Whistle Willow is a unique whistleblowing solution. It offers an unprecedented deployment speed and can be live within 5 minutes.

In order to achieve this, Whistle Willow utilizes Atlassian Jira, JSM or Confluence for managing submissions and storing the report data. It allows to use of Atlassian user management, security, and storage and ensures that sensitive data does not leave the company.

Whistle Willow also provides a public interface for submitting anonymous and protected tips from anywhere in the world - as a dedicated portal or via your company’s JSM

Is Whistle Willow a good fit for our organization?

Yes, if you already use Jira, JSM, or Confluence Cloud. You get the fully functional whistleblowing program integrated into Jira or Confluence, built on top of the security and stability of Atlassian products.

What are the main features?

• Unique ease of deployment and use while featuring a well-versed whistleblowing program

• Public submissions - whistleblowers do not need a license for Jira or Confluence to submit their tips. Public submissions can be done via JSM or through a dedicated external Portal hosted in EU or US.

• Private submissions - those with access to the company’s Jira or Confluence can easily submit anonymous and protected tips via these products.

• Admin dashboard and analytics - admins can manage reports, update statuses and communicate with reporters via the control panel integrated into Jira or Confluence.

• Encrypted reports - at rest and in transit

  • This includes asymmetric encryption of public submissions. This means, only the organization that the report is intended for can read it.

• Simple cost model that depends on a number of Jira or Confluence users (which essentially reflect the org size). No hidden charges or extras.

1. Install WW via the Atlassian marketplace.

2. Find the app in the “Apps” dropdown of the top bar:
   
   

   Open

   

3. Upon first use, click “Allow access on user’s behalf” button, review and accept the scopes.

4. By default, jira-admins-<your_instance_name>(for Whistle Willow for Jira), administrators (for Whistle Willow for Confluence), and site-admins security groups users are added to the app as admins.
   Ask them to add your Compliance team and other members responsible for whistle-blowing tips handling to the access list in the app (Access control tab).
   At this point, it is advisable to review the users added upon the installation and remove access for those who do not need to stay in the loop of reports and updates.

5. The App is ready to be used.

Whistle Willow supports several languages for its whistleblower pages. These include the whistleblower’s portal with instructions on how to submit tips, update tip statuses, communicate with the Compliance team, and answer Frequently Asked Questions.

Every whistleblower can pick the language from the dropdown in the “Submit tip” tab of the portal. This setting will affect the user interface in other application tabs.

Whistle Willow admins can set a default whistleblower portal language in the Program settings:

This will be the default interface language of the whistleblower portal - the users can change it for their session using the dropdown in the “Submit tip” tab.

Is your language not listed?

We want all our customers to be able to deliver the best whistleblower program experience to their employees. Drop us a support ticket and ask for the translation, will make sure to ship it in the next release!

Will the admin pages be translated?

We currently don’t have it in our plans. At the same time, we commit to offering full translations of whistleblower-facing pages in all requested languages on short notice.

Whistle Willow turns your Jira Service Management (JSM) into a whistleblowing portal. For all customers with a JSM, Whistle Willow adds a link at the bottom of the Help Center page. This link is available to ALL users, regardless of whether they have a Jira or JSM license or are completely anonymous.

Clicking the link opens a standard Whistle Willow submission portal and also allows whistleblowers to follow up on their recent submissions and update their status.

For customers who don’t have JSM in their Atlassian product suite, Whistle Willow offers a public anonymous submission channel through a dedicated portal.

Whistle Willow JSM settings and customizations

By default, Whistle Willow submission portal is enabled for the Help Center page of your JSM. It can be enabled or disabled also for all or particular Portal page(s). Navigate to Whistle Willow in Jira → Program Settings.

To start accepting public submissions via the public Whistle Willow site (https://whistle-eu.suprchrgd.com/), a Whistle Willow administrator needs to enable them and trigger the generation of the encryption keys.

This is a very simple automated procedure that creates a unique pair of keys for your organization - public and private, that are used to secure whistleblowing tip submissions. The generation and configuration of underlying cryptographic algorithms are done automatically. Each tip is encrypted with your organization’s public key - and can only be read using the private key, which never ever leaves secure storage in Jira or Confluence.

By default, Whistle Willow creates two unique public submission portals - one for the EU, one for the US, to support regulations. Your organization can choose to use both or either of them. The data and runtime of these portals are hosted in their respective region.

You can share the links to public portal on your website, under Trust and Security page, or a dedicated Whistleblowing instructions page.

To enable public submissions

• Navigate to Whistle Willow app as admin

• Open the “Program Settings” tab

• Switch the toggle “Enable public submissions” to the enabled state:
  
  

• Click “Save submission settings”

• Reload the app

• A new section will appear - click “Generate / Regenerate keys”

That’s it! Your public submission pages are good to go! You can also customize them or even embed as <iframe>.

Whistle Willow allows full customization of text on the direct submission page for the organization.

Modify the fields under “Program Settings” → “Customizations for public submission pages”. They can be used to localize the page, add custom instructions or modify the default logo with a company one.

It is also possible to disable the report types dropdown on the submission page. In this case, all reports will be submitted as “General” type.

To save the customizations, scroll down to the “Save submission settings” button.