Our Ethics and Governance

Our Ethics
and Governance

Ethics and compliance training is taken by

100% OF OUR STAFF

BACKGROUND

OUR CODE
OF CONDUCT

GOVERNANCE &
LEADERSHIP

COMMUNICATION &
TRAINING

Kathleen Flanagan, President and CEO

Watch Kathleen Flanagan discuss the importance of ethics and compliance for Abt Associates.

EXPERIENCE ABT

One of our core values is to be Accountable. We take responsibility for what we do and how we do it. We strive to be a healthy, growing company and recognize that every action and inaction has consequences for our colleagues, clients and the world around us.

ETHICS AND COMPLIANCE

RISK MANAGEMENT

Ethics and Compliance

We take ethics and compliance seriously. Operating in a highly regulated environment, we hold ourselves to the highest standards of ethical behavior. This is ingrained in our culture, from our Board to our newest entry-level recruit.

We employ a number of measures to ensure staff behave in accordance with our standards and in compliance with regulations that govern our work. These include:

-- A comprehensive Code of Conduct

-- Policies on business processes and procedures that are easily accessible to all employees

-- Robust training on policies regarding corrupt practices, anti-trafficking, freedom from harassment and non-retaliation.

-- Two 24-hour anonymous helplines for reporting any potential misconduct, one monitored by management, and one monitored by the Chair of the Finance and Audit Committee.

Our first value is that we are Mission Driven. We partner with our clients and communities to enhance the quality of life and economic well-being of people around the world. Counter to this value is the abuse of human rights. We will not tolerate trafficking in persons, use of child labor, use of forced labor, or procurement of commercial sex acts by any Abt employee, subcontractor, or supplier.

We have a strict, zero-tolerance policy for sexual misconduct of any kind. This type of behavior is contrary to our values and prohibited by our Code of Conduct. In addition, we have several policies that address these topics, including Freedom from Harassment, Child Safeguarding, Combatting Trafficking in Persons, and our Non-Retaliation Policy.

We are signatories of the UN Global Compact, and are committed to promoting sustainable development and good corporate citizenship throughout our global operations and projects.

Research Ethics and Scientific Integrity

Our research is conducted in conformance with regulatory requirements that govern research involving human subjects. Abt holds a current Federal-Wide Assurance of compliance from the U.S. Department of Health and Human Services' Office for Human Research Protections, and we maintain our own Institutional Review Board (IRB). Each year, our IRB screens or reviews hundreds of proposed project research plans and monitors continuing research for the purpose of safeguarding research participants' rights and welfare, including protecting their privacy and confidentiality.

Our Research Integrity Officer is responsible for developing and promoting the means by which staff can seek advice about and report allegations of research misconduct. Staff are routinely informed about these issues in trainings and through the Protection of Human Subjects in Research Policy and Research Misconduct Policy.

Training on human subject protections, including protecting privacy and confidentiality, is required every three years for all staff conducting human subjects research. This three-hour online training is available in 10 different languages.

Enterprise Risk Management

We use an Enterprise Risk Management (ERM) Framework based on global risk management standards, including COSO and ISO 31000, to conduct an annual assessment process. Identified risks, e.g., operations in fragile states, cybersecurity, climate change and regulatory compliance are ranked based on risk exposure and management preparedness, and appropriate action is taken. Key risk indicators are regularly monitored.

Information Risk Management

We are dedicated to ensuring the protection of customer privacy and data through our comprehensive Information Risk Management (IRM) program, which encompasses IT, Cybersecurity, Contract Operations and our IRB.

IRM enforces security protocols through required approvals along a project's lifecycle, including review of data security plans, technology tools and partners.

We have developed a strong culture of data security that includes administrative, physical and technical safeguards in compliance with our clients' requirements; all relevant country and state privacy and security laws; and the requirements of data providers via data agreements.

Robust general security training is mandatory for all staff on an annual basis, as well as role-based training, and any additional training required by clients. Over the last five years, we have developed and delivered more than 16 types of role-based security trainings for all levels of staff and business partners.