This domain covers the governance and controls you have implemented within your organisation to protect your organisation from risks not linked to technology or financial crime.
Answer yes if your organisation is a legally registered entity and upload proof of registration (as a PDF file, this is typically a certificate of incorporation) as evidence. Please note the country or jurisdiction in which your company is registered in the notes.
Answer yes if your organisation has enough working capital to remain for the next 12 months.
Answer yes if your organisation has 3 years (or more) worth of published annual accounts. Please upload the last 3 years of accounts as evidence. If your organisation has less than 3 years, please upload any accounts that have been published (as PDF files).
Answer yes if your organisation has a documented Health & Safety policy. Please upload the policy (as a PDF file) as evidence.
Answer yes if your organisation has an appointed resource that is responsible for the design and delivery of your company's health and safety programme. This is typically a health and safety officer. In the notes please outline the job role and whether or not this is a dedicated full time position.
Answer yes if your organisation has implemented a framework for managing health and safety compliance across your company. The framework must include health and safety awareness initiatives (such as posters), a risk assessment programme, a defined and auditable reporting process, and relevant and valid insurance policies (in the UK this is covered by your employers liability insurance).
Answer yes if your organisation has a documented environmental management policy that looks to minimise your organisation's impact on the environment. Please upload the policy (as a PDF file) as evidence.
Answer yes if your organisation is fully compliant with all applicable human rights laws and regulations. This may include, but is not limited to, the International Bill of Human Rights, the UK Modern Slavery Act 2015, and the EU working time directive. Please note that these laws and regulations may require further actions from your organisation to ensure compliance.
Answer yes if your organisation conducts supplier assurance to ensure your suppliers are compliant with all applicable human rights laws and regulations. Describe the nature and frequency of the assurance in the notes.
Answer yes if your organisation has a mechanism in place (backed up by a written policy document with a defined process) that allows employees and contractors to address grievances relating to their employment. Please upload the policy document (as a PDF file) as evidence.
Answer yes if your organisation has a documented diversity and inclusion policy that outlines the organisation's commitment to providing an inclusive and supportive environment for staff, contractors and visitors that is free from discrimination.
Answer yes if your organisation has a defined and documented procedure that enables employees and contract staff to report any incidents or perceived issues confidentially. This is typically provided through a confidential phoneline or email address. Please outline the process in the notes section provided, or upload a policy or process document (as a PDF file) as evidence.
Answer yes if your organisation clearly informs all employees and contract staff how to access and utilise the whistleblowing procedure.