3. Welcome to the study skills workshop
This workshop is tailored to the specific needs of CSQS students with a view
to preparing for the upcoming exam sessions.
Areas we will cover today:
• Learning from the November 2015 exam session
• Keeping yourself motivated when studying for a professional qualification
• Managing your time effectively
• Learning from student scripts and a marking exercise
4. Learning from the November 2015 exam session
Looking at examiners’ comments across all modules can help give you an
insight on how to gain high grades.
Examples taken from examiners’ comments applicable across CSQS:
• Use relevant authorities (e.g. legal/statutory) to support your propositions
Example: Corporate Governance November 2015
The Code (A.4.1) states that a Senior Independent Director (SID) should be
appointed from the NEDs to provide a sounding board for the Chairman.
5. Learning from the November 2015 exam session
Looking at examiners’ comments across all modules can help give you an
insight on how to gain high grades.
Examples taken from examiners’ comments applicable across CSQS:
• Consider whether the question is ‘problem based’ or ‘essay based’
• Focus specifically on the issues raised and deal with them separately
• Careful reading of the question
6. Learning from the November 2015 exam session
Using some examples of comments from CSQS modules:
• Financial Reporting and Analysis: present figures in a clear and understandable
format with neat workings out. Imperative that questions are answered in full.
• Financial Decision Making: make sure you understand the technical areas which
require calculations to be performed.
• Applied Business Law: identify the key issues but also develop them fully. Apply
the law fully to the scenario given.
• Corporate Secretarial Practice: use the case study fully and make sure to apply
your knowledge from the material to your exam responses.
8. Activity 1: what motivates you to study on CSQS?
In small groups, you are going to prepare a concept map with your reasons &
motivations for studying on CSQS.
• On each post- it note, write down a motivating factor in your studies and/or how
do you keep motivated while you study?
• Brainstorm around 8 – 15 ideas together
• Group your ideas under 3 separate headings- what are the common threads?
• You have ten minutes. Please nominate a reporter for feedback at the end.
9. Activity 1: round up
Can you feedback one item from your group that was
a motivating factor?
10. Time management
Different methods of planning out your time:
• Work out a timetable in advance: weekly, monthly and longer term until the
exam.
• Plan longer sessions for in-depth study (memorising, revision and understanding
a topic).
• Add in ‘single hours’ for reading, catching up.
11. Allocating tasks to each study period
What will you do in each study period?
• Studying a new chapter/making notes
• Sorting out notes/making connections between topics
• Revising a particular topic and writing a response to an exam question
• Reviewing a topic that you found difficult
• Attempting a full mock exam (3 hours 15 minutes)
12. Why plan your time?
Planning your time individually and together:
• Gives you social support for your studies
• Helps you make realistic plans you can commit to
• Share good practice amongst students
13. My objectives
• Complete two chapters worth of reading from the study text.
• Sorting out notes/making connections between topics.
• Be able to complete a past exam question on any topic from chapters 1 – 5 in
timed conditions.
• Compare my answer to the mark scheme (content and skills).
14. An example of a study plan
Monday Tuesday Wednesday Thursday Friday Saturday Sunday
7pm – 9pm
Reading from
chapter 4
Corporate Law
(pages 60 – 70)
(1- 2 hours)
7pm – 9pm
Reading from
chapter 4
Corporate Law
(pages 70 - 79)
(1- 2 hours)
7 am – 8 am
Reading from
chapter 5
Corporate Law
(pages 80 – 90)
(1 hour)
10 am – 12pm
Desk based study
and revision.
Reading chapter 5
Corporate Law
(pages 90 – 101)
(2 hours)
10 am – 1pm
Desk based study
and revision
Revising chapters
1- 5
One practice
question (45
minutes)
(3 hours)
Objective(s) for the week:
15. Activity 2: some examples of things to include
• Working with the study text
• Making notes from the text and what kind of notes you intend to make (outline, summary,
mind maps, index cards etc.)
• How many pages of the text can you read in a given period of time?
• Any further research/updating knowledge and wider reading
• Time spent at a tuition provider
• Consolidating knowledge after going to class or after studying independently/as a group.
• Revising from notes and the study text.
16. Activity 2: round up
Can you identify one thing you would do differently
having prepared this timetable?
17. Exam marking and maximising achievement
I’m going to talk about how we mark ICSA exams and will suggest ways you can
answer ICSA exam questions which will make it easier for the marker to give you
credit.
