jelly2024
commented
1 year ago During the 2023 SOC 2 Readiness Assessment, the control's effectiveness and design were evaluated against relevant testing procedures. The design of the control was found satisfactory. During testing of the effectiveness of the control, it was identified that out of the 50 employees sampled, 14 employees did not sign or acknowledge the Code of Conduct Policy. This constitutes a control gap in the effectiveness of the control resulting in a needs improvement overall control rating.
The consequences of this control gap may include:
Increased risk of non-compliance with regulatory requirements and company policies.
Potential exposure to ethical or behavioral issues among the affected employees.
Diminished employee awareness of the organization's commitment to ethical conduct and corporate values.
A comprehensive Code of Conduct Policy is implemented to effectively communicate entity values and behavioral standards, ensuring that all employees acknowledge and sign it as a commitment to ethical conduct and adherence to organizational principles.