jelly2024
commented
1 year ago During the 2023 SOC 2 Readiness Assessment, the control's effectiveness and design were evaluated against relevant testing procedures. The design of the control was found satisfactory. During testing of the effectiveness of the control, it was identified that out of the 50 employees sampled, 14 employees did not sign or acknowledge the Code of Conduct Policy. This constitutes a control gap in the effectiveness of the control resulting in a needs improvement overall control rating.
Control gap implications:
Increased risk of non-compliance with regulatory requirements and company policies.
Potential exposure to ethical or behavioral issues among the affected employees.
Diminished employee awareness of the organization's commitment to ethical conduct and corporate values.
Employees are required to electronically acknowledge upon hire indicating that they have been given access to the corporate policies and understand their responsibility for adhering to the entity’s commitments.