Community Health Alliance (CHA), a Nevada-based health center, was struggling with manual processes for policy management. The organization needed a robust policy management system to streamline policy distribution and identify potential risks. The existing manual clearance process was inefficient, with policies sitting on desks for months or getting lost. The lack of a robust system was posing a risk to the organization's compliance and overall performance.

The Concord Fire Department in Massachusetts was facing a challenge in managing its policies and procedures for various emergencies. The department had a need for a better system to manage these documents and ensure that all department employees were aware of the content of these policies and procedures. Additionally, the department needed to standardize its operating procedures. With four different groups at two stations, there were up to eight different ways of operating at a particular emergency scene. This lack of standardization was causing confusion and inefficiency during emergency responses.

Zespri International, a New Zealand-based kiwifruit exporter with operations across Europe, Asia, and the Americas, faced severe financial and legal repercussions when one of its importers was found guilty of duty evasion in China. The company's Chinese subsidiary was prosecuted as an accessory to the under-declaration of customs duties by a former importer. This led to an investigation, the imposition of significant fines on Zespri, imprisonment of a Zespri employee, and significant legal fees. Investigations revealed that trust and a lack of understanding were core factors. The incident also resulted in huge costs in terms of time and resources, with employees being interviewed, documents being requested multiple times, ongoing court cases taking employees away from their jobs, and media attention shining an unwanted spotlight on the company.

Auburn University was advised by an external auditor to outsource its employee hotline system. The university wanted to provide a system that could guarantee anonymity and increase employee confidence in reporting incidents. The previous system, an internally-operated phone number and recording device, was found to be unsuccessful. The university understood that confidence in the system would increase if it was managed outside of the institution.

Eggleston, a non-profit organization providing opportunities to people with disabilities, was facing challenges with its hotline reporting system. The system was cumbersome and outdated, relying heavily on paper processes. This made it difficult to effectively ensure the safety and security of their employees and the individuals they assist. Additionally, the organization wanted to maintain its exemplary accreditation via the Commission on Accreditation of Rehabilitation Facilities (CARF). The accreditation provides independent validation of their operations and offers assurance of Eggleston’s reliability as a partner to prospective clients, customers, investors, and regulatory bodies.

Fulton Financial Corporation, a part of the highly-regulated banking industry, had been using an internal system to meet federal requirements and identify potential risks early. However, this system did not instill confidence among employees, had limited functionality, and was difficult to staff. The company wanted to take a more proactive approach to risk, especially in the current economy where financial organizations are under increased pressure. They needed a new reporting system that would boost employee confidence and help mitigate risk.

Berry Gardens, a co-operative of British berry growers, was facing challenges in its reporting system. Traditional avenues of reporting, such as through line managers or HR representatives, or via suggestion boxes, were not providing the level of confidentiality and security required. Some employees felt uncomfortable reporting face-to-face, while the anonymity of suggestion boxes could not be guaranteed. The senior leadership team was looking for ways to improve the current processes and culture, focusing on enabling and encouraging confidential reporting to help maintain and improve the company's high ethical standards.

EnerSys, a global leader in stored energy solutions for industrial operations, recently deepened their commitment to Environmental, Social, and Governance (ESG) objectives. The management team hired an ESG team to accelerate the company's sustainability maturity curve. This decision was made to promote a responsible culture at EnerSys, and also aligned with the increasing expectations of the board of directors, investors, and customers from around the world. As a key part of their program, EnerSys needed to establish a baseline GHG footprint across 173 locations for reporting, analysis, site comparison, improvement planning, and commitment management. Standard PC software could not be reliably used to manage this process.

The fintech company was looking to expand into consumer-facing technology, but they had to address their processes for identifying, mitigating, and reducing risk. They had a strong internal audit program, but the issues identified were not getting the necessary attention across the organization. The management of risks associated with daily operational activities was weak, leading to low audit ratings. Stakeholders were concerned whether the business could make risk-based decisions necessary to safely implement cutting-edge fintech. The organization’s management committee charged their risk management function with building a traditional three-lines of defense program. This meant cultivating accountability and ownership at the first line of the business, where risks are introduced to the organization. It required standing up a true second-line defense reporting to the Chief Risk Officer. Most importantly, it necessitated a risk culture in which everyone is responsible for identifying and reporting issues.

