1
0
mirror of https://github.com/strongdm/comply synced 2024-12-25 23:01:37 +00:00
comply/themes/comply-soc2/narratives/organizational.md
2018-05-17 18:28:39 -07:00

72 lines
2.3 KiB
Markdown

name: Organizational Narrative
acronym: ON
satisfies:
TSC:
- CC1.2
- CC1.3
- CC1.4
- CC1.5
- CC3.1
- CC3.2
- CC3.3
majorRevisions:
- date: Jun 1 2018
comment: Initial document
---
# Organizational Narrative
The following provides a description of the corporate a management structure of {{.Name}}.
The intent of this description is to establish both the legal jurisdiction and corporate cultural norms that serve as the foundation for {{.Name}}'s compliance program.
# Entity Type
{{.Name}} is a Delaware C-Corporation headquartered in San Francisco, California. {{.Name}} was established in 1970.
# Integrity and Ethics
The Directors and Executives of {{.Name}} aspire to and demonstrate standards of ethics and integrity consistent with professional norms in American corporate environments.
Chief among these standards is a commitment to honesty in interactions with and among managers, directors, employees, contractors, customers, and other stakeholders.
# Board Independence
The Board of Directors appoints and oversees the Chief Executive Officer (CEO).
# Organizational Structure
{{.Name}} is composed of 7 primary divisions:
* Sales
* Marketing
* Manufacturing
* Research & Development
* Information Technology
* Human Resources
* Finance
Each division is led by a Vice President, who in turn reports to the CEO. A complete Organization Chart is maintained and distributed by Human Resources.
# Management Objectives
Work is distributed to each division via Objectives set by the respective division Vice President, in collaboration with the Chief Executive Officer.
# Risk to Objectives
{{.Name}} seeks to manage risk to Objectives through professional management strategies and tactics, including:
* Rigorous hiring practices
* Employee performance reviews
* Aligning compensation with objectives
* Regular communication of objectives by executive management
# Fraud Risk to Objectives
{{.Name}} acknowledges the possibility that fraud may imperil corporate objectives. {{.Name}} undertakes various activities to manage fraud risk, including:
* Conducting regular financial audits
* Adhering to financial control principles
* Investigating suspicious transactions
* Performing criminal background checks on all employees
* Maximizing the use of information technology in fraud detection