PREAAuditorHandbookAugust 2017
Download original document:
Document text
Document text
This text is machine-read, and may contain errors. Check the original document to verify accuracy.
PREA Auditor Handbook PREA Management Office Bureau of Justice Assistance Office of Justice Programs U.S. Department of Justice National PREA Resource Center Version 1.0 August 2017 Available online at https://www.prearesourcecenter.org/node/5341 Contents Section I. Background and Overview ........................................................................................ 1 Purpose of the PREA Auditor Handbook ............................................................... 1 About PREA and the Standards ............................................................................. 1 Section II. Contracting for a PREA Audit .................................................................................... 4 Auditing Arrangements ......................................................................................... 4 Audit Contracts and Compensation ...................................................................... 5 Section III. Auditor Code of Conduct .......................................................................................... 8 Guiding Auditor Code of Conduct Principles......................................................... 9 Identifying Potential Conflicts of Interest ........................................................... 13 Section IV. Auditor Certification Requirements........................................................................ 15 PREA Auditor Certification Process ..................................................................... 15 Dual Certification................................................................................................. 17 Field Training Program ........................................................................................ 18 Probationary Certification Status .................................................................... 19 Auditor Reporting Requirements .................................................................... 25 Continuing Education Requirements............................................................... 27 Complaints or Concerns about Auditor Conduct ............................................ 27 Section V. PREA Audit Methodology........................................................................................ 28 PREA Audit Instrument .................................................................................... 29 Phase One: Pre-Onsite Audit ........................................................................... 30 Phase Two: Onsite Audit ................................................................................. 39 Phase Three: Evidence Review and Interim Report ........................................ 62 Phase Four: Corrective Action and Final Report ............................................. 66 Post-Audit ........................................................................................................ 70 Section VI. Audit Oversight ....................................................................................................... 71 Audit Assessment ............................................................................................ 72 Quality Improvement Program ....................................................................... 72 Peer Review ..................................................................................................... 74 Disciplinary Review .......................................................................................... 75 Remediation .................................................................................................... 77 Impact of Audit Oversight ............................................................................... 78 i Section VII. Maintaining, Losing, or Giving up Certification ...................................................... 79 Voluntary Surrender of Certification ............................................................... 79 Auditor Recertification .................................................................................... 80 Auditor Suspension and Decertification .......................................................... 84 Section VIII. Auditor Resources ................................................................................................... 87 Training, Education, and Assistance for Auditors............................................ 87 Appendices Auditor Certification Agreement .................................................................................................. 88 ii Section I. Background and Overview Purpose of the PREA Auditor Handbook The purpose of the PREA Auditor Handbook (Handbook) is to articulate the Department of Justice’s (DOJ’s) expectations for all DOJ-certified PREA auditors, establish requirements for auditor conduct and audit methodology, provide transparency to all stakeholders regarding the expected audit methodology, and serve as an easy-to-use reference guide for conducting high quality, objective, comprehensive, and reliable PREA audits. The Handbook covers the following core topics: IMPORTANT • Auditing contracts and compensation • Code of conduct governing auditors PREA auditors are required to read this Handbook and should • Conflicts of interest refer to it often in the course of • Process for becoming a DOJ-certified PREA auditor their work. Auditors must uphold • Requirements for maintaining DOJ PREA auditor the requirements included in this certification Handbook in order to maintain • Auditor’s role and the PREA audit process their DOJ certification. Failure to • The PREA Management Office’s oversight of the follow the requirements in the Handbook will result in PREA audit function disciplinary review (see Chapter • Auditor recertification process and disciplinary 23) by the PREA Management action by the PREA Management Office Office, which may impact an • Auditor resources auditor’s DOJ certification. Although the Handbook contains much of the essential information that auditors need to know, it is a living document that will need to be updated and adapted over time to meet the evolving needs of DOJ, PREA auditors, and the field. If auditors have questions about the PREA audit process, the role of an auditor, auditor certification requirements, or any issues that are not covered in the Handbook, they should refer to the frequently asked questions (FAQs) issued by the DOJ PREA Working Group, which are updated regularly on the PREA Resource Center website (see www.prearesourcecenter.org/frequently-asked-questions). In addition, auditors can contact the PREA Management Office by sending an email to PREACompliance@usdoj.gov or contact the PREA Resource Center by submitting an Auditor Helpdesk Form available on the Auditor Continuing Education and Resource Portal (Auditor Portal). About PREA and the Standards The Prison Rape Elimination Act (PREA) (codified at 42 U.S.C. § 15601 et seq.), created to protect individuals from sexual abuse and sexual harassment in confinement facilities, was passed in 2003 with unanimous support from both parties in Congress. In addition to providing federal funding for research on sexual abuse in confinement facilities, a demonstration grant program for state, local, and tribal jurisdictions to establish “zero tolerance” cultures for sexual abuse and sexual harassment in confinement, and the provision of training and technical 1 assistance, PREA mandated the development of national standards to achieve the goals set forth under the statute. The National Prison Rape Elimination Commission (Commission) was created by PREA and charged with developing recommended national standards for reducing sexual abuse in confinement. A report containing the recommended national standards was published in June 2009 and conveyed to DOJ. (42 U.S.C. § 15606(e)). After extensive public comment periods and subsequent revisions, DOJ published the final PREA Standards (Standards) in the Federal Register on June 20, 2012 (see www.prearesourcecenter.org/sites/default/files/library/201212427.pdf). The Standards became effective on August 20, 2012 and apply to adult prisons and jails, juvenile facilities, lockups, and community confinement facilities. The first 3-year audit cycle began a year later on August 20, 2013. DOJ PREA Working Group The DOJ PREA Working Group was first established by the Attorney General to review the Commission’s recommended standards and issue final standards “based upon the independent judgment of the Attorney General.” (42 U.S.C. § 15607(a)(2)). The DOJ PREA Working Group’s current mission is to provide guidance to auditors, agencies, and facilities on how to interpret the Standards. This guidance is issued in the form of FAQs that are posted on the PREA Resource Center website (see www.prearesourcecenter.org/frequently-asked-questions). The DOJ PREA Working Group’s active PREA FAQs and the Audit members include representatives from the following DOJ components: Office of Justice The FAQs issued by the DOJ PREA Working Group constitute interpretive guidance that PREA auditors Programs’ (OJP’s) Office of the Assistant are to follow when conducting an agency or facility Attorney General, Bureau of Prisons, Civil audit. All auditors are required to read, understand, Rights Division, National Institute of and follow the FAQs issued by the DOJ PREA Working Corrections, Office on Violence Against Group. Women, Federal Bureau of Investigation, OJP’s Bureau of Justice Assistance, OJP’s Office for Victims of Crime, OJP’s Office for Civil Rights, OJP’s Office of the General Counsel, and OJP’s Office of Juvenile Justice and Delinquency Prevention. PREA Management Office The PREA Management Office was established by the Deputy Attorney General in 2013 within OJP’s Bureau of Justice Assistance and is responsible for: • Creating, implementing, and overseeing all aspects of the PREA audit function. The PREA Management Office trains and certifies PREA auditors, provides continuing education and training opportunities for DOJ-certified PREA auditors, and manages PREA audit oversight. • Directing a robust, nationwide training and technical assistance initiative to support jurisdictions across the country with implementing the PREA Standards. The PREA Management Office partners with the National PREA Resource Center to provide targeted training and technical assistance to state, local, and tribal jurisdictions across the nation that are working to uphold their requirements under the Standards. 2 • Overseeing the Bureau of Justice Assistance’s competitive PREA Demonstration Grant Program, and providing support to jurisdictions that are awarded funding under this program. The PREA statute authorizes DOJ to create, implement, and oversee a grant program to create and enhance zero tolerance cultures for sexual abuse and sexual harassment in confinement facilities in state, local, and tribal jurisdictions, and support implementation of the Standards. • Reviewing, verifying, and responding to certifications and assurances submitted by state and territorial governors. Each year, state and territorial governors, and the mayor of the District of Columbia, are given the option by the PREA statute to submit to DOJ either a certification that all confinement facilities under their operational control are in full compliance with the Standards or to issue an assurance that they will use not less than 5 percent of certain DOJ grant funds to come into full compliance with the Standards in the future. States and territories that do not submit a certification or an assurance are subject to a 5 percent reduction in certain DOJ grant funds. Additional information can be found on the Bureau of Justice Assistance PREA page (see www.bja.gov/ProgramDetails.aspx?Program_ID=76). • Leading the ongoing efforts of DOJ’s PREA Working Group to issue interpretative guidance related to the Standards. The DOJ PREA Working Group has developed and made available on the PREA Resource Center website FAQs that address questions of first impression related to the PREA Standards. National PREA Resource Center The National PREA Resource Center was established through a competitively awarded cooperative agreement from the Bureau of Justice Assistance in fiscal year 2010. The PREA Resource Center represents a unique, collaborative partnership that includes a wide array of national stakeholder organizations representing adult prisons and jails; juvenile facilities; community corrections; tribal facilities; lockups; and victim advocacy groups. The PREA Resource Center provides direct support, training, and technical assistance to state, local, and tribal corrections and law enforcement professionals, victim advocates, and other key stakeholders working to eliminate sexual abuse and sexual harassment in confinement. The PREA Resource Center’s subject matter experts work to meet jurisdictions’ specific technical assistance and training needs. It maintains a full online resource library, including training curricula, resource and implementation guides, research and data, model practices and implementation tools, and webinars that focus on areas such as prevention strategies, improved reporting and detection, investigation, prosecution, and victim-centered responses. The PREA Resource Center is also a critical partner in developing and managing the PREA audit function. Specifically, the PREA Resource Center works with the PREA Management Office to process and train PREA auditor candidates; provide additional training opportunities and continuing education resources for DOJ-certified PREA auditors; respond to auditor questions and requests for assistance; and continue to develop and enhance audit tools and resources to improve the skills and knowledge of PREA auditors and enhance the reliability and integrity of PREA audits. 3 Section II. Contracting for a PREA Audit Before an auditor enters into a contract for a PREA audit, it is important to understand the various types of auditing arrangements available to auditors, what should and should not be included in an audit contract, and rules regarding auditor compensation. Auditing Arrangements This chapter summarizes several types of auditing arrangements that auditors may wish to use in their audit practice. Working Independently or Through a Third Party Entity Auditors may work as independent contractors or conduct audits through a third party entity (e.g., their current employer, an accreditation body, or a consulting firm). Auditors working independently should consider obtaining professional liability insurance, since many facilities and agencies require auditors to hold certain minimum insurance coverage. The requirements related to insurance coverage are often described in PREA auditing requests for proposals from agencies or facilities. Employees of correctional agencies can be certified by DOJ to conduct PREA audits. However, an auditor may not conduct an official PREA audit for any agency or facility under the authority of that agency, including a private facility operated by contract, if the auditor is or has been employed by or otherwise received financial compensation from the agency, facility, or contractor within the past 3 years. Employment within the same state or local government does not disqualify the auditor, so long as the auditor is not employed directly by or under the agency that operates the facility to be audited. 1 Auditors who conduct audits through a third party entity, whether as an employee or a contractor (e.g., for an accreditation body or consulting firm), must exercise independence and integrity when making their determinations regarding compliance with the PREA Standards. Each certified auditor, regardless of whether he or she works independently or through a third party entity, is personally accountable for complying with all of the DOJ certification requirements and for the accuracy of his or her audit findings. Reciprocal and Circular Auditing Facilities or agencies may wish to engage in reciprocal auditing or circular auditing. Reciprocal auditing is when auditors employed by two different agencies or facilities audit each other’s agency or facility. Circular auditing is when a consortium of three or more states or local jurisdictions agree to perform no-cost audits within the consortium. Reciprocal auditing is only permitted if the audits are conducted 12 months or more apart. 2 Similarly, circular audits are permissible so long as no impermissible reciprocal audits occur. 1 2 See 28 C.F.R. § 115.402(a)(1). See the full FAQ here: www.prearesourcecenter.org/node/3224. 4 Lead and Secondary Auditors Each PREA audit must have one lead auditor who is ultimately responsible for the conduct of the audit and all work products. A lead auditor can, however, employ other DOJ-certified PREA auditors to function as secondary auditors. The PREA Management Office strongly encourages this kind of collaboration among certified auditors. In addition, the lead auditor may employ support staff who are not DOJ-certified auditors to assist with auditing tasks. Lead auditors must ensure that anyone they employ to work on audits is free of any conflict of interest, as described in Chapter 6. 3 Lead auditors are responsible for any misconduct, errors, or conflicts of interest attributed to any secondary auditors or non-certified support staff they employ—actions that can impact the DOJ certifications of lead and secondary auditors. Audit Contracts and Compensation IMPORTANT Under no circumstances may individuals who are not DOJcertified auditors participate or engage in the substantive work of a formal PREA audit unless acting under the direction of a DOJcertified auditor. PREA audits are conducted at the request of any federal, state, local, or private confinement facility, or any agency that oversees such a facility. A facility or agency may contact an auditor directly (the PREA Resource Center maintains a directory of DOJ-certified auditors) or seek the services of an auditor through procurement announcements, advertisements, or other means. Auditors themselves can also solicit work from agencies and facilities, consistent with their underlying ethics restrictions. Although not part of the audit process, procurement and contract negotiation with agencies and facilities seeking a PREA audit are important elements of an auditor’s audit practice. Procurement and contract negotiation may provide early opportunities for an auditor to gauge how ready an agency or facility is for an audit, and the extent of its PREA implementation progress. In addition, during the negotiation process, it is critical for auditors and third party entities seeking to contract for a PREA audit to ensure that the facility understands access and the auditing requirements and expectations that are imposed by DOJ and the PREA Standards so that all necessary issues can be addressed and accommodated during the audit. Additional information regarding audit contracts and compensation is detailed below. • 3 Audit contracts must be transparent. The contract between the auditor, or third party entity, and the audited facility or agency should address all aspects of the audit, including the specific work to be conducted during each phase of the audit (i.e., preonsite, onsite, evidence review and interim report, and corrective action and final report, as described in this Handbook). The fees, expenses, other compensation, and payment schedule are also critical components of the contract; therefore, they must be described with specificity in writing. To promote full transparency, auditors are not permitted to receive any compensation, monetary or otherwise, not specifically provided in the contract. However, incidental items such as water, coffee, and donuts, if provided to the auditor, do not have to be specified in the contract, but larger items, such as meals, or items offered frequently, free of charge, should be described in the contract. See the full FAQs here: www.prearesourcecenter.org/node/3222 and www.prearesourcecenter.org/node/3223. 5 • Describing the role of third parties and support staff. The contract should identify the lead or responsible auditor, and if applicable, list the names of all other DOJ-certified PREA auditors and non-certified support staff who will assist the lead auditor during any phase of the audit, and provide a brief description of the role of other staff during the audit. The contract should also disclose the nature of any third party entity’s involvement in the PREA audit. For example, an auditor who is hired by ABC PREA Auditing, LLC, to conduct a PREA audit of a facility operated by XYZ County Sheriff’s Department must describe the role of and his or her relationship to ABC PREA Auditing, LLC, in the contract. In addition, some agencies may contract with a third party entity that assigns an auditor after the contract is executed. In such instances, the contract between the agency and the third party entity should be updated with an addendum that lists the name of the lead auditor, and if applicable, lists the names and describes the roles of all other DOJ-certified PREA auditors and non-certified support staff once assigned by the third party entity. As a reminder, the audit report must also include identifying information for the lead auditor and, if applicable, for all other DOJ-certified PREA auditors and non-certified support staff who assisted during any phase of the audit. • Ensuring compliance with the PREA Standards and DOJ certification requirements. Auditors and third party entities contracting to perform an audit must ensure that auditing contracts permit, and do not restrict, auditors’ obligations under the Standards and the required audit methodology, as outlined in this Handbook, in FAQs issued by the DOJ PREA Working Group, and in ongoing, mandatory continuing education requirements for auditors (e.g., unfettered facility access, the requirement to obtain and preserve documentation and information relied upon in making audit determinations). • Ensuring sufficient time to conduct a thorough audit. To ensure that auditors comply with the PREA Standards and follow the audit methodology described in this Handbook, they must consider a number of important variables before discussing how long an audit is likely to take, which will directly impact their compensation. Auditors must consider the size and characteristics of the facility, whether secondary auditors and support staff will be involved, and their level of experience. Regardless of whether an agency contracts directly with an auditor or through a third party entity, the audit contract should address these issues and must accommodate the methodological requirements outlined in this Handbook (e.g., interviews with staff and inmates, 4 site review, and documentation collection and review). • Planning for corrective action. The PREA Standards are complex and contain several hundred specific provisions that must be substantially met in order for a facility to be deemed in full compliance. For that reason, DOJ expects that corrective action will be required in most cases. Therefore, contracts between auditors, or third party entities, and agencies or facilities should allow for and support corrective action periods for auditors to work with the agencies and/or facilities to take steps to address areas of 4 In this Handbook, the term “inmate” is used generally to refer to inmates, residents, and detainees, except when discussing certain types of facilities or sets of Standards, in which case more specific terminology is used. 6 noncompliance identified during the audit, and for subsequent verification of the corrective action. As such, auditors and agencies/facilities should be aware of the limitations of using “flat fee” contracts. Such contracts pay an auditor a set fee as compensation, regardless of whether the auditor identifies any deficiencies or requires any corrective action. These flat fee contracts may have the unintended consequence of inappropriately incentivizing auditors to make full compliance findings without requiring any corrective action, even in cases where policies and/or practices are not in compliance with the PREA Standards. In addition, auditors are not permitted to accept bonus compensation contingent on the outcome of an audit. In the event that the PREA Management Office receives credible allegations that an auditor violated the above requirements in the course of an audit, among other information, the auditor will be required to provide the PREA Management Office with a copy of the relevant audit contract(s). Gifts A “gift” is anything that has monetary value such as items, food and beverages, or services. Except as provided in this chapter, no DOJ-certified PREA auditor, or any non-certified support staff hired to assist an auditor, may either solicit or accept a gift from any entity or party who has an interest related to the outcome of a particular PREA audit in which that person is participating. Entities and parties with such an interest are considered “prohibited sources” as it pertains to gifts. For purposes of this restriction, the term “prohibited sources” is to be broadly construed, and will include any and all people or organizations that could be directly or indirectly substantially impacted by the outcome of an audit. This includes, for example: • All management, employees, and contractors of the facility or agency being audited • All inmates of the facility being audited • Direct relatives of individuals listed in the above two categories • State employees working in a state agency which oversees the work of the facility to be audited, as well as local employees working in a local agency which oversees the work of the facility to be audited • Any organization which reasonably appears to or purports at some level to represent the interests of any of the above groups (such as a correctional officers union or a law firm currently representing an inmate) Additionally, for purposes of this restriction, certain items are excluded from the definition of a gift, including items clearly not intended to curry favor in an attempt to influence an official action of the auditor. These items include, but are not limited to: • Items routinely provided to visitors of the facilities free of charge such as parking • Modest items of food and refreshments (e.g., coffee, donuts, or soft drinks) offered other than part of a meal 7 • Items clearly described in the audit contract (e.g., meals or transportation provided to the auditor while at the facility) • Items given in circumstances clearly indicated as based exclusively on a personal or family relationship. However, if there is an item received based solely on a personal relationship, it is important to note that there may be some question concerning the ability of the auditor to perform his or her functions in an impartial manner, consistent with the principles described in Chapter 5 • A discount or similar benefit open to all auditors or employees • Items based on an outside business relationship, including items provided by an auditor’s spouse’s employer; items provided when it is clear they were provided due to an outside business relationship; or items provided as part of an employment search by a prospective employer • Anything for which market value is paid by the auditor Section III. Auditor Code of Conduct PREA auditors must be independent, objective, and credible in evaluating the extent to which confinement facilities comply with the PREA Standards. In recognition of the importance of this obligation, DOJ has undertaken a training and certification program to facilitate uniform understanding of the Standards by all auditors, and to oversee uniform implementation of the auditing process. Because PREA auditors are DOJ-certified, they are in a unique position of public trust with the ability to impact public confidence in the integrity of the PREA audit function. Many stakeholders rely on this audit process and its results, including federal, state, local, and private agencies that operate or oversee confinement facilities; facility staff; treatment and service providers; community-based advocacy organizations; courts; attorneys; and people in confinement and their families. This reliance on the ability of PREA auditors to conduct high quality, reliable, objective, and comprehensive PREA audits imposes a significant obligation for them to operate within general principles of integrity necessary to instill public confidence in the PREA audit process. The Auditor Code of Conduct section of the Handbook identifies general principles that govern the professional and personal conduct of auditors and the underlying rules that support these principles. As a condition of DOJ auditor certification, auditors must comply with this code of conduct. However, these principles are demonstrative of the standards to which an auditor will be held. The PREA Management Office retains the discretion to review whether certain conduct not specifically described in this section nevertheless violates the spirit and intent of this Auditor Code of Conduct and may, therefore, subject an auditor to disciplinary action. 8 Guiding Auditor Code of Conduct Principles This chapter discusses the core principles that auditors are expected to uphold in both their professional and personal conduct: integrity, objectivity, confidentiality, and proficiency and professionalism. 5 Integrity Integrity is the virtue of being honest, fair, and trustworthy. In the context of the PREA audit, integrity demands that auditors apply the Standards fairly, consistently, and comprehensively. In taking such an approach, auditors demonstrate a firm commitment to upholding the overall intent of PREA to create or enhance a culture of zero tolerance for sexual abuse and sexual harassment inside confinement facilities, and to support policies and practices required by the Standards to achieve this goal. Modeling Commitment to With these principles in mind, PREA auditors must: the PREA Standards 1. Put forth an honest effort to execute auditing responsibilities and apply the PREA Standards in a fair, comprehensive, and consistent manner 2. Avoid any actions which would create the appearance of a violation of any law or ethical standards to a reasonable person with full knowledge of the relevant facts 3. Model a commitment to the elimination of sexual abuse and sexual harassment in confinement Auditors must not: 1. Engage in any conduct of a criminal, reckless, negligent, dishonest, deceitful, or fraudulent nature, either by act or omission, that calls their integrity into question 2. Misrepresent their certification credentials for any purpose Auditors should be able to explain each of the Standards and the underlying rationale for the obligations each Standard imposes. For more information about DOJ’s rationale for individual Standards, auditors should see the preamble to the PREA Notice of Final Rule available on the PREA Resource Center Website. Auditors may encounter resistance to PREA among some facilities and agencies—to the PREA statute overall or to particular Standards and provisions. Auditors should be prepared for such resistance and understand that the best defense is their own thorough understanding of and commitment to the Standards. Objectivity PREA auditors must exhibit the highest level of professional objectivity in gathering evidence and evaluating the policies, procedures, practices, and operations of an audited agency or facility. Auditors must exhibit the same level of professional objectivity in communicating information about activities and processes being examined, and in communicating their reasons for arriving at a particular finding for every Standard and for every provision of a Standard. These code of conduct principles were informed by “Code of Ethics,” by The Institute of Internal Auditors North America, Author, n.d., retrieved from na.theiia.org/standards-guidance/mandatory-guidance/Pages/Code-ofEthics.aspx; and “Government Auditing Standards,” by United States Government Accountability Office, 2007, retrieved from www.gao.gov/new.items/d07731g.pdf. 5 9 Under no circumstances should an auditor permit anyone to inappropriately influence his or her professional judgment regarding any part of the conduct of a PREA audit. Auditors are obligated to report any attempt by any individual or entity, including an employee of the audited facility or agency and an auditor’s own employer, to inappropriately influence the outcome of an audit. Auditors can report such information directly to the PREA Resource Center using the Urgent Helpline at 800–279–7732 (press 2 when prompted) or by sending an email to Urgent@prearesourcecenter.org. Auditors may also notify the PREA Management Office at PREACompliance@usdoj.gov. With these principles in mind, PREA auditors must: 1. Act in an impartial manner, treating each situation and all parties objectively and giving preferential treatment to no public or private organization or individual 2. Use reasonable care and diligence to obtain sufficient facts to support all statements, conclusions, and findings of an audit 3. Make determinations regarding all audit findings on the basis of demonstrable evidence or lack thereof 4. Include in their audit reports all evidence supporting compliance or noncompliance which, if not included, could distort the final compliance determination Auditors must not: 1. Knowingly misrepresent facts when expressing an opinion or finding in an audit report 2. Hold personal or financial interests which a reasonable person would think would conflict with the conscientious performance of duties under an auditing contract 3. Maintain other employment or engage in other non-auditor activities which a reasonable person would think would impact the public perception of the auditor’s impartiality 4. Solicit or accept gifts from anyone associated with a particular audit (whether it is an entity or staff which is being audited, inmates or relatives of inmates in the facility, or any other organization, entity, or person) which would cause a reasonable person to call into question the credibility of the audit or the impartiality of the auditor 5. Make credibility determinations based solely upon an individual’s status as an inmate, resident, detainee, staff member, or agency official Confidentiality The only public aspect of a PREA audit is the final report. As discussed in greater detail below, auditors are to maintain the confidentiality of the information they collect during the course of a PREA audit with only three exceptions. First, PREA Standard 115.401(j) states that auditors “shall retain and preserve all documentation . . . relied upon in making audit determinations. Such documentation shall be provided to the Department of Justice upon request.” See Chapter 19 for more information about the retention and preservation of audit documentation as required by Standard 115.401(j). 