1

CREATIVE INQUIRY DATABASE SYSTEM (CIDS) OVERVIEW & INSTRUCTIONS

CIDS OVERVIEW:

Creative’s Security Department has worked with IT, HR and Field Operations to develop a centralized database called the “Creative Inquiry Database System (CIDS),” which contains a comprehensive record of all vetting actions taken on all people and/or companies as required by Creative’s Vetting Policy in the HQ and Field Manuals.

CIDS enables Creative management, as well as its auditors, to see who was vetted at the HQ and project level to ensure the Vetting Policy is followed and that Creative is compliant with client regulations. The categories requiring vetting (employees, consultants, vendors, sub-contractors, grantees, financial institutions, landlords and lawyers) and the types of vetting required per category, are detailed in each project’s customized Vetting Plan. Those individuals responsible for conducting the various types of vetting (i.e. Visual Compliance, Employment Verification, Vendor Verification, Grantee Verification, etc.) have been granted access to CIDS and are required to upload the names requiring vetting into the system through a formatted form in CIDS, as well as indicate whether the required vetting has been done for each of the names once completed. This is a relatively new system to Creative and is therefore still being perfected. We know there will be issues to resolve and we encourage you to provide the Security Department feedback via SecurityHQ@creativedc.com.

PART 1: INPUTTING NAMES REQUIRING VETTING INTO CIDS Step by Step Instructions: Step 1: In Internet Explorer (CIDS works best in this browser), open CIDS by copying this link into the browser

http://www.creativeassociatesinternational.com/CIDS/ Note: Logging on to CIDS does not require VPN login. Step 2: You will be prompted to log on to Creative’s intranet:

Login: Project email address (Example: JaneD@crea-bahamas.com) Password: Use the password provided to you Note: If your password does not work, email Jamie Helfer at jamieh@creativedc.com so your password can be reset.

Once in CIDS, you should see some blue tabs at the top of your screen. The tabs that you see depends on your job responsibilities (i.e. HR staff would see the Employment Verification tab, Procurement staff

2

would see the Vendor Verification tab, Grants staff would see the Grantee Verification tab, etc.). Below are definitions of what each tab means:

Visual Compliance: all names put into CIDS will be in this tab, because all names put into CIDS require the Visual Compliance Vetting. Consultants will also be listed in this tab only, because Visual Compliance is the only vetting required for consultants at this time.

HR Plus: this is the system HQ HR uses to vet HQ and expat employees. Only HQ HR staff has access to this tab.

Employment Verification: this is the equivalent to the HR Plus system HQ HR uses, but in the field. This is the tab for vetting of local staff, and typically only HR field staff has access to this tab.

Vendor Verification: this is the tab for the vetting of vendors. Typically only HQ and field procurement staff has access to this tab.

Sub-Contractor Verification: this is the tab for the vetting of sub-contractors. Most sub-contractors are vetted at the start of the program. Only those who manage the relationships with Creative’s sub-contractors have access to this tab.

Grantee Verification: this is the tab for the vetting of all grantees. Typically, only grants managers and related programs staff have access to this tab.

3

Step 3: Click on the [CIDS Vetting Instructions] button on the home page. Since the system is continually being refined, downloading the CIDS Vetting Instructions directly from CIDS will ensure that you are always referencing the most up-to-date instructions.

Step 4: Once you have familiarized yourself with the CIDS Vetting Instructions, you can now open the new

vetting form in CIDS where you will list the names required for vetting.

Example: As an example, let’s say you are the Procurement Manager and you need to vet a local vendor. Click on the [VENDOR VERIFICATION] tab.

4

Step 5: Once in the [VENDOR VERIFICATION] tab, click on the [Help & Options] button at the bottom of the screen.

Step 6: Once you have clicked on the [Help & Options] button, click on the [Open Vetting Form (BETA)]. A

separate form will open up, and this is the form that replaces the spreadsheet.

5

Step 7: You will notice that the top part of the form (red box below), should fill in automatically, based on your login information (i.e. your name, your email, Requestor’s Department, Requestor’s Assigned Project and Date of Request). If some of this does not fill in automatically, or if it is not accurate, please correct the information accordingly (using the drop downs provided).

Step 8: The next section (red box below) is where you will select the Vetting Category of the names you will be

listing (the names listed can only be for one vetting category at a time, just like in the spreadsheet), the Project Country, the Project Initials and the Project Name. All of these fields are essentially the same as they were in the spreadsheet, just in a different, drop down format. If you do not see your project initials, please email Jamie Helfer at JamieH@CreativeDC.com.

6

Step 9: The next section (red box below) is where you will list the names that need to be vetted. This works

exactly like the spreadsheet and same rules apply (list company and individual names on separate lines; when listing a Company’s Name, leave the Individual’s Name to be Vetted field blank and vice versa). For each additional name you want to add (you can still list as many as you want) you just click the “Add” button (green box below) to add another row.

Step 10: Once the form is filled out, click on the “FIRST: Submit to CIDS (Mandatory)” button (red box below)

which uploads your entries to be vetted into the CIDS database. This is the only mandatory button that you must click and is the only button that uploads the names into CIDS. Wait for a green confirmation that the names have been uploaded before closing the screen or clicking the SECOND button.

7

Step 11: Once you receive the green confirmation that the names have been successfully uploaded, you can click

the “SECOND: Save for Your Records” button (red box below), which saves a copy of your submission and gives you an email notification/receipt of your submission.

.

