Policy Practice Self Assessment

Previous assurance reports have confirmed that the whistleblowing policy/practice strongly aligns with ISO 37002, the whistleblowing management system standard published in July 2021. SPA’s approach to whistleblowing is particularly strong in relation to the content of the policy and the supporting governance process that includes a regular assurance report to the SPA Chief Executive, Director of Forensic Services and the SPA Whistleblowing Champion. This is also supported by an annual update on the effectiveness of arrangements to the Audit, Risk and Assurance Committee.

In the spirit of continuous improvement areas for potential development have been identified linked to the ISO standard.

Areas for Development 
Consider explicit inclusion of specific intended whistleblowing outcomes that can then be considered as part of the assurance process. Status: Draft update developed however policy yet to be progressed for consultation.
Consider the need for there to be scope to offer different levels of support based on case by case assessment of risk of detriment. Status: Draft update developed however policy yet to be progressed for consultation.
Consider need for specific reference to the fact that criminal allegations also require to be reported to Police Scotland. Status: Draft update developed however policy yet to be progressed for consultation.
Ensure engagement with Information Management as part of policy review (considering detail of ISO guidance) to determine extent to which policy should be more specific in relation to data protection, retention and confidentiality. Status: Will form part of upcoming consultation process.
Ensure accessibility assessment forms part of policy review. Status: Will be considered as part of EqHRIA.