10 Second, auditors are required to provide certain information relating to audits to the PREA Resource Center in the ordinary course of business (e.g., Pre-Audit Reporting Form, Post-Audit Reporting Form), and also in conjunction with the PREA Media Inquiries Management Office’s Audit Oversight Program (see Chapters 20—24 below). Auditors may be approached by Third, in limited circumstances, there may be a legal or professional (e.g., as a condition of a professional license or auditor certification) obligation to disclose audit-related information. In such instances, the auditor must immediately inform the audited facility and agency. The audited facility or agency may choose to challenge the requirement that the auditor provide the requested information. Subject to the 3 exceptions above, PREA auditors must: 1. Protect the confidentiality of audit-related information to the greatest extent possible the media to comment on the PREA audit process or to discuss an audit of a particular facility or agency. In such cases, auditors are strongly encouraged to contact the PREA Management Office or the PREA Resource Center to determine the most appropriate response. In addition, auditors should address media inquiries in their contract with the facility/agency to ensure both parties are in agreement. 2. Ensure the anonymity of a person who reports sexual abuse or sexual harassment in a confinement facility, when requested, to the extent allowed by law 3. Be prudent in using and protecting information acquired in the course of their duties 4. Always comply with Standard 115.403(e), which prohibits the inclusion of personally identifiable staff 6 or inmate information in audit reports 5. Ensure that non-public information obtained in furtherance of an audit will not be used by the auditors for any purpose other than completion of the audit, or as required by the PREA Standards or DOJ certification requirements 6. Abide by all confidentiality agreements signed in contract with an agency or facility for a PREA audit Safety and Security of Audit Documentation Auditors must handle all audit documentation with the appropriate safeguards in order to protect information in their possession, including that which contains personally identifiable information, personal health information, investigative records, personnel records, and other types of sensitive information and documentation. These safeguards are particularly important for documents that are exchanged and stored outside of the Online Audit System (see Chapter 14). Auditors are required to: • Protect and safeguard all PREA information in their custody, including that which contains personally identifiable information, commensurate with the sensitivity and value of the data at risk Certain key staff are permitted to be named in the auditor’s final report, including the agency head, facility head, PREA coordinator, and PREA compliance manager. 6 11 • Protect and safeguard all PREA information and information systems in their custody from unauthorized access, unauthorized or inadvertent modification, disclosure, damage, destruction, loss, theft, denial of service, and improper sanitization or use • Ensure the safekeeping and confidentiality of any and all sensitive correspondence received in the course of a PREA audit, unless otherwise required by law to disclose such information • Not share the passwords to their computers, laptops, or other mobile devices holding sensitive PREA audit data • Not leave sensitive PREA audit-related information, in either electronic or paper format, in a public place or outside of their supervision • Screen-lock or log-off any computers or devices holding sensitive PREA audit data when outside their supervision • Ensure that individuals have the proper clearance, authorization, and need to know before providing them with access to any sensitive PREA information • Immediately destroy when no longer needed any information not required by law or policy to be retained For more information on the safety and security of audit documentation, refer to the Information Security Awareness Training on the Auditor Portal. Proficiency and Professionalism PREA auditors must develop and apply comprehensive knowledge of the PREA Standards, FAQs issued by the DOJ PREA Working Group, and the requirements articulated in this Handbook. Moreover, auditors are expected to maintain and improve their auditing skills to ensure that their audits are high quality, reliable, objective, and comprehensive. When the auditor enters a facility, he or she will be treated as the expert on the PREA Standards. Administrators and staff will look to the auditor for information and guidance regarding the specifics of PREA, and the meaning and implications of the Standards. This serious obligation requires two core elements to be effective: first, understanding the Standards; and second, knowing the limits of his or her knowledge. With these principles in mind, PREA auditors must: 1. Have read and understand the PREA Standards 2. Conduct PREA audits in accordance with those PREA Standards that apply to auditors, including, but not limited to, the requirements stated in Standards 115.401-404 3. Conduct PREA audits according to the methodology provided in this Handbook, the PREA Auditor Candidate Training, FAQs issued by the DOJ PREA Working Group, and any other continuing education and guidance provided by the PREA Management Office and the PREA Resource Center in writing, in continuing auditor education, or through other means 4. Audit an agency’s or facility’s compliance with every applicable Standard and every provision of each of those Standards 12 5. Provide a detailed description in every audit report of the evidence used to make all compliance determinations and how this evidence was triangulated and analyzed to reach the compliance determinations 6. Continually seek to maintain and improve their professional knowledge, skills, and competence, including maintaining familiarity with all FAQs issued by the DOJ PREA Working Group and completing all continuing education requirements for auditors Identifying Potential Conflicts of Interest A conflict of interest arises when an individual’s official responsibilities as a PREA auditor could affect his or her personal or financial interests or the interests of others who have been imputed to the auditor because of the closeness of their relationship. DOJ-certified PREA auditors have a responsibility to avoid any conflicts of interest, or the appearance of any such conflict. Conflicts of interest may adversely impact an auditor’s ability, or perceived ability, to conduct high quality, reliable, objective, and comprehensive audits. Therefore, auditors should avoid any personal or financial arrangements that could create a conflict of interest, or the appearance of a conflict of interest, that would lead a IMPORTANT reasonable person to question their objectivity during the conduct of a PREA audit. Under no circumstances should an Auditors must consider any auditor permit someone to unduly influence his or her business or personal relationship professional judgment. or other interest that might significantly impair their objectivity, yield an unfair competitive advantage, or even create the appearance of impropriety. Such relationships are considered to be conflicts of interest and must be identified and avoided by auditors. Prior to every audit, the auditor is required to certify in writing that he or she has no conflict of interest through any relationship to the facility to be audited or the agency overseeing that facility. 7 The Auditor Report Template available on the PREA Resource Center Website (see www.prearesourcecenter.org/node/1754) includes a prompt for auditors to complete this information. Relevant PREA Standard In general, if an auditor has a financial, personal, or recent or current employment relationship to an agency, he or she must not conduct audits for that agency. Standard 115.402 is designed to minimize the risk of a PREA auditor having any such conflict of interest. There are three provisions under Standard 115.402 that address auditor conflicts of interest. These include the following: • 7 115.402(a) – “An audit shall be conducted by: (1) A member of a correctional monitoring body that is not part of, or under the authority of, the agency (but may be part of, or authorized by, the relevant State or local government); (2) A member of an auditing entity such as an inspector general’s or ombudsperson’s office that is external to the agency; or (3) Other outside individuals with relevant experience.” See 28 C.F.R. § 115.403(a). 13 • 115.402(c) – “No audit may be conducted by an auditor who has received financial compensation from the agency being audited (except for compensation received for conducting prior PREA audits) within the three years prior to the agency’s retention of the auditor.” • 115.402(d) – “The agency shall not employ, contract with, or otherwise financially compensate the auditor for three years subsequent to the agency’s retention of the auditor, with the exception of contracting for subsequent PREA audits.” Building on Standard 115.402(a), (c), and (d), the following guidance must be used by auditors when deciding whether to accept an offer to conduct a PREA audit of an agency or facility. Personal Relationships The principles outlined in Standard 115.402 apply to situations in which the auditor’s immediate family members or close personal friends have a conflict of interest. For example, an auditor may not conduct an audit of an agency if an immediate family member or close personal friend has been employed by the agency within the last 3 years or has a significant financial interest in any corporation or other business associated with housing of inmates in that agency. An auditor also may not conduct an official PREA audit for an agency (or facility under the authority of that agency) if the auditor has an immediate family member (including parents, spouses, siblings, and children) or close personal friend in the custody of a facility operated by the agency under review. Conversely, if the auditor, an immediate family member (including parents, spouses, siblings, and children), or close personal friend was previously incarcerated within a facility operated by the agency under review, the auditor may conduct an official PREA audit for the agency (or facility under the authority of that agency); however, the auditor must disclose this relationship in the audit report. The above requirements relating to personal relationships apply to the lead auditor, all secondary auditors, and all non-certified support staff who an auditor may employ to assist him or her in completing the audit. Maintaining Impartiality In order to maintain the objectivity of the PREA audit process, auditors should not receive both compensation from a confinement agency for performing an official PREA audit and any other paid employment (including contracts or consultation for audit preparation, training, or unrelated technical assistance) from that same entity within 3 years of each other. • Example 1: PREA auditor Tony is hired by XYZ County Sheriff’s Department—either directly or through a third party entity, ABC PREA Auditing, LLC—to conduct a PREA audit of a facility operated by the XYZ County Sheriff’s Department. The following year, Tony is contracted again to perform a food safety assessment at another facility operated by the same Sheriff’s department. • Example 2: PREA auditor Tony is hired by the Sunshine Confinement Corporation— either directly or through a third party entity, ABC PREA Auditing, LLC—to conduct a PREA audit of a juvenile facility operated by the Sunshine Confinement Corporation on behalf of the State A Department of Juvenile Justice. The following year, Tony is hired 14 again by the Sunshine Confinement Corporation, this time to conduct a food safety assessment for a prison operated by the Sunshine Confinement Corporation on behalf of the State B Department of Corrections. • Example 3: PREA auditor Tony is hired by the XYZ County Sheriff’s Department—either directly or through a third party entity, ABC PREA Auditing, LLC—to provide PREArelated technical assistance to a facility operated by the XYZ County Sheriff’s Department. The following year, Tony is contracted again to conduct a PREA audit of that facility. Each of these 3 examples are a problem. The first two examples above raise the possibility that the auditor might be, or appear to be beholden to the agency where multiple employment contracts could be contingent on a successful PREA audit (i.e., full compliance). The third example above demonstrates a scenario in which the auditor would be evaluating his own work. Such relationships bias the auditor’s assessment and make it more likely that the auditor will find the facility in full compliance. The guidance and scenarios described in this chapter are not intended to be exhaustive but rather illustrative of what an auditor should consider when deciding whether he or she can accept an offer to conduct a PREA audit at any particular agency or facility. Each individual case will be different and must be examined by each auditor to ensure that he or she can conduct an official PREA audit in a fair and objective manner. Questions regarding particular situations should be directed to the PREA Management Office at PREACompliance@usdoj.gov. Section IV. Auditor Certification Requirements This section describes in detail the process for becoming a DOJ-certified PREA auditor and the requirements that auditors must follow in order to maintain their certification. PREA Auditor Certification Process PREA Standard 115.402(a) and (b) establish minimum qualifications for PREA auditors and direct DOJ to establish a process for auditor certification, as follows: (a) An audit shall be conducted by: (1) A member of a correctional monitoring body that is not part of, or under the authority of, the agency (but may be part of, or authorized by, the relevant State or local government); (2) A member of an auditing entity such as an inspector general’s or ombudsperson’s office that is external to the agency; or (3) Other outside individuals with relevant experience. (b) All auditors shall be certified by the Department of Justice. The Department of Justice shall develop and issue procedures regarding the certification process, which shall include training requirements. To fulfill its requirements under Standard 115.402(b), DOJ has established the following requirements for PREA auditor certification (which may be amended as needed): 1. Three years of significant auditing, monitoring, quality assurance, investigations, or substantially similar experience with the facility type or set of Standards in which the 15 applicant seeks certification(s). When seeking both adult and juvenile certifications, an applicant must demonstrate at least 3 years of relevant experience in juvenile settings or with juvenile populations and at least 1 year of relevant experience in adult settings. Experience in an adult prison, jail, or lockup that houses youthful inmates or youthful detainees does not qualify as experience with juvenile populations or juvenile settings. In addition to applicants who are employed by a corrections, detention, or relevant law enforcement agency or facility, PREA auditor training and certification are also open to applicants with related work experience in the justice system in which exposure to a confinement agency or facility operations and contact with relevant inmate, resident, or detainee populations are regular components of the position or role. Such positions and roles include, but are not limited to probation and parole; prisoner re-entry; law enforcement and public safety; legal positions, including prosecution and defense; inmate and victim advocacy; onsite technical assistance or consultations related to corrections and/or conditions of confinement; and other settings that provide appropriate collateral exposure in confinement facilities. a. Significant auditing experience means regular job responsibilities focused on the objective, unbiased, systematic examination of information to determine the adequacy of policies, procedures, and practices, and their compliance with established standards or guidelines. Paper-based auditing, unless it is part of a larger performance-based audit process, does not qualify as significant auditing experience. Paper-based auditing includes tasks, such as fiscal or financial reviews, examinations of accounting practices, and oversight of the work of subordinates. Preparation for audits conducted by another person or entity also does not quality as significant auditing experience. b. Significant quality assurance experience entails regular job responsibilities focused on monitoring and analyzing the outcomes and effectiveness of business or enterprise procedures, processes, practices, and/or operations, and includes designated responsibility for recommending and implementing changes to these procedures, processes, practices, and/or operations to enhance outcomes and effectiveness. c. Significant compliance experience requires regular job responsibilities focused on monitoring and/or inspecting facility operations to ensure that a public agency or other regulated unit obeys specific laws, regulations, or other legal requirements, such as a court-ordered consent decree or other enforcement mechanism. Compliance activities may include records reviews, and responding to internal or external requests for information. Contract monitoring, unless it is part of a larger compliance monitoring job responsibility, does not qualify as significant compliance experience. d. Significant investigations experience refers to regular job responsibilities focused on formal, systematic, and detailed examinations or assessments to ascertain the facts involved in a situation/incident, where there are allegations or indications of criminal or civil violations, or staff, employee, or offender misconduct. 16 2. A bachelor’s degree from an accredited college or university, or a high school degree and equivalent career-related experience, defined as 5 years of contemporary fulltime public safety experience in a position which requires considerable exercise of professional discretion. 3. Two references from professionals in the field related to a relevant set of Standards. Individual applicants who work for a state-level auditing or compliance entity (e.g., an employee of a state inspector general’s office) and PREA coordinators may submit endorsements from their employing entities as substitutes for references. 4. Submission of a complete and accurate application for admission to the PREA Auditor Candidate Training through the PREA Resource Center. 5. If accepted, attendance and full participation in the 40-hour PREA Auditor Candidate Training provided by the PREA Resource Center. 6. Completion of a pre- and post-training examination with a score of 80 percent or higher. 8 7. Passing a criminal records background check. 8. Participation in and completion of all requirements for the Field Training Program (effective beginning with the July 2017 PREA Auditor Candidate Training, as described in Chapter 9). 9. Completion and submission of the Auditor Certification Agreement. After auditor candidates successfully complete all of the above requirements, DOJ, through the PREA Management Office, will grant auditors with probationary certification (effective beginning with the March 2015 PREA Auditor Candidate Training). Auditors under probationary certification status must complete all of the requirements outlined in Chapter 10 in order to receive full certification. PREA auditor certification is valid for 3 years following the auditor’s original certification date. 9 At the end of this period, an auditor’s certification will expire, unless the auditor has applied for and been granted recertification by DOJ through the PREA Management Office. Information on the recertification process and requirements can be found in Chapter 27. Dual Certification Based on an applicant’s experience and work history, he or she may train and be certified to conduct audits of adult facilities (including prisons, jails, community confinement facilities, and lockups), juvenile facilities, or both types of facilities. Once certified by DOJ, auditors are only authorized to conduct audits for the facility type for which they are certified. Individuals interested in seeking dual certification to conduct audits in both juvenile and adult facilities are encouraged to make this designation during the application process, prior to Auditor candidates who do not achieve a passing score on their pre- or post-training examination are granted one opportunity to retake each examination. Auditor candidates who fail the retake of the pre-training examination will not be permitted to attend the 40-hour PREA Auditor Candidate Training. 9 The certification date for all auditors can be found under their names in the list of DOJ-certified PREA auditors on the PREA Resource Center website (see www.prearesourcecenter.org/audit/list-of-certified-auditors). 8 17 attending the 40-hour PREA Auditor Candidate Training. However, individuals may also request an additional certification type while onsite at the PREA Auditor Candidate Training, after training has been completed but prior to receiving DOJ certification, or following certification by completing a Supplemental Information Form for dual certification and receiving a passing score of 80 percent or higher on a supplemental examination that covers topics relevant to the additional certification type being requested. Requests for dual certification should be directed to the PREA Resource Center by submitting the Supplemental Information Form, which can be found under Resources in the Auditor Portal. The PREA Management Office reviews all requests for dual certification to determine whether the individual meets the minimum qualifications for the additional certification type being sought, as specified below: • Individuals seeking adult certification must possess (in addition to the qualifications stated above) at least 1 year of significant auditing, monitoring, quality assurance, investigations, or substantially similar experience in adult institutions, including prisons, jails, community confinement facilities, or lockups. • Individuals seeking juvenile certification must possess (in addition to the qualifications stated above) at least 3 years of significant auditing, monitoring, quality assurance, investigations, or substantially similar experience in a juvenile facility setting or with juvenile populations (excluding experience in adult settings with youthful inmates or detainees). Individuals will be notified of the PREA Management Office’s decision by the PREA Resource Center. If approved for dual certification, both certification types will be reflected in the list of DOJ-certified PREA auditors on the PREA Resource Center website. The additional certification type granted by DOJ will expire on the same date as the original certification type. Additional information on the recertification process and requirements can be found in Chapter 27. Field Training Program Beginning with the July 2017 PREA Auditor Candidate Training, as a requirement for certification, auditor candidates are required to successfully complete a training audit as part of the Field Training Program. The goal of the Field Training Program is to provide auditor candidates with an opportunity to transfer the knowledge and skills they attained during the classroom-based PREA Auditor Candidate Training to a field-auditing experience in a supervised and supportive environment. Specifically, the Field Training Program audit will strengthen auditor candidates’ understanding of the PREA Standards, hone their auditing skills, and provide an opportunity to implement the PREA audit methodology. Auditor candidates are assigned a specific training audit based on geographic location and will be expected to complete the full training audit (approximately 19 weeks for the pre-onsite audit, onsite, and post-onsite audit phases). 10 More information about the Field Training Participation in the Field Training Program requires approximately 35–40 hours during the pre-onsite audit phase, a minimum of 55 “working hours” during the onsite audit phase, and 35–40 hours during the post-onsite audit phase. 10 18 Program and what is expected of auditor candidates can be found in the Field Training Program Syllabus and Manual, which are available in the Auditor Portal. Probationary Certification Status Beginning with auditors who attended the March 2015 PREA Auditor Candidate Training, all newly certified auditors are required to enter probationary certification status and must successfully complete all the requirements to become fully certified by DOJ. Probationary certification status assists newly certified auditors in learning to effectively and comprehensively communicate their audit findings. Upon completion of the probationary certification status requirements, the PREA Management Office will review the auditor’s body of work and make a determination as to whether or not the auditor will receive full certification. Probationary Certification Review Process Auditors on probationary certification status must submit draft reports for their first two audits for review by the PREA Resource Center prior to submitting them to the audited facility. The goal of the PREA Resource Center’s review is to evaluate the degree to which the audit reports clearly and thoroughly describe the auditor’s methodology, the evidence collected during all phases of the PREA audit process, the auditor’s systematic review and analysis of the evidence, and how the auditor connected this information to determine compliance or noncompliance for each provision of every Standard. Based on this review, PREA Resource Center staff will provide detailed guidance to the auditor regarding areas of strength and areas in need of improvement. In the ordinary course of an audit, auditors are required to submit an interim report (or final report if there is no corrective action) to the audited facility no more than 45 days after the last day of the onsite portion of the audit. To accommodate the probationary certification review process, the PREA Management Office has extended this timeframe to 60 days for auditors under probationary certification status. The steps for this process are described below. 1. Regardless of whether or not auditors use the Online Audit System to conduct an audit (see Chapter 14), auditors on probationary certification status must notify the PREA Resource Center of a forthcoming audit for probationary certification review at least 30 days prior to the first day of the onsite portion of the audit by submitting a Pre-Audit Reporting Form in the Auditor Portal. Following this notification, auditors should keep the PREA Resource Center apprised of any changes in the audit timeline that may impact its review. Auditors are also encouraged to notify the facility early in the audit process of the revised reporting timeline. 11 2. Auditors on probationary certification status must submit their draft reports to the PREA Resource Center within 30 days of the last day of the onsite portion of the audit. 12 The PREA Resource Center has a template letter available in the Auditor Portal that auditors are encouraged to use to notify the audited facility of the revised audit reporting timeline for probationary certification audit report reviews. 12 For audits that require a corrective action period, auditors must submit a draft of their interim reports. For audits that do not require a corrective action period, auditors must submit drafts of their final reports. 11 19 3. PREA Resource Center staff review the draft report and provide the auditor with written guidance, usually within 10 days. 4. PREA Resource Center staff will initiate a conversation with the auditor via telephone or video conference to discuss the guidance and address any questions or concerns from the auditor. 5. Following receipt of guidance from the PREA Resource Center, the auditor will incorporate the guidance and submit the revised draft to the PREA Resource Center for review. 6. PREA Resource Center Staff will review the auditor’s revised report and, as necessary, will work with the auditor to achieve the designated objectives for quality audit reporting and ensure that the auditor has satisfactorily integrated the guidance into his or her report. Depending on the nature of the guidance and the individual needs of the auditor, the PREA Resource Center may require the auditor to submit more than one revision of the draft report. 7. Once the PREA Resource Center concludes in writing that the auditor has adequately responded to the written guidance and made the necessary amendments, the report must be submitted to the facility no later than 60 days after the last day of the onsite portion of the audit. Audit reports may not be submitted to the audited facility until the auditor is notified to do so by the PREA Resource Center. 8. Auditors will receive written notice from the PREA Resource Center indicating when the auditor has completed his or her probationary certification review requirement for each reviewed audit report. At this time, the auditor will also receive a brief summary report from the PREA Resource Center detailing the written guidance provided to the auditor through the probationary certification review process, improvements made by the auditor, and, if applicable, areas in need of future improvement. 9. Following the auditor’s completion of his or her second probationary certification report review, the PREA Management Office reviews the auditor’s body of work and makes a determination as to whether or not the auditor will receive full certification. More detailed information on the PREA Management Office’s review and probationary certification status outcomes is provided below. 10. Regardless of whether or not auditors use the Online Audit System to conduct an audit (see Chapter 14), auditors on probationary certification status must submit the final audit report and required Post-Audit Reporting Form to the PREA Resource Center in the Auditor Portal within 15 days following submission of the final report to the audited facility (see Chapter 11 for auditor reporting requirements). Thus, for audits that require a corrective action period, auditors are required to submit to the PREA Resource Center both a draft of their interim audit report for probationary certification review, as well as a copy of the final audit report that goes to the audited facility. 11. The PREA Resource Center will then conduct a final review of the auditor’s report to ensure that the written guidance is reflected in the final product. 