5.2 Self-analysis and review

Self-analysis and review involves reflecting on the framework and looking for ways to continuously improve it by:

• making judgements informed by data and evidence about what is currently working and what is not
• identifying gaps between the current and desired future state
• deciding the best way to address any gaps and get to the desired future state based on operating context, risks and resourcing.

It may be appropriate to seek external assistance in this process, particularly where greater levels of expertise and objectivity are required.

Why is self-analysis and review important?

Self-analysis and review continuously improve the framework. Considerable effort goes into developing and implementing the framework; however, it cannot just be a ‘set and forget’ exercise. It is important to determine if the framework is achieving its objectives. The framework should be responsive to changes in the authority’s operating environment and adapted accordingly.

Ideas for good and better practice for self-analysis and review

Good practice

• Assign responsibility for reviewing the framework. One person/position could manage the review process for the entire framework or individual elements could be allocated to custodians.
• Build a continuous improvement approach.
  • Plan: Identify opportunities for improvement, gather quantitative and qualitative data, brainstorm and undertake surveys to assess the current state and any gaps.
  • Do: Communicate reasons for change, seek buy in, develop the change model and implement change on a small scale.
  • Check: Analyse results of change and communicate these.
  • Act: Implement change on a wider scale. If the change is successful, reward early adopters and continuously assess results. If not, identify issues from the last process, make changes and start the process again.
• Determine how and when self-analysis and review of the framework is conducted. Consider aligning this process with other strategic planning and budgeting cycles.
• Connect risk management and internal audit with the review process. This ensures the framework reflects emerging and new risks and assists with oversight.
• Keep the authority head and senior leadership team informed about if, and how, the framework is achieving its intended purpose.
• Assign responsibility for responding to requests for information, evidence and annual reporting from external bodies.
• Implement and report on recommendations made by external oversight bodies. This includes those relating directly to the authority and those made more broadly to prevent misconduct and corruption.
• Use the Integrity Snapshot Tool as a quick self-assessment of what is currently in place to support integrity.
• Monitor the extent to which integrity is practiced. Issues identified help pinpoint areas where the framework needs to be strengthened.
• Use passive and active monitoring to review the authority’s approach to integrity and determine if it is maturing. Passive monitoring is waiting for complaints or reports from stakeholders while active monitoring is searching for integrity breaches, analysing data (staff surveys and the nature of advice or guidance sought by officers), and employing detection systems or activities.
• Use complaints and reports by clients, suppliers and stakeholders to inform reviews. For example:
  • Is a high number of complaints indicative of training or workload issues, an indication that there may be an integrity breach or dissatisfied clients?
  • Is a low number or absence of complaints indicative of professional performance or the community afraid to make complaints?
  • Are there certain times of the year, certain places or other situational factors associated with high or low levels of complaints?

Better practice

• Have the authority head ask the hard questions to those responsible (including custodians and risk owners) like “Is our approach to integrity making a difference? How? Why?”
• Mine investigations, audits and reviews for ‘lessons learned’. Make changes to the framework to address weaknesses, for example improve a deficient control or update a training program.