On The Hotline

  • By Kathleen Kotwica
  • Mar 05, 2008

Historically, corporations have struggled to accurately assess hotline performance because they had nothing to compare it to. They could collect data on their own hotlines to see how many reports had been received and what action had been taken based on those reports.

But with no way of knowing how those numbers stacked up against those of comparable organizations, they couldn’t draw any reliable conclusions about the quality of their hotlines and reporting programs.

For the second year in a row, the Security Executive Council has joined forces with The Network Inc., the leading provider of ethics and compliance hotline programs in the U.S., to create the 2007 Corporate Governance and Compliance Hotline Benchmarking Report, which provides more extensive hotline benchmarking data. The 2007 report breaks out the data by industry and by year, and it presents several data points in the form of rates instead of percentages, which controls for data variations between industries and business sizes.

The report is based on an analysis of more than 277,000 hotline incident reports from more than 650 organizations across all major industries over a fiveyear period. Participants -- or those who made reports -- may be employees, former employees, vendors and the public. The data was masked to protect confidentiality. Findings that accounted for aggregated frequencies across five years included:

  • For those reports where case outcome was provided, most reports (65 percent) were serious enough to warrant an investigation and 45 percent resulted in corrective action taken.
  • The research showed that half of the reports received concerned personnel management incidents. Beyond the personnel management category, company/professional code violations (16 percent), employment law violations (11 percent) and corruption and fraud (10 percent) were the most commonly reported incidents regardless of industry. Aggregated rate data for 2006 only included:
  • A rate of 8.3 incidents was reported per 1,000 employees overall (regardless of incident type).
  • Smaller organizations showed a general decrease of incidents reported over time. Mid-sized and larger companies showed a general increase of reported incidents over time

Develop A Plan

But even with all these improvements, like any other report, the value of this study lies not just in the data, but in what can be done with that data.

First, comparing the numbers alone won’t provide you with a complete picture of your hotline’s performance. Unless you look beyond the numbers to consider all the potential explanations of why your program varies from the average, you’ll still be missing critical insights that could change the whole direction of your program assessment.

For example, after reading the report’s assessment of reporting rates, you determine that your organization, given its size, should be receiving eight to nine calls per 1,000 employees.

You are only receiving three per every 1,000.This result may be an indication that your organization has far fewer compliance issues than its peers and competitors.

While that may be so, it is not the only possible explanation. You’d likely receive fewer calls than average if company employees were being intimidated by their managers into keeping mum about misconduct concerns. Or, perhaps your awareness program isn’t what it should be.

Once you have studied the benchmark data presented here and considered why your numbers are higher or lower in various categories, share what you have found with your partners in other business units. Internal Audit is no longer the only player in compliance and misconduct. Many of the issues examined in this study will impact Human Resources, Legal, IT, and Corporate Security and Safety, among other departments.

Organize a team with representatives from every affected business unit to pinpoint the problems or accomplishments behind the numbers and determine how to correct any shortfalls.

After you’ve determined what actions should be taken, present your findings to management and explain how you intend to use the report to help better calibrate your hotline program. Show management that you’ve organized a collaborative effort to improve performance and tell them what you are doing with the information you have acquired.

Protecting brand image, people, organizational growth and stakeholder confidence are at the roots of what should be driving how you measure the success of your program.

Featured

  • New Report Reveals Top Security Risks for U.S. Retail Chains

    Interface Systems, a provider of security, actionable insights, and purpose-built networks for multi-location businesses, has released its 2024 State of Remote Video Monitoring in Retail Chains report. The detailed study analyzed over 2 million monitoring requests across 4,156 retail locations in the United States from September 2023 to August 2024. Read Now

  • Gaining a Competitive Edge

    Ask most companies about their future technology plans and the answers will most likely include AI. Then ask how they plan to deploy it, and that is where the responses may start to vary. Every company has unique surveillance requirements that are based on market focus, scale, scope, risk tolerance, geographic area and, of course, budget. Those factors all play a role in deciding how to configure a surveillance system, and how to effectively implement technologies like AI. Read Now

  • 6 Ways Security Awareness Training Empowers Human Risk Management

    Organizations are realizing that their greatest vulnerability often comes from within – their own people. Human error remains a significant factor in cybersecurity breaches, making it imperative for organizations to address human risk effectively. As a result, security awareness training (SAT) has emerged as a cornerstone in this endeavor because it offers a multifaceted approach to managing human risk. Read Now

  • The Stage is Set

    The security industry spans the entire globe, with manufacturers, developers and suppliers on every continent (well, almost—sorry, Antarctica). That means when regulations pop up in one area, they often have a ripple effect that impacts the entire supply chain. Recent data privacy regulations like GDPR in Europe and CPRA in California made waves when they first went into effect, forcing businesses to change the way they approach data collection and storage to continue operating in those markets. Even highly specific regulations like the U.S.’s National Defense Authorization Act (NDAA) can have international reverberations – and this growing volume of legislation has continued to affect global supply chains in a variety of different ways. Read Now

Most   Popular

Featured Cybersecurity

Webinars

New Products

  • QCS7230 System-on-Chip (SoC)

    QCS7230 System-on-Chip (SoC)

    The latest Qualcomm® Vision Intelligence Platform offers next-generation smart camera IoT solutions to improve safety and security across enterprises, cities and spaces. The Vision Intelligence Platform was expanded in March 2022 with the introduction of the QCS7230 System-on-Chip (SoC), which delivers superior artificial intelligence (AI) inferencing at the edge. 3

  • ResponderLink

    ResponderLink

    Shooter Detection Systems (SDS), an Alarm.com company and a global leader in gunshot detection solutions, has introduced ResponderLink, a groundbreaking new 911 notification service for gunshot events. ResponderLink completes the circle from detection to 911 notification to first responder awareness, giving law enforcement enhanced situational intelligence they urgently need to save lives. Integrating SDS’s proven gunshot detection system with Noonlight’s SendPolice platform, ResponderLink is the first solution to automatically deliver real-time gunshot detection data to 911 call centers and first responders. When shots are detected, the 911 dispatching center, also known as the Public Safety Answering Point or PSAP, is contacted based on the gunfire location, enabling faster initiation of life-saving emergency protocols. 3

  • A8V MIND

    A8V MIND

    Hexagon’s Geosystems presents a portable version of its Accur8vision detection system. A rugged all-in-one solution, the A8V MIND (Mobile Intrusion Detection) is designed to provide flexible protection of critical outdoor infrastructure and objects. Hexagon’s Accur8vision is a volumetric detection system that employs LiDAR technology to safeguard entire areas. Whenever it detects movement in a specified zone, it automatically differentiates a threat from a nonthreat, and immediately notifies security staff if necessary. Person detection is carried out within a radius of 80 meters from this device. Connected remotely via a portable computer device, it enables remote surveillance and does not depend on security staff patrolling the area. 3