20 See below for additional requirements for auditors under probationary certification status. • Caution regarding time between probationary certification audits. Auditors are encouraged to allow a minimum of 28 days between the onsite portions of the two audits that an auditor submits for probationary certification review by the PREA Resource Center. If an auditor conducts the onsite audit for his or her first two audits within less than 28 days, that will limit the amount of time the auditor has to work with the PREA Resource Center and may negatively impact his or her probationary certification review outcome. • Probationary certification status requirements and agency-level audits. Any agencylevel audits 13 conducted by an auditor while on probationary certification status do not count toward the two facility-based audits necessary to complete the probationary certification status requirements. Auditors who conduct an agency-level audit while on probationary certification status must notify the PREA Resource Center and submit their draft reports according to the steps prescribed above. The PREA Resource Center may review an auditor’s agency-level audit report at its discretion; however, it will not count toward the auditor’s probationary certification review requirement. • Importance of incorporating guidance from the PREA Resource Center. Auditors are expected to incorporate all guidance provided by the PREA Resource Center into their audit reports prior to submitting them to the IMPORTANT audited facility. Additionally, as part of its probationary certification review, the PREA Auditors who successfully Resource Center typically reviews a sample of complete their probationary Standards in an auditor’s report. Recognizing that certification status requirements reporting deficiencies related to one Standard may and are granted full certification status by DOJ are expected to often be reflected in many if not all Standards in a permanently integrate the report, auditors are expected to apply the PREA guidance provided by the PREA Resource Center’s guidance to all applicable Resource Center into their audit Standards in the report. • Expectations for audit report quality. Draft audit reports submitted to the PREA Resource Center for probationary certification review must be well organized, complete, have few to no spelling errors, and reflect the quality and caliber of a final publishable report that an auditor would submit to the audited facility. • Instructions for auditors using the Online Audit System. Auditors on probationary certification status who use the Online Audit System to conduct an audit must click on the button to generate the interim report (or final report if there is no corrective action) but must not click “SUBMIT.” Rather, the report should be saved as a PDF document and submitted through the appropriate task in the auditor’s profile on the Auditor Portal. This will initiate review of the draft report. Once the auditor has received written notice from the PREA Resource Center indicating that he or she has completed the reporting practice. The agency-level audit refers to an audit of only a handful of Standards that impose requirements at the agency level only. 13 21 probationary certification requirement for the audit report under review, the auditor may then click “SUBMIT” and send the report to the facility. Probationary Certification Status Review Criteria The criteria used to review probationary certification reports are derived from the requirements in the PREA Standards 14 and primarily focus on the degree to which the auditor provides adequate discussion and description of the following: • Audit methodology (e.g., interview selection, documentation sampling, and site review steps) • All evidence relied upon to make a compliance determination for each provision of every Standard • The systematic review and analysis of all evidence relied upon to make a compliance determination for each provision of every Standard (i.e., the reasoning that connects all relevant evidence to each compliance determination) • Where applicable, all identified deficiencies, recommended corrective action steps, and the method(s) used to verify completion and institutionalization of the corrective action(s) Additionally, PREA Resource Center staff review auditors’ reporting materials to ensure that auditors completed the audit reporting forms in a timely manner; used the required audit report template and completed it in full; and provided accurate and consistent information across the audit reporting forms and audit reports. The PREA Resource Center staff also assess the degree to which auditors incorporated the written guidance provided and, when applicable, applied it across the entirety of the audit report. To support auditors in successfully completing the probationary certification review process, the PREA Resource Center provides auditors with sample audit reports that reflect the minimum level of quality that auditors should follow in their reporting practice. These sample audit reports are intended to be a helpful resource for auditors on probationary certification status, and while it is permissible for auditors to use some of the sample audit report language to organize and structure their audit reports, they are not intended to serve as a template that should simply be copied. All auditors are responsible for the originality and quality of their audit reports. The PREA Resource Center’s review is not intended to challenge the findings of auditors, but rather to determine whether and the extent to which auditors connect evidence, reasoning, and conclusions in a way that clearly demonstrates the basis for finding compliance or noncompliance for each provision of every Standard. The role of the PREA Resource Center staff during the probationary certification review period is to help auditors improve their report writing skills and achieve a minimum standard of quality in their audit reporting. This review, however, does not constitute an endorsement of an auditor’s findings by the PREA Resource Center or DOJ. 14 See 28 C.F.R. §§ 115.403(b), 115.403(c), and 115.403(d). 22 Probationary Certification Status Outcomes Upon completion of an auditor’s two required probationary certification reviews by the PREA Resource Center, the PREA Management Office will review the auditor’s body of work and make a determination as to whether or not the auditor will receive full certification. In making this determination, the PREA Management Office will consider the following probationary certification review information: • • • Performance on the two probationary certification report reviews according to the review criteria listed above Degree of improvement between the initial and final report drafts for each probationary certification review Degree of improvement between the first and second probationary certification report reviews In addition, the PREA Management Office will consider an auditor’s compliance with the following: • • • • • • • • • • The PREA Auditor Code of Conduct The PREA Auditor Certification Agreement PREA Standards governing auditor conduct FAQs issued by the DOJ PREA Working Group The PREA Auditor Handbook PREA auditor requirements articulated in the PREA Auditor Candidate Training Required PREA auditor continuing education PREA auditor reporting requirements Peer review requirements Remediation steps required by the PREA Management Office Finally, the PREA Management Office considers any allegations regarding auditor misconduct (including, but not limited to negligence, criminal conduct, malfeasance, gross fraud, and conflict of interest), as well as any credible evidence of serious misapplication or misinterpretation of one or more PREA Standards. The PREA Management Office will normally notify the auditor of its determination no more than 60 days following the auditor’s completion of all the probationary certification status requirements. Full certification status will be granted to those auditors who follow all of the probationary certification status requirements listed in this chapter; meet a minimum threshold of quality on their probationary certification reports; demonstrate measurable improvement in their probationary certification reports, when applicable; and comply with the PREA auditor certification requirements articulated in this Handbook. The PREA Management Office may deny full certification status to any PREA auditor who fails to follow all of the probationary certification status requirements listed in this chapter; meet a minimum threshold of quality on probationary certification reports; demonstrate measurable improvement in audit reporting, when applicable; and/or comply with the PREA auditor certification requirements articulated in this Handbook (see full list of the PREA Management Office’s probationary certification status review considerations above). If the PREA Management Office learns that an auditor under probationary certification status has 23 conducted one or more audits without completing the requirements outlined in this chapter, the PREA Management Office may deny full certification status. Forgetting or claiming not to have known of the probationary certification status requirements is not an adequate justification for failure to comply with them. Auditors who are denied full certification status will not be authorized to conduct any PREA audits, and their names will be removed from the list of DOJ-certified PREA auditors on the PREA Resource Center website. If an auditor has any contractual obligations to conduct audits for which the onsite portion is scheduled on or after the effective date of denial of full certification, the auditor must immediately notify the appropriate officials in the facility or agency of his or her denial of full certification to discuss contract termination, as appropriate. If an auditor has any in-progress audits for which he or she has completed the onsite portion, the auditor must immediately notify the appropriate officials in the facility or agency of his or her denial of full certification and ask those officials for instruction regarding completion of the contracted tasks. If the officials from the agency or facility expect the auditor to complete the post-onsite audit work, the auditor will be temporarily authorized to complete the audit through the final report. In such instances, auditors must report all in-progress audits to the PREA Management Office at PREACompliance@usdoj.gov and provide the date upon which those audits are expected to conclude (i.e., when the final report will be submitted to the audited facility). Unless otherwise specified by the PREA Management Office, auditors who are denied full certification are permitted to apply again to become certified as PREA auditors, but they must go through the regular application and training process. During the application review process, the circumstances of an auditor’s denial of full certification and his or her past auditing performance and conduct will be considered in evaluating the applicant’s suitability to become certified to conduct PREA audits. Appealing a Determination to Deny Full Certification Status Within 30 days of the date of Notice of Denial of Full Certification from the PREA Management Office (unless the PREA Management Office specifies a different due date), auditors have the option to appeal the PREA Management Office’s determination. Written appeal must be made to the PREA Management Office by email at PREACompliance@usdoj.gov and must: • • Consist entirely of directly relevant written materials Include all necessary explanations, information, or other materials in response to the allegations described in the Notice of Denial of Full Certification Any false statements made in support of an appeal may be subject to criminal prosecution, including under 18 U.S.C. § 1001, and are subject to review by the Office of Justice Programs Office of the General Counsel and the DOJ Office of the Inspector General. The PREA Management Office may amend the Notice of Denial of Full Certification at any time prior to its final disposition. If such an amendment includes any new material allegations of fact, the auditor will have the opportunity to appeal the new allegations in the amended Notice of Denial of Full Certification. An auditor’s appeal of the new allegations in the amended Notice of Denial of Full Certification must be written and provided to the PREA Management Office in accordance with the procedures outlined above no later than 30 days after the PREA 24 Management Office provides the PREA auditor with the amended Notice, unless the PREA Management Office establishes a different due date. If no appeal is received by the PREA Management Office within 30 days after the date of the Notice of Denial of Full Certification (without reasonable justification or excuse), such: 1. Constitutes a waiver of the right to contest the allegations in the Notice of Denial of Full Certification, and 2. Will result in the denial of full certification of the PREA auditor without further notice to the PREA auditor, and 3. The denial of full certification will be considered to be final as of the date indicated in the Notice of Denial of Full Certification. If an appeal is received by the PREA Management Office within 30 days after the date of the Notice of Denial of Full Certification, it will be carefully considered by the PREA Management Office. The PREA Management Office will make its determination and provide written notice of its decision to: • • Confirm the denial of full certification (including the reasons therefor), or Rescind the denial of full certification, which may include mandatory remediation steps or other requirements Denial of full certification will remain in effect while the appeal is under consideration. Auditor Reporting Requirements Auditors conducting an audit outside of the Online Audit System 15 (i.e., conducting a paper audit) must fulfill the following reporting requirements: Complete and submit Pre-Audit Reporting Form. The Pre-Audit Reporting Form collects basic information about scheduled audits, including the expected dates for the onsite portion of the audit, the location of the audit, and the facility and/or agency to be audited. Auditors must complete and submit this form to the PREA Resource Center at least 30 days prior to the first day of the auditor’s onsite visit to the facility. • 15 • Complete and submit Post-Audit Reporting Form. The Post-Audit Reporting Form collects detailed information regarding the characteristics of the audited facility and/or agency, the dates for the onsite portion of the audit, the audit location, and descriptive information regarding the auditor’s methodology and compliance with his or her obligations under the PREA Standards. Auditors must complete and submit this form to the PREA Resource Center no more than 15 days following the date upon which the final report was submitted to the audited facility and/or agency. • Submit final audit report. Auditors must submit their final audit reports to the PREA Resource Center no more than 15 days following the date upon which the final report was submitted to the audited facility and/or agency. There is an upload feature in the Post-Audit Reporting Form for auditors to submit their final audit reports. Refer to Refer to Chapter 14 for more information on the Online Audit System. 25 Chapter 18 for important information regarding final audit report formatting requirements. Links to the above reporting forms are available on the dashboard of the Auditor Portal. For auditors who start an audit in the Online Audit System but, Auditors on Probationary for any reason, complete the audit outside of the Online Certification Status Audit System, they must submit their Pre- and Post-Audit Reporting Forms and final audit reports using the available As described in Chapter 10, forms in the Auditor Portal. Auditors who use the Online Audit System to conduct an audit must complete the information relevant to the Preand Post-Audit Reporting Forms directly in the Online Audit System and will not need to submit separate forms to the PREA Resource Center. The Online Audit System also preserves a copy of the final audit report; therefore, auditors who complete an audit using the Online Audit System do not need to submit their final audit reports separately to the PREA Resource Center. regardless of whether or not auditors use the Online Audit System to conduct an audit, auditors on probationary certification status must submit a Pre-Audit Reporting Form, PostAudit Reporting Form, and the final audit report to the PREA Resource Center in the Auditor Portal according to the specified timelines. In addition to the above forms, all auditors, regardless of whether or not they conduct audits using the Online Audit System, must fulfill the following reporting requirements: • Complete and submit Annual Audit Reporting Form. This form captures the number of audits an auditor conducted in a calendar year. If an auditor did not conduct any audits between January 1 and December 31 of a given calendar year, or if he or she only participated in an audit in a role other than as the lead auditor, the auditor must still complete the Annual Audit Reporting Form and indicate his or her involvement by typing a “0” in the appropriate space on the form. All auditors, including those who did not conduct any audits in a given calendar year, must complete and submit this form to the PREA Resource Center by the specified due date following the conclusion of each calendar year. The Annual Audit Reporting Form can only be accessed in the Auditor Portal; therefore, all auditors, regardless of whether or not some or all of their audits were conducted in the Online Audit System, must complete and submit an Annual Audit Reporting Form in the Auditor Portal by the designated deadline each year. • Report Changes to Auditor Contact Information. Auditors are required to provide the PREA Resource Center with a current and functioning email address, physical address, and telephone number, and to update this information as necessary by submitting an Auditor Contact Information Change Form, which is available in the Resources section of the Auditor Portal. Auditors must be able to receive and read all communications from the PREA Resource Center, the PREA Management Office, and DOJ in a timely fashion. Failure to receive or read time-sensitive correspondence that imposes an obligation on or notifies an auditor of disciplinary action is not a viable defense against steps taken by the PREA Management Office that may impact an auditor’s certification. 26 All reporting forms must be fully and accurately completed. The submission of false or incomplete information, or failure to comply with these reporting requirements, may result in disciplinary action by the PREA Management Office that impacts an auditor’s DOJ certification. Continuing Education Requirements All auditor continuing education coursework is available on the Auditor Portal. Auditors can expect no more than 10 hours of required continuing education coursework each year. All required continuing education courses are delivered in a web-based format that can be accessed at any time on the Auditor Portal. The PREA Resource Center will provide ample notice of upcoming continuing education courses required by the PREA Management Office, and auditors must complete all the required coursework by the designated due date. Failure to comply with the auditor continuing education requirements may result in disciplinary action by the PREA Management Office that impacts an auditor’s DOJ certification. Complaints or Concerns about Auditor Conduct All auditors are required to disclose to the PREA Management Office any information about themselves or any credible information about other auditors regarding possible misconduct or failure to follow proper procedures as outlined in this Handbook. The duty for auditors to disclose such information creates a culture of awareness and reporting that supports effective PREA implementation and accountability in the auditing process. The following two subsections describe the PREA Management Office’s expectations for self-disclosure and reporting of information related to possible misconduct of another auditor. Self-Disclosure Auditors must immediately disclose to the PREA Management Office any actions that constitute grounds for disciplinary review or disciplinary action (see Chapter 23 and Chapter 28), including: • Any arrest or criminal conviction • Any finding of liability for fraud or other unlawful behavior that may bear on an auditor’s honesty or credibility • If an auditor is found culpable of, pleads guilty to, or pleads no contest to any misconduct, sexual abuse, sexual harassment, or related conduct through any criminal, civil, or administrative investigation or legal proceeding • If an auditor is released from or voluntarily leaves employment or contract while under criminal, civil, or administrative investigation for any misconduct, sexual abuse, sexual harassment, or related conduct Auditors must report such information directly to the PREA Management Office via email at PREACompliance@usdoj.gov. Given the serious nature of the behaviors listed above, such disclosures will be sent directly to disciplinary review where any appropriate remediation steps and/or disciplinary action will be determined by the PREA Management Office on a case-bycase basis. 27 Reporting Knowledge or Information about another Auditor Auditors are required to report any knowledge or information pertaining to possible auditor misconduct, concerns regarding an auditor’s compliance with DOJ’s certification requirements, or other actions that constitute grounds for disciplinary review or disciplinary action (see Chapter 23 and Chapter 28). The Auditor Feedback Form, located on the PREA Resource Center’s website (see www.prearesourcecenter.org/audit/auditor-feedback-form), is the mechanism for submitting complaints or concerns about auditor conduct. Auditors are strongly encouraged to provide specific, factual information about the behavior or conduct of a specific auditor. Complaints that lack sufficient details will greatly limit the ability of the PREA Management Office to respond to identified issues or concerns. In addition to auditors, corrections agencies and facilities, members of the law enforcement community, advocates, and other key stakeholders working to eliminate sexual abuse and sexual harassment in confinement are strongly encouraged to report complaints or concerns about auditor conduct using the above-discussed Auditor Feedback Form. Such information is critical for maintaining the integrity of the PREA audit function. Where adequate information is provided, the PREA Management Office reviews and analyzes the report as part of the audit assessment process described in Chapter 20. Based on the nature and severity of the report, the PREA Management Office will use the information provided, taken together with auditor performance information gathered during the assessment phase, to determine the appropriate interventions and/or disciplinary action. More detailed information regarding definitions of and sanctions for auditor misconduct is provided in Chapter 23. Section V. PREA Audit Methodology The PREA audit function represents an important and fundamental shift in the way that correctional audits are traditionally performed. The PREA Standards establish an audit process that is designed to assess compliance not only through Auditing in Teams written policies and procedures but also whether such policies and procedures are reflected in the knowledge and Because of the rigorous, practiceday-to-day practices of staff at all levels. The PREA based audit methodology required Standards also require inmates to received adequate by the PREA Standards and the fact that auditors must assess education on accessing essential PREA services. As such, the compliance with more than 300 success of the PREA audit function relies on a rigorous, specific requirements or practice-based audit methodology. provisions in the Standards, auditors are strongly encouraged to conduct audits in teams. Working in a team allows auditors to share the work associated with the PREA audit, review each other’s work products, troubleshoot issues or challenges that may arise through the course of an audit, and draw from the expertise of peer auditors. The audit methodology described in this section is grounded in the auditing requirements in the PREA Standards (115.401, 115.402, 115.403, 115.404) and FAQs issued by the DOJ PREA Working Group. The methodology is also informed by an analysis of PREA audit data collected from auditors as well as PREA auditing best practices and lessons learned from the field. The purpose of this section of the Handbook is to clearly articulate DOJ’s expectations for the conduct of PREA audits 28 and establish guidelines and minimum requirements for the audit methodology during each phase of the audit. This information is also intended to enable auditors to effectively navigate the negotiation and contracting stage of audit procurement, and ensure that the agreed upon timeframes, costs, and overall audit processes reflect sound methodology and are conducive to the conduct of high integrity audits. Each chapter listed below represents a distinct phase of the audit process and includes important information regarding specific DOJ requirements for the PREA audit methodology, a description of PREA auditing tools, auditing tips and best practices, and decision-making aids to help auditors successfully meet DOJ’s expectations for high quality, reliable, objective, and comprehensive audits. PREA Audit Instrument Pursuant to Standard 115.401(d), “The Department of Justice shall develop and issue an audit instrument that will provide guidance on the conduct of and contents of the audit.” To fulfill this requirement, DOJ developed an Audit Instrument for each set of PREA Standards— including Prisons and Jail Standards, Lockup Standards, Community Confinement Standards, and Juvenile Facility Standards—which include a series of guiding documents and tools that auditors are required to use when conducting an audit. For each set of Standards, the Audit Instrument includes the following: • Pre-Audit Questionnaire. Approximately 6 to 8 weeks prior to the auditor’s onsite visit to the facility, the auditor will work with the facility to complete the Pre-Audit Questionnaire, which identifies the minimum information and supporting documents that the facility should submit to the auditor before the onsite audit begins. • Auditor Compliance Tool. This tool is used during each phase of the PREA audit to guide auditors in making compliance determinations for each provision of every Standard, including the evidence auditors should collect to assess compliance. • Site Review Instructions. These describe the areas of the facility to be toured; operations and practices to be observed; and questions that should be asked of staff and inmates in order to conduct a thorough site review. • Interview Protocols. These protocols are used by auditors to interview staff and inmates as part of the audit. Auditors are not limited to the interview questions included in the protocols; rather, these questions are designed to serve as a starting point for eliciting information about the facility’s compliance with the PREA Standards. Auditors are strongly encouraged to use the interview protocols in conjunction with the Auditor Compliance Tool and ask additional questions based on information they collect throughout the audit process. Responses to the interview questions will be part of the auditor’s compliance assessment. • Audit Report Template. This template is used by auditors to produce a final report that will be delivered to the audited facility and ultimately published on the agency’s website. • Process Map. This facility resource describes the audit process from start to finish, such as the steps involved, important timeframes, and what to expect from the auditor. 29 When a facility is well informed and can prepare in advance, the audit is more likely to occur smoothly and without delays. • Checklist of Documentation. This provides a non-exhaustive list of the documentation that should, at minimum, be requested from the facility as part of an audit, and is a helpful resource for both auditors and facilities. Additional information on when and how to use the above resources is detailed in Chapters 15– 18. All components of the Audit Instrument can be accessed and downloaded at www.prearesourcecenter.org/node/1754. Online Audit System The Online Audit System is designed to help agencies, facilities, and auditors streamline, organize, and automate much of the PREA audit process in a secure, user friendly environment. The Online Audit System guides auditors through the entire audit process and provides provision-specific instructions regarding interviews with inmates and staff, documentation collection and review, and observations made during the site review that will shape the auditor’s compliance determination for each provision of every Standard. In addition, all documentation collected through the course of the audit, including the auditor’s notes, are organized by Standard and securely stored in the Online Audit System for easy reference. Auditors who use the Online Audit System to conduct an audit can access all components of the Audit Instrument in the system. In particular, the Pre-Audit Questionnaire, Auditor Compliance Tool, and Audit Report Template are integrated into the Online Audit System workflow, allowing auditors to easily organize audit documentation, keep track of their notes for each Standard, coordinate information sharing with the facility, and seamlessly complete each step of the audit process. Auditors are strongly encouraged to use the Online Audit System. Additional information on how to use the system, system features, and available training webinars can be accessed in the Resources section in the Auditor Portal. User Guides and contact information for technology support can also be accessed at www.prearesourcecenter.org/audit/online-auditsystem/access-and-support. Phase One: Pre-Onsite Audit Prior to assessing a facility in person, there are a number of important steps for auditors to carry out during the pre-onsite audit phase. During this phase, which should last approximately 6–8 weeks, the auditor should communicate frequently with facility staff and agency leadership about the audit process, set expectations and timelines, and discuss logistics for all phases of the audit. The auditor should work with facility staff to post notices of the upcoming audit throughout the facility to ensure that inmates have the ability to correspond with auditors in a manner that is consistent with the facility’s confidential treatment of legal mail, that auditors review the information and documentation submitted by the facility via the Pre-Audit Questionnaire and conduct outreach to local advocacy organizations for information relevant to PREA compliance and sexual safety at the audited facility. 30 These important activities that should be undertaken by the auditor during the pre-onsite audit phase can be broken down into the following four core steps: 1. Audit Planning and Logistics 2. Posting Notice of the Audit 3. Reviewing Facility Policies, Procedures, and Supporting Documentation 4. Conducting Outreach to Advocacy Organizations These steps are intended to ensure that auditors focus on multiple sources of information during the audit process and reduce the workload in later phases of the audit. Additional details are provided for each of these steps below. Audit Planning and Logistics As described above, the pre-onsite audit phase provides an important opportunity for auditors to communicate with facility staff and agency leadership regarding the audit process, discuss expectations for the facility and the auditor, review key elements of the contract, and coordinate logistics for the onsite portion of the audit. It is recommended that auditors conduct an initial kickoff meeting 16 with key facility and agency staff, and establish a schedule for continued communication throughout the audit process. Establishing Audit Goals and Expectations From the beginning of the audit, it is important for the auditor to establish a positive working relationship with key facility staff and agency leadership, and to approach the audit as an opportunity for positive change that will benefit everyone working and living in the facility. PREA auditors have the difficult yet important job of conducting an objective audit that assesses compliance with every provision of every Standard and upholds the spirit and intent of the PREA Standards, while also collaborating with facilities during the corrective action stage of the audit to reach the shared goal of PREA compliance and, more importantly, sexual safety within the facility. Auditors should use this early communication with the facility to clearly articulate their role as an auditor and what the facility can Corrective Action expect during each stage of the PREA audit. It is also important to make clear that the audit, including Recognizing the number and any required corrective action, is not intended to be a complexity of the requirements in “gotcha” process. While corrective action may be perceived the PREA Standards, DOJ purposefully included corrective as failure by confinement facilities and agencies seeking action in the Standards to serve as PREA compliance, DOJ views corrective action as an a helpful tool for facilities and opportunity to enhance safety and promote a zero agencies to work in collaboration tolerance culture for sexual abuse and sexual harassment. with their PREA auditor to address In fact, the PREA audit was built on the assumption that full challenges related to sexual compliance with every discrete provision would, in most safety. cases, require corrective action. It is important for auditors to emphasize this message throughout the audit process. By characterizing the audit as an In most cases, the initial kickoff meeting will be held via teleconference or videoconference; however, auditors who live in close proximity to the audited facility or agency may opt to conduct this kickoff meeting in person. 16 31 opportunity for positive change, the auditor sets realistic expectations for the initial findings of the audit and frames the process as one that is of value to the facility or agency. Communicating Key Information on the Audit Process In contrast to traditional correctional audits, which largely focus on facility and agency policies and procedures, the PREA audit relies on a rigorous, practice-based methodology that assesses whether policies and procedures have been institutionalized. It is important for auditors to educate the facility about what it means to conduct a practice-based audit, describe each phase of the audit process and the core activities undertaken by the auditor (e.g., in-depth site review to directly observe and assess relevant correctional practices), and make it clear that a PREA audit will be unlike other correctional audits the facility has received in the past. Further, it is critical that the agency and facility understand that, under the PREA Standards, auditors are entitled to unfettered access to all areas of the facility, personnel, contractors, volunteers, and inmates, as well as a wide variety of sensitive and confidential documentation and information. See, generally, Standard 115.401. Agencies also must understand the auditor’s obligation to obtain and preserve all documentation and information relied upon in making audit compliance determinations. See, generally, Standard 115.401. This information must be communicated by the auditor to a variety of staff and administrators within an agency (e.g., medical and mental health providers, agency- and facility-based investigators, human resources personnel, agency and facility training personnel, and classification and risk screening staff). Any disagreements regarding access to relevant documentation and information within an agency or facility should be addressed and resolved prior to the onsite portion of the audit. A facility’s failure to provide an auditor with access to the necessary documentation or all areas of the facility could lead to a finding of noncompliance with Standard 115.401 and any underlying substantive Standards for which the facility has failed to meet its burden of demonstrating compliance. For additional information, see the callout box on p.37. To help the facility prepare for each stage of the audit, the auditor should send the facility a copy of the Process Map, which is described in Chapter 14. Coordinating Audit Logistics The following list provides an overview of some basic logistics that the auditor should discuss with the facility prior to the auditor’s onsite visit to the facility: • Establish a primary point of contact (POC) at the facility or agency who will be responsible for completing the Pre-Audit Questionnaire; responding to questions and/or requests for additional information from the auditor; coordinating and confirming posting of the audit notice; and assisting with other agreed-upon tasks. Although it is very helpful to identify a primary POC at the facility, auditors should emphasize and clearly convey the expectation that one person in a facility or agency cannot do all of the work associated with preparing for and completing a PREA audit. A team of administrators and staff at the audited agency or facility must work together to support the auditor throughout the process. To that end, auditors are also encouraged to identify a secondary POC at the facility who is involved in the audit process, can assist the primary POC, and serve as a backup should the primary POC be unavailable. • Agree on deadlines for key milestones in the audit process. 