Pratt Regional Medical Center (PRMC) is a nonprofit community hospital system that has served the county of Pratt, Kansas, for more than 60 years. It operates its own flagship hospital, supports two affiliates, and manages several physician practices around the region. Over the years, PRMC had accumulated more than 2,000 policies, managed in one shared drive with each department managing its own respective folder and policies. This approach led to difficulties in pulling policies together from multiple departments, or comparing policies from one department to another. Consistency was another challenge. The process for policy review — identifying policies coming up for renewal, making changes as necessary, getting proper review and approval in a timely manner — was cluttered and inefficient.

Bernhard Schulte Ship Management (BSM) faced the challenge of managing a diverse, non-permanent workforce that changes with contract timelines. This was particularly difficult on operating ships where resources, consistent online access and dedicated HR and whistleblowing management personnel are limited. The company needed a way to govern how these different backgrounds interacted and worked with each other, allowing people to voice concerns, raise safety issues and report misconduct easily. Additionally, regional requirements, including varied language support and contact information, had to be managed effectively.

Kerry Group was faced with the challenge of adapting to the new requirements of the EU Whistleblower Protection Directive. The company's internal legal function took over the speak-up program and the NAVEX account as a legal responsibility. They needed a new focus team to quickly understand the software and adapt the solution to meet new requirements. Another challenge was making resources available across their operations. The company wanted to go beyond standard directive requirements and provide documentation for the system across all languages used in the business, including online, external and offline resources. Finally, there was little to no visibility over the progress of whistleblowing cases, which made it difficult to measure improvements, case-type volumes over time or to report in detail where areas of concern lay.

The medical device manufacturer was struggling with a lack of insight into IT risks, siloed information, and inefficient audit preparation. The company’s IT security team was not equipped to manage risks and comply with audits. Essential information was difficult to track down, often stored in emails or individual spreadsheets. The company managed web application assessments, penetration tests and vulnerabilities as separate efforts. Reporting was manual and cumbersome, so risks were rarely visible to leadership. Audits were labor-intensive tasks that required collecting data from different departments and it took weeks of preparation before external auditors arrived. The medical device manufacturer needed a unified way to collect information, report on potential risks and streamline the audit process.

Before implementing PolicyTech, St. Joseph’s relied on personal drives, shared drives, and binders containing the various policies and procedures. This led to version control issues and inefficiencies, as well as duplicative work. The organization also faced unique policy challenges due to its specific nature. The lack of a centralized system led to silos between departments and a lack of transparency. Team members were often working on the same thing without knowing it, leading to unnecessary duplication of efforts.

In 2017, after the acquisition by TICO, Vanderlande and other group business entities needed to launch a new speak-up program that would meet the needs of a scattered and role-diverse workforce. The company had to ensure that the local entities could meet the regulatory requirements, such as those in the EU Whistleblower Protection Directive. There were also cultural challenges to overcome. For example, speaking up in Europe is largely seen as ‘doing the right thing’, but is often less so in Asia Pacific or the Middle East.

Before transferring to NAVEX EthicsPoint, Currys had no case management system, working from an online reporting platform and manually downloading spreadsheets into an Excel tracking table – a time-consuming manual process. The Compliance Team, which manages and monitors Currys whistleblowing cases, needed a modernized system that would streamline, save time, and add GDPR security when dealing with reports. In addition, Currys’ old whistleblowing system had no automatic functions reporting on enhanced data analytics, limiting the Compliance Team in its effectiveness and efficiency of tracking case types, numbers, potential areas of concern, and topic trends.

