Skip to form
First name
*
Last name
*
Email
*
Company name
*
How would you describe the level to which compliance related processes are defined?
*
Please Select
Processes are non-existent or being established
Processes are defined and documented
Workflows are mapped out for each process
Employees and stakeholders are trained on and understand processes
Best is class processes that are measured for effectiveness and evolve over time
How would you describe the level of resources and autonomy of the compliance organization at your company?
*
Please Select
The compliance organization is under funded and over managed
The compliance organization is advocating for additional funding
The compliance organization has the funding to get the job done but oversight still exists
The compliance resources are considered a critical line item
The compliance organization is well funded and the team acts in its own capacity
How would you describe the level of connected technology that supports the compliance organization?
*
Please Select
Some processes are automated, others are manual
Each compliance process has its own system
Some processes leverage the same technology
All processes are connected through integrations
All processes exist in an integrated system
How would you describe the level of analytics and reporting of the compliance organization?
*
Please Select
Data is siloed and difficult to report on
Data is analyzed manually on an adhoc basis
Relevant data is accessible by those who need it
All compliance data is in a single system
Real time dashboards provide meaningful insight that drive appropriate responses
How would you describe the business value offered by your compliance organization?
*
Please Select
Compliance organization is seen as a reactive problem solver
Compliance organization ensures compliance with regulations
Compliance organization is trusted by the executive team to lead ethics, compliance and risk for the company
Compliance organization regularly presents updates at board meetings
Compliance organization is seen as a high level strategic business advisor
How would you describe the level of regulatory updates provided by your compliance organization?
*
Please Select
Compliance organization is not concerned with keeping up with regulations or industry standards
Compliance organization handles regulations and industry standards on an adhoc or one off basis
One or more people in the compliance organization are dedicated to monitoring regulatory updates
One or more people in the compliance organization plus technology to aid are dedicated to monitoring regulatory updates
One or more people proactively analyze new opportunities emerging from new regulations and apply them to the business
How would you describe the level of collaboration between compliance and business in your organization?
*
Please Select
Minimal collaboration
Ad hoc: Compliance and Ops teams work together when they absolutely have to
Periodic: Operational teams have realized the need to include compliance in some decisions (e.g. designing controls). Regular meetings between compliance and operations.
Partnership: Compliance and Ops teams work in partnership. Risks are discussed upfront and the compliance perspective is factored into all key business decisions.
Embedded: The principle of "compliant by design" is implemented at all times
How would you describe the level of controls testing provided by your compliance organization?
*
Please Select
May or may not have controls; don't spend time making sure controls are effective
Some controls have been implemented but controls are not tested
Some controls are tested but there is not a pre-defined standard that is applied to all tests
The team has defined success and failure in to their controls and collected evidence. Testing parameters for controls are defined ahead of time in order to determine if evidence adheres to stated policies or not
Controls testing is automated to the greatest extent possible. Notification of test failure is automated
How would you describe the level of evidence collection provided by your compliance organization?
*
Please Select
May have some evidence, not trying to manage it
No standardized process to collecting evidence; evidence collected is on an ad-hoc basis
Has a logical system for collecting evidence (could be file storage on a cloud/shared drive)
Has implemented a compliance system of record to manage program and streamline evidence collection
Has implemented a compliance system of record to manage program with automated evidence collection and testing for compliance to policy
Submit