32 • Develop an audit schedule. • Review key elements of the audit contract (e.g., any permissible limitations on scheduling or contingencies based on facility emergencies). • Discuss logistics for the onsite phase of the audit, including but not limited to transportation to and from the facility, meals, daily schedule for the audit, meeting space, work space with internet access and adequate outlets, permissible technology (e.g., laptop, cell phone, digital camera) and other necessary audit materials (e.g., binders, notebooks, writing utensils), dress code, and security procedures. In addition, the auditor and the facility should determine where and how interviews will be conducted with inmates and staff, and the staff coverage needed to most efficiently and effectively use facility resources while onsite. Posting Notice of the Audit Standard 115.401(n) states, “Inmates, residents, and detainees shall be permitted to send confidential information or correspondence to the auditor in the same manner as if they were communicating with legal counsel.” To accomplish this communication with the auditor, auditors are responsible for working with the facility to ensure that inmates are given adequate notice of the audit and the information necessary to communicate confidentially with the auditor if they choose. Auditors should inquire early in the process how the facility plans to ensure the confidentiality of such communication. When and Where to Post the Notice It is strongly recommended that auditors instruct facilities to post the notice of the upcoming PREA audit at least 6 weeks prior to the onsite portion of the audit throughout the facility, in places where it will be visible to all inmates and staff (e.g., Accessibility of the Audit visiting areas, housing units, and recreational spaces). See Notice the callout box on this page for additional Auditors are encouraged to work recommendations on ensuring accessibility of the audit with facilities to ensure that the notice. What the Notice Should Include The notice of an upcoming PREA audit should include the following information: • Scheduled dates of the audit • Purpose of the audit • Name of the auditor • Up-to-date contact information for the auditor • An explicit and factually accurate statement regarding the confidentiality of any communication between the auditor and inmates who respond to the notice. Specifically, the notice should include the limitations of confidentiality pursuant to any mandatory reporting laws or policies that apply to 33 PREA audit notice is accessible to all inmates, including those with disabilities, with limited reading ability, with limited English proficiency, in restrictive housing, and with mail restrictions. For example, the auditor should work with a facility to identify the most commonly spoken language other than English so that the notice can be translated into one or more languages. It is also recommended that the notice be posted on brightly colored paper using large font and easy-to-read language. A sample audit notice in both English and Spanish can be found on the Auditor Portal. the auditor. See subsection on Navigating Mandatory Reporting Laws and Policies in Chapter 16. Due to the potential volume of correspondence, a P.O. Box is recommended for receiving confidential (i.e., legal) mail. Auditors’ Responsibility to Verify Posting of the Notice Auditors should confirm that the notice has been properly posted by the deadline established by the auditor and the facility. One verification method is to ask the facility to take datestamped photographs of the notice and its placement throughout the facility, and send these to the auditor in advance of the onsite portion of the audit. If the auditor is not able to verify placement of the notices prior to the onsite audit, he or she may also use direct observations and interviews with inmates and staff to verify the placement of and timeframe when the PREA audit notice was posted. Confidential Correspondence with Inmates and Staff Auditors should also plan to receive confidential correspondence from inmates and staff, and should take one or more of the following steps to adequately respond to such correspondence. • Interviews with Inmates. Except where such correspondence clearly does not relate to PREA or sexual safety in the audited facility, auditors must strive to include those inmates who submit correspondence in their interview selections (using the relevant protocols), unless the inmates are no longer in the custody of the facility. • Interviews with Staff. Auditors should generally take the same approach with staff who submit correspondence, and ensure that such staff are included in the interview process and given an opportunity to speak directly about any concerns or issues voiced in the correspondence. • Reviewing Documentation. Auditors should attempt to follow up on issues voiced by inmates and/or staff during the documentation review stage of the audit to determine whether such issues are reflected in facility documentation and, where applicable, the extent to which the facility followed the appropriate policies and procedures in response to the issues or concerns identified. • Responding to Urgent Correspondence. In cases where correspondence indicates that an inmate is in imminent harm or threatening self-harm or harm to others, the auditor should make any appropriate notifications. For example, when auditors are informed that a resident in a juvenile facility alleges current abuse, the auditor should determine whether there is a legal requirement to notify child protective services or another designated entity. In the absence of a legal requirement, the auditor should determine whether such a disclosure would be proper. When auditors receive information that an adult inmate is in imminent danger of abuse, auditors should promptly notify the agency PREA coordinator or other designated individual or entity. However, auditors must carefully balance the need to report with any specific requests and expectations the inmate may have regarding confidentiality or anonymity. 34 Reviewing Facility Policies, Procedures, and Supporting Documentation Standard 115.401 articulates the auditor’s right to access and the requirements for reviewing facility and agency documentation throughout all four phases of the PREA audit (see callout box for a list of applicable provisions and requirements). To facilitate a thorough review of facility and agency policies, procedures, and supporting documentation in advance of the onsite audit, auditors are strongly encouraged to reach out to the facility as early as 8 weeks, and absolutely no Auditor Access to Documentation later than 6 weeks, prior to going onsite to a • 115.401(f) – “The auditor shall review all facility to begin this review process. relevant agency-wide policies, Completing the Pre-Audit Questionnaire The tool used to gather information at this preparatory stage is the Pre-Audit Questionnaire, which identifies the minimum information and supporting documents that the facility should submit to the auditor before the onsite audit begins. • • procedures, reports, internal and external audits, and accreditations for each facility type.” 115.401(g) – “The audits shall review, at a minimum, a sampling of relevant documents and other records and information for the most recent one-year period.” 115.401(i) – “The auditor shall be permitted to request and receive copies of any relevant documents (including electronically stored information).” 115.401(l) – “The auditor shall review a sampling of any available videotapes and other electronically available data (e.g., Watchtour) that may be relevant to the provisions being audited.” Typically, these documents and information include publicly available or non-sensitive information. However, auditors are entitled to • request and receive sensitive and/or non-public documents and information at any stage of the audit process, including during the pre-onsite audit phase. Reviewing some additional categories of substantive documents prior to the onsite portion of the audit may permit the auditor to work more efficiently while onsite at the facility. In particular, auditors are strongly encouraged to request that the facility provide (at a minimum) a list of all allegations of sexual abuse and sexual harassment received in the 12 months preceding the audit (or longer if determined necessary by the auditor). The facility’s ability to produce this information prior to the auditor’s onsite visit to the facility will provide an important early indicator of the facility’s audit preparedness and level of compliance. In the event that a facility cannot produce this list, the auditor should clearly communicate to the facility that, as a result, there is a high probability that it will be out of compliance with several other Standards that rely on this list to assess compliance, such as Standards 115.61–115.68, which describe the facility’s responsibilities for responding to inmate reports of sexual abuse and sexual harassment. Of course, as with any stage of the audit process and explained elsewhere, auditors must use appropriate safeguards to ensure such information is not inadvertently disclosed to unauthorized parties. Additionally, auditors should request a diagram of the physical plant (i.e., building plan) and review it before the onsite visit to the facility. Becoming familiar with the physical plant structure allows auditors to thoroughly plan the facility site review and confirm that all areas of the facility are observed. The auditor should provide the Pre-Audit Questionnaire to the facility sufficiently early in the process (approximately 6 to 8 weeks prior to the onsite audit) to permit the facility to provide 35 all the necessary information to the auditor at least 4 weeks before the auditor arrives onsite. During the planning and logistics stage of the pre-onsite audit, the auditor and the facility should agree upon a date for the Pre-Audit Questionnaire to be completed by the facility. The deadline for completion should allow for adequate time in advance of the auditor’s onsite visit to the facility for follow-up questions and additional documentation requests. The auditor should also work with the facility to identify a facility staff member (e.g., PREA coordinator, PREA compliance manager) who will coordinate and lead completion of the PreAudit Questionnaire and ensure that all of the auditor’s questions are adequately addressed. As previously stated, auditors should inform facilities that neither completion of the Pre-Audit Questionnaire nor the PREA audit is one person’s responsibility. It is a responsibility that is shared by the designated facility POC, facility leadership, and key staff who oversee various facility operations (e.g., classification, medical, mental health, food services, education, and contract administration). Auditors should encourage facility POCs to work with a team of staff from departments across the facility or agency to collect the required documentation and complete the Pre-Audit Questionnaire. Encouraging this collaborative process from the beginning of the audit will prepare staff across the facility and agency for the onsite phase of the audit, and create broader awareness of sexual safety and the PREA audit process. Completion of the Pre-Audit Questionnaire and the auditor’s initial analysis of facility and agency documentation are critical components of the audit process. These steps lay the foundation for the audit and form the basis for the auditor’s understanding of the facility’s operations, terminology, structure, population, and other important information. For auditors who use the Online Audit System, the designated POC at the facility can upload the completed Pre-Audit Questionnaire directly to the online platform. The documents are stored and available for review by the auditor. Another benefit of using the Online Audit System is that information provided in the Pre-Audit Questionnaire will auto-populate portions of other tools and templates the auditor will use later in the process (e.g. the Auditor Compliance Tool and audit report). This is a time saver for auditors who otherwise have to type the same information into different forms. For auditors who are not utilizing the Online Audit System, the completed Pre-Audit Questionnaire and related documents can be emailed or saved onto an encrypted portable drive and mailed to the auditor. For information on auditor requirements for maintaining the safety and security of audit documentation, refer to Chapter 5. Once the Pre-Audit Questionnaire is complete and all documentation has been received, the auditor should conduct a thorough review, identify gaps or issues with the submitted documentation, and follow up with the facility POC with requests for additional information and/or documentation, as needed. To facilitate and document this process, auditors are encouraged to use the Issue Log and File Review Template, which are available in the Auditor Portal. In preparation for the onsite phase of the audit, auditors are strongly encouraged to begin completing the pre-onsite audit portions of the Auditor Compliance Tool during their review of the Pre-Audit Questionnaire (see Chapter 16 for additional details on completing the Auditor Compliance Tool). Because most PREA Standards require some form of documentation to verify the facility’s compliance, auditors are required to review a large number and variety of documents. To help facilitate this review process, auditors are strongly encouraged to begin using the Checklist of 36 Documentation while reviewing the facility’s completed Pre-Audit Questionnaire and to continue using the Checklist of Documentation throughout the audit process. Along with the Pre-Audit Questionnaire, the auditor is encouraged to send IMPORTANT the facility’s designated POC the Checklist of Documentation and any additional identified categories of documents the If at any point in the course of the auditor deems relevant so that the facility has a complete audit a facility or agency denies an auditor access to documentation, listing of the documents the auditor will need to review the audit report should reflect onsite and can prepare in advance to make them available “Does Not Meet Standard” for when the auditor arrives. The volume of documentation Standard 115.401. In addition, if requested can be overwhelming for facilities; thus, auditors an auditor is denied access to are also encouraged to highlight which documents listed in documents relevant to the the Checklist of Documentation the auditor is specifically facility’s compliance with any looking for the facility to submit as part of the Pre-Audit underlying substantive Standard, agencies will likely have failed to Questionnaire, as opposed to, for example, documentation fulfill their burden of that may be typically collected during the onsite portion of demonstrating compliance with the audit. the Standards pursuant to Standard 115.401(e). In such cases, the auditor should similarly reflect a finding of “Does Not Meet Standard” with respect to the underlying substantive Standard. Prior to going onsite to a facility, auditors are encouraged to review the facility and/or agency website and conduct a broad web search on the audited facility in advance of the audit to determine if there is any relevant information that may shed light on the culture and history of the facility such as recent budgetary or staffing changes, legal action against the facility (e.g., federal consent decree), press clippings, and other information that might inform the audit. Conducting Outreach to Advocacy Organizations The final pre-onsite audit task for auditors is to conduct outreach to relevant advocacy organizations. PREA Standard 115.401(o) states, “Auditors shall attempt to communicate with community-based or victim advocates who may have insight into relevant conditions in the facility.” This step in the pre-onsite audit phase is important because it provides the auditor with an opportunity to learn about issues of sexual safety and related concerns at the facility that may impact the audit. In particular, there are times when external inmate or victim advocates have information about sexual abuse and sexual harassment at the facility that may not otherwise become apparent to an auditor during the course of the audit. It is also important to note that auditors may not always be successful in reaching advocacy organizations during the pre-onsite audit phase. In such instances, auditors should make multiple attempts to connect with advocacy organizations throughout the audit process to ensure their important perspectives are included in the auditors’ analyses and findings. State or local coalitions against sexual assault operate in nearly all states, are easily identified using online searches, and serve as a good place to begin learning about the information that community-based or victim advocates may have. 37 The following is a non-exhaustive list of federal agencies and national organizations that provide online directories of state and local victim service organizations and are current as of the date of publication of this Handbook: • Office on Violence Against Women (OVW) www.justice.gov/ovw/local-resources • OVC Training and Technical Assistance Center (OVC TTAC) ovc.ncjrs.gov/findvictimservices/about.html • Just Detention International (JDI) www.justdetention.org/service/ • The Rape, Abuse & Incest National Network (RAINN) www.rainn.org/state-resources • National Sexual Violence Resource Center (NSVRC) www.nsvrc.org/organizations?tid=8& Although not required by the PREA Standards, for audits of juvenile facilities, auditors should also conduct outreach to the state and/or local department of children’s services to determine if there have been any reports of sexual abuse or sexual harassment submitted by residents or staff at the audited facility that the department may permissibly share. Similarly, for audits of adult facilities, auditors should conduct outreach to state and/or local adult protective services, agencies that are generally responsible for monitoring abuse, neglect, and exploitation of older adults and adults with physical or cognitive disabilities. Some states also maintain external oversight bodies that publish reports or may have useful information for an auditor. Auditors who are unable to identify a community-based or advocacy organization may contact the PREA Resource Center for assistance. Once advocacy organizations have been identified, auditors must conduct interviews with administrative staff in these organizations and solicit information relevant to PREA compliance, including any knowledge staff may have about issues of sexual safety in the audited facility and any support services the organization may provide for incarcerated individuals at the audited facility. Auditors must take and preserve notes of these interviews, and include relevant information obtained from these individuals or organizations in the triangulation—the process of weighing multiple forms of evidence to assess compliance—of evidence and determinations of facility compliance in the final phases of the audit. Estimating Time to Complete the Pre-Onsite Audit Auditors should be prepared to commit significant time to the pre-onsite audit phase. The actual time necessary for a given audit will depend on several factors, including the type of facility; its size; the degree to which the facility is prepared for the audit; and, importantly, the completeness, organization, and comprehensiveness of the materials the facility provides. Auditors should plan to spend 40 to 50 hours on the pre-onsite audit phase. Auditors should also remember that less work in the pre-onsite audit phase will likely mean more work in the onsite and post-onsite phases of the audit. If the pre-onsite audit work takes less time because the facility provides little or incomplete information, then the auditor should plan to make up that work onsite doing additional documentation reviews and during the postonsite audit phase conducting additional follow-up work. For example, documents or categories 38 of documents that are incomplete or unavailable during any phase of the audit will necessarily require follow-up requests for the missing documents and time to review those documents. The auditor should provide the facility or agency with realistic estimates of the time an audit will require, and should keep the audited facility updated on significant changes to the audit schedule. Review of Auditor Tools for Phase One of the PREA Audit Pre-Audit Questionnaire Auditor Compliance Tool Checklist of Documentation Process Map • • • • Phase Two: Onsite Audit During the onsite phase of a PREA audit, auditors conduct a thorough examination of the entire facility, observe routine activities, interview staff and inmates, and review and retain key documents maintained by the facility. These activities can be broken down into the following three core components of the onsite audit: • Site Review • Conducting Interviews • Documentation Selection and Review These core components form the foundation of a practice-based audit methodology. An auditor’s fidelity to these steps is critical for conducting a high quality, reliable, objective, and comprehensive audit. It is important to remember that the primary purpose of the onsite phase of the PREA audit is to assess the day-to-day practices used by facility staff to promote sexual safety. It is not appropriate to focus only or primarily on written policies and procedures when conducting a PREA audit. The importance of auditors’ observations, interviews with staff and inmates, and review of facility documentation is reflected in Standard 115.401(e), which states, “The agency shall bear the burden of demonstrating compliance with the standards.” Therefore, an agency must be compliant not only in policy but must also demonstrate institutionalization of the Standards in its day-to-day practices. An agency or facility that is unable to provide sufficient evidence of compliance, or provides substantially conflicting information or evidence regarding compliance, has failed to meet its burden. Significantly, the unavailability of documentation or information required to adequately evaluate and demonstrate compliance requires a finding of “Does Not Meet Standard” for Standard 115.401(e). While working onsite, auditors should rely on the Auditor Compliance Tool to gather and organize information they will use to make compliance determinations. The Auditor Compliance Tool walks the auditor step by step through each provision of every Standard, pairing the provision itself with the detailed requirements for compliance and noting how, as well as when, during the audit process the auditor should verify that the facility meets those requirements. Auditors must keep thorough notes while working on site. Notes are a critical element of the audit process because they help auditors recall important details when it comes time to write the audit report. They are also required under Standard 115.401(j), which states, 39 “The auditor shall retain and preserve all documentation (including, e.g., video tapes and interview notes) relied upon in making audit determinations. Such documentation shall be provided to the Department of Justice upon request.” For this reason, the Auditor Compliance Tool provides space for the auditor to describe observations, reflections, follow-up questions, and other comments. When onsite, the auditor should also verify any information that the facility provided during the pre-onsite audit phase that may lead to a finding of noncompliance with the Standards. Using the Auditor Compliance Tool consistently throughout the audit allows the auditor to keep track of the evidence collected for each Standard and more easily identify those Standards that may need additional follow up while onsite. Each step in the onsite audit phase is described in greater detail below. Site Review PREA Standard 115.401(h) states, “The auditor shall have access to, and shall observe, all areas of the audited facilities.” In order to meet the requirements in this Standard, the site review portion of the onsite audit must include a thorough examination of the entire facility. As stated in Chapter 15, auditors should request a diagram of the physical plant during the pre-onsite audit phase and become familiar with the facility layout to ensure that all areas of the facility are thoroughly observed. The site review is not a casual tour of the facility. It is an active, inquiring process that includes talking with staff and inmates to determine whether, and the extent to which, the audited facility’s practices demonstrate compliance with the Standards. The review of practices during the site review requires active engagement with critical facility functions such as intake and risk screening; cross-gender announcement; grievance process; use of signage throughout the facility (e.g., notice of the IMPORTANT audit, PREA posters); activity in the housing units; bathroom and shower procedures; staffing ratios; cameras and Auditors are encouraged to have surveillance technology deployment and use; working informal conversations with condition of telephones, kiosks, and other devices; access to inmates and staff during the site reporting entities; and supervision practices. Auditors must review; however, these watch closely during the site review and are strongly conversations do not constitute a encouraged to have facility staff walk them through routine formal interview for the purpose of complying with Standard practices such as risk screening, and pay close attention and 115.401(k) and meeting the ask questions during this process. For example, auditors are interview requirements set forth strongly encouraged to accompany an incoming inmate in this Handbook. through the initial screening process—questioning staff along the way—to thoroughly understand how the process works in practice. This contributes significantly to the auditor’s understanding of how the facility conducts this function and provides a better basis for determining where there may be issues in need of corrective action. If allowed by the facility, the auditor is also encouraged to take photographs of facility areas that present problems with compliance (e.g., cells that allow for direct sight into toilet areas) and/or where the facility may be exceeding a Standard or otherwise demonstrating a promising practice (e.g., victim-centric design and placement of PREA inmate education materials). With permission from the facility, photographs of promising practices may serve as useful examples for auditors to provide to staff and administrators during subsequent audits. Auditors should 40 take care to abide by all facility restrictions on photography and should only take photographs of the physical plant. The Audit Instrument includes Site Review Instructions to guide auditors in conducting a comprehensive site review. In addition, auditors are encouraged to use the Site Review Template to document this process, which can be found on the Auditor Portal. Some areas of a facility require more attention than others, and the auditor should read and follow the Site Review Instructions carefully. For instance, facility staff may advise the auditor that inmates are not allowed in a particular area of the facility or that there are certain areas where only staff have access (e.g., closets, offices). Because these are spaces where sexual abuse may be more likely to occur, the auditor should ensure that these areas of the facility are observed during the site review. Even when taking great care, the auditor may need to re-inspect certain areas of the facility later in the process if information obtained from interviews, documentation review, or other sources raises questions or concerns. As stated above, auditors must also take thorough notes and document their observations during the site review. This will allow the auditor to conduct a more efficient and thorough review of the evidence during the post-onsite audit phase. Defining a Housing Unit While conducting the site review, auditors should take care to accurately count the number of housing units according to the definition issued by the DOJ PREA Working Group. Facilities often define a housing unit differently from the definition under the PREA Standards; thus, auditors should not rely solely on the number of housing units the facility reports during contract negotiations or during the pre-onsite audit phase. Auditors should make an independent determination regarding the number of housing units during the site review to ensure that they are able to fully comply with the interview sampling requirements described in the next subsection and appropriately assess the facility’s compliance with the Standards that may be impacted by this determination. In particular, auditors should note that, according to the definition from the DOJ PREA Working Group, a single control room that connects multiple pods does not constitute a single housing unit. But rather, the “architectural design and functional use of these multiple pods indicate that they are managed as distinct housing units.” The DOJ PREA Working Group defines a housing unit as follows: 17 The question has been raised in particular as it relates to facilities that have adjacent or interconnected units. The most common concept of a housing unit is architectural. The generally agreedupon definition is a space that is enclosed by physical barriers accessed through one or more doors of various types, including commercial-grade swing doors, steel sliding doors, interlocking sally port doors, etc. In addition to the primary entrance and exit, additional doors are often included to meet life safety codes. The unit contains sleeping space, sanitary facilities (including toilets, lavatories, and showers), and a dayroom or leisure space in differing configurations. Many facilities are designed with modules or pods clustered around a control room. This multiple-pod design provides the facility with certain staff efficiencies 17 See www.prearesourcecenter.org/node/3209. 41 and economies of scale. At the same time, the design affords the flexibility to separately house inmates of differing security levels, or who are grouped by some other operational or service scheme. Generally, the control room is enclosed by security glass, and in some cases, this allows inmates to see into neighboring pods. However, observation from one unit to another is usually limited by angled site lines. In some cases, the facility has prevented this entirely by installing one-way glass. Both the architectural design and functional use of these multiple pods indicate that they are managed as distinct housing units. Conducting Interviews The interview process is among the most important, and most challenging, elements of a PREA audit. Interviews are also a mandatory part of the auditing process. There are two PREA Standards that address an auditor’s responsibility to conduct interviews. Standard 115.401(k) states, “The auditor shall interview a representative sample of inmates, residents, and detainees, and of staff, supervisors, and administrators.” Standard 115.401(m) provides the auditor the right to conduct confidential interviews, stating, “The auditor shall be permitted to conduct private interviews with inmates, residents, and detainees.” The objective of conducting one-on-one interviews with inmates is to provide a safe space where inmates can freely discuss their experiences at and perspectives of the facility on sensitive issues related to sexual safety. Although not specifically required by the Standards, private interviews with staff also help to uncover information and perspectives that may not surface when individuals are speaking in the company of others. For this reason, auditors are strongly encouraged to conduct interviews with only one staff member at a time in a private setting to ensure they are accurately capturing that IMPORTANT individual’s knowledge of the PREA Standards, sexual safety in confinement, and his or her specific roles and Auditors who do not take and responsibilities. maintain interview notes will be The Audit Instrument includes six interview protocols for interviewing different categories of inmates and staff as listed below: • Agency head or designee • Warden or designee • PREA coordinator/PREA compliance manager • Specialized staff • Random staff • Inmates out of compliance with Standard 115.401(j). Auditors should take comprehensive notes during all inmate and staff interviews. In most cases, it is not possible to rely on memory to reconstruct what was said, by whom, or at what point. Notes are the best way for auditors to guide their evaluation of interview content and its relationship to other evidence when making compliance determinations for each provision of every Standard. Each interview protocol is designed to elicit information about practices in the facility that relate to specific PREA Standards and more general attitudes about preventing and responding to sexual abuse and sexual harassment. It is important to remember that these interview protocols are just the starting point for a conversation that 42 yields useful information. The protocol questions are not intended to provide a script for use during the interview, but rather serve as a guide or checklist to ensure that auditors understand what information must be gained from the interview. If read as a script, the auditor would be asking leading questions that will not yield useful information. Additionally, the protocols do not cover every Standard that auditors may need to cover during a particular interview. Auditors should use the interview protocols in conjunction with the Auditor Compliance Tool and information collected throughout the audit process to inform what additional information should be covered. The subsections below provide more detailed guidance for conducting individual interviews with inmates and staff. This guidance is not a substitute for the interview protocols in the Audit Instrument. Auditors are required to use the appropriate protocols as the foundation for every interview. Navigating Mandatory Reporting Laws and Policies Each state and territory has its own mandatory reporting laws that require certain individuals to report incidents or suspicions of abuse, neglect, or maltreatment of vulnerable persons. The most familiar of these laws govern the reporting of child abuse and neglect, but there are also laws in many jurisdictions that require reporting abuse and neglect of elderly, disabled, or other vulnerable individuals, which may include incarcerated persons. Before committing to an audit, the auditor should determine whether he or she qualifies as a mandatory reporter in the jurisdiction where the audit will take place. Auditors should work with the requesting facility and agency to learn the mandatory reporting laws in that jurisdiction and any rules the facility or agency may have, how to comply with relevant laws and policies, and the identity of the entity or individual designated to receive such reports. Auditors are strongly encouraged to include clear and specific details regarding mandatory reporting in their contracts with facilities and agencies, as well as in the audit notices that are posted throughout the facility. In practical terms, mandatory reporting places limits on an auditor’s ability to assure confidentiality. Prior to interviewing or having informal conversations with any inmate or staff member, the auditor must explain any mandatory reporting requirements. For more information on mandatory reporting, The Project on Addressing Prison Rape at the American University Washington College of Law maintains a repository of mandatory reporting laws in all 50 states (see www.wcl.american.edu/endsilence/statesurveys.cfm). Interviewing Inmates The perspectives of inmates are essential to understanding the practices, procedures, and culture of a confinement facility. The objectives of inmate interviews are to understand the facility’s practices from the inmate’s perspective and determine the extent to which inmates are knowledgeable about the facility’s obligations to keep them safe from sexual abuse and sexual harassment. As required under Standard 115.401(k), auditors must interview a representative sample of inmates, and must use information collected during these interviews to inform compliance determinations during the post-onsite audit phase. The subsections below detail specific guidance regarding the appropriate sampling methodology and the minimum number of inmates that auditors are required to interview. 