• Who is the examiner?
• How are the exams marked?
• What do you need to do to get a good mark?
18. Who is the examiner?
The examiner is always someone who we have met, vetted and spent a lot of time
with through induction and training.
In practice
Consultancy
/ writing
Teaching /
research
19. How are the exams marked?
Process for ICSA exam scripts:
• Mark scheme
• Standardisation exercise
• Guidance for markers
• Mark review
• Assessment review
20. What do you need to do to get a good mark?
Discuss why remuneration is recognised as an important governance issue and
the role of shareholders in monitoring it.
[CSQS, Corporate Governance]
21. What do you need to do to get a good mark?
“Remuneration is a vital aspect of corporate governance and it has become a big
issue for the public due to a number of high-profile scandals in the financial sector.
In the UK, remuneration became an issue of concern due to the high pay awarded
to the heads of utility companies when they were first privatised and there has
been continued alarm at the spread of ‘fat-cat’ culture. Remuneration has its own
section in the UK Corporate Governance Code (Section D) which includes a set of
principles which companies must align with (such as the requirement to establish a
Remuneration Committee). There are also provisions for a company to…”
22. What do you need to do to get a good mark?
Ways you can answer ICSA exam questions which will make it easier for the
marker to give you credit.
• Know your stuff
• Organise your answer
• Planning your study
23. What do you need to do to get a good mark?
The
examiner
• Is fully trained in the marking process
• Is potentially marking hundreds of scripts in a short time
period
The
procedure
• Everyone is working to the same guidance
• There are a range of ‘good practice’ checks and balances
To get a
good mark
• Study and preparation is essential – as is memorisation
• Make it easy for the marker by guiding them through
25. Activity 3: a marking exercise
An example from Applied Business Law:
• Question 1 from November 2015
• 2 part question: (a) divided further into two sections and (b)
• 25 marks available with a scenario to apply
26. Activity 3: a marking exercise
Your task is to:
• Read through the student response
• Compare it to the mark scheme/suggested answer
• Highlight/tick the sections that you think are gaining marks. Make a note of any
problem areas.
• Either you can grade it (pass, merit or distinction)
• OR give it a grade out of 25 with mark allocations for part (a) and (b)
27. Recap after marking
Why mark a student response?
• Good practice to mark a response in the way you can mark your own work
• Before the exam you should be writing up responses and comparing how you
are doing
• The mark/grade band is not important: you are really checking for 1) content and
detail 2) structure, clarity and format
28. Activity 3: feedback and review
This exam response gained 18/25 marks
• Clear structure according to the legal terms rather than by ‘event’
• Relevant use of legal terms
• The mark/grade band is not important: you are really checking for 1) content and
detail 2) structure, clarity and format.
29. Responding to questions in an exam
4 questions to complete out of 6 options:
• Check the mark allocation: don’t spend too long on a short question. Move onto
a question that has more marks if you have spent enough time on that part.
• Check the command words which give you an idea of the kind of answer
required.
• Higher mark allocation: more depth and detail needed.
30. An Applied Business Law question
An example of a multi part question:
You have been approached by Tom, who is contemplating opening a restaurant. He is
concerned about any liability he may have to customers using his restaurant.
Required
a) Advise Tom regarding any liability he may have:
i) Under the tort of negligence. (10 marks)
ii) As an occupier of premises (10 marks)
31. An Applied Business Law question
An example of a multi part question:
Tom has now opened the restaurant and, six weeks after opening, a group of young men
visited the restaurant for a meal. One of the group, Steve, after drinking a large quantity of
wine, decided to explore the premises and walked through a door marked ‘private.’ There
were no lights on in this area, and Steve tripped and fell down some stairs, injuring himself.
Steve now wants to sue Tom in respect of his injuries.
Required
b) Advise Tom of any liability he may have. (5 marks)
(Total: 25 marks)
32. Final points to remember on exam day…
• Planning your response with a short outline/bullet points/key terms
• Questions with different parts: check the marks available
• You can come back to a question later if need be.
63. Definition of a board meeting
‘A formal meeting of the board
of directors of an organisation,
held usually at definite intervals
to consider policy issues and
administrative matters reserved
for the board. It is presided over
by a chairperson. It must meet
quorum requirements and its
deliberations must be recorded
in minutes. Under the doctrine
of collective responsibility, all
directors, even if absent, are
bound by its resolutions’.
