Back

Respond to ethics complaints of ethics violations.


CONTROL ID
11497
CONTROL TYPE
Business Processes
CLASSIFICATION
Corrective

SUPPORTING AND SUPPORTED CONTROLS



This Control directly supports the implied Control(s):
  • Establish, implement, and maintain an ethics program., CC ID: 11496

There are no implementation support Controls.


SELECTED AUTHORITY DOCUMENTS COMPLIED WITH



  • The organization should respond to ethics complaints and participate in relevant ethics proceedings. (Art 5(c).1, ASCDI/NATD Anti-Counterfeit Policy, Revision 1)
  • Recover from undesirable conduct, events, and conditions; correct identified weaknesses; execute necessary discipline; recognize and reinforce desirable conduct and deter future undesired conduct or conditions. (OCEG GRC Capability Model, v 3.0, P1.3 Establish Responsive Actions and Controls, OCEG GRC Capability Model, v 3.0)
  • Determine progress toward objectives and identify the actual or potential occurrence of desirable and undesirable conduct, conditions, and events. (OCEG GRC Capability Model, v 3.0, P1.2 Establish Detective Actions and Controls, OCEG GRC Capability Model, v 3.0)
  • Decision-making oversight. The governing body should ensure that there is adequate oversight, that controls are implemented to ensure effective decision-making capabilities and that there is appropriate visibility of both conformity of decision-making to organizational policies and any exceptions. F… (§ 6.3 ¶ 6 Bullet 5, ISO/IEC 38507:2022, Information technology — Governance of IT — Governance implications of the use of artificial intelligence by organizations)