43 Interviews with Randomly Selected Inmates Auditors must obtain an up-to-date inmate roster (or the equivalent) on or just before the first day of the audit, and use this roster to make random interview selections. It is highly recommended that auditors obtain an inmate roster that is organized by housing unit. This will ensure that auditors select an interview sample that is geographically diverse, meaning that the inmates an auditor selects should be from as many housing units as possible in different locations throughout the facility. Auditors are also advised to obtain an inmate roster that is sorted alphabetically to assist, when necessary, with identifying specific inmates and crossreferencing with other information collected during the audit. Auditors should be aware that interview selections may be subject to change for a variety of reasons such as inmate refusals or operational factors (e.g., discharge of a selected interviewee). To minimize disruption to the audit process and to the audited facility’s normal routine, alternate selections should be identified in advance. Where feasible, auditors should also oversample in housing units that house specialized subpopulations. Oversampling refers to the practice of selecting more individuals from a subgroup than would generally be the case if everyone in the population had an equal chance of being selected. For example, if an auditor is conducting one inmate interview per housing unit in a facility that has 10 male housing units and 2 female housing units, the auditor would only capture interviews with 2 female inmates. But, if the auditor oversamples by selecting four to six female inmates for interviews, this will help to ensure their perspectives and experiences are adequately represented in the audit findings, even though women are a distinct minority in this facility. Other specialized subpopulations that may be housed together include inmates housed in medical or mental health wings, protective custody units, and special programming units, among others. Auditors should plan to spend at least 20 minutes on each random inmate interview in order to elicit useful information. While conducting these interviews, auditors should also be prepared to ask additional follow-up questions from the targeted inmate interview protocols where appropriate. For example, an auditor may learn during the course of a random inmate interview that the inmate experienced prior sexual abuse and is limited English proficient (LEP). In this scenario, the auditor should ask questions from the applicable targeted interview protocols included in the Audit Instrument. Interview rubrics listing the required number of random inmate interviews by facility type and population size are presented below in Tables 1–4. Interviews with Targeted Inmate Populations Assessing a facility’s day-to-day practices for ensuring the sexual safety of all inmates is a crucial element of the audit. One of the ways to get a strong sense of these practices and of actual sexual safety is to interview appropriate numbers of the most vulnerable populations in custody. Auditors must ensure that these populations are adequately represented in the interview process. To accomplish this, auditors should work with the facility to obtain a list of all inmates that fall within the prescribed target populations, including their housing units, so auditors can ensure geographic diversity. Auditors must attempt to interview a selection of inmates belonging to each of the following targeted populations. • • Youthful inmates/detainees confined in adult prisons, jails, and lockups Youthful inmates held in segregated housing to provide sight and sound separation 44 • • • • • • • • Inmates with a physical or cognitive disability Inmates who are LEP Transgender and intersex inmates Lesbian, gay, and bisexual inmates Inmates placed in segregated housing for their own protection from sexual victimization Juvenile residents in isolation in juvenile facilities Inmates who reported sexual abuse that occurred in the facility Inmates who reported prior sexual victimization during risk screening The number of interviews of individuals in the targeted populations must comport with the requirements presented in Tables 1–4 below. In some facilities, auditors may be told that there are no members of one or more of the targeted populations. Auditors have a responsibility to corroborate such a statement, and can do so based on information obtained from the Pre-Audit Questionnaire; documentation reviewed onsite; and discussions with screening, classification, medical, and mental health staff, among others. Auditors should evaluate the extent to which a facility appropriately and consistently collects, maintains, and tracks relevant information about whether an inmate is a member of a targeted population. If the auditor is not persuaded that the facility is sufficiently able to consistently identify members of the targeted populations, then the auditor should not be willing to accept claims of “none here” without further probing. Auditors should also be aware of other Standards that may be impacted by a facility’s inability to identify members of certain targeted populations. For example, a facility that is unable to identify any inmates who are lesbian, gay, bisexual, transgender, intersex (LGBTI) or gender nonconforming may not be meeting its obligations for screening inmates for risk of victimization and abusiveness under Standard 115.41. In addition, the auditor should use interviewing opportunities with other inmates to explore whether there are members of the targeted populations in the facility but unidentified by facility staff. When deemed appropriate, the auditor should attempt to conduct an interview with inmates identified in this manner. Inmates selected from these targeted populations should be interviewed first using the Random Sample of Inmates interview protocol, followed by the appropriate targeted inmate interview protocol. It may also be appropriate to interview IMPORTANT an inmate using more than one targeted inmate interview protocol. For example, if an inmate identifies as LGBTI, is a Interviews with inmates who have reported sexual abuse are not victim of prior sexual abuse, and is being held in segregated intended to gather information to housing due to risk of sexual victimization, it would be determine the validity of the appropriate to interview that inmate using four interview report. The purpose is to protocols: the Random Sample of Inmates interview document, from the alleged protocol, the Transgender and Intersex Inmates; Gay, victims’ perspectives, what Lesbian, and Bisexual Inmates interview protocol; the happened when they reported the Inmates Placed in Segregated Housing (For Risk of Sexual incident, whether they feel that the report was handled properly, Victimization/Who Allege to Have Suffered Sexual Abuse) and whether required services interview protocol; and the Inmates who Disclosed Sexual were provided. Victimization During Risk Screening interview protocol. In such circumstances, a single interviewee will satisfy multiple interview requirements, as discussed in the next subsection in greater detail. 45 Interviews with inmates in the targeted interview populations will likely require additional time. The amount of time will vary depending on the particular protocol, as well as the volume and type of information shared by the inmate. Auditors should plan for and schedule their time accordingly. Selecting a Representative Sample of Inmates Standard 115.401(k) requires that auditors “shall interview a representative sample of inmates, residents, and detainees.” Representative sampling means that auditors must select a group of inmates whose characteristics reflect the total inmate population in the audited facility. In order to guide auditors in conducting an adequate number of inmate interviews, the PREA Management Office has established detailed requirements that prescribe the minimum number and types of inmate interviews that must be conducted according to the facility type and total inmate population. The interview rubrics presented in Tables 1–4 below provide the minimum number of inmate interviews that must be conducted for each facility type: Prisons and Jails, Lockups, Community Confinement Facilities, and Juvenile Facilities. When determining the required number of inmate interviews, auditors should first determine the total inmate population as of the first day of the onsite portion of the audit. This should be based on the inmate roster and in conjunction with other information such as discharges, inmate programming (e.g., work release, inmates temporarily out of the facility for medical appointments or court appearances), and other factors that may impact the facility population during the audit. Auditors should then use this information to identify the inmate interview requirements that match the type of audited facility and the population size (as of the first day of the onsite portion of the audit) detailed in Tables 1–4 below. Using the guidance presented earlier in this chapter, auditors should then select the requisite number of random and targeted inmate interviewees. Guidelines for Inmate Interviews Before using the interview rubrics in Tables 1–4 below to identify the required number of inmate interviews, auditors must first understand how the core requirements in the rubrics are defined. • Overall Minimum Number of Inmate/Resident/Detainee Interviews. This number refers to the absolute minimum number of inmates/residents/detainees that the auditor is required to interview during an audit. The number of random and targeted interviews should meet or exceed the overall minimum interview threshold. Even when an auditor is unable to conduct the minimum number of targeted interviews (e.g., the facility does not house a certain targeted population), the auditor must select additional inmates/residents/detainees in order to meet the minimum threshold. 18 • Minimum Number of Random Inmate/Resident/Detainee Interviews. This number refers to the minimum number of inmates/residents/detainees that the auditor is required to randomly select and interview during an audit. For very small facilities, auditors may be unable to meet the overall minimum number of inmate/resident/detainee interviews. See the Subsection below titled “Required Documentation when Interview Requirements Are Not Met” for guidance on how to document any deviations from the minimum threshold. 18 46 • Minimum Number of Targeted Inmate/Resident/Detainee Interviews. This number refers to the minimum number of targeted inmates/residents/detainees that the auditor is required to interview during an audit. Importantly, the requirement refers to the minimum number of individuals who are required to be interviewed, not the number of protocols used. Thus, in cases where an auditor uses multiple protocols during one interview, it will only count as one IMPORTANT inmate interview for the purpose of meeting the overall threshold for targeted inmate interviews. For The numbers presented in the example, if an auditor is completing an audit of a jail interview rubrics represent the absolute minimum numbers of with fewer than 50 inmates and conducts an interviews that auditors must interview with an inmate who is LEP, reported prior conduct during an audit. Failure to sexual victimization during risk screening, and is a conduct the required numbers of youthful inmate, that interview will satisfy three of interviews may result in the five individual targeted interview requirements, disciplinary action by the PREA but the auditor must still conduct four more Management Office that impacts interviews with inmates from the other targeted an auditor’s DOJ certification. populations in order to meet the overall threshold. Auditors are strongly encouraged Therefore, in many cases, the number of targeted to conduct more interviews where interview protocols used will likely exceed the feasible and necessary. For example, if an auditor learns of number of individuals interviewed from targeted significant issues with sexual populations. • Breakdown of Targeted Inmate/Resident/Detainee against a particular group of Interviews. The breakdown of targeted interviews is inmates, the auditor should conduct additional interviews with intended to guide auditors in interviewing the inmates from that group. appropriate cross-section of inmates/residents/detainees who fall within these special populations. Because individuals may often fall within multiple targeted populations, in many cases one interview will likely satisfy multiple individual targeted interview requirements. See the example above under the definition of Minimum Number of Targeted Inmate/Resident/Detainee Interviews. abuse or sexual harassment When using the interview rubrics, auditors must be aware of the following guidelines: • Formal interviews with inmates. The numbers presented in the interview rubrics pertain only to formal interviews conducted using the interview protocols included in the Audit Instrument. Informal conversations with inmates during the site review, while strongly encouraged, do not count toward the number of inmate interviews required for each audit. • Importance of conducting interviews with inmates in a private setting. It is critical that inmates have an opportunity to speak privately with an auditor. Remember that Standard 115.401(m) provides the auditor with the right to conduct confidential interviews, stating, “The auditor shall be permitted to conduct private interviews with inmates, residents, and detainees.” As such, auditors may have informal conversations with groups of inmates during the site review process; however, auditors may not count 47 these group conversations with inmates toward meeting the requisite number of inmate interviews. • All inmate interviews are voluntary. An inmate can refuse to participate without consequences. In this event, auditors must select additional inmates, as necessary, to meet the minimum required number of inmate interviews. When an inmate chooses not to participate in an interview, auditors are encouraged to continue speaking with the interviewee for a commensurate amount of time about topics that are unrelated to PREA (e.g., hobbies, sports, television) so that other inmates and staff cannot detect who participated in an interview and who did not. Importantly, if the interviewee begins to discuss information related to PREA or the conversation migrates to PREA-related topics, the auditor must again ask the inmate if he or she would like to answer questions related to PREA. Only if the inmate agrees to participate in the interview should the auditor allow the conversation to continue regarding PREA and sexual safety within the facility. • Ensuring that inmates are free from external pressure to participate. Before beginning an interview, the auditor should ask the inmate to confirm that he or she has not been pressured by anyone to consent to be interviewed, to refuse to be interviewed, or coached on what to say during the interview. • How to count random and targeted inmate interviews. A single interview cannot be double counted as both a random and a targeted interview. If it becomes apparent during the course of an interview with an inmate selected at random that he or she falls within one or more of the required targeted inmate populations, and the auditor uses additional protocols to capture the relevant information, the auditor can count the interview as either a random interview or as a targeted interview, but not both. • How to meet the minimum threshold for targeted inmate interviews. If an auditor is unable to identify an inmate from one of the targeted inmate populations (e.g., the facility does not house youthful inmates) or an inmate belonging to a targeted population does not wish to participate in an interview, the auditor must select inmates from other targeted populations in order to meet the minimum number of targeted inmate interviews. If the auditor is unable to interview an adequate number of inmates to meet the minimum threshold for targeted interviews, he or she should then conduct additional random inmate interviews in order to comply with the overall minimum number of interviews. As stated above, these additional random inmate interviews cannot count toward meeting the targeted inmate interview requirements. Rather, auditors must thoroughly document why the required number of targeted inmate interviews could not be met and their strategy for conducting additional random inmate interviews in order to meet the overall minimum number of required interviews. By way of example, if an auditor is completing an audit of a jail with fewer than 50 inmates, and he or she is only able to conduct 3 targeted inmate interviews, that auditor will then need to conduct 2 additional random inmate interviews (for a total of 7 random inmate interviews) to meet the overall minimum threshold of 10 inmate interviews. 48 • Interviewing inmates who submit confidential correspondence. As stated in the previous chapter, in their interview selections, auditors must strive to include any inmates who submit confidential correspondence unless an inmate is no longer in the custody of the facility or the correspondence clearly does not relate to PREA or sexual safety in the audited facility. For the purpose of meeting the minimum number of inmate interviews, such interviews may be counted as random or targeted depending on the nature of the interview. • Ensuring a geographically diverse sample of inmates. When selecting inmates for interviews, whether targeted or random, auditors must ensure that the sample is geographically diverse, meaning that the inmates an auditor selects should be from as many housing units as possible in different locations throughout the facility. In cases where the number of housing units is greater than the number of required interviews, there should ideally not be any interviewees selected from the same housing unit, although this may be constrained by the number and location of certain targeted inmate populations. Conversely, where the number of housing units is less than the number of required interviews, auditors should select at least one inmate from each housing unit for an interview. • Documenting how geographic diversity was achieved. In the audit report, auditors must thoroughly document how geographic diversity was achieved in the interview selection process (i.e., total number of housing units, number of housing units by gender, and the number of interviews conducted in each housing unit). When determining how much information is appropriate to report, auditors must take care to ensure that those inmates who participated in an interview are not identifiable to staff and others based on the information provided. If an auditor is unable to follow the guidelines above for achieving geographic diversity, he or she must clearly articulate the reason. • Ensuring adequate gender representation. In facilities that house both male and female inmates, auditors must ensure that both genders are represented in their interview sample. • Making independent interview selections. When selecting inmates for interviews, auditors are required to make their own interview selections and are not to rely on the facility or agency to make these selections. The purpose of this is to ensure that all inmate interview selections are conducted objectively. 49 TABLE 1: REQUIRED NUMBER OF INMATE INTERVIEWS Prisons and Jails Interview Type 0–50 Overall Minimum Number of At least 10 Inmate Interviews Minimum Number of Random At least 5 Inmate Interviews Minimum Number of Targeted At least 5 Inmate Interviews Breakdown of Required Targeted Inmate Interviews Youthful Inmates At least 1 Inmates with a Physical At least 1 Disability 51–100 At least 16 Inmate Population Size* 101–250 251–500 501–1,000 At least 20 At least 26 At least 30 1,001–2,500 At least 40 2,501+ At least 50 At least 8 At least 10 At least 13 At least 15 At least 20 At least 25 At least 8 At least 10 At least 13 At least 15 At least 20 At least 25 At least 2 At least 1 At least 2 At least 1 At least 2 At least 1 At least 3 At least 1 At least 3 At least 1 At least 4 At least 1 Inmates who are Blind, Deaf, or Hard of Hearing At least 1 Inmates who are LEP Inmates with a Cognitive At least 1 At least 1 Disability Inmates who Identify as At least 1 At least 1 At least 1 At least 1 Lesbian, Gay, or Bisexual Inmates who Identify as At least 1 At least 1 At least 2 Transgender or Intersex Inmates in Segregated Housing At least 1 At least 1 At least 1 At least 1 for High Risk of Sexual Victimization Inmates Who Reported Sexual At least 1 At least 1 At least 2 At least 3 Abuse Inmates Who Reported Sexual At least 1 At least 1 At least 2 Victimization During Risk Screening *Inmate population size is based on the actual population on the first day of the onsite portion of the audit. 50 At least 1 At least 1 At least 1 At least 1 At least 1 At least 2 At least 1 At least 2 At least 3 At least 2 At least 3 At least 4 At least 1 At least 2 At least 2 At least 3 At least 4 At least 4 At least 2 At least 3 At least 3 TABLE 2: REQUIRED NUMBER OF DETAINEE INTERVIEWS Lockups Interview Type 0–50 At least 10 51–100 At least 16 Overall Minimum Number of Detainee Interviews Minimum Number of Random At least 5 At least 8 Detainee Interviews Minimum Number of Targeted At least 5 At least 8 Detainee Interviews Breakdown of Required Targeted Detainee Interviews At least 1 At least 2 Juvenile/Youthful Detainees At least 1 At least 1 Detainees with a Physical Disability Detainee Population Size* 101–250 251–500 At least 20 At least 26 501+ At least 30 At least 10 At least 13 At least 15 At least 10 At least 13 At least 15 At least 3 At least 1 At least 4 At least 1 At least 4 At least 1 At least 1 At least 1 At least 1 Detainees who are Blind, Deaf, or Hard of Hearing Detainees who are LEP At least 1 At least 1 At least 1 At least 2 At least 1 At least 1 At least 1 At least 2 At least 2 Detainees with a Cognitive Disability Detainees Identified as At least 2 At least 3 At least 3 At least 4 At least 5 Potentially Vulnerable to Sexual Victimization During Risk Screening (not otherwise identified above)** *Detainee population size is based on the actual population on the first day of the onsite portion of the audit. **Standard 115.141 includes a limited number of criteria for assessing detainees for risk of sexual victimization; therefore, auditors must attempt to identify and interview detainees who present characteristics (not already captured in Standard 115.141) that may put them at high risk for victimization such as identification as lesbian, gay, or bisexual; identification as transgender or intersex; and detainees who experienced prior victimization. Because lockup facilities are not required to collect information on characteristics not listed in Standard 115.141, the facility may not have an official record of detainees who present these other risk factors; however, the auditor may be able to identify these detainees through interviews with other detainees and staff, and review of detainee records (e.g., medical or mental health records). 51 TABLE 3: REQUIRED NUMBER OF RESIDENT INTERVIEWS Community Confinement Facilities Interview Type 0–50 At least 10 51–100 At least 16 Overall Minimum Number of Resident Interviews Minimum Number of Random At least 5 At least 8 Resident Interviews Minimum Number of Targeted At least 5 At least 8 Resident Interviews Breakdown of Required Targeted Resident Interviews At least 1 At least 1 Residents with a Physical Disability Resident Population Size* 101–250 251–500 At least 20 At least 26 At least 10 At least 13 At least 15 At least 10 At least 13 At least 15 At least 1 At least 1 At least 1 Residents who are Blind, Deaf, or Hard of Hearing Residents who are LEP At least 1 Residents with a Cognitive At least 1 At least 1 At least 1 Disability At least 1 At least 1 At least 2 At least 2 Residents who Identify as Lesbian, Gay, or Bisexual At least 1 At least 2 At least 3 At least 3 Residents who Identify as Transgender or Intersex Residents Who Reported Sexual At least 1 At least 2 At least 2 At least 3 Abuse Residents Who Reported Sexual At least 1 At least 1 At least 1 At least 2 Victimization During Risk Screening *Resident population size is based on the actual population on the first day of the onsite portion of the audit. 52 501+ At least 30 At least 1 At least 1 At least 2 At least 2 At least 3 At least 3 At least 2 TABLE 4: REQUIRED NUMBER OF RESIDENT INTERVIEWS Juvenile Facilities Interview Type 0–50 At least 10 51–100 At least 16 Overall Minimum Number of Resident Interviews Minimum Number of Random At least 5 At least 8 Resident Interviews Minimum Number of Targeted At least 5 At least 8 Resident Interviews Breakdown of Required Targeted Resident Interviews At least 1 At least 1 Residents with a Physical Disability Resident Population Size* 101–250 251–500 At least 20 At least 26 501+ At least 30 At least 10 At least 13 At least 15 At least 10 At least 13 At least 15 At least 1 At least 1 At least 1 Residents who are Blind, Deaf, or Hard of Hearing Residents who are LEP At least 1 Residents with a Cognitive At least 1 At least 1 Disability At least 1 At least 1 At least 1 At least 1 Residents who Identify as Lesbian, Gay, or Bisexual At least 1 At least 2 At least 2 Residents who Identify as Transgender or Intersex Residents in Isolation At least 1 At least 1 At least 1 At least 1 Residents Who Reported Sexual At least 1 At least 2 At least 2 At least 3 Abuse Residents Who Reported Sexual At least 1 At least 2 At least 2 At least 3 Victimization During Risk Screening *Resident population size is based on the actual population on the first day of the onsite portion of the audit. At least 1 At least 1 At least 1 At least 2 At least 2 At least 1 At least 3 At least 3 Required Documentation when Inmate Interview Requirements Are Not Met Auditors must make all reasonable efforts to conduct the required numbers of inmate interviews. Where this is not possible, auditors must clearly describe their sampling process and the reason why the thresholds could not be achieved. For example, even after extensive probing, an auditor may be unable to meet the required number of interviews for a particular targeted inmate population. In such a case, the auditor must describe in the audit report the steps he or she took to identify an inmate within the targeted population and the information he or she obtained through that process. Additionally, for some smaller facilities, auditors may be required to interview every inmate, resident, or detainee in the audited facility, including facilities with an actual population of 10 or fewer. Auditors should plan for some flexibility in these very small facility settings, but this flexibility should facilitate interviews of all inmates, residents, and detainees, as appropriate. One exception to this is when one or more inmates declines to be interviewed. If for any reason, regardless of facility size, an auditor does not conduct the minimum numbers of interviews prescribed above, he or she must thoroughly document this in his or her notes and include a discussion of why this was not possible in the audit narrative portion of the audit 53 report. Auditors must be mindful, however, to ensure that those inmates who participated in an interview are not identifiable to staff and others based on the information provided. Interviewing Staff Staff interviews are another important element of a PREA audit. Standard § 115.401(k) requires that “the auditor shall interview a representative sample of . . . staff, supervisors, and administrators” in each audited facility. The primary purpose of interviewing facility staff is to determine whether and to what extent they understand their responsibilities under the PREA Standards, as well as the obligations imposed on the facility and agency. In addition, interviews of staff provide information on the extent to which a zero tolerance culture for sexual abuse and sexual harassment has been implemented in the facility and agency. Similar to interviews with inmates, auditors must conduct interviews with a random sample of staff selected from varying shifts and work assignments, as well as targeted interviews with staff who have specialized roles and responsibilities within the facility. The Audit Instrument includes interview protocols for both random and specialized interviews with staff. The subsections below detail specific guidance regarding the appropriate sampling methodology and the minimum number of staff that auditors are required to interview. Interviews with Randomly Selected Staff As stated above with regard to conducting interviews with inmates, representative sampling means that auditors must select a sample that adequately IMPORTANT represents the full complement of staff in the audited Auditors are required to make facility. their own staff interview To accomplish this, auditors are required to conduct at least selections and are not to rely on 12 interviews with randomly selected staff during the onsite the facility or agency to make portion of the audit. Using the sampling guidance these selections. prescribed in the random staff interview protocol, auditors must randomly select line staff representing a diverse cross-section of work assignments and must also ensure that they interview at least one staff member from each shift. Importantly, auditors should be aware that 12 random staff interviews represent the absolute minimum number of interviews that auditors must conduct during an audit. Auditors are strongly encouraged to conduct more interviews where feasible and necessary. Remember that, like interviews with inmates, interviews conducted with staff are also voluntary. However, in cases where staff opt not to participate in the interview or respond to certain questions, auditors should inform staff that their decision not to participate may impact the audit findings, and the auditor may have to find the facility out of compliance with certain Standards if they are unable to adequately corroborate information through interviews with staff. If this occurs, auditors must select additional staff, as necessary, to meet the minimum number of interviews required, as described above. Additionally, before beginning an interview, the auditor should ask the staff member to confirm that he or she has not been pressured by anyone to consent to be interviewed, to refuse to be interviewed, or coached on what to say during the interview. 