64. The components of a successful meeting
• Convening and preparing
for the meeting
• Managing the proceedings
• Managing the people
• Minute taking
• Post meeting matters
65. Preparing for the meeting
Preparation is everything. The old adage “Fail to prepare, prepare to fail’ applies.
Do
• Prepare a concise and logical agenda in conjunction with the chair.
• Make sure the meeting room is suitable and prepared.
• Know what is expected of you.
• Ensure that arrangements are made to receive guests to the meeting.
• Thoroughly discuss any contentious items of business or other formalities with
the chair prior to the meeting.
• Remember you are entitled to be there and essential to the meeting.
• Is there a new board member?
• Are standing declarations of interest up to date?
• Know the constitution and byelaws!
66. Preparing for the meeting continued
• Gain a working knowledge of the subjects to be discussed and of abbreviations
and acronyms.
• Make sure that there are the appropriate number of board papers for each
agenda item. Bring spares.
• Sit next to the chair.
• Arrange telephone/televisual conference facilities. Is PowerPoint needed?
• Attendance sheet.
• Bring a watch. Turn off your mobile!
• Anticipate any problems.
67. Preparing for the meeting continued
Don’t
• Be late!
• Run out of paper or pens.
• Forget to check that only those entitled to attend are at the meeting.
• Forget to record the tabling of important documents.
• Neglect to ask for clarification.
• Don’t Panic!
69. Turning notes into minutes.
What are minutes for? -
• a record of decisions taken;
• a prompt to action;
• a record of proceedings for those unable to attend the meeting;
• an aide memoire for the following meeting;
• a history of attendance;
• a formal record of declarations of interest and other formal matters
Minutes have power!!
70. Notes into minutes
Be prepared! You will need stamina. Listening is much more tiring than talking.
• Write quickly and clearly
• Exercise judgment
• What is the sense
of the meeting?
• Use of technology
• Type of meeting dictates
the type of minutes
71. What do good minutes look like?
They should be –
*Concise
*Accurate
*Consistent
*Compliant
*Impartial
*Written to give each decision context
*Reflective of board diligence and behaviour
*Tailored to the audience. The audience may not include just the board!
72. Emotional intelligence – know the meeting participants!
The waffler
The bully
The politician
The critic
The mouse
The expert
The follower
73. Approval and retention of minutes
• The initial draft of the set of minutes should go to the chair for comments.
• Circulate the draft minutes to the board prior to the next meeting date.
• Dealing with comments and suggested amendments.
• Circulate revised draft with the agenda of the next meeting.
74. Approval and retention of minutes continued
How do you deal with this?
You disagree with the chair as to a decision.
A participant wants words inserted which you cannot recall
A participant wants words omitted which you do recall!
You are concerned about defamation, illegality or non-compliance.
75. Practice Matters
Additional things for Company Secretaries
to consider –
• Quorum
• “Pro-forma” minutes?
• Eliminate bad habits. Give yourself a refresher every now and then. If it wasn’t
said or done in a meeting then it didn’t happen.
• AOB or not AOB?
• Handling conflicts of interests
• Always respect confidentiality outside the meeting but ask
yourself – who needs to know?
• Attachments?
• Amendments and corrections
• Inspection
76. Minutes – good or bad
What do they really mean?
“The T-BURD analysis was considered by the meeting. It had previously been
presented to the WGC but not to the board. It was generally agreed that the
subject of PLEX required further consideration and that a further paper should be
drafted for the next board meeting, having first been reviewed by the NDA and NII”.
“AD said that he was unhappy with the late delivery of the board papers. RE and
TS agreed although TS said he understood the reason for the delay on this
occasion. The chairman said the delay was due to the late preparation of the
finance pack. AK said that while this was true there were extenuating
circumstances and in any event she was not made aware of the cut-off date for
board papers. RE asked that it be minuted that he was particularly unhappy
with the late arrival of the board pack. It was agreed that in future board
papers be circulated not less than five working days prior to the meeting”.
77. Minutes - good or bad continued
“The meeting discussed the lease of a new warehouse at Ebbet’s Yard for an
annual rental of £10m. The main terms of the lease were noted. The lease was
approved”.
“IT WAS RESOLVED THAT the lease of property at Ebbet’s Yard upon the terms
outlined to the meeting be and is hereby approved and that the director and the
secretary be and are hereby authorised to execute the lease under the common
seal for and upon behalf of the Company.”
