The LRN ethics and compliance risk management practices report
The LRN ethics and compliance risk management practices report
The LRN ethics and compliance risk management practices report
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
2008 DETAILED RESULTS<br />
DEFINE<br />
1. Is your <strong>ethics</strong> <strong>and</strong> <strong>compliance</strong> <strong>risk</strong> assessment process integrated with other <strong>risk</strong><br />
assessment processes within your enterprise<br />
Nearly 9 out of 10 enterprises conduct <strong>ethics</strong> <strong>and</strong> <strong>compliance</strong> <strong>risk</strong> assessments.<br />
Respondents<br />
Yes 58%<br />
No 19%<br />
Don't know 10%<br />
We do not perform 13%<br />
Ethics & Compliance Risks Integrated with ERM Program<br />
We do not perform<br />
Managers<br />
Function 2008<br />
Compliance 6300%<br />
Legal 6200%<br />
Internal Audit 5900%<br />
Executive Team 5600%<br />
Human Resources 5100%<br />
Board of Directors 4700%<br />
Finance 4400%<br />
Business managers 4100%<br />
Ethics 3900%<br />
IT 3800%<br />
Data Privacy 3400%<br />
Risk Office 2300%<br />
External Auditors 2200%<br />
Consultants 1400%<br />
Managers Involved in Risk Assessments%Respondents<br />
Under 5,000 4200%<br />
Over 10,000 5600%<br />
Top Ethics <strong>and</strong> Compliance Risks %Respondents<br />
Electronic Data Protection 5200%<br />
Data Privacy 4700%<br />
Intellectual Property 3200%<br />
Environment Health <strong>and</strong> Intellectual Property 3000%<br />
FCPA <strong>and</strong> Anti-bribery 2700%<br />
Sexual Harassment 2600%<br />
Export Controls 2300%<br />
Conflicts of interest 2100%<br />
Supply Chain 2000%<br />
Insider Trading 1600%<br />
Frequency of Conducting Risk Assessments Respondents<br />
Annually 144 39%<br />
Periodically as part of audit 90 25%<br />
No formal or set schedule 51 14%<br />
More than once a year 34 9%<br />
I do not know 28 8%<br />
Less than once a year 17 5%<br />
365<br />
Using information from Risk Assessment%Respondents<br />
Share findings 7100%<br />
Rank findings 5100%<br />
Apply findings to programs 4300%<br />
Map findings 3200%<br />
Ethics & Compliance Risks Integrated with ERM Program<br />
Don't know 1000%<br />
Other metrics 300%<br />
We do not perform<br />
Don’t know<br />
No<br />
10%<br />
19%<br />
13%<br />
% Respondents<br />
Only 12% of respondent companies do not perform <strong>risk</strong> assessments, nearly unchanged<br />
since 2007. <strong>The</strong> lifecycle Frequency of a comprehensive, of Conducting Risk effective Assessments <strong>risk</strong> <strong>management</strong> <strong>and</strong> mitigation<br />
program must begin with underst<strong>and</strong>ing <strong>and</strong> measuring <strong>risk</strong>s. Integrating the assessment<br />
Less than once a year<br />
with other business processes especially boosts its effectiveness, given that <strong>ethics</strong> <strong>and</strong><br />
I do not know<br />
<strong>compliance</strong> concerns now filter down into nearly every department <strong>and</strong> operation of<br />
enterprises. Conducting More holistic than <strong>risk</strong> 8% assessments 5% in conjunction with financial auditing,<br />
once a year<br />
manufacturing, marketing, sales, 9% IT, <strong>and</strong> other functions ensures that a more complete range<br />
of <strong>risk</strong>s are identified <strong>and</strong> correlated to <strong>ethics</strong> <strong>and</strong> 40% <strong>compliance</strong> Annually concerns as necessary.<br />
Disappointing in these No formal results or is the 14% fact that nearly 2 in 10 companies (19%) still do not<br />
integrate their <strong>risk</strong> assessments<br />
set schedule<br />
with other business processes. Among the potential<br />
explanations of this fact can be: the <strong>ethics</strong> 25% <strong>and</strong> <strong>compliance</strong> function has only recently been<br />
created, a budget shortage, or an industry-specific rationale that precludes the need to integrate.<br />
Periodically as<br />
part of audit<br />
2. What Functions are involved in the Ethics <strong>and</strong> Compliance Risk Assessment<br />
% Respondents<br />
A wide range of functions may be involved in <strong>risk</strong> assessments, though four<br />
typically lead the field.<br />
58%<br />
Managers Involved in Risk Assessments<br />
Yes<br />
100%<br />
42%<br />
Under 5,000<br />
employees<br />
Electronic Da<br />
Intelle<br />
Environment Health <strong>and</strong> Intelle<br />
FCPA an<br />
Sexu<br />
E<br />
Conf<br />
13%<br />
Map <strong>risk</strong>s according to:<br />
% Respondents<br />
Don’t know<br />
Specific employees or groups 2900%<br />
10%<br />
Other metrics 1100%<br />
56%<br />
80%<br />
60%<br />
40%<br />
No<br />
19%<br />
58%<br />
Yes<br />
42%<br />
20%<br />
Using 0% information from Risk Assessment<br />
Ranking findings according to: % Respondents<br />
Probability of occurrence 4400%<br />
Monetary value 2700%<br />
Other metrics 2100%<br />
% Respondents<br />
Under 5,000<br />
employees<br />
Over 100% 10,000<br />
employees<br />
80%<br />
% Respondents<br />
60%<br />
71%<br />
Top Risk Assessment Challenges % Respondents<br />
Inadequate Frequency resources of Conducting Risk Assessments 4700%<br />
Obtaining accurate/ quantifiable info 3500%<br />
Conducting a global assessment 2600%<br />
Analyzing <strong>and</strong> applying Less the findings than once a year 2000%<br />
Insufficient technology 2000%<br />
No I do significant not know challenges 1200%<br />
Don't know 800%<br />
40%<br />
51%<br />
<strong>LRN</strong> | 2008 Ethics <strong>and</strong> Compliance Top Risk Ethics Management <strong>and</strong> Compliance Practices RisksReport 32% | 23<br />
43%<br />
20%<br />
10%<br />
% Respondents<br />
0%<br />
3%
![[link to PDF] for a copy of the briefing paper - Directors & Boards](https://img.yumpu.com/43729022/1/190x245/link-to-pdf-for-a-copy-of-the-briefing-paper-directors-boards.jpg?quality=85)
Change language