Hi,
No procedure needed, for what it's worth, we run a simple excel sheet where we evaluate risks to impartiality and confidentiality using a matrix, each risk is graded on likelihood and impact and actions implemented to minimize or eliminate the risk are also stated in the matrix, you can password protect the file and set a field with those participating in the evaluation and the date, next audit you can show "email" updates (when adding or updating stuff) for evidence and the last date and names on the protected file as evidence of continuous evaluation.