WeSecure a Roboyo Group Company - cybersecurity and forensic analysis

GENERAL REGIME FOR THE PREVENTION OF CORRUPTION AND PROTECTION OF WHISTLEBLOWERS - WHISTLEBLOWING

For example, the Portuguese Anti-Corruption Strategy 2020-2024 is implemented through Decree-Law No. 109-E/2021, of December 9 ("General Regime for Corruption Prevention") and Law No. 93/2021, of December 20 ("General Regime for the Protection of Whistleblowers of Offenses") which came into force on June 8 and June 18, 2022, respectively.
According to the General Regime for Corruption Prevention (GRPC), all legal entities headquartered in Portugal with 50 or more employees must implement corruption prevention measures.
The GRPC, approved by Decree-Law No. 109-E/2021, of December 9, requires all covered entities, both public and private, to implement the following corruption prevention measures:

Development of a Corruption and Related Offenses Risk Prevention Plan;
Establishment of a Code of Conduct;
Implementation of an Internal Training Plan on this topic;
Creation of a Whistleblowing Channel (in accordance with the General Regime for the Protection of Whistleblowers);
Appointment of a Compliance Officer.

The GRPC also applies to independent administrative entities that regulate economic activity in the private, public, and cooperative sectors, as well as to the Bank of Portugal.

CONTACT US FOR + INFORMATION

Whistleblowing Channel

WeSecure assists in the implementation of an internal whistleblowing channel to establish a mechanism that enables the safe reporting and tracking of complaints, ensuring:

The thoroughness, integrity, and preservation of reports;
The confidentiality of the whistleblowers’ identity or their anonymity, as well as the confidentiality of third parties mentioned in the report;
The prevention of unauthorized access to information;
The independence, impartiality, confidentiality, data protection, secrecy, and absence of conflicts of interest of the individuals or services designated by the organization to receive and handle reports;
The immediate deletion of all personal data that is not relevant to the processing of the complaint.

In writing or verbally. When channels provide the option for verbal reporting, they must allow it to be made via telephone or other voice systems and, at the whistleblower’s request, through an in-person meeting.
Anonymously or with whistleblower identification. Whistleblowing channels must be structured to ensure the anonymity of both the whistleblower and those who receive information about the report. Any information that could reveal their identity must be restricted to those responsible for receiving and handling reports.

To comply with a legal obligation or court decision; and
After notifying the whistleblower in writing of the reasons for the disclosure, unless such notification would compromise investigations or legal proceedings.

OUR PLATFORM - WHISTLEBLOWING CHANNEL SOFTWARE

plataforma do canal de denúncias - WHISTLEBLOWING Software Canal De Denúncia Anónima | Whistleblowing (Garanta a conformidade com a Lei nº 93/2021, de 20 de dezembro – Estabelece o regime geral de proteção de denunciantes de infrações MENAC

WeSecure provides professional PaaS (Platform-as-a-Service) software for the comprehensive and efficient management of whistleblowing channels within your organization.
We have successfully deployed our solution in hundreds of organizations worldwide, from SMEs to large BUSINESS GROUPS.
Learn more. Discover why!

CONTACT US FOR + INFORMATION

PROCEDURE

PROCEDIMENTO DO CANAL DE DENUNCIAS E DENUNCIANTES

I - AVAILABILITY OF THE CHANNEL

Our platform allows the registration of internal and/or external reports.
Through our external whistleblowing channel, the whistleblower will be informed about the requirements, competent authorities, methods, and admissibility of reporting (in a clear and accessible manner), whether they do so in an identified or anonymous manner..

II - RECEIPT AND NOTIFICATION

Immediately after the registration of a report, and within seven days, your organization notifies the complainant that the complaint has been received;
This is always valid through our platform, whether it is an identified or anonymous complaint.

III - INVESTIGATION AND PROCESSING

Your organization will take all appropriate actions to verify the allegations contained in the report and, where necessary, put an end to the reported infringement.
An inquiry may be opened for this purpose and/or the relevant authority may be notified for the investigation of the infringement.
During and within 3 months, the organization will communicate to the whistleblower, in a reasoned manner, the measures planned or adopted to follow up on the complaint.

IV - CLOSURE AND NOTIFICATION

If requested by the whistleblower, the organization will notify them of the outcome of the investigation within 15 days of its conclusion.
our external whistleblowing channel is used, this notification is still carried out, even with anonymous whistleblowers.

EXPERIENCED TEAM

SMEs, public government organizations, and critical infrastructure and service operators rely on our experience to support them in the implementation and/or certification of the international standard ISO/IEC 27001:2022.

We have specialized resources available to work in this area in a senior team, using agile methodologies and holding international certifications, including but not limited to:

ISO 27032 Lead Cybersecurity Manager
ISO 27001 Lead Auditor
ISO 27701 Lead Auditor
ISO 22301 Lead Auditor
ISO 22301 Lead Implementer
ISO 27001 Lead Implementer
ISO 27005 Senior Lead Risk Manager
Certified Information Security Manager
Certified Information Privacy Manager
Certified Information Privacy Professional
Internationally certified DPOs

YOUR TRUSTED PARTNER

We are certified by international standards:

ISO 27001 (since 2018)
ISO 9001 (since 2003)

And all the areas of our certifications focus precisely on our specialized services.

With pride, our clients impartially testify to our work.
Know who they are and talk to them.
It's common in cybersecurity...
We're here for you.

Recursos certificados em ISO 27001 Lead Auditor