Back

Include definitions of desirable conduct in the Code of Conduct.


CONTROL ID
12846
CONTROL TYPE
Establish/Maintain Documentation
CLASSIFICATION
Preventive

SUPPORTING AND SUPPORTED CONTROLS



This Control directly supports the implied Control(s):
  • Establish, implement, and maintain a Code of Conduct., CC ID: 04897

There are no implementation support Controls.


SELECTED AUTHORITY DOCUMENTS COMPLIED WITH



  • Determine the types of desired conduct including definitions, classifications, and procedures necessary to identify those who contribute to positive outcomes and those who notify the organization when they identify allegations or indications of undesirable conduct. (OCEG GRC Capability Model, v. 3.0, P5.1 Define Desired Conduct, OCEG GRC Capability Model, v 3.0)
  • Work with appropriate stakeholders to develop codes of conduct that address the organizational mission, vision, values, key policies, and expected business conduct. (OCEG GRC Capability Model, v. 3.0, P2.1 Develop Codes of Conduct, OCEG GRC Capability Model, v 3.0)
  • verify whether persons act according to the communicated messages and use examples of 'good' and 'bad' behaviour to reinforce the message. (§ 7.3 Guidance ¶ 1(g), ISO/IEC 27003:2017, Information technology — Security techniques — Information security management systems — Guidance, Second Edition, 2017-03)
  • As professionals, members perform an essential role in society. Consistent with that role, members of the American Institute of Certified Public Accountants have responsibilities to all those who use their professional services. Members also have a continuing responsibility to cooperate with each ot… (0.300.020.02, AICPA Code of Professional Conduct, August 31, 2016)
  • Objectivity and independence principle. A member should maintain objectivity and be free of conflicts of interest in discharging professional responsibilities. A member in public practice should be independent in fact and appearance when providing auditing and other attestation services. (0.300.050.01, AICPA Code of Professional Conduct, August 31, 2016)
  • The quest for excellence is the essence of due care. Due care requires a member to discharge professional responsibilities with competence and diligence. It imposes the obligation to perform professional services to the best of a member's ability, with concern for the best interest of those for whom… (0.300.060.02, AICPA Code of Professional Conduct, August 31, 2016)
  • A member shall not commit an act discreditable to the profession. (1.400.001.01, AICPA Code of Professional Conduct, August 31, 2016)
  • A member shall not commit an act discreditable to the profession. (3.400 .001.01, AICPA Code of Professional Conduct, August 31, 2016)
  • A member shall not commit an act discreditable to the profession. (2.400.001.01, AICPA Code of Professional Conduct, August 31, 2016)
  • Integrity also requires a member to observe the principles of objectivity and independence and of due care. (0.300.040.05, AICPA Code of Professional Conduct, August 31, 2016)