On The Hotline -- Security Today

On The Hotline

By Kathleen Kotwica
Mar 05, 2008

Historically, corporations have struggled to accurately assess hotline performance because they had nothing to compare it to. They could collect data on their own hotlines to see how many reports had been received and what action had been taken based on those reports.

But with no way of knowing how those numbers stacked up against those of comparable organizations, they couldn’t draw any reliable conclusions about the quality of their hotlines and reporting programs.

For the second year in a row, the Security Executive Council has joined forces with The Network Inc., the leading provider of ethics and compliance hotline programs in the U.S., to create the 2007 Corporate Governance and Compliance Hotline Benchmarking Report, which provides more extensive hotline benchmarking data. The 2007 report breaks out the data by industry and by year, and it presents several data points in the form of rates instead of percentages, which controls for data variations between industries and business sizes.

The report is based on an analysis of more than 277,000 hotline incident reports from more than 650 organizations across all major industries over a fiveyear period. Participants -- or those who made reports -- may be employees, former employees, vendors and the public. The data was masked to protect confidentiality. Findings that accounted for aggregated frequencies across five years included:

For those reports where case outcome was provided, most reports (65 percent) were serious enough to warrant an investigation and 45 percent resulted in corrective action taken.
The research showed that half of the reports received concerned personnel management incidents. Beyond the personnel management category, company/professional code violations (16 percent), employment law violations (11 percent) and corruption and fraud (10 percent) were the most commonly reported incidents regardless of industry. Aggregated rate data for 2006 only included:
A rate of 8.3 incidents was reported per 1,000 employees overall (regardless of incident type).
Smaller organizations showed a general decrease of incidents reported over time. Mid-sized and larger companies showed a general increase of reported incidents over time

Develop A Plan

But even with all these improvements, like any other report, the value of this study lies not just in the data, but in what can be done with that data.

First, comparing the numbers alone won’t provide you with a complete picture of your hotline’s performance. Unless you look beyond the numbers to consider all the potential explanations of why your program varies from the average, you’ll still be missing critical insights that could change the whole direction of your program assessment.

For example, after reading the report’s assessment of reporting rates, you determine that your organization, given its size, should be receiving eight to nine calls per 1,000 employees.

You are only receiving three per every 1,000.This result may be an indication that your organization has far fewer compliance issues than its peers and competitors.

While that may be so, it is not the only possible explanation. You’d likely receive fewer calls than average if company employees were being intimidated by their managers into keeping mum about misconduct concerns. Or, perhaps your awareness program isn’t what it should be.

Once you have studied the benchmark data presented here and considered why your numbers are higher or lower in various categories, share what you have found with your partners in other business units. Internal Audit is no longer the only player in compliance and misconduct. Many of the issues examined in this study will impact Human Resources, Legal, IT, and Corporate Security and Safety, among other departments.

Organize a team with representatives from every affected business unit to pinpoint the problems or accomplishments behind the numbers and determine how to correct any shortfalls.

After you’ve determined what actions should be taken, present your findings to management and explain how you intend to use the report to help better calibrate your hotline program. Show management that you’ve organized a collaborative effort to improve performance and tell them what you are doing with the information you have acquired.

Protecting brand image, people, organizational growth and stakeholder confidence are at the roots of what should be driving how you measure the success of your program.

Securitas Technology Releases 2026 Global Technology Outlook Report
10/15/2025
HID Signs Agreement to Acquire IDmelon, Expand Passwordless Authentication Capabilities
10/15/2025
Convergint Opens New U.S. Headquarters
10/13/2025
ONVIF to End Support for Profile S, Recommends Profile T as Replacement
10/09/2025
Totem Achieves Immix Central Station Certification Status
10/09/2025
SIA Names Yazmina Rawji as 2025 SIA Progress Award Honoree
10/07/2025
SIA Announces Names Martin Gren as 2025 George R. Lippert Memorial Award Honoree
10/07/2025
LocklyPRO Strengthens Sales Leadership Team With Two Industry Veterans
10/07/2025