“There was a healthy debate about the unreliability of the new
bottling machine. The chairman adjourned the meeting”.
“After a long and far–reaching debate discussion to which all board members
contributed, it was agreed to accept the proposal which had been tabled”.
81. KPI’s – the background
Let’s start with some basic theory of Key Performance Indicators
A concept used in the business world
Used to track progress/change
A ‘shorthand’ to inform/motivate teams
82. What does a KPI look like?
A good KPI will:
– Be crucial to the organisation's success/strategy
– Can be measured
– Meaningful to/influenced by the team
83. 4 reasons to use KPI’s?
When your organisation needs to:
1. Make decisions based on objective data
2. Demonstrate achievement by setting, monitoring
and measuring against a target
3. Present operational information to those not
involved directly in the detailed processes
4. Focus on the important and factual information
84. Why charities should use KPI’s
Charities are under pressure:
Funding streams are pressured/reducing
Demand for services increasing
Governance under scrutiny
Help report performance
Charities need to do more with less and
demonstrate value and efficiency
85. Reporting performance
Inputs
The
resources
used in
carrying
out an
activity
Activities
How
inputs are
used to
generate
results
Outputs
What is
delivered
by the
activity
Outcomes
How
activities
change the
lives of
beneficiarie
s
(medium
term)
Impact
The long
term
change at
both
individual
and
societal
level
86. What areas can KPI’s cover?
They go beyond simple financial measures
Non-financial measures include:
Internal – e.g. speed of response, quality of product/service
External – e.g. user satisfaction, brand/name awareness
Strategic – e.g. employee/volunteer satisfaction &
retention
87. Getting started
Might well be used in fundraising already
For example:
Total donations
Donations by donor
Donors gained, Donors lost in period
Etc, etc.
88. Other key areas too
For example:
Expenditure
How much, on what, when, planned/unplanned?
Efficiency
Measuring value – how service is provided
Interaction
With donors, with service users
89. Getting started
Go back to basics and collate the facts:
– What do you do at the moment?
– What is your strategy/aim?
– What do you want/need to change/improve/develop?
– Who will be needed/involved in making then changes?
Use this information to identify your target areas
Remember: This is about truly critical area(s)
90. Identifying the KPI’s
Selecting target area(s) and a team to review/consider
Use Mind-mapping:
– Rapidly produces and records an ‘infinite’ number of ideas
– Organises ideas by grouping them in similar areas
– Enables and encourages the group into creative thinking
You will be likely to find a lot of ideas
for your target area(s)
91. Collecting data
Before starting, decide:
– How detailed will you need the data to be?
– How will you check the data’s validity?
– How much time will you allow for collation?
– How much can you afford to spend?
Ways to collect data
– Surveys and questionnaires
– Interviews
– Maintaining notes/observing
92. Setting the KPI’s
Less is definitely better – so reduce ideas by:
– Making sure you can actually measure
– Measurement will be cost effective
– Select just those that are clear and meaningful to the
team
– Ensure they are areas that the team can really influence
Don’t select too many parameters
93. Considering the practicalities
Let’s consider a fictional charity and the some of the issues
that the Board may need to consider and why.
‘A Good Charity’ is an organisation that provides
support and guidance to young people with addiction
problems.
It is known nationally and has seen increasing demand
for its services in the last few years.
Funding continues to be difficult although they have a
small dedicated fundraising team.
They have reserves that the Board are prepared to
invest in new initiatives.
94. Practical example -
Interaction with service users
The Board is looking at using the internet and social media to
increase interaction with end users.
Although traditional arrangements (local meetings, various
events, printed documents) work well they can be expensive.
The Board is considering a major investment in the website and
social media (twitter).
What, how, why should it monitor results, and
where to use them?
95. Practical example –
Interaction with service users
What: Website hits, Emails generated, Twitter followers,
Retweets, Likes and comments
How: Analytics embedded in the design will simplify and reduce
the cost of reporting
Why: Significant expenditure (time and money) means the Board
need to demonstrate governance over the project.
Where: Annual report will highlight the project and can report the
results from the initiative year on year.