54 Random staff interviews should require approximately 20 minutes, but may go significantly longer depending on the amount of information staff have to contribute. In general, auditors should develop an interviewing practice that enables them to elicit as much useful information from staff as possible (see the callout box with useful interviewing tips below). Interviews with Specialized Staff and Leadership In addition to random staff interviews, auditors must conduct targeted interviews with staff who have specialized roles and responsibilities. These interviews are designed to help the auditor determine whether or not particular roles and responsibilities outlined in the PREA Standards are operational in the facility. Interviews with specialized staff must include all of the following, when applicable: • • • • • • • • • • • • • • • • Agency contract administrator Intermediate or higher level facility staff responsible for conducting and documenting unannounced rounds to identify and deter staff sexual abuse and sexual harassment Line staff who supervise youthful inmates, if any Education and program staff who work with youthful inmates, if any Medical and mental health staff Non-medical staff involved in cross-gender strip or visual searches Administrative (human resources) staff Sexual Assault Forensic Examiner (SAFE) and Sexual Assault Nurse Examiner (SANE) staff Volunteers and contractors who have contact with inmates Investigative staff Staff who perform screening for risk of victimization and abusiveness Staff who supervise inmates in segregated housing Staff on the sexual abuse incident review team Designated staff member charged with monitoring retaliation First responders, both security and non-security staff Intake staff Interviews with the following facility and agency leadership are required: • • • • Agency head or designee Warden/facility director/superintendent or designee PREA coordinator PREA compliance manager Auditors must interview the staff as indicated by the specialized staff interview protocols in the Audit Instrument. Importantly, specialized staff selected for an interview do not also count toward satisfying the minimum threshold for random staff interviews discussed above. Auditors should be aware that specialized staff interviews should generally be conducted independently of the random staff interviews. These are distinct staff, and the interview protocols should be used separately. However, some staff randomly selected for interviews may serve in one or more of the specialized roles listed above such as first responder, intake staff, staff who supervise inmates in segregated housing, staff who perform screenings for risk of victimization and abusiveness, non-medical staff involved in cross-gender strip or visual searches, and line 55 staff who supervise youthful inmates. If during the course of an audit, it becomes apparent that the majority of line staff serve in one or more of these roles, it is recommended that the auditor include the relevant protocols when interviewing randomly selected staff. For example, in a facility where all line staff serve as first responders, it is recommended that the auditor use both the Interview Guide for a Random Sample of Staff protocol and the Security Staff and NonSecurity Staff who Have Acted as First Responders protocol when conducting interviews with randomly selected staff. In such circumstances, the auditor may count these interviews toward satisfying the requirement for both the applicable specialized staff interviews and random staff interviews. In addition to the specialized staff listed above, there may be other staff who the auditor should speak with in order to understand the facility’s operations and to conduct a comprehensive audit. Although there are no specialized staff interview protocols for these staff positions, auditors are strongly encouraged to conduct interviews with mailroom staff, staff who develop and/or deliver training, the chaplain, classification staff, designated union representative or members of bargaining units (when applicable), information technology staff who can assist with relevant data collection, and other positions as deemed necessary. Specialized staff interviews will vary in different settings. Depending on the size and characteristics of the facility, certain specialized staff roles envisioned in the PREA Standards will not exist, and the auditor must determine which member(s) of the current staff to interview. Additionally, staff in some facilities may be responsible for more than one of the specialized staff duties. Therefore, more than one interview protocol may apply to an interview with a single staff member. For example, if an auditor selects a nurse who conducts screenings for risk of sexual victimization or abusiveness and who is employed through an organization that contracts with the facility for medical services, the auditor should use three interview protocols: Medical and Mental Health Staff, Volunteers and Contractors who Have Contact with Inmates, and Staff who Perform Screening for Risk of Victimization and Abusiveness. Due to the diverse nature of specialized staff roles, and the need to combine or adapt the relevant protocols when staff serve in multiple specialized roles, the time necessary to interview these staff may range from 30 minutes to 1.5 hours; thus, auditors should be prepared to change the audit schedule as needed to accommodate these interviews. When necessary, auditors may also opt to conduct interviews with certain specialized staff by phone such as agency investigators located in a different region of the state or SAFE or SANE staff employed by a nearby hospital. Auditors should plan to interview a diverse cross-section of both volunteers and contractors who perform different roles in the facility such as religious, education, medical, mental health, programming, and maintenance. Auditors should conduct two to four interviews with volunteers and another two to four interviews with contractors who have contact with inmates. Auditors should also conduct interviews with approximately two to four investigative staff, both at the facility and agency levels. Auditors are encouraged to interview more than one staff member serving in other specialized roles as well, when deemed necessary and feasible. 56 Required Documentation when Staff Interview Requirements Are Not Met Auditors must make all reasonable efforts to meet the staff interviewing requirements outlined above. The PREA Management Office recognizes, however, that it will not always be possible to achieve the requisite number of staff interviews due to a number of factors (e.g., number of staff, facility operations). This may be particularly relevant for audits of smaller facilities where there are fewer staff in the facility than the required number of interviews. If for any reason, regardless of facility size, an auditor does not conduct the minimum number of staff interviews prescribed above, he or she must thoroughly document this in his or her notes and include a discussion of why this was not possible in the audit narrative portion of the audit report. Effective Strategies for Interviewing Staff and Inmates • Use open-ended rather than “yes/no” questions. • Keep an open mind; listen carefully to everything the person is saying; and take the person’s comments seriously. • Work to establish a positive rapport and trust with the person being interviewed. • Be sure that the person being interviewed fully understands the purpose of the interview. • Schedule interviews to be minimally disruptive to facility operations, without cutting short individual interviews or reducing the total number of interviews. • Request a private, quiet location to conduct interviews (e.g., classroom, attorney/client visitation room). It is also preferable to identify an interview space where facility staff can observe the interview through a window and to position the inmate with his or her back to the window. • Never allow other staff members or inmates to participate or sit in on an interview. • Never conduct group interviews. • Do not re-ask questions that have already been answered by the person being interviewed. • Take notes during each interview for use later when information that has been collected is triangulated and the compliance determinations are made. Documentation Selection and Review There are four provisions under Standard 115.401 that address auditor access to and requirements for reviewing facility and agency documents. These include the following: • • • • 115.401(f) – “The auditor shall review all relevant agency-wide policies, procedures, reports, internal and external audits, and accreditations for each facility type.” 115.401(g) – “The audits shall review, at a minimum, a sampling of relevant documents and other records and information for the most recent one-year period.” 115.401(i) – “The auditor shall be permitted to request and receive copies of any relevant documents (including electronically stored information).” 115.401(l) – “The auditor shall review a sampling of any available videotapes and other electronically available data (e.g., Watchtour) that may be relevant to the provisions being audited.” 57 While working on site, auditors must review a variety of documents, including, but not limited to personnel files, inmate intake and screening records, staff training records, documentation of inmate education, and sexual abuse investigation reports. Information contained in these documents is crucial to forming an accurate impression of what a facility does to protect inmates from sexual abuse and sexual harassment, and how staff respond to incidents when prevention fails. Accordingly, auditors should plan to spend a significant amount of time on documentation review during the onsite portion of the audit. Auditors should remember that the PREA audit is not an IMPORTANT audit of policies and procedures only. It is primarily an audit of practice. The objective for the auditor is to examine It is the auditor’s responsibility to review all relevant enough evidence to make a compliance determination documentation, and it is the regarding the audited facility’s actual practice. Policies and responsibility of the audited procedures do not demonstrate actual practice, although agency or facility to provide they are the essential baseline for establishing practice and complete and accurate should be reviewed carefully. Some facility practices may be documentation for the 12 months reflected in documents, which should be sampled and (or more) prior to the date of the reviewed appropriately. However, in order to gather audit. sufficient evidence to make a compliance determination, documentation must be reviewed in tandem with observations made during the site review and with information obtained during interviews with inmates and staff. Each of these sources of information—interviews, observations, and documentation—should be used to corroborate the others. This is an integral part of the triangulation process. The available relevant documentation will vary among facilities based on a number of factors such as facility size and operations, the extent of record keeping, and the record-keeping format (i.e., electronic or paper records). Auditors should carefully go through the Auditor Compliance Tool and the Checklist of Documentation to confirm that they have sampled and reviewed all relevant documentation for each audit. The Checklist of Documentation provides an extensive list of relevant documentation and is an important tool that auditors should use to ensure they meet their requirements for documentation review under the Standards. It is important to remember that documents received in advance of the onsite portion of the audit—typically non-sensitive materials such as policies or procedures—are not suitable substitutes for onsite documentation review. Documents submitted by facilities through the Pre-Audit Questionnaire during the pre-onsite audit phase must not be taken as representing a complete or accurate picture of facility operations in practice. Such documents are self-selected and are not always an appropriate basis for making compliance determinations. Document Sampling In order to ensure that a representative sample of documents are selected for review, auditors should start the document sampling process with a comprehensive list of inmates, staff, and relevant records. Auditors need to first understand the universe they are sampling from. The table below provides a summary of important types of lists that auditors should request from the facility; however, for a more extensive inventory, auditors should refer to the Checklist of Documentation. Some of these lists are also the starting point for making interview selections 58 from both staff and inmates; thus, auditors may already have these lists as a result of the interviewing process. In addition, auditors should take care to supplement the official lists they obtain from facilities with information they learn onsite through observations and interviews with staff and inmates. For example, a facility may indicate IMPORTANT that there are no inmates who identify as LGBTI; however, through the course of interviews with inmates and staff, an As with interview selections, auditors are required to select auditor may identify one or more inmates who fall within documents for review and must this specialized population. These inmates should be not rely on the facility or agency included in the auditor’s sample for both interviews and to make these selections. document review, where appropriate. Access to these lists is critical for determining facility compliance with the PREA Standards. It is very difficult, if not impossible, to find compliance if a facility is unable to provide some of these lists. If the facility is unable to provide the information indicated, the auditor should work with the facility to produce the necessary information. The auditor may have to find the facility out of compliance with one or more Standards if pertinent information and documentation cannot be obtained. TABLE 5: LISTS FOR DOCUMENT SAMPLING All Facility Types List Facility Type Complete inmate roster* All Youthful inmates/detainees Prisons, Jails, and Lockups Inmates with disabilities All Inmates who are LEP All LGBTI Inmates All Inmates in segregated housing Prisons and Jails Residents in isolation Juvenile Facilities Inmates/residents who reported sexual abuse All Inmates/residents who reported sexual victimization Prisons, Jails, and Juvenile during risk screening Facilities Complete staff roster All Specialized staff (see interview protocols for full list) All All contractors who have contact with inmates All All volunteers who have contact with inmates All All grievances made in the 12 months preceding the All audit All incident reports from the 12 months preceding the All audit All allegations of sexual abuse and sexual harassment All reported for investigation in the 12 months preceding the audit All hotline calls made during the 12 months preceding All the audit * Inmate roster is based on the actual population on the first day of the onsite portion of the audit. Once these lists are received, the auditor can begin selecting documents for review. Each auditor’s strategy for documentation review during the onsite portion of the audit may vary 59 slightly; however, the purpose of this section is to guide auditors in reviewing an adequate sample of documents. Where there is a collection of records to review—such as staff, contractor, and volunteer training records; background check records; supervisory rounds logs; risk screening and intake processing records; inmate education records; medical files; and investigative files—auditors must review a representative sample of each type of record. It is important to remember that many types of records will require auditors to follow the document trail to determine whether or not the facility followed the required protocol in the PREA Standards; thus the number of records reviewed will vary by facility. For example, each inmate should have a screening record in his or her file. In cases where the screening record indicates that the inmate disclosed prior victimization, the auditor must follow that inmate’s records to determine, for example, whether the facility provided the appropriate medical and/or mental health follow-up required under Standard 115.81(a)/115.381(a) and provided appropriate housing and programming assignments pursuant to Standard 115.42/115.242/115.342. To facilitate this review process, auditors are encouraged to use the File Review Template, which is available on the Auditor Portal. As discussed in Chapter 15, auditors should review records that pertain to issues voiced by inmates and/or staff who submitted confidential correspondence to the auditor during earlier phases of the audit to determine whether such issues are reflected in the facility’s documentation and, where applicable, the extent to which the facility followed the appropriate policies and procedures in response to the identified issues or concerns. In addition to sampling the records, as described above, auditors must also conduct more targeted sampling of documentation related to sexual abuse and sexual harassment allegations. For facilities with 20 or fewer sexual abuse and sexual harassment allegations in the past 12 months, auditors should review at least 10 records that document the facility’s response, including, but not limited to inmate grievances, risk screening records (including re-screening), housing and programming information, first response records, investigative referrals (if appropriate), investigative files, pertinent medical and mental health records, retaliation monitoring records, sexual abuse incident review records, and records of notification to inmates. In facilities that have more than 20 allegations of sexual abuse or sexual harassment in the past 12 months, it is recommended that auditors review at least 10 records plus an additional 10 percent of the remaining records over 20. For example, if a facility has 70 allegations of sexual abuse or sexual harassment in the past 12 months, the auditor should review a minimum of 15 investigative files. Additionally, while it is important to sample both sexual abuse and sexual harassment allegations, auditors should prioritize the review of sexual abuse allegations. Auditors should also ensure that they review a cross-section of cases that are pending, substantiated, unsubstantiated, and unfounded; criminal and administrative; and involving both staff-on-inmate and inmate-on-inmate allegations. For investigations that are ongoing, auditors should prioritize reviewing those cases that are further along and should be mindful not to select open cases where possible criminal prosecution may be affected. Investigations that were just recently initiated before the auditor arrived onsite may not bear much 60 substantive information for the purpose of assessing compliance with PREA. When identifying allegations for review, auditors should also be aware that such files may not be labeled using language that is consistent with the Standards. For example, many facilities may not refer to certain comments or behaviors that are sexually offensive as sexual harassment; therefore, auditors should work with the facility staff to understand how such incidents are catalogued in their records and also be prepared to search the investigative files and incident logs for other common words or phrases that may meet the definition of sexual harassment. Interviews with information technology staff can often surface helpful information regarding how the facility categorizes and documents relevant allegations in electronic databases. Estimating Time to Complete the Onsite Audit The time to complete the onsite phase of the audit will vary depending on a number of factors such as facility type, population size, physical plant layout and size, facility organization, and preparedness level. Thus, the PREA Management Office does not prescribe a minimum amount of time auditors must spend during the onsite portion of the audit. Rather, the duration of the onsite audit must provide adequate time for the auditor to thoroughly evaluate compliance with the PREA Standards in practice and assess the facility’s commitment to sexual safety and zero tolerance for sexual abuse and sexual harassment. Auditors must use information obtained about the facility, coupled with the methodological requirements articulated in this Handbook, to determine the appropriate number of days for the onsite portion of the audit. To assist auditors with estimating the duration of the onsite audit based on the parameters above, Table 6 provides a breakdown of the estimated time to complete the required number of inmate and staff interviews based on facility type and population size. TABLE 6: ESTIMATED TIME TO COMPLETE INMATE AND STAFF INTERVIEWS Inmate Population Size* 0–50 51–100 101–250 251–500 501–1,000 1,001–2,500 2,501+ 2.0 days 2.2 days 2.4 days 2.6 days 2.7 days 3.0 days 3.4 days Prisons and Jails (20.3 hours) (22.3 hours) (23.7 hours) (25.7 hours) (27.0 hours) (30.3 hours) (33.7 hours) 0–50 51–100 101–250 251–500 501+ 1.7 days 1.9 days 2.0 days 2.2 days 2.4 days Lockups (16.8 hours) (18.8 hours) (20.2 hours) (22.2 hours) (23.5 hours) Community Confinement 1.7 days 1.9 days 2.1 days 2.3 days 2.4 days Facilities (17.3 hours) (19.3 hours) (20.7 hours) (22.7 hours) (24.0 hours) Juvenile Facilities 1.9 days 2.1 days 2.3 days 2.5 days 2.6 days (19.3 hours) (21.3 hours) (22.7 hours) (24.7 hours) (26.0 hours) Note: These estimates are based on a 10-hour work day, the assumption that there is only one auditor working onsite with no support staff, and the assumption that there is no waiting time between interviews or breaks. The actual time to complete inmate and staff interviews may vary considerably depending on deviations from these assumptions. *Inmate population size is based on the actual population on the first day of the onsite portion of the audit. Facility Type In addition to the estimated time to complete interviews with inmates and staff, auditors must also account for a thorough site review, extensive documentation review, and in-briefs and out-briefs with facility/agency staff. A thorough site review may range from 2 to 3 hours for smaller facilities to 6 or more hours for larger facilities. The time necessary for documentation review while onsite will vary considerably based on facility size and operations, availability of relevant documentation, the 61 extent of record-keeping, and the record-keeping format (i.e., electronic or paper records). Depending on the above factors, auditors should plan to spend between 3 and 6 hours, minimum, on documentation review. These estimates are intended to serve as a helpful reference point for auditors during contract negotiations with agencies and while planning the onsite portion of the audit. They do not include an auditor’s daily review of his or her work, transcribing and compiling interview notes, further evidence review, triangulation, and corrective action planning that the auditor may engage in while onsite. Review of Auditor Tools for Phase Two of the PREA Audit • • • • Auditor Compliance Tool Site Review Instructions Interview Protocols Checklist of Documentation Phase Three: Evidence Review and Interim Report After the last day of the onsite portion of the audit, the auditor has 45 days 19 to review all the evidence collected, write an interim report—or final report if there is no corrective action—and submit the report to the audited facility. At this stage, auditors still have a significant amount of work ahead of them and should never provide facilities with compliance findings at the conclusion of the onsite portion of the audit. Once an auditor has concluded the onsite visit to the facility, this initiates the evidence review phase of the PREA audit in which the auditor must review all of the evidence collected—including policies and procedures, the auditor’s observations of routine practices in the facility, what the auditor learned in the course of interviewing staff and inmates, and information contained in the documentation (e.g., medical/mental health files, investigation files, training logs)—in order to make a compliance determination for each Standard. The 45-day window required by DOJ to submit the audit report to the facility is reflective of the significant time and effort needed to carefully review the evidence collected for each provision of every Standard and write a professional and thorough audit report. Systematic Review of the Evidence Once auditors have completed the onsite phase of the audit, the Auditor Compliance Tool is a critical tool that must be used by auditors to review all the evidence collected and make a compliance determination for each provision of every Standard. The Auditor Compliance Tool, a required part of the Audit Instrument, is a centralized place to take detailed notes, and track and organize information collected during all phases of the audit. The Auditor Compliance Tool also guides the auditor on what evidence to consider for each Standard. While auditors may make provisional judgments about compliance during earlier phases of the audit by noting comments in the Auditor Compliance Tool, the auditor’s actual compliance findings that are 19 See the full FAQ here: www.prearesourcecenter.org/node/3226. 62 captured in the interim (or final) report to the facility should be based on a systematic review of the evidence after the onsite portion of the audit. Auditors should also be aware that communication with the facility does not end once they conclude the onsite portion of the audit. In the evidence review phase of the audit, it is expected that an auditor will be in frequent communication with the facility to obtain additional documentation and information, and when necessary, coordinate interviews with staff that could not be completed onsite. Auditors are strongly encouraged to set a deadline for the facility to provide additionally requested documentation or information during this phase to ensure that the auditor can comply with the timeline for report submission. When considering whether or not a facility is in compliance with a particular Standard, auditors must consider all related evidence, including the auditor’s observations of routine practices in the facility, what the auditor learned in the course of interviewing staff and inmates, and information contained in documentation that the auditor IMPORTANT reviewed. As previously stated, the process of weighing multiple forms of evidence to assess compliance is called If a facility is out of compliance “triangulation.” The triangulation process will be difficult at with any provision of a Standard, times. Some information the auditor might ideally want to the facility is out of compliance with the entire Standard. consider will be missing, or the body of evidence related to a particular Standard may be unclear or contradictory. In these circumstances, it is up to the auditor to apply his or her discretion and professional judgment to reach a reasoned decision about compliance. Pursuant to an FAQ issued by the DOJ PREA Working Group, auditors also need to see that compliance with a particular Standard has become “institutionalized” at the facility. 20 Careful decision making is essential to the PREA audit in general, but it is especially important when making determinations about compliance with the Standards. Auditors are called upon to evaluate the evidence in light of their experience, specialized training, and ongoing education to reach a decision about compliance for each provision of every Standard and be able to clearly explain and justify the reasoning underlying each finding. Auditors must be able to defend their findings in their written reports and in any other communications with facility/agency leadership and DOJ. In addition, while identifying any deficiencies in policy, procedure, and practice is essential, auditors should be careful not to overlook aspects of the facility that contribute to building and sustaining a zero tolerance/reporting culture (e.g., identified staff who are PREA champions within the institution, strong commitment to and investment in PREA among facility/agency leadership). These assets are important to consider as they will serve as the foundation for improvements during the corrective action phase that may bring the facility into full compliance with the Standards. 20 See the full FAQ here: www.prearesourcecenter.org/node/3217. 63 Interim Report There are four provisions under Standard 115.403 that address auditor requirements for audit report content and findings. These include the following: • 115.403(a) – “Each audit shall include a certification by the auditor that no conflict of interest exists with respect to his or her ability to conduct an audit of the agency under review.” • 115.403(b) – “Audit reports shall state whether agency-wide policies and procedures comply with relevant PREA standards.” • 115.403(c) – “For each PREA standard, the auditor shall determine whether the audited facility reaches one of the following findings: Exceeds Standard (substantially exceeds requirement of standard); Meets Standard (substantial compliance; complies in all material ways with the standard for the relevant review period); Does Not Meet Standard (requires corrective action). The audit summary shall indicate, among other things, the number of provisions the facility has achieved at each grade level.” • 115.403(d) – “Audit reports shall describe the methodology, sampling sizes, and basis for the auditor’s conclusions with regard to each standard provision for each audited facility, and shall include recommendations for any required corrective action.” • 115.403(e) – “Auditors shall redact any personally identifiable inmate or staff information from their reports, but shall provide such information to the agency upon request, and may provide such information to the Department of Justice.” The auditor’s initial report to the facility is known as the interim report. Unless the facility is found to be in full compliance with all PREA Standards, this IMPORTANT report is the basis for collaboration between the auditor and the facility to address specific deficiencies in policy and On occasion, minor or technical practice. As stated above, the interim report must be violations with the Standards may submitted to the facility not more than 45 days after the be remedied prior to the 45-day last day of the onsite portion of the audit. The one deadline for the auditor to issue the interim audit report when the exception to this is for newly certified auditors on Standard at issue does not probationary certification status who have 60 days to implicate other related Standards. submit their reports to the PREA Resource Center and incorporate any feedback prior to delivering the report to the facility (see Chapter 10 for more detail on probationary certification status). The Audit Instrument includes a report template that auditors are required to use to produce reports. 21 The report template standardizes audit reports, addresses the reporting requirements in the PREA Standards, and prompts auditors to address each of the PREA Standards, including every provision and element in each Standard. For auditors using the Online Audit System, the report template is integrated into the online audit platform and will be auto-populated using the information entered by auditors throughout the audit process. Auditors are required to use the most up-to-date version of the report template included in the Audit Instrument. 21 64 In addition to conveying the auditor’s findings for each of the PREA Standards, the auditor’s interim report must include the following elements: • Characteristics of the audited facility. In order to provide readers with a basic understanding of the facility’s characteristics, operations, and some context for how the auditor applied the prescribed audit methodology and arrived at his or her compliance determinations for each Standard, the auditor must provide a brief narrative describing the audited facility. This description should include information regarding the inmate population size and makeup, staff size, number and types of housing units, security levels, facility operations, and age of the facility, among other characteristics. This narrative should be brief, and auditors should not go into extensive detail regarding facility characteristics that are unrelated to the PREA audit (e.g., reentry programming). Additionally, auditors should refrain from making generalized value statements about the facility and staff; for example, “all staff were professional and accommodating,” or “all staff were committed to PREA and inmate safety.” Because in the vast majority of cases auditors will not have spoken with all staff or all inmates, such statements may be interpreted as auditor bias. To make an objective assessment, it is critical that the auditor state facts based on precise observations with evidence to support them. PREA auditors must uphold a high standard of objectivity, and this should be reflected in the audit report. • Overview of audit methodology. As required by Standard 115.403(d), the report must contain a description of the audit methodology for each phase of the audit such as sampling techniques used to select staff and inmates for interviews, the number and types of interviews conducted (including the exact number of inmates formally interviewed), sampling techniques used to select documents for review onsite, auditor observations during the site review, and outreach to community-based victim service providers. It is recommended that the auditor provide a brief summary of this information in the narrative section of the audit report, followed by more detailed information on the methodology and evidence collected in the Standard-by-Standard review. • Barriers to completing the audit. The report should document any obstacles or challenges the auditor encountered at the facility such as any unwarranted delays in accessing areas of a facility, individuals, or facility records; any access that was prohibited; and any pressure from the facility or parent agency to ignore or understate policies or practices that fall short of the PREA Standards. This information is very important, even if the auditor was able to complete the audit. • Summary of findings. Pursuant to Standard 115.403(c), each audit report must include a summary of the auditor’s compliance determinations, including the total number of findings of Exceeds Standard, Meets Standard, and Does Not Meet Standard. The audit report template in the Audit Instrument includes a designated space to provide this information. 