Hi There are several mentions of a whistleblower function in both the ATRT1 and in the ATRT2 report. This includes discussion of transparency annual reports, audits of the function, a role for the ombudsman, and possible enhancement of the ICANN hotline, i.e the current implementation of ICANN's whistleblower policy. (all quotes from ATRT2 report <https://www.icann.org/en/about/aoc-review/atrt/final-recommendations-31dec13...>) Under

9.3. Review Ombudsman Role (p13, 58) c. A role in fair treatment of ICANN Anonymous Hotline users and other whistleblowers, and the protection of employees who decide there is a need to raise an issue that might be problematic for their continued employment.

and (p 14,59)

9.5. The Board should arrange an audit to determine the viability of the ICANN Anonymous Hotline as a whistleblowing mechanism and implement any necessary improvements. The professional external audit should be based on the Section 7.1 and Appendix 5 - Whistleblower Policy of the One World Trust Independent Review of 20076 recommendations to establish a viable whistleblower program, including protections for employees who use such a program, and any recent developments in areas of support and protection for the whistleblower. The professional audit should be done on a recurring basis, with the period (annual or bi-annual, for example) determined upon recommendation by the professional audit. The processes for ICANN employee transparency and whistleblowing should be made public.

These had been derivative of ATRT1

ATRT1 Recommendation 26 ... ATRT2, under the terms of its mandate, also determined that the following issues78 should be addressed in this analysis of accountability and transparency in policy development and implementation processes: a. Publication of yearly statistical reports on transparency. b. Enhancement of the employee Hotline that allows relevant information to become transparent (Whistleblower Policy).Which had been derivative

And

In 2007, One World Trust concluded94 that: ICANN should consider implementing processes that act as deterrents to abuses of power and misconduct which would protect staff who might want to raise such instances. Specifically, ICANN should consider developing a whistleblower policy that enables staff to raise concerns in a confidential manner and without fear of retaliation; and developing appropriate systems to foster compliance.95 -- 94 See http://www.icann.org/en/about/transparency/owt-report-final-2007-en.pdf 95 In fact, One World Trust made many recommendations, including: To ensure compliance with any organizational policy, it is important that there is high level oversight and leadership. Without this, implementation will only ever be piecemeal. To ensure implementation of the information disclosure within ICANN therefore, responsibility for overseeing the policy should be assigned to a senior manager. Supporting this, a set of indicators should be developed to monitor the implementation of the policy, and an annual review should be undertaken which identifies how ICANN is complying with the policy, where there are problems, and the steps that are to going be taken to address these (see recommendation 5.1 in section 8). While ICANN has three mechanisms for investigating complaints from members of the ICANN community, the organization does not have a policy or system in place that provides staff with channels through which they can raise complaints in confidentiality and without fear of retaliation. Having such a policy (often referred to as a whistleblower policy) is good practice among global organizations. A whistleblower policy that provides such protections serves as an important means of ensuring accountability to staff as well as preventing fraudulent behavior, misconduct and corruption within an organization. While the Ombudsman, Reconsideration Committee and the Independent Review Panel provide complaints-based approaches to compliance, to generate greater trust among stakeholders, ICANN needs to take a more proactive approach. To address this issue, ICANN should consider a regular independent audit of their compliance with accountability and transparency commitments. Alternatively, it could develop a permanent compliance function to emphasize prevention by identifying shortcomings as they emerge and before they become systemic problems. In either case, a regular report on compliance should be produced and publicly disseminated.

There are longer discussions in the document that may be useful references when this work begins in WS2. I do not know the status of the ATRT2 recommended, and Board approved, audit. did a search, but have not found anything yet. I am sure there is some trace of something on it somewhere. avri --- This email has been checked for viruses by Avast antivirus software. http://www.avast.com