96. What may/may not work
A survey of clients asking whether support has been
helpful
Ask commissioners (local authorities) whether less
addiction problems
Number of clients attending sessions and receiving
support
Payment by results (PBR) information required by the
commissioners
97. Summary
Charities need help to make the most of their funds
Business techniques provide tools to help
Promotes efficiency
Informing decisions
Motivating the team to achieve targets
Demonstrating control
Use in reporting
For problem based need case law and essay based need detail , careful reading of the question avoids confusion , don’t lose focus on what the question is asking
Earlier w/bing scandal in 80s/90s eg. Zebruggee/Clapham rail crash why we were set up. Employees at hear ignored/couldn’t speak up.
But also more recent headlines have shown our advice still crucial. Interestingly tide has changed to w/bers as positive both media and public- NY honours list.
Stats from our 2015 YouGov survey. 2,028 working age adults, 10% respondents work in health/medical sector. 5% of workers in the UK are employed by the NHS. 11% had a concern in the past two years, 40% didn’t raise it.
Take away:
10% of the sample had a concern about their workplace and a third hadn’t raised it
In MidYorks that translates to 800 potential concerns and 265 of them haven’t been raised. Blind spots for the organisation, missed opportunities
Aim for the org is to recognise this disparity and encourage them to come forward. Numbers are in line with MidYorks’ responses to the NHS survey, 66% would feel secure raising and about half would have confidence that the concern would be addressed.
Key element of Francis is normalising whistleblowing - move away from courageous act by heroic mavericks and part of everyday working culture in NHS. Expectation.
Bullet 1 – p. 11 -12 in the report. 83% give only two chances to address. On first attempts 91% internal, on second attempt 73% internal, external are 7% and 23% respectively. (Union is the difference between those numbers).
Bullet 2 - 22 out of 1,000 whistleblowers = 2%
Take away:
Francis aim to normalise whistleblowing.
Historic NHS reticence to use the word whistleblowing, aim is to overcome that. MidYork’s survey said 66% would feel secure raising, want to increase confidence. One way to do that is to normalise practice. Key to normalising is recognising where it is already happening – all the concerns raised internally that are being dealt with and offering support, feedback etc. Change to presumption of feedback and mediation etc. to assist.
Informal/blocking: closer monitoring, ostracised/bullied, verbal harassment, blocking access to emails, information, training, hours.
Formal: relocation, demotion, job reassigned, suspended, disciplined.
Support: taking the issue seriously is also categorised as support. If an individual feels supported by their employer it is less likely that they will be seeking our advice and support.
Junior employees who raise concerns are more likely to be ignored. Senior employees are more likely to be dismissed.
Raising concerns with whom? We want staff to raise a concern with their line manager in the first instance if possible, but it does not make sense to make this prescriptive. Where staff feel unable to raise their concern locally for whatever reason, our policy should set out clear internal alternatives be it to one or more senior designated individuals or possibly to an internal hotline linked to a particular function such as compliance or audit (see BSI 3.3 and 3.4). Our policy should also indicate safe external routes or how to seek advice on such an option (see BSI 3.4 and 4.7).
Raising concerns how? While openness is the ideal and makes the most sense both for handling a concern and anyone involved, we recognise that staff may feel anxious about openly raising a concern. For this reason, our policy should say that a concern can be raised in confidence. This means that, where requested, we will not reveal the identity of the person raising the concern without their consent unless required by law. Though we cannot prevent others from trying to guess (rightly or wrongly) who may have raised a concern, we can commit to responding appropriately and proportionately to it and to any fear of reprisal the individual may have. This is different from anonymous reporting where no one knows the identity of the person who reported it and no steps can be taken to protect them. For practical and legal reasons – not to mention the kind of workplace culture we want to have - it is counter-productive to promote anonymous reporting. Where organisations do promote anonymity, they need to consider additional data protection requirements (see BSI 3.5, 3.6 and 4.4 for further explanation).
Raising concerns when? We do not want our staff to think they have to have definite proof or evidence of malpractice before they raise it. We would rather our staff act as our early warning system than as private detectives. We want them to let us know of any concern early enough for us to have an opportunity to assess it and to address any real risk before damage is done (see BSI 4.4).
The clear message to all should be: If in doubt - raise it!
Raising concerns with whom? We want staff to raise a concern with their line manager in the first instance if possible, but it does not make sense to make this prescriptive. Where staff feel unable to raise their concern locally for whatever reason, our policy should set out clear internal alternatives be it to one or more senior designated individuals or possibly to an internal hotline linked to a particular function such as compliance or audit (see BSI 3.3 and 3.4). Our policy should also indicate safe external routes or how to seek advice on such an option (see BSI 3.4 and 4.7).