65 • Evidence that supports every finding. In order to justify and support each compliance finding (compliance, noncompliance, and exceeds Standards), the auditor must provide detailed information on all evidence gathered and considered (i.e., observations, interviews, documentation). If there are contradictions in the evidence (i.e. one type of evidence supports compliance while another does not), the auditor must describe how he or she resolved those discrepancies to reach a finding. • Noncompliance and corrective action. The interim report must identify deficiencies and recommended corrective action steps. Following issuance of the interim report, the auditor will work collaboratively with the facility to develop a corrective action plan, specific deliverables, timeframes, and steps the auditor will take to re-assess and verify the facility’s compliance at various stages throughout the process. • Transparency regarding the auditor and his or her employer. The audit report must identify the lead or responsible auditor, and if applicable, list the names of all other DOJcertified PREA auditors and non-certified support staff who assisted the lead auditor during any phase of the audit, and provide a brief description of the role of other staff during the audit. Auditors are also required to disclose the nature of any third party entity’s involvement in the PREA audit. For example, an auditor who is hired by ABC PREA Auditing, LLC, to conduct a PREA audit must disclose its role and the auditor’s relationship with it. Review of Auditor Tools for Phase Three of the PREA Audit • • Auditor Compliance Tool Audit Report Template Phase Four: Corrective Action and Final Report Noncompliance and corrective action are normal and expected parts of the PREA audit. Recognizing there are several hundred specific requirements in the PREA Standards, it is expected that very few confinement facilities will be in full compliance with all the PREA Standards without undergoing some corrective action. For this reason, the auditor’s role goes beyond identifying deficiencies in policy, procedure, and practice and includes recommending corrective actions and serving as a guide to facilities and agencies as they make the changes necessary to become fully PREA compliant. Noncompliance and Corrective Action Issuance of the interim report to the audited facility triggers a corrective action period, which may last up to 180 days. Standard 115.404 details the auditor’s requirements during this stage of the audit: • 115.404(b) – “The auditor and the agency shall jointly develop a corrective action plan to achieve compliance.” 66 • • 115.404(c) – “The auditor shall take necessary and appropriate steps to verify implementation of the corrective action plan, such as reviewing updated policies and procedures or re-inspecting portions of a facility.” 115.404(d) – “After the 180-day corrective action period ends, the auditor shall issue a final determination as to whether the facility has achieved compliance with those standards requiring corrective action.” Auditors should be sensitive to the current culture in the facility—its strengths and its weaknesses as they relate to responding to sexual abuse and sexual harassment—and be respectful in dealing with both line staff and administrators. At the same time, auditors must be assertive and firm in identifying deficiencies and the actions needed to remedy those problems. While it is the agency’s and the facility’s responsibilities to implement new policies and practices, the auditor is a collaborator in that process by consulting with staff and administrators, providing information and guidance, and directing administrators to seek additional information and technical assistance available from the PREA Resource Center, where necessary. In particular, the auditor should help the facility develop a corrective action plan that includes: • All deficiencies and recommended corrective action steps identified in the auditor’s interim report • A list of required deliverables and changes the auditor must verify to determine that the facility is in compliance with all PREA Standards • A proposed methodology for how the auditor will verify compliance • An agreed upon timeline for implementing all the required actions Facilities have up to 180 days to undertake the agreed upon corrective actions; provide the evidence the auditor requires to verify that the facility has fully addressed all deficiencies identified in the interim report; and is in compliance with all PREA Standards. Depending on the nature and extent of the deficiencies, auditors may have to employ a range of strategies to verify compliance. Remember that a change in policy often impacts the day-to-day practices within a facility and may require curriculum development and training to fully implement; thus, even seemingly minor changes to a policy may require more extensive verification methods. At the conclusion of the corrective action period, the audited facility should have taken all the steps agreed upon with the auditor, and the auditor should have conducted all the necessary verification procedures. Final Report Following the conclusion of the corrective action period, the auditor has an additional 30 days to complete and submit the final report. Where there is corrective action, the final report is an updated version of the auditor’s interim report to the facility. If no corrective action is required, the final report will be the only report issued to the facility. In either instance, the final report must comply with all of the requirements for audit report content and findings under Standard 115.403, as well as the requirements detailed for the interim report in Chapter 17 of this Handbook. 67 PREA Standard 115.403(d) requires each audit report (interim and final) to describe the auditor’s methodology, sampling sizes, and basis for the auditor’s conclusions with regard to each provision of every Standard, and include recommendations for any required corrective action. The final report must also describe the auditor’s method of assessing whether or not the facility was able to remedy each of the deficiencies and the IMPORTANT outcome of this verification process. The auditor’s final report updates the interim report by documenting all The final report must detail all corrective action and how the auditor determined whether corrective actions and the methods used by the auditor to or not those actions are sufficient to bring the facility into verify implementation of the full compliance with the Standards. If there are any corrective actions, regardless of corrective actions recommended by the auditor in the when a corrective action occurred interim report that the facility did not implement, the in the audit process. auditor must also identify these in the final report and, when possible, explain why they were not implemented. Importantly, all audits present unique issues, challenges, and strengths; thus, audit reports should reflect these important differences. Although it is permissible for auditors to use some template language to organize and structure the audit report, the auditor’s discussion of the facility characteristics, audit methodology, barriers to completing the audit, evidence relied upon, analysis process, and compliance determinations must be specific to the audited facility. As stated above, for each PREA Standard, auditors must determine whether the facility Exceeds Standard, Meets Standard, or Does Not Meet Standard, bearing in mind that if a facility is out of compliance with any provision of a Standard, the facility is out of compliance with the entire Standard. Drawing on all of this information, the final report provides the auditor’s determination of whether or not the facility is in full compliance with all of the PREA Standards. Auditors must submit their final report to the facility not more than 30 days following the final day of the corrective action period. However, if all corrective action is addressed before the interim report would be due to the facility, or no corrective action is required, the auditor has 45 days following the onsite visit to the facility to submit the final report to the audited facility. The final audit report is the official, public record of the auditor’s findings. Auditors are not to create other documentation of their audit findings (e.g., certificate of compliance). Such documentation is not considered valid. Final Report Formatting Prior to submitting their final report to the audited facility/agency and to the PREA Resource Center pursuant to the auditor reporting requirements in Chapter 11, auditors must ensure that the final report is in a searchable PDF format. This means that the text in the PDF can be searched using the Adobe Reader “search” functionality, 22 selected, and copied. By contrast, scanned PDFs are those that are created by scanning hard copy documents to a PDF or other 22 See additional instructions here: helpx.adobe.com/acrobat/using/searching-pdfs.html. 68 file format that create a static image of the text that cannot be searched, selected, or copied. Auditors are not permitted to submit audit reports that have been scanned. Searchable PDFs are typically created using software such as Microsoft Word or Excel by saving or printing the file as a PDF. 23 To accomplish this, auditors must use an electronic signature to ensure that the entire final report, including the signature page, is delivered to the audited facility/agency as a searchable PDF. 24 These formatting requirements are necessary to ensure that final audit reports posted to agency websites pursuant to Standard 115.403(f) and submitted to DOJ as part of the annual governor’s certification and assurance process are accessible to people with disabilities. Note that audit reports generated in the Online Audit System meet the above formatting requirements and do not require any additional actions by auditors prior to submitting the final report to the audited facility/agency. Why Objective, Thorough, High Quality Audit Reports Are Important An auditor’s report constitutes the official record of the audit and its findings—and in the case of the auditor’s final report, the official public record. While the confinement agency is the auditor’s client, a PREA audit is intended to inform a wide array of stakeholders, including inmates and their families; organizations that advocate on behalf of inmates; people employed in confinement facilities, their families, and the unions that represent them; elected officials in the jurisdiction where the facility is located; the general public; and DOJ. Through the audit report, a PREA auditor is speaking to all of these audiences. To be understandable and valuable, an auditor’s report must describe the facility and audit process, findings about compliance with the PREA Standards, and the evidence upon which each finding is based. It is important that the audit report clearly and thoroughly describes the evidence relied upon to make all compliance determinations, such that a third party reading it will understand how the auditor came to each conclusion. Auditors should also explain certain frequently used terminology that may be unfamiliar to some readers (e.g., describe the differences between “disciplinary segregation,” “administrative segregation,” and “protective custody”). The audit report is also the primary source of information for understanding and resolving any issues or concerns that arise regarding the findings of a PREA audit. Therefore, auditors should take care to ensure the audit findings are clearly and adequately supported and described in the audit report. Finally, it is in an auditor’s own best interests to produce strong audit reports. These documents will become public and are a reflection of the auditor’s professional standards, skill, and expertise, and impact the reputation of the auditor. See additional instructions here: support.office.com/en-us/article/Save-or-convert-to-PDF-d85416c5-7d77-4fd6a216-6f4bf7c7c110. 24 See additional instructions here: helpx.adobe.com/acrobat/how-to/fill-and-sign-formsanywhere.html?set=acrobat--fundamentals--pdf-forms. 23 69 Review of Auditor Tools for Phase Four of the PREA Audit • Audit Report Template Post-Audit Even after issuance of an auditor’s final report, there are several PREA Standards that apply in the post-audit stage. This chapter will primarily discuss auditors’ obligations for document preservation and retention, followed by a brief discussion of the audit appeal process. Documentation Retention The PREA Standards require not only that documentation be reviewed and used to make compliance determinations, but they require auditors to retain and preserve all audit documentation and information relied upon to make the compliance determinations. Standard 115.401(j) states, “The auditor shall retain and preserve all documentation (including, e.g., video tapes and interview notes) relied upon in making audit determinations. Such documentation shall be provided to the Department of Justice upon request.” An FAQ issued by the DOJ PREA Working Group on March 24, 2014 states that all documentation must be retained by the auditor for 15 months following the issuance of the final report. 25 The DOJ PREA Working Group released additional guidance on March 18, 2015, which provides extensive detail on the scope of an auditor’s requirements under Standard 115.401(j). 26 Auditors are required to follow this official guidance in order to meet their obligations under the Standard. Importantly, the guidance states that auditors are required to preserve and retain “. . . both documentation relied upon in finding that a facility does not comply with a Standard, as well as documentation relied upon in finding that a facility does meet or exceed a Standard.” Thus, regardless of an auditor’s audit findings, he or she must be prepared to provide to DOJ, upon request, all of the evidence relied upon to make the compliance determinations for up to 15 months following the issuance of the final report. This requirement includes all audit documentation, whether stored in hardcopy, electronic, or digital formats (e.g., video footage of the facility). Auditors must take notes to document the audit process—including notes for all interviews, site review observations, and documentation review—and auditor notes must be preserved and retained pursuant to the official DOJ guidance referenced above. An auditor’s notes are critical for documenting the audit process and the evidence relied upon to make compliance determinations; thus, an auditor’s notes should be comprehensive, organized, and adequately convey the important points or key takeaways from the interviews, observations of practice, or review of documentation. Auditors are strongly encouraged to develop a good note-taking system and to maintain that system for every audit. If, upon request by DOJ, auditors are unable to provide their notes for any component of the audit (i.e., interviews, observations, documentation review), they run the risk 25 26 See the full FAQ here: www.prearesourcecenter.org/node/3220. See the full FAQ here: www.prearesourcecenter.org/node/3221. 70 of being out of compliance with their obligations under Standard 115.401(j) and may be subject to disciplinary action by the PREA Management Office that impacts their DOJ certification. It is important to note that some types of documentation should be retained in their entirety, namely logs or lists (e.g., logs of unannounced rounds, lists of all sexual abuse or sexual harassment allegations), whereas for other forms of documentation, like inmate records or personnel files, auditors need only preserve and retain the applicable documents in the file. For example, medical and mental health files, investigative records, or personnel files may have more information than is necessary to support a compliance finding, and auditors must only retain those pages that contain information relevant to the requirements of the Standard(s) to which the documents apply. For policy and procedures documents, auditors may preserve and retain excerpts that are relevant to the Standard(s) they address. Standard 115.401(j) also gives DOJ the authority to request audit documentation from auditors, stating, “Such documentation shall be provided to the Department of Justice upon request.” If requested by DOJ, an auditor’s documentation should be organized and complete so as to provide a roadmap for DOJ to reconstruct an auditor’s compliance determinations for each provision of every Standard. As previously described, this documentation must include all the evidence relied upon to make a compliance determination, which includes an auditor’s notes. Consistent with the guidance issued by the DOJ PREA Working Group, auditors who do not comply with Standard 115.401(j) may be subject to disciplinary action by DOJ. The Agency’s Right to Appeal Standard 115.405 provides agencies with the option to appeal any findings of an audit that they believe are incorrect. 27 The auditor who issued the findings under appeal has no role in the appeal process other than to provide documentation of his or her work or answer questions upon request by DOJ. Section VI. Audit Oversight The value and effectiveness of any PREA audit largely depends on the auditor’s skills and thoroughness. This includes an auditor’s understanding of the Standards, mastery of the audit methodology, and the ability to help agencies and facilities to change in ways that lead to successful implementation of the PREA Standards. As the primary means by which a facility’s compliance with the Standards is assessed by an objective third party, the PREA audit represents an important catalyst for meaningful PREA Standards implementation and adoption of zero tolerance cultures for sexual abuse and sexual harassment in confinement. In order to accomplish these goals and uphold the integrity of the PREA audit process, the PREA Management Office has instituted the PREA Audit Oversight function. The purpose of Audit Oversight is to promote high quality, reliable, objective, and comprehensive audits that hold agencies and facilities accountable for keeping individuals in their custody and care safe from sexual abuse and sexual harassment. 27 See 28 C.F.R. § 115.405(a). 71 Audit Oversight begins with an assessment of auditors’ performance and conduct that guides many of the interventions employed under the oversight umbrella. The audit assessment serves as a diagnostic tool to tailor interventions and sanctions to the individual needs of and the challenges identified with auditors’ work. The assessment is also informed by auditors’ performance in these interventions to form a continuous feedback loop of information that allows the PREA Management Office to proactively provide support to auditors, and respond with appropriate sanctions when necessary. Based on the results of the audit assessment, there are four interventions that may be used by the PREA Management Office to support auditors and critically review their work, including the Quality Improvement Program managed by the PREA Resource Center, an auditor peer review program, a disciplinary review of auditors who fail to meet the requirements of their auditor certifications, and remediation. These interventions may impact an auditor’s DOJ certification. A full description of these interventions and the audit assessment phase can be found in Chapters 20–24 below. Audit Assessment Auditors are expected to comply with the PREA Standards that govern auditor conduct, as well as the auditor requirements articulated in the PREA Auditor Candidate Training, this Handbook, required auditor continuing education, and FAQs issued by the DOJ PREA Working Group. On a regular basis, the PREA Management Office uses information collected from auditors through audit reporting forms, audit reports, complaints submitted by third party sources, their performance and engagement during oversight interventions (e.g., Quality Improvement Program), and the requested audit documentation to evaluate an auditor’s performance and identify targeted interventions and/or sanctions that are responsive to the needs of and/or deficiencies identified with the auditor’s work. These interventions and sanctions may directly impact an auditor’s DOJ certification. The audit assessment phase of the audit oversight process is the starting point for all interventions under the oversight umbrella and consists of a systematic, objective, and datadriven process for holding all auditors accountable for high standards of audit quality. The chapters below provide additional information on how the audit assessment phase connects with each intervention, the nature of these interventions, and their potential outcomes. Quality Improvement Program The Quality Improvement Program is managed by the PREA Resource Center and is designed to serve as a proactive support mechanism for auditors. The core objectives of the Quality Improvement Program are to enhance auditors’ technical skills and knowledge of the Standards through individualized technical assistance and guidance; develop targeted auditor training and continuing education resources that are responsive to common challenges identified through assistance to auditors; and identify and promote auditing best practices and lessons learned, which the PREA Resource Center regularly shares on the Auditor Portal. 72 Quality Improvement Process Because the goal of the Quality Improvement Program is to conduct proactive issue spotting and outreach to auditors, auditors may be identified for assistance in one of two ways: 1) Auditors may be referred to the Quality Improvement Program by the PREA Management Office in cases where the audit assessment process (see Chapter 20) reveals minor deficiencies related to auditor conduct and/or practices. 2) During its standard review of Pre- and Post-Audit Reporting Forms and audit reports submitted by auditors, the PREA Resource Center identifies issues such as minor errors in reporting (e.g., inconsistencies in objective or factual data in an audit report), inadequate information provided in audit reports (e.g., incomplete descriptions of the evidence relied upon to make compliance determinations), or an improper audit methodology that may be improved through outreach to the auditor. Once an auditor is identified for participation in the Quality Improvement Program, the PREA Resource Center develops a tailored strategy to address any identified issues. The PREA Resource Center will then provide the auditor with a description of the Quality Improvement Program, information regarding any issues or concerns identified with the auditor’s conduct and/or auditing practices, and recommendations for improvement. The level and type of assistance provided are determined on a case-by-case basis and are tailored to the needs of each auditor receiving assistance, which may include one or more of the following: • One-on-one assistance (via telephone, video conference, or email) with PREA Resource Center staff regarding particular issues or concerns • Submission of the auditor’s next audit report to the PREA Resource Center for review and feedback prior to the submission of the report to the audited facility • Additional education or training requirements • Testing to confirm knowledge, understanding, or skills Quality Improvement Program Outcomes Resolution occurs when the auditor completes the action steps required by the PREA Resource Center. The PREA Management Office may subsequently spot check the auditor’s future audit reports and reporting form data in order to assess his or her level of improvement and adherence to guidance provided during the Quality Improvement Program. In cases where guidance is not being consistently integrated by an auditor, an auditor fails to complete the requirements provided by the PREA Resource Center, and/or an auditor demonstrates persistent or recurring problems, these issues will be factored into the PREA Management Office’s audit assessment (see Chapter 20), and when taken together with other identified issues with an auditor’s body of work, may lead to disciplinary review by the PREA Management Office (see Chapter 23). 73 Peer Review In peer review, an auditor’s professional peers evaluate the extent to which the auditor complies with the requirements in the Standards and properly conforms to the principles and methods of the PREA audit described in this Handbook. A team of two peer reviewers is charged with conducting a rigorous examination of all the evidence and documentation relied upon by an auditor to determine the extent to which he or she has made accurate compliance findings. The primary goal of peer review is to enhance the reliability and integrity of PREA audits, encourage high standards for audit quality, and promote accountability within the PREA auditor community. If the peer review findings indicate that an auditor’s compliance determinations, application of the Standards, corrective action requirements, or other elements are significantly deficient, peer review may lead to disciplinary review by the PREA Management Office. Disciplinary review may also be a consequence for auditors who fail to comply with all of the peer review requirements. The disciplinary review process may impact an auditor’s DOJ certification. If, however, the peer review findings reveal limited deficiencies, the PREA Management Office may require the auditor to complete certain remediation steps to address the identified deficiencies. Additional information regarding peer review outcomes is detailed later in this chapter. Peer Review Process The PREA Management Office oversees peer review and is responsible for making all final decisions regarding the selection of both auditors for peer review and auditors to serve on peer review teams, as well as the disposition of auditors following the completion of peer review. The PREA Resource Center is responsible for managing and coordinating the peer review process, with oversight by the PREA Management Office. An auditor will be selected to undergo a peer review based on the result of the PREA Management Office’s standardized audit assessment process (see Chapter 20). Once selected, peer reviewers are asked to assess an audit to determine whether: 1. The auditor collected and retained sufficient documentation. 2. The audit documentation and other relevant evidence support the auditor’s compliance findings. 3. The audit report conforms to the requirements articulated in the PREA Auditor Candidate Training, this Handbook, required auditor continuing education, and FAQs issued by the DOJ PREA Working Group. 4. The audit report complies with the PREA Standards that govern auditors, including: a. “Each audit shall include a certification by the auditor that no conflict of interest exists with respect to his or her ability to conduct an audit of the agency under review.” (28 C.F.R. § 115.403(a)) b. “Audit reports shall state whether agency-wide policies and procedures comply with relevant PREA standards.” (28 C.F.R. § 115.403(b)) 74 c. “For each PREA standard, the auditor shall determine whether the audited facility reaches one of the following findings: Exceeds Standard (substantially exceeds requirements of standard); Meets Standard (substantial compliance; complies in all material ways with the standard for the relevant review period); Does Not Meet Standard (requires corrective action). The audit summary shall indicate, among other things, the number of provisions the facility has achieved at each grade level.” (28 C.F.R. § 115.403(c)) d. “Audit reports shall describe the methodology, sampling sizes, and basis for the auditor’s conclusions with regard to each standard provision for each audited facility, and shall include recommendations for any required corrective action.” (28 C.F.R. § 115.403(d)) 5. The audit report exhibits excellent performance or auditing best practices. At the conclusion of the peer review assessment, peer reviewers are asked to provide the PREA Management Office with a summary report of their findings, including information on the criteria used to evaluate the auditor’s compliance determinations and a description of any significant variation between peer reviewers’ scores. A copy of the summary peer review report will also be made available to the reviewed auditor. Peer Review Outcomes Determining outcomes and next steps for auditors who undergo a peer review is the sole responsibility of the PREA Management Office. Peer reviewers have no role in recommending next steps for auditors who undergo peer review. As stated above, if the peer review findings indicate that an auditor’s compliance determinations, application of the Standards, corrective action requirements, or other elements are significantly deficient, peer review may lead to a disciplinary review by the PREA Management Office. Disciplinary review may also be a consequence for auditors who fail to comply with all of the peer review requirements (refer to Chapter 23) and may impact an auditor’s DOJ certification. If, however, the peer review findings reveal only limited deficiencies, the PREA Management Office may require the auditor to complete certain remediation steps to address the identified deficiencies (refer to Chapter 24). Disciplinary Review The PREA Management Office places auditors under disciplinary review when there are significant or pervasive concerns regarding an auditor’s compliance with the following: • • • • • • • • The PREA Auditor Code of Conduct The PREA Auditor Certification Agreement PREA Standards governing auditor conduct FAQs issued by the DOJ PREA Working Group The PREA Auditor Handbook PREA auditor requirements articulated in the PREA Auditor Candidate Training Required PREA auditor continuing education PREA auditor reporting requirements 75 • • Peer review requirements Remediation steps required by the PREA Management Office Disciplinary review is also used in cases where the PREA Management Office has obtained information regarding auditor misconduct or an auditor has demonstrated serious misapplication or misinterpretation of one or more PREA Standards. In some cases, the PREA Management Office may determine that remediation steps are more appropriate than requiring the auditor to proceed through the full disciplinary review process, and there are actions that the auditor can take to successfully address the concerns and issues that were identified in the PREA Management Office’s audit assessment (see Chapter 20). In other cases, the PREA Management Office may determine that a disciplinary review is warranted without engaging in remediation steps. The disciplinary review process may impact an auditor’s DOJ certification. Disciplinary Review Process Auditors placed on disciplinary review by the PREA Management Office will receive written notice from the PREA Management Office that includes a description of the identified concerns and issues related to the auditor’s work, any allegations of auditor misconduct, and detailed instructions for proceeding through the disciplinary review process. Auditors under disciplinary review will generally be instructed to: • • • Provide a written response to the issues and concerns detailed in the Notice of Disciplinary Review issued by the PREA Management Office (including all relevant supporting documentation) Submit the underlying audit documentation for one or more audits conducted by the auditor Provide a list of all upcoming audits Depending on the nature of the deficiencies identified with an auditor’s practices and/or conduct, the PREA Management Office may also recommend that an auditor under disciplinary review voluntarily suspend his or her auditing activity for the duration of the disciplinary review period. If the PREA Management Office receives information indicating that an auditor has engaged in criminal conduct, malfeasance, gross negligence, fraud, conflict of interest, or other unlawful behavior that bears on an auditor’s credibility or integrity, the PREA Management Office will determine next steps on a case-by-case basis, depending on the circumstances and the nature of the allegation. Where warranted, the PREA Management Office will refer the case to the appropriate local, state, or federal agency for investigation and disposition. Depending on the severity of the allegation, the PREA Management Office may require the auditor to suspend all auditing activity pending the outcome of the investigation. Certain confirmed cases of serious auditor misconduct may result in immediate decertification. Refer to Chapter 28 for more information on disciplinary action by the PREA Management Office. 