Featured

Report: AI is Supercharging Old-School Cybercriminal Tactics

AI isn’t just transforming how we work. It’s reshaping how cybercriminals attack, with threat actors exploiting AI to mass produce malicious code loaders, steal browser credentials and accelerate cloud attacks, according to a new report from Elastic. Read Now
- Cybersecurity
Pragmatism, Productivity, and the Push for Accountability in 2025-2026

Every year, the security industry debates whether artificial intelligence is a disruption, an enabler, or a distraction. By 2025, that conversation matured, where AI became a working dimension in physical identity and access management (PIAM) programs. Observations from 2025 highlight this turning point in AI’s role in access control and define how security leaders are being distinguished based on how they apply it. Read Now
- Access Control
- Artificial Intelligence
Report: Cyber Attackers Continue to Turn to AI-Based Tools to Avoid Detection

Comcast Business recently released its 2025 Cybersecurity Threat Report, a comprehensive analysis of 34.6 billion cybersecurity events detected between June 1,2024 and May 31, 2025. Now in its third year, the report offers business leaders a unique perspective into the evolving threat landscape and provides actionable insights to help organizations strengthen their defenses and align cybersecurity with business risk. Read Now
- Artificial Intelligence
- Cybersecurity
Axis Communications Creates AI-powered Video Surveillance Orchestra

What if cameras could not only see the world, but interpret it—and respond like orchestra musicians reading sheet music: instantly, precisely, and in perfect harmony? That’s what global network technology leader Axis Communications set to find out. Read Now
- Artificial Intelligence
Just as Expected

GSX produced a wonderful tradeshow earlier this week. Monday was surprisingly strong in the morning, and the afternoon wasn’t bad at all. That’s Monday’s results and asking attendees to travel on Sunday. Just a quick hint, no one wants to give up their weekend to travel and set up an exhibit booth. I’m just saying. Read Now
- Industry Events
- GSX

Security Today eNews

Sign up today for essential industry news and product information that can help you stay afloat in the fast-paced world of security.

Email Address*Country*

Please type the letters/numbers you see above.

Webinars

Whitepapers

New Products

PE80 Series by SARGENT / ED4000/PED5000 Series by Corbin Russwin

ASSA ABLOY, a global leader in access solutions, has announced the launch of two next generation exit devices from long-standing leaders in the premium exit device market: the PE80 Series by SARGENT and the PED4000/PED5000 Series by Corbin Russwin. These new exit devices boast industry-first features that are specifically designed to provide enhanced safety, security and convenience, setting new standards for exit solutions. The SARGENT PE80 and Corbin Russwin PED4000/PED5000 Series exit devices are engineered to meet the ever-evolving needs of modern buildings. Featuring the high strength, security and durability that ASSA ABLOY is known for, the new exit devices deliver several innovative, industry-first features in addition to elegant design finishes for every opening.
Camden CM-221 Series Switches

Camden Door Controls is pleased to announce that, in response to soaring customer demand, it has expanded its range of ValueWave™ no-touch switches to include a narrow (slimline) version with manual override. This override button is designed to provide additional assurance that the request to exit switch will open a door, even if the no-touch sensor fails to operate. This new slimline switch also features a heavy gauge stainless steel faceplate, a red/green illuminated light ring, and is IP65 rated, making it ideal for indoor or outdoor use as part of an automatic door or access control system. ValueWave™ no-touch switches are designed for easy installation and trouble-free service in high traffic applications. In addition to this narrow version, the CM-221 & CM-222 Series switches are available in a range of other models with single and double gang heavy-gauge stainless steel faceplates and include illuminated light rings.
Unified VMS

AxxonSoft introduces version 2.0 of the Axxon One VMS. The new release features integrations with various physical security systems, making Axxon One a unified VMS. Other enhancements include new AI video analytics and intelligent search functions, hardened cybersecurity, usability and performance improvements, and expanded cloud capabilities