Leading ethics and compliance software and services company NAVEX Global® announces the release of its 2017 Ethics & Compliance Policy & Procedure Management Benchmark Report. The survey data shows an increasing embrace of automated policy management systems – even as some organisations are still slow in adopting a more proactive approach to policies. Comment Carrie Penman, Chief Compliance Officer – NAVEX Global.
The findings from over 1,100 respondents globally – nearly half of whom are senior managers or members of the C-suite – show organisations using purpose-built, commercially available policy management software are overwhelmingly more satisfied with each aspect of their policy management process. This is in contrast to organisations using manual or internally developed software systems that leave managers less satisfied. Nineteen percent of respondents said their organisations have no budget for policy management and an alarming 25 percent do not use any sort of technology in managing policy-focused procedures and documentation.
“Given the evolving regulatory and societal environment in many countries, the stakes are high when it comes to managing policies and procedures in a way that supports both legal requirements and desired workplace culture,” said Carrie Penman, Chief Compliance Officer, NAVEX Global. “Policies and procedures are the de facto documentation of what an organisation believes and how it operates. A robust policy management system is just as important as any other operational system an organisation has in place.”
Thirty-one percent of survey respondents said they have a dedicated policy and procedure management system and another 21 percent said they will be implementing a centralised system in the next 12 months. Senior managers, when asked why they invested in purpose-built policy management software, most frequently cited centralised policies and procedures, document management and versioning of all improved employee access and audit trails.
Sixty-five percent of respondents said their organisations had some level of automation, with 53 percent saying their programmes are maturing – i.e., becoming more automated – and 12 percent calling their programmes advanced. Seventy percent of respondents who used automated, purpose-built policy management systems said they were satisfied with the solution, while only 29 percent of those using a generic document management solution were satisfied.
“Some organisations use document management software as a repository for policies,” Penman said. “Our findings show these organisations tend to be far less satisfied with their policy management capability compared to those that make the investment in a purpose-built software system. Comprehensive, enterprise-wide policy management is a critical part of every thoughtful compliance programme. It is becoming too important and complex to manage on spreadsheets and through email.”
Other findings in this year’s report include: Training employees on policies was identified as the top challenge for policy management, followed by addressing legal compliance amid changing regulations and improving version control; Nearly half of organisations (44 percent) feel they have avoided legal action or reduced costs due to their policy management programme; Organisations that use a commercially developed policy management software are more likely to keep detailed records on all policies (74 percent compared to 44 percent of organisations that have no centralised solution, or that use a non-commercial centralised solution). Managing the Code of Conduct (65 percent), HR documents (62 percent) and IT security (60 percent) are the most common areas organisations want to automate.