76 Disciplinary Review Outcomes The outcome of the disciplinary review process will vary depending on the nature and scope of the issues identified. • Case Resolution. In cases where an auditor complies with all the requirements imposed by the PREA Management Office and is able to adequately address and remedy all the identified issues, his or her case will be considered resolved. However, the PREA Management Office may require additional remediation steps and/or continue to monitor the auditor’s work to ensure that he or she continues to meet the auditor obligations outlined in the PREA Standards and the Auditor Handbook. Refer to Chapter 24 for more information on remediation. • Disciplinary Action. Where auditors fail to adequately address the issues raised by the PREA Management Office or where there is sufficient evidence of serious auditor misconduct or failure to meet auditor certification requirements, the PREA Management Office may impose disciplinary action, up to and including suspension or decertification. Additional information regarding decertification and suspension can be found in Chapter 28. Remediation The objective of remediation is to provide an alternative to disciplinary review and/or disciplinary action (i.e., suspension, decertification) in cases where auditors may have demonstrated some deficiencies in their audit conduct and/or performance but do not meet the threshold for disciplinary action. Depending on the nature and scope of the identified deficiencies, the PREA Management Office may impose one or more conditions on an auditor, including, but not limited to, requiring the auditor to: • Provide an up-to-date and comprehensive list of all ongoing and scheduled audits • Participate in continuing education courses, practical skill-building exercises or training opportunities, and/or other means of improving technical competence, skills, and knowledge as directed by the PREA Management Office • Complete testing to confirm knowledge, understanding, or skills • Engage with the PREA Resource Center in ongoing support and technical assistance • Provide all the audit documentation used to make the compliance determinations for an audit to the PREA Management Office • Submit a draft audit report for a forthcoming audit to the PREA Management Office prior to submitting it to the audited facility • Undergo continued monitoring by the PREA Management Office to assess compliance with the auditor obligations outlined in the PREA Standards and the Auditor Handbook The auditor may be required to notify agencies and facilities he or she audited of the remediation steps imposed by the PREA Management Office. The PREA Management Office, at its discretion, may also communicate with the audited agency’s or facility’s leadership to ensure 77 that the required steps have been taken by the auditor so that they are fully aware of any implications the remediation steps may have on the audit (e.g., extended time necessary to receive an audit report). The PREA Management Office will closely monitor auditors to verify compliance with the requirements imposed under remediation. Auditors who fail to comply with the remediation steps may be subject to disciplinary action by the PREA Management Office. Impact of Audit Oversight The Audit Oversight interventions employed by the PREA Management Office and the PREA Resource Center (refer to Chapters 20–24) are not designed to challenge or overturn the findings of auditors. Rather, the purpose of Audit Oversight is to evaluate auditor performance, provide meaningful support and technical assistance to auditors to improve their auditing practices, and, where necessary, impose disciplinary action on auditors who fail to fulfill the requirements of their PREA auditor certifications granted by DOJ. In such instances, Audit Oversight may impact an auditor’s DOJ certification. By nature of the Audit Oversight process, however, the PREA Management Office may identify auditing deficiencies such as serious misapplication or misinterpretation of one or more Standards, auditor misconduct, conflicts of interest, infidelity to the PREA audit methodology, and failure to meet the obligations for auditor conduct in the PREA Standards, among others, that cast significant doubt on the accuracy of an auditor’s findings. Thus, while an auditor’s compliance findings are considered final and will not be impacted as a result of the PREA Management Office’s Audit Oversight, there are other potential implications that should be considered by auditors. These considerations are detailed below. Impact on the Governors’ Annual Certification Determination DOJ reviews all certifications of full compliance submitted by states, territories, and the District of Columbia, and seriously considers any issues related to auditor conduct and their implications on the veracity of an auditor’s compliance findings. If DOJ identifies information as part of this review that raises questions about or contradicts a governor’s certification submission, DOJ will be in contact with that state or territory for additional information. By way of example, if an agency has received findings of full compliance for all of its facilities but DOJ is aware of an agency-wide policy that is out of compliance with the PREA Standards, this incongruity will be brought to the governor’s attention and should be considered when determining whether to submit a certification or assurance to DOJ. The DOJ PREA Working Group issued formal guidance in February 2013 28 indicating that audits represent just one piece of information a governor can use to determine compliance with the Standards. Neither the PREA statute nor the Standards restrict the sources of information that governors may use in deciding whether to certify full compliance with the Standards. Thus, if a state has passing PREA audits but the governor is in possession of information that contradicts 28 See the full FAQ here: www.prearesourcecenter.org/node/3277. 78 full compliance in those facilities, that information may impact the governor’s ability to certify full compliance with the PREA Standards. Additionally, where there is a PREA audit finding that is incongruent with an agency’s or facility’s compliance, either in policy or practice, the auditor should be prepared to answer questions from the audited agencies and facilities regarding his or her evaluation of compliance for the Standard(s) in question. Impact on the Safety and Wellbeing of Inmates Beyond the ramifications that incongruent audit findings can have on a governor’s certification determination, auditors’ compliance determinations have real implications for the safety and wellbeing of inmates who are most vulnerable to sexual abuse and sexual harassment. It is DOJ’s expectation and an auditor’s responsibility to rigorously evaluate a facility’s or agency’s compliance with each provision of every Standard. And where areas of noncompliance are identified, it is the auditor’s responsibility to work collaboratively with the facility on a corrective plan that will put the facility on a path toward full compliance. Section VII. Maintaining, Losing, or Giving up Certification Voluntary Surrender of Certification Auditors may voluntarily surrender their certifications. To do so, auditors should notify the PREA Management Office via email at PREACompliance@usdoj.gov. This notification should include the auditor’s name and contact information, including a current email address. An auditor’s voluntary surrender of his or her certification will take effect on the date the notification is received by the PREA Management Office from the auditor. The auditor’s name will then be removed from the list of certified auditors on the PREA Resource Center website. Auditors are not permitted to voluntarily surrender their certifications if they are currently under contract to conduct one or more PREA audits. In limited circumstances, however, the PREA Management Office may allow an auditor to voluntarily surrender his or her certification while under contract for a PREA audit. In such cases, the auditor must adhere to the following guidelines for audit contracts following voluntary surrender of certification. • If an auditor has any contractual obligations to conduct audits for which the onsite portion is scheduled on or after the effective date of voluntary surrender of certification, the auditor must immediately notify the appropriate officials in the facility or agency of his or her voluntary surrender of certification to discuss the contract’s termination, as appropriate. • If an auditor has any in-progress audits for which he or she has completed the onsite portion, the auditor must immediately notify the appropriate officials in the facility or agency of his or her voluntary surrender of certification and ask those officials for instruction regarding completion of the contracted tasks. • If the officials from the agency or facility expect the auditor to complete the post-onsite audit work, the auditor will be temporarily authorized to complete the audit through 79 the final report. In such instances, auditors must report all in-progress audits to the PREA Management Office at PREACompliance@usdoj.gov and provide the date when those audits are expected to conclude (i.e., the final report has been submitted to the audited facility). Unless otherwise specified by the PREA Management Office, auditors who voluntarily surrender their certifications are permitted to apply again to become certified as PREA auditors, but they must go through the regular application and training process. During the application review process, an individual’s past auditing performance and conduct will be considered in evaluating his or her suitability to become certified and to conduct PREA audits. Auditor Recertification To become recertified as a PREA auditor, all PREA auditors must successfully complete all the recertification requirements (described below) prior to the expiration of their current 3-year certification. The six recertification requirements are: 1. Submission of a complete recertification application 2. Fulfillment of all audit reporting requirements 3. Fulfillment of all auditor continuing education requirements 4. Achieving a passing score on the online recertification exam 5. Signing and submitting the Auditor Certification Agreement 6. Completion of a criminal records background check If recertified, auditor certification will be valid for 3 years following the auditor’s recertification date. Recertification Requirements Information regarding each of the six recertification requirements appears below. Recertification Application Auditors must submit a complete application for recertification by the specified deadline. The application is available as an online form located on the Auditor Portal. Auditor Reporting Requirements Auditors must fulfill the following reporting requirements: • Complete and submit all applicable Annual Audit Reporting Forms. • Complete and submit Pre-Audit Reporting Forms for all audits (including completed audits, audits in progress, and scheduled audits) for which an auditor served or will serve as lead auditor. • Complete and submit Post-Audit Reporting Forms for all audits for which an auditor served as lead auditor. Auditors are only required to submit Post-Audit Reporting Forms for audits that were completed at least 6 months prior to their recertification 80 application deadline. For example, an auditor whose certification was set to expire in December 2016, who applied for recertification by the October 3, 2016 deadline, must have submitted the Post-Audit Reporting Form for all audits he or she completed as lead auditor on or before March 31, 2016. This cutoff date will be made clear for each auditor recertification cohort. • For auditors who were certified before September 2014 only, they must complete and submit the Cumulative Audit Reporting Form. This form captures all audit activity as the lead or responsible auditor that occurred between August 20, 2013 and September 30, 2014. If an auditor did not conduct any audits during this time, or if he or she only participated in an audit in a role other than as the lead auditor, the auditor must indicate this by typing a “0” in the appropriate space on the form. Auditors who have kept up to date with their reporting requirements do not need to submit duplicate forms. Questions regarding the status of their reporting requirements may be sent to the PREA Resource Center by submitting an Auditor Helpdesk Form available on the Auditor Portal. Continuing Education Requirements Auditors must complete all mandatory webinars and coursework assigned by the PREA Resource Center. Auditors with questions about their continuing education requirements should refer to their Auditor Welcome Packets or contact the PREA Resource Center by submitting an Auditor Helpdesk Form available on the Auditor Portal. All archived webinars and coursework are available on the Auditor Portal. Auditors who want to see if they have completed all the mandatory courses should log into the Auditor Portal and navigate to their learner transcripts. Any incomplete webinars and coursework will be included in the course list in “My Courses” or can be found in the “Catalog.” It is important to note that the continuing education requirements may vary slightly for each auditor recertification cohort. Auditors will be made aware of all required coursework in advance of their recertification application deadlines. Recertification Exam Auditors must complete the auditor recertification exam with a score of 85 percent or higher. The topics covered on the exam include the following: • The PREA Standards • Mandatory auditor continuing education webinars and coursework • Requirements announced via auditor newsletters (e.g., auditor continuing education requirements, clarification regarding audit documentation and retention), which are archived on the Auditor Portal • FAQs issued by the DOJ PREA Working Group Auditor Certification Agreement Auditors must read, sign (or resign), and submit the Auditor Certification Agreement. 81 Criminal Background Check Auditors are required to pass a criminal background records check. Specific details on how to begin this process will be included in the recertification application instructions. Failure to Meet Recertification Requirements Failure to complete all the recertification requirements by the specified deadline will result in denial of auditor recertification. Once the expiration of an auditor’s certification takes effect, the auditor will no longer be authorized to conduct PREA audits, and the auditor’s name will be removed from the list of certified PREA auditors on the PREA Resource Center website. Within 30 days of the date of Notice of Denial of Recertification from the PREA Management Office (unless the PREA Management Office specifies a different due date), auditors have the option to appeal the PREA Management Office’s determination. Written appeal must be made to the PREA Management Office by email at PREACompliance@usdoj.gov and must: • • Consist entirely of directly relevant written materials Include all necessary explanations, information, or other materials in response to the allegations described in the Notice of Denial of Recertification Any false statements made in support of an appeal may be subject to criminal prosecution, including under 18 U.S.C. § 1001, and are subject to review by the Office of Justice Programs Office of the General Counsel and the DOJ Office of the Inspector General. The PREA Management Office may amend the Notice of Denial of Recertification at any time prior to its final disposition. If such amendment includes any new material allegations of fact, the auditor will have the opportunity to appeal the new allegations in the amended Notice of Denial of Recertification. An auditor’s appeal of the new allegations in the amended Notice of Denial of Recertification must be written and provided to the PREA Management Office in accordance with the procedures outlined above no later than 30 days after the PREA Management Office provides the PREA auditor with the amended Notice, unless the PREA Management Office establishes a different due date. If no appeal is received by the PREA Management Office within 30 days after the date of the Notice of Denial of Recertification (without reasonable justification or excuse) such: 1. Constitutes a waiver of the right to contest the allegations in the Notice of Denial of Recertification, and 2. Will result in the denial of recertification of the PREA auditor without further notice to the PREA auditor, and 3. The denial of recertification will be considered to be final as of the date indicated in the Notice of Denial of Recertification. 82 If an appeal is received by the PREA Management Office within 30 days after the date of the Notice of Denial of Recertification, it will be carefully considered by the PREA Management Office. The PREA Management Office will make its determination and provide written notice of its decision to: • • Confirm the denial of recertification (including the reasons therefor), or Rescind the denial of recertification, which may include mandatory remediation steps or other requirements Denial of recertification will remain in effect while the appeal is under consideration. Auditors not Seeking Recertification Auditors may elect not to seek recertification and voluntarily let their certifications expire. There is an option to indicate this on the application form. When an auditor selects this option, his or her voluntary surrender of certification will be effective on his or her certification expiration date. Once the voluntary expiration of certification takes effect, an auditor’s name will be removed from the list of certified PREA auditors on the PREA Resource Center website. Auditor Guidance Following Expiration of Certification If an auditor has any contractual obligations to conduct audits for which the onsite portion is scheduled on or after his or her certification expiration date, the auditor must immediately notify the appropriate officials in the facility or agency of the pending expiration of his or her certification to discuss contract termination, as appropriate. If an auditor has any in-progress audits for which he or she has completed the onsite portion, the auditor must immediately notify the appropriate officials in the facility or agency of the pending expiration of his or her certification and ask those officials for instruction regarding completion of the contracted tasks. If the officials from the agency or facility expect the auditor to complete the post-onsite audit work, the auditor will remain authorized through his or her certification expiration date to complete the audit through the final report. If an auditor has an in-progress audit and believes he or she will not be able to complete the final report by the auditor’s certification expiration date, the auditor must contact the PREA Management Office at PREACompliance@usdoj.gov to request authorization to conduct the post-onsite audit work beyond the certification expiration date. Unless otherwise specified by the PREA Management Office, auditors who elect not to seek recertification and auditors who are denied recertification are permitted to apply again to become certified as PREA auditors, but they must go through the regular application and training process. During the application review process, the circumstances of an auditor’s denial of recertification and his or her past auditing performance and conduct will be considered in evaluating his or her suitability to become certified and to conduct PREA audits. Questions about Recertification For questions about auditor-specific recertification application requirements, auditors may contact the PREA Resource Center before the application deadline. If given sufficient notice, PREA Resource Center staff will assist auditors with identifying any missing requirements. 83 Auditor Suspension and Decertification Decertification or suspension may be a consequence for an auditor if the PREA Management Office determines through a preponderance of evidence that the auditor has demonstrated a significant or consistent failure to comply with the following: • • • • • • • • • • The PREA Auditor Code of Conduct The PREA Auditor Certification Agreement PREA Standards governing auditor conduct FAQs issued by the DOJ PREA Working Group The PREA Auditor Handbook PREA auditor requirements articulated in the PREA Auditor Candidate Training Required PREA auditor continuing education PREA auditor reporting requirements Peer review requirements Remediation steps required by the PREA Management Office Decertification or suspension may also be a consequence in cases where an auditor engages in misconduct (including, but not limited to negligence, criminal conduct, malfeasance, gross fraud, and conflict of interest) or demonstrates serious misapplication or misinterpretation of one or more PREA Standards. An auditor who is decertified or suspended will receive notice of the decision from the PREA Management Office. This notice will contain important information regarding the grounds for decertification or suspension, a description of the evidence upon which the allegations are based, a description of the appeal process, and the effective date of the decertification or suspension. The process for suspension and decertification is described below. Process for Suspension of Certification The duration of a suspension will be determined by the PREA Management Office and may be extended for cause. During the period of suspension, auditors may not conduct any audits or audit-related activity. Within 30 days of the date of Notice of Suspension (unless the PREA Management Office specifies a different due date), auditors have the option to appeal the PREA Management Office’s determination. A written appeal must be made to the PREA Management Office by email at PREACompliance@usdoj.gov. An auditor’s appeal must: • • Consist entirely of directly relevant written materials Include all necessary explanations, information, or other materials in response to the allegations described in the Notice of Suspension Any false statements made in support of an appeal may be subject to criminal prosecution, including under 18 U.S.C. § 1001, and are subject to review by the Office of Justice Programs Office of the General Counsel and the DOJ Office of the Inspector General. The PREA Management Office may amend the Notice of Suspension at any time prior to its final disposition. If such an amendment includes any new material allegations of fact, the auditor will have the opportunity to appeal the new allegations. An auditor’s appeal of the new allegations in the amended Notice of Suspension must be written and provided to the PREA Management 84 Office in accordance with the procedures outlined above no later than 30 days after the PREA Management Office provides the PREA auditor with the amended Notice, unless the PREA Management Office establishes a different due date. If no appeal is received by the PREA Management Office within 30 days after the date of the Notice of Suspension (without reasonable justification or excuse) such: 1. Constitutes a waiver of the right to contest the allegations in the Notice of Suspension, and 2. Will result in the decertification of the PREA auditor without further notice to the PREA auditor, and 3. The decertification will be considered to be final as of the date indicated in the Notice of Decertification. If an appeal is received by the PREA Management Office within 30 days after the date of the Notice of Suspension, it will be carefully considered by the PREA Management Office. The PREA Management Office will make its determination and provide written notice of its decision to: • • • Convert the suspension to a decertification, Rescind the suspension, or Take other appropriate action such as remediation or maintaining the suspension The suspension will remain in effect while the appeal is under consideration. Process for Decertification Within 30 days of the date of Notice of Decertification from the PREA Management Office (unless the PREA Management Office specifies a different due date), auditors have the option to appeal the PREA Management Office’s determination. Written appeal must be made to the PREA Management Office by email at PREACompliance@usdoj.gov and must: • • Consist entirely of directly relevant written materials Include all necessary explanations, information, or other materials in response to the allegations described in the Notice of Decertification Any false statements made in support of an appeal may be subject to criminal prosecution, including under 18 U.S.C. § 1001, and are subject to review by the Office of Justice Programs Office of the General Counsel and the DOJ Office of the Inspector General. The PREA Management Office may amend the Notice of Decertification at any time prior to its final disposition. If such an amendment includes any new material allegations of fact, the auditor will have the opportunity to appeal the new allegations. An auditor’s appeal of the new allegations in the amended Notice of Decertification must be written and provided to the PREA Management Office in accordance with the procedures outlined above no later than 30 days after the PREA Management Office provides the PREA auditor with the amended Notice, unless the PREA Management Office establishes a different due date. 85 If no appeal is received by the PREA Management Office within 30 days after the date of the Notice of Decertification (without reasonable justification or excuse) such: 1. Constitutes a waiver of the right to contest the allegations in the Notice of Decertification, and 2. Will result in the decertification of the PREA auditor without further notice to the PREA auditor, and 3. The decertification will be considered to be final as of the date indicated in the Notice of Decertification. If an appeal is received by the PREA Management Office within 30 days after the date of the Notice of Decertification, it will be carefully considered by the PREA Management Office. The PREA Management Office will make its determination and provide written notice of its decision to: • • Confirm the decertification (including the reasons therefor), or Rescind the decertification, which may include mandatory remediation steps or other requirements The decertification will remain in effect while the appeal is under consideration. If decertified, the auditor will no longer be authorized to conduct PREA audits, and the auditor’s name will be removed from the list of certified PREA auditors on the PREA Resource Center website. Unless otherwise specified by the PREA Management Office, auditors who are decertified are permitted to apply again to become certified as PREA auditors, but they must go through the regular application and training process. During the application review process, the circumstances of decertification and the auditor’s past auditing performance and conduct will be considered in evaluating his or her suitability to become certified and to conduct PREA audits. Audit Contract Guidance Following Decertification If an auditor has any contractual obligations to conduct audits for which the onsite portion is scheduled on or after the effective date of decertification, the auditor must immediately notify the appropriate officials in the facility or agency of his or her decertification to discuss the contract’s termination, as appropriate. If an auditor has any in-progress audits for which he or she has completed the onsite portion, the auditor must immediately notify the appropriate officials in the facility or agency of his or her decertification and ask those officials for instruction regarding completion of the contracted tasks. Auditors must report all in-progress audits to the PREA Management Office at PREACompliance@usdoj.gov and provide the date when those audits are expected to conclude (i.e., the final report has been submitted to the audited facility). If the officials from the agency or facility expect the auditor to complete postonsite audit work, the auditor must request authorization from the PREA Management Office to complete the audit through the final report. 86 Section VIII. Auditor Resources Training, Education, and Assistance for Auditors Auditor Newsletter and E-Blasts The PREA Resource Center publishes a periodic Auditor Newsletter that provides useful information on auditing, new PREA developments, and related topics. The Auditor Newsletter is sent to all auditors via email only and can be accessed at any time in the Resources section of the Auditor Portal. The PREA Resource Center also issues occasional e-blasts to convey important and often time-sensitive information to auditors. Auditors are responsible for information conveyed in the Auditor Newsletter and e-blasts and should provide the PREA Resource Center with their current email addresses to ensure that they are able to receive these important communications. Auditor Continuing Education and Resource Portal The Auditor Continuing Education and Resource Portal (see training.prearesourcecenter.org) is a one-stop shop for auditors to access important auditing resources and tools, read past Auditor Newsletters and e-blasts issued by the PREA Resource Center, submit required auditor reporting forms, and manage their continuing education courses. The PREA Resource Center Website The PREA Resource Center website (see www.prearesourcecenter.org/www.prearesourcecenter.org/) is a central repository for all things related to PREA and PREA audits. The site hosts training curricula and archived webinars; a database of FAQs issued by the DOJ PREA Working Group; a virtual library, including legal resources; PREA-related news and other timely information; a list of DOJ-certified PREA auditors; information on the PREA audit process, auditor trainings, PREA implementation trainings; an Auditor Feedback Form; and much more. The website also includes a Contact Us page where auditors and others can submit inquiries about PREA, the audit process, training for auditors, and any other issues of concern. Helplines For answers to non-urgent questions about PREA, the audit process, or related issues while preparing for an upcoming audit or following the onsite portion of an audit, contact the NonUrgent Helpline by calling 800–279–7732 and press 1 when prompted, or submit an Auditor Helpdesk Form available on the Auditor Portal. The PREA Resource Center typically responds within 3 business days. For answers to more urgent issues while working onsite at a facility, contact the Urgent Helpline by calling 800–279 –7732 and press 2 when prompted, or submit an Auditor Helpdesk Form available on the Auditor Portal. The PREA Resource Center makes every effort to respond within 24 hours during the work week. Contacting the PREA Management Office Auditors may contact the PREA Management Office by email at PREACompliance@usdoj.gov. 87 Auditor Certification Agreement In order to obtain (or maintain) your certification from the Department of Justice (DOJ) to conduct PREA audits, you must read and sign this agreement by the specified deadline. These conditions of your certification are designed to ensure that auditors conduct PREA audits according to the requirements set forth by DOJ, and by signing this agreement, the signatory acknowledges that failure to comply with any provisions in this agreement could lead to disciplinary action by the PREA Management Office within DOJ’s Bureau of Justice Assistance, up to and including suspension or decertification. I. General Responsibilities a. I have read and understand the PREA Standards. b. I have read, understand, and agree that I will conduct PREA audits in accordance with those PREA Standards that apply to auditors, including, but not limited to, the requirements stated in Standards 115.401-404. c. I have read, understand, and agree that I will conduct PREA audits according to the methodology provided in the PREA Auditor Handbook, the PREA Auditor Candidate Training, FAQs issued by the DOJ PREA Working Group, and any other continuing education and guidance provided by the PREA Management Office and the PREA Resource Center in writing, in continuing auditor education, or through other means. II. Contracting for a PREA Audit a. I have read, understand, and agree to abide by the requirements in the PREA Auditor Handbook regarding auditing arrangements. b. I have read, understand, and agree to abide by the requirements in the PREA Auditor Handbook regarding audit contracts and compensation. c. I have read, understand, and agree to abide by all restrictions placed on my ability to solicit or accept gifts as described in the PREA Auditor Handbook. III. Auditor Code of Conduct a. I have read, understand, and agree to abide by the Auditor Code of Conduct described in the PREA Auditor Handbook. IV. Conflicts of Interest a. I have read, understand, and agree to abide by all restrictions placed on my ability to conduct audits that raise a conflict of interest, or the appearance of a conflict of interest, as described in the PREA Auditor Handbook and PREA Standard 115.402. 88 Auditor Certification Agreement V. Auditor Certification Requirements a. I have read, understand, and agree to abide by all of the requirements in the PREA Auditor Handbook regarding probationary certification status (effective beginning with the March 2015 PREA Auditor Candidate Training). b. I have read, understand, and agree to abide by all of the auditor reporting requirements in the PREA Auditor Handbook. c. I have read, understand, and agree to abide by all of the auditor continuing education requirements in the PREA Auditor Handbook. d. I have read, understand, and agree to abide by the requirements in the PREA Auditor Handbook regarding voluntary surrender of my PREA auditor certification from DOJ. e. I have read, understand, and agree to abide by the requirements in the PREA Auditor Handbook regarding auditor recertification should I choose to become recertified as a PREA auditor. f. I agree to inform the PREA Management Office immediately of any actions that constitute grounds for disciplinary review or disciplinary action as described in the PREA Auditor Handbook, including: if I am arrested or convicted on criminal charges; found liable for fraud or other unlawful behavior that may bear on my honesty or credibility; found culpable of, plead guilty to, or plead no contest to any misconduct, sexual abuse, or sexual harassment, or related conduct through any criminal, civil, or administrative investigation or legal proceeding; and/or if I am released from or voluntarily leave employment or contract while under criminal, civil, or administrative investigation for any misconduct, sexual abuse, sexual harassment, or related conduct. g. I agree to report any knowledge or information pertaining to possible auditor misconduct (including, but not limited to negligence, criminal conduct, malfeasance, gross fraud and conflict of interest), concerns regarding an auditor’s compliance with DOJ’s certification requirements, or other actions that constitute grounds for disciplinary review or disciplinary action as described in the PREA Auditor Handbook. I understand that reports may be submitted via the Auditor Feedback Form on the PREA Resource Center website. VI. PREA Audit Methodology a. I have read, understand, and agree that I will conduct audits according to the PREA Audit Methodology described in the PREA Auditor Handbook. 89 Auditor Certification Agreement VII. Audit Oversight a. I have read, understand, and agree to abide by the requirements in the PREA Auditor Handbook regarding the Quality Improvement program, if selected for participation. b. I have read, understand, and agree to abide by the requirements in the PREA Auditor Handbook regarding Peer Review, if selected for participation. c. I have read, understand, and agree, if directed by the PREA Management Office, to abide by the requirements in the PREA Auditor Handbook regarding Disciplinary Review. d. I have read, understand, and agree, if directed by the PREA Management Office, to abide by the requirements in the PREA Auditor Handbook regarding Remediation. e. I have read and understand the auditor suspension and decertification processes described in the PREA Auditor Handbook, and I understand that I may be subject to disciplinary action by the PREA Management Office, up to and including decertification. f. In the event of my suspension or decertification, I agree to abide by all relevant instructions from the PREA Management Office including, but not limited to, cancellation of planned audit activity. Print Name Signature Date 90