Friday, February 26, 2021
Corporate Compliance Insights
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Articles
    • See All Articles
    • NEW: COVID-Related
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Leadership and Career
  • Vendor News
  • Jobs
    • Compliance & Risk
    • Information Security
  • Events
    • Webinars & Events
    • Submit an Event
  • Downloads
    • eBooks
    • Whitepapers
  • Podcasts
  • Videos
  • Subscribe
No Result
View All Result
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Articles
    • See All Articles
    • NEW: COVID-Related
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Leadership and Career
  • Vendor News
  • Jobs
    • Compliance & Risk
    • Information Security
  • Events
    • Webinars & Events
    • Submit an Event
  • Downloads
    • eBooks
    • Whitepapers
  • Podcasts
  • Videos
  • Subscribe
No Result
View All Result
Corporate Compliance Insights
Home GRC Vendor News

55% of Organizations Unaware of Policy Violations in their Own Enterprise, Reveals MetricStream Research Survey

by Corporate Compliance Insights
December 12, 2017
in GRC Vendor News
violation word graphic

Over 260 organizations across 15 industries were surveyed by MetricStream Research to evaluate key trends in policy management

November 29, 2017 | Palo Alto, California: MetricStream, the independent market leader in Governance, Risk, and Compliance (GRC) Apps and Solutions, today announced the results of its latest survey, “What Makes an Effective Policy Management Program?” The survey evaluated 260+ organizations across 15 industries to understand the ways in which organizations create, manage, and communicate policies, the challenges they face, and the types of tools and technologies used to support policy management.

A recent surge in corporate governance scandals—including sexual harassment and money laundering allegations at various companies—underscore the importance of robust policy management programs to keep errant behaviors in check. Many organizations have written policies in place, but much more is required to ensure that those policies are adhered to across the enterprise. To build a pervasive culture of ethics and risk-intelligent behavior, organizations need to ensure that their policies are communicated effectively, and updated regularly in line with regulatory and business changes. Moreover, policy compliance and violations need to be tracked on an ongoing basis and addressed proactively.

Against this backdrop, MetricStream Research surveyed organizations across five key areas: policy management challenges, policy management program structure, policy communication and training, managing policy exceptions, and the technology used to manage policies.

Key findings from this research include:

  • The majority of organizations (55%) are unaware of policy violations that may have occurred
  • While only 24% of organizations use policy management software, the benefits they enjoy are significant. Of these organizations:
    • 21% take less than a month to develop and publish a policy from scratch
    • 70% do not consider it challenging to author and distribute policies, or provide training
    • 60% encountered less than 50 policy violations in the last year
  • 80% of organizations using policy management software on a GRC platform take less than 3 months to author and publish policies, compared to only 55% of organizations using pure-play policy management software
  • 42% of organizations that require employees to attest to certain policies encountered less than 50 policy violations.
  • 59% of organizations that have mapped their policies to risks and compliance requirements do not consider it challenging to update polices as regulations evolve.
  • The majority of organizations that use standardized policy templates (62%) take less than a quarter to develop and roll out a new policy.

“Our survey findings indicate that an integrated and consistent approach to policy management can yield significant benefits,” remarked French Caldwell, Chief Evangelist, MetricStream. He continued, “Those surveyed who have mapped policies to risk and compliance requirements, have integrated training into policy management programs, or are using policy management software on a GRC platform are able to create and communicate policies faster, update them effectively, and minimize compliance violations.”

To access the report, click here.

About MetricStream

MetricStream, the independent market leader in enterprise and cloud applications for Governance, Risk, Compliance (GRC) and Quality Management, makes GRC simple. MetricStream apps improve business performance by strengthening risk management, corporate governance, regulatory compliance, vendor governance, and quality management for hundreds of thousands of users in dozens of industries, including Financial Services, Healthcare, Life Sciences, Energy and Utilities, Food, Retail, CPG, Government, Hi-Tech and Manufacturing. MetricStream is headquartered in Palo Alto, California, with an operations and R&D center in Bangalore, India, and sales and operations support in 12 other cities globally.

Media Contact:

Molly Palm

US: +1 (925) 451-1468

pr@metricstream.com

 


Previous Post

Beyond Transparency for AI: Justification is Essential for Risk Management

Next Post

Q&A with Steven Grimes and Robb Adkins of Winston & Strawn LLP

Corporate Compliance Insights

Related Posts

red paper plane breaking rank from white paper planes

Diligent to Become Largest Global GRC SaaS Company Through Galvanize Acquisition

February 24, 2021
gold cup award on red background with stars

Ethisphere Announces the 2021 World’s Most Ethical Companies

February 23, 2021
hands fitting puzzle pieces together on yellow background

LexisNexis® Risk Solutions and Accuity Join Operations

February 18, 2021
concept next generation technology

NICE Launches Next-Gen Compliance Solution

February 1, 2021
Next Post
Q&A header

Q&A with Steven Grimes and Robb Adkins of Winston & Strawn LLP

Access realtime data
Addressing systemic racism in the workplace SAI Global
Dynamic Risk Assessments with Workiva
Top 10 Risk and Compliance Trends

Special Coverage

Special COVID page graphic

Jump to a Topic:

anti-corruption anti-money laundering/AML Artificial Intelligence/A.I. automation banks board of directors board risk oversight bribery CCPA/California Consumer Privacy Act Cloud Compliance communications management Coronavirus/COVID-19 corporate culture crisis management cyber crime cyber risk data analytics data breach data governance decision-making diversity DOJ due diligence fcpa enforcement actions financial crime GDPR GRC HIPAA information security KYC/know your customer machine learning monitoring ransomware regtech reputation risk risk assessment Sanctions SEC social media risk supply chain technology third party risk management tone at the top training whistleblowing
No Result
View All Result

Privacy Policy

Follow Us

  • Facebook
  • Twitter
  • LinkedIn
  • RSS Feed

Category

  • CCI Press
  • Compliance
  • Compliance Podcasts
  • Cybersecurity
  • Data Privacy
  • eBooks
  • Ethics
  • FCPA
  • Featured
  • Financial Services
  • Fraud
  • Governance
  • GRC Vendor News
  • HR Compliance
  • Internal Audit
  • Leadership and Career
  • Opinion
  • Resource Library
  • Risk
  • Uncategorized
  • Videos
  • Webinars
  • Whitepapers

© 2019 Corporate Compliance Insights

No Result
View All Result
  • Home
  • About
  • Articles
  • Vendor News
  • Podcasts
  • Videos
  • Whitepapers
  • eBooks
  • Events
  • Jobs
  • Subscribe

© 2019 Corporate Compliance Insights