Step 12: To double check that the names have been successfully uploaded into CIDS, you can now go back into

the [VENDOR VERIFICATION TAB] (if you uploaded vendor names) and you should see the name(s) you just uploaded there (you might have to refresh the screen). Part 1 is complete.

8

PART 2: VET THE NAMES

Once you have submitted the names requiring vetting into CIDS, now the vetters need to complete the actual vetting. This process can take anywhere from 24 hours – to a week or more, depending on the time it takes for each party to vet the names. For vetting done at the HQ-level (i.e. Visual Compliance Database checks), the HQ Security Department will conduct all Visual Compliance Database (VCD) checks and will run a report from CIDS each morning to see the list of names requiring VCD vetting. The HQ Security Department will conduct the VCD vetting and return the results back into CIDS within 48 hours. The requestor will be able to see that the name was vetted through Visual Compliance in the column titled “VCD Results Outcome” which will either read “Passed”, “Not Passed” or “Pending.” “Passed” means that the vetting was completed and there were no issues. “Not Passed” means that either the vetting was not conducted (an example would be that we extend an offer to an employee, contingent upon their clear background check and then the employee accepts another offer before the vetting was done), or that it was conducted and the results were not favorable (an example would be that there was a match in running the name through Visual Compliance). “Pending” means that the vetting has not been completed yet.

For vetting done at the field-level (i.e. Employment Verification for local employees, Vendor Verification for local vendors, Grantee Verification for grantees, etc.), project vetters will conduct the necessary vetting as outlined in the project’s Vetting Plan. Once the vetting is completed, the project vetter will log back in to CIDS, click on the individual record, and check “Passed” or “Not Passed” to indicate that the vetting has been completed. Instructions on this process are detailed in Part 3 below. PART 3: VERIFYING THAT THE VETTING WAS COMPLETED

Step by Step Instructions: Example: to outline the steps below, the example of a field HR Manager requesting vetting for local employees will be used. Step 1: Once the HR Manager vetter (or equivalent) has finished doing the Employment Verification vetting

(vetting description is in the project’s Vetting Plan), the user will log back into CIDS by going to http://www.creativeassociatesinternational.com/CIDS/.

Step 2: Once logged into CIDS, the user will click on the [EMPLOYMENT VERIFICATION] tab (because this is the

type of vetting that is required for employees), find the record’s name and click on the “Edit” link (shown below) to the left of the record’s name.

9

10

Step 3: Once you click on the “Edit” link, another screen will populate (shown below). Scroll down to the bottom of the page and under “FOLLOW-UP DETAILS” you will see a section for “Visual Compliance Database,” which the HQ Security Department will fill out, and you will see a section for “Employment Verification (EV)” which the field HR Manager is to fill out.

Step 4: Fill out all of the required information, as shown above (circled in red). Make sure you choose your

name from the drop down menu (if it is not there, leave blank and type your name into the “Notes” section), type in your department (the same that you put in the spreadsheet), enter your project email, enter the date that the vetting was completed (format is MM/DD/YEAR), change the EV Results Outcome from Pending to Passed (assuming the vetting had a positive outcome) and then choose the drop down that indicate where the vetting results are physically located (i.e. where the documentation is kept indicating that the vetting was done. For field vetters it would be “Field Office Project’s Files).

Step 5: Once you have filled out the required information click “Validate” at the bottom of the screen. The

system will generate a response in green at the top of the screen saying that all required information has been entered. Now you can either close out of that window or scroll back up to the top to click back on the [EMPLOYMENT VERIFICATION] tab to edit the next record.

Step 6: Repeat Steps 3-5 for each record that needs to be updated.

Each vetting party is responsible for checking the entity’s record as “Passed” or “Not Passed” for each vetting type required, per category. If the VCD check has been completed, users will see that it says “Passed” in the “VCD Results Outcome” column. If vetting has not been completed for Employment Verification vetting, it will read “Pending” in the “EV Results Outcome” column. Both columns need to say “Passed” to indicate that the required vetting was done on each record in CIDS. Once all required steps have been completed and both vetting columns say “Passed,” the process is finished.

11

Example: In the case of hiring a local employee, the HQ Security Department would be responsible for conducting the VCD vetting on the individual and clicking “Passed” or “Not Passed” on the individual in CIDS; and the field HR Manager would be responsible for conducting the Employment Verification vetting on the individual and clicking “Passed” or “Not Passed” on the individual in CIDS.

Step 7: For some projects, it is necessary to print out the Visual Compliance Database (VCD) results so that it can

be placed in the individual’s or company’s file. In order to print out the VCD results there is a “VIEW VCD RESULT DETAILS” link to the far right of each record. Click on that link, which will bring up a page indicating the name that was vetted, the VCD Results (i.e. Passed), the date it was screened, the name of the vetter and the department of the vetter. It also lists the names of watchlists and authorities screen against. If required, print out this page and place it in the appropriate file.

12

Once you have completed this step, Part 3 is complete. A note about Visual Compliance: Visual Compliance is the vetting system Creative hires to conduct vetting against all required watchlists. Due to this, projects do not need to go to separate watchlist sites (i.e. EPLS, SDN, UN Consolidated, OFAC, etc.) to conduct their own vetting. Additionally, Creative pays for a service through Visual Compliance (called Continual Compliance), which re-vets the names in the system every day. If a name that was previously vetted through Visual Compliance appears on a watch list, the HQ Security Department will be notified and they will then contact the project to take appropriate action.