com</a>
</p>
</td>
</tr>
</table>
<br />
</body>
</html>