Raising concerns how? While openness is the ideal and makes the most sense both for handling a concern and anyone involved, we recognise that staff may feel anxious about openly raising a concern. For this reason, our policy should say that a concern can be raised in confidence. This means that, where requested, we will not reveal the identity of the person raising the concern without their consent unless required by law. Though we cannot prevent others from trying to guess (rightly or wrongly) who may have raised a concern, we can commit to responding appropriately and proportionately to it and to any fear of reprisal the individual may have. This is different from anonymous reporting where no one knows the identity of the person who reported it and no steps can be taken to protect them. For practical and legal reasons – not to mention the kind of workplace culture we want to have - it is counter-productive to promote anonymous reporting. Where organisations do promote anonymity, they need to consider additional data protection requirements (see BSI 3.5, 3.6 and 4.4 for further explanation).
Raising concerns when? We do not want our staff to think they have to have definite proof or evidence of malpractice before they raise it. We would rather our staff act as our early warning system than as private detectives. We want them to let us know of any concern early enough for us to have an opportunity to assess it and to address any real risk before damage is done (see BSI 4.4).
The clear message to all should be: If in doubt - raise it!
Raising concerns with whom? We want staff to raise a concern with their line manager in the first instance if possible, but it does not make sense to make this prescriptive. Where staff feel unable to raise their concern locally for whatever reason, our policy should set out clear internal alternatives be it to one or more senior designated individuals or possibly to an internal hotline linked to a particular function such as compliance or audit (see BSI 3.3 and 3.4). Our policy should also indicate safe external routes or how to seek advice on such an option (see BSI 3.4 and 4.7).
Raising concerns how? While openness is the ideal and makes the most sense both for handling a concern and anyone involved, we recognise that staff may feel anxious about openly raising a concern. For this reason, our policy should say that a concern can be raised in confidence. This means that, where requested, we will not reveal the identity of the person raising the concern without their consent unless required by law. Though we cannot prevent others from trying to guess (rightly or wrongly) who may have raised a concern, we can commit to responding appropriately and proportionately to it and to any fear of reprisal the individual may have. This is different from anonymous reporting where no one knows the identity of the person who reported it and no steps can be taken to protect them. For practical and legal reasons – not to mention the kind of workplace culture we want to have - it is counter-productive to promote anonymous reporting. Where organisations do promote anonymity, they need to consider additional data protection requirements (see BSI 3.5, 3.6 and 4.4 for further explanation).
Raising concerns when? We do not want our staff to think they have to have definite proof or evidence of malpractice before they raise it. We would rather our staff act as our early warning system than as private detectives. We want them to let us know of any concern early enough for us to have an opportunity to assess it and to address any real risk before damage is done (see BSI 4.4).
The clear message to all should be: If in doubt - raise it!
Raising concerns with whom? We want staff to raise a concern with their line manager in the first instance if possible, but it does not make sense to make this prescriptive. Where staff feel unable to raise their concern locally for whatever reason, our policy should set out clear internal alternatives be it to one or more senior designated individuals or possibly to an internal hotline linked to a particular function such as compliance or audit (see BSI 3.3 and 3.4). Our policy should also indicate safe external routes or how to seek advice on such an option (see BSI 3.4 and 4.7).
Raising concerns how? While openness is the ideal and makes the most sense both for handling a concern and anyone involved, we recognise that staff may feel anxious about openly raising a concern. For this reason, our policy should say that a concern can be raised in confidence. This means that, where requested, we will not reveal the identity of the person raising the concern without their consent unless required by law. Though we cannot prevent others from trying to guess (rightly or wrongly) who may have raised a concern, we can commit to responding appropriately and proportionately to it and to any fear of reprisal the individual may have. This is different from anonymous reporting where no one knows the identity of the person who reported it and no steps can be taken to protect them. For practical and legal reasons – not to mention the kind of workplace culture we want to have - it is counter-productive to promote anonymous reporting. Where organisations do promote anonymity, they need to consider additional data protection requirements (see BSI 3.5, 3.6 and 4.4 for further explanation).
Raising concerns when? We do not want our staff to think they have to have definite proof or evidence of malpractice before they raise it. We would rather our staff act as our early warning system than as private detectives. We want them to let us know of any concern early enough for us to have an opportunity to assess it and to address any real risk before damage is done (see BSI 4.4).
The clear message to all should be: If in doubt - raise it!