Enforce ongoing compliance, performance and contract reviews
Require clients, staff and third parties to have ongoing compliance, performance and contract reviews.
Why this countermeasure matters
Lack of ongoing compliance, performance and contract reviews may lead to clients, staff and third parties:
- acting dishonestly or without care once a benefit, grant or contract has been awarded
- providing false information about their ongoing work performance or the delivery of contract obligations
- failing to disclose changes in circumstances that might affect their ongoing entitlement to a benefit or payment
- failing to disclose changes that may affect their ability to meet contract conditions
- retaining access to systems or information when it is no longer required.
How to put this countermeasure in place
Some ways to implement this countermeasure include:
- undertaking regular compliance checks with providers and clients
- reassessing the suitability of service providers, contractors or vendors
- regularly reviewing system accesses to confirm users still require the access
- only allowing clients to continue to receive payments if they meet monthly participation requirements
- regularly reviewing and monitoring staff performance
- regularly reviewing contract performance to make sure requirements are being met.
How to measure this countermeasure's effectiveness
Measure the effectiveness of this type of countermeasure by using the following methods:
- Analyse completed reviews to confirm these are undertaken regularly as required.
- Review a sample of completed requests/claims to confirm reviews are undertaken with appropriate attention to detail.
- Review procedures or guidance to confirm it clearly specifies how reviews are undertaken.
- Confirm reviews are consistently undertaken.
- Ask staff about the review processes or systems to make sure they have a correct understanding.
- Analyse statistics and reports on staff performance reviews.
- Identify how ongoing compliance, performance and contract requirements are communicated to staff, customers and third parties.
- Confirm that someone cannot bypass review requirements even when applying pressure or coercion.