Companies aren't changing their ways in reaction to scandals, cyberattacks
- A new Navex Global report shows that companies worldwide are slow to train leaders on avoiding corporate disasters and scandals. Navex, an ethics and compliance services company, says that many employers aren't making changes, despite sexual harassment claims and cyber attacks dominating employment news.
- The report found that 25% of employers don't have a budget just for compliance training. Ninety-three percent aren't even trying to demonstrate ROI from training and just 25% of directors are getting training in cybersecurity or data privacy after WannaCry and other attacks. Board members also are undertaking less training.
- Navex says some of the indicators showing less training might stem from a small group of companies offering data-driven training aimed at only leaders who need it. The report shows that 31% of organizations are combining training with data taken from their policy management and incident management systems.
Corporate scandals and disasters should trigger more training to prepare for — and possibly prevent — such incidents. Organizations can learn invaluable lessons from Wells Fargo, Uber, the WannaCry security crisis and other corporate failings.
By spearheading training, HR can present itself as a strategic partner thinking about long-term business goals. HR is in a good place to take the lead in steering organizations toward more ethical standards of operating. Setting policies for conduct and enforcing them is critical from CEOs to the lowest-level employees.
Employees should be encouraged to report misconduct and security breaches from both inside and outside their organizations. And establishing reporting systems that keep whistle-blowers safe from identification and retaliation is critical.