In 2020, Qiddiya were looking for a compliance training solution that would be delivered to all employees as part of their essential training. They needed a solution that could be delivered online for all to access, with an inbuilt management information and tracking feature which would prompt employees to complete their training, measure and audit the completion rates. The management information informs the company’s compliance program objectives and supports their compliance and internal audit activities.

URS handles hundreds of highly important and confidential documents daily. The main concerns amongst senior directors were typically around the need for confidentiality - files and folders that only individual teams and senior management should access. URS needed a solution that made these files available to the relevant team members of management, with options for various downloadable formats. In terms of employee management, senior teams needed to verify when employees read documents. It was especially important to ensure employees were aware of their responsibilities, obligations and if they understood them, not only as an internal requirement, but also as a law requirement in terms of labour legislation. A business could face fines if it cannot prove that its staff have read and understood policy documents. In addition, the human resources team required visibility to effectively manage the team, understand when service issues occurred and have the flexibility to access the platform whenever needed.

Before implementing an incident reporting system, DP World relied on collecting reports submitted by email or through a phone line based at the company headquarters in Dubai. Calls were answered in English or Arabic, but with employees speaking dozens of languages across many time zones, the company needed a scalable solution that could be implemented with consistency globally. The old setup did not address the whistleblower’s needs, or the internal information needed for incident reporting. The company was essentially capturing reports in an unformatted email or documenting from a phone call that may not even be answered because it was not staffed 24/7/365.

The enterprise software developer, a small company with about 85 employees, set a goal to achieve ISO 27001 certification. This certification sets the standard for information security and requires a sustainable information security management system (ISMS) that can comply with all seven ISO 27001 categories. The company knew that using spreadsheets for compliance would not be sufficient due to the rigorous requirements of the certification. The Chief Technology Officer (CTO) was leading the project and needed a technology solution to build an ISMS capable of earning ISO certification.

Castolin Eutectic, an industrial Maintenance and Repair technology company, needed a more holistic view of its compliance strategy. The company required a new code of conduct, compliance with the incoming EU Whistleblowing Directive, and an ESG framework to effectively manage how it measures multiple important factors. The company's most recent code of conduct was outdated and needed a new version that complied with regulations and would overcome barriers between regions. Castolin Eutectic was also in need of an incident management platform, as required by the EU Whistleblowing Directive. The challenge was finding a cultural fit across different regions, as not every market felt it would be suitable. Other parts of this revamp were to educate employees about ethics and compliance, to improve the organization’s culture and for its compliance suite to be effective.

The South Carolina School Boards Insurance Trust (SCSBIT) was facing several challenges due to its growth and the increasing demands of the insurance market. With more members joining, the amount of data that needed to be managed was growing exponentially. The insurance market was also requiring additional information like COPE and Secondary COPE data for each building on the property schedule. This additional data could potentially lead to lower rates. However, managing this data was becoming a challenge, especially since it was being shared via spreadsheets among multiple users. This method of data management was proving to be inefficient and prone to errors.

The Metro Transit system of St. Louis City, St. Louis County and St. Clair County faced many maintenance and reliability challenges that affected service. In addition to too many breakdowns, Metro also faced severe reliability problems with its bus engines. This was the turning point when Metro decided to change the purchase of its bus engines. The most critical maintenance elements affected by this change were the efforts required to maintain fleet engines and transmission reliability. In 2003, Metro adopted AssetWorks FleetFocus to integrate all of the preventative maintenance scheduling, predictive maintenance forecasting, parts data, and other maintenance metrics that the property needed to measure.

As the city of Oxnard, California grew, so did its fleet. The city’s Fleet Services Division is responsible for acquisition, disposal, fueling, maintenance, and repair of the City’s $34 million vehicle and equipment fleet. The fleet is comprised of over 900 vehicles and maintained by 32 technicians. Prior to 2004, the city was relying on a homegrown database with paper work orders. This system was inefficient and lacked historical data. The technicians were also responsible for researching and ordering parts, which was a time-consuming process that took away from their main task of maintaining the fleet vehicles.

The University of Colorado (UC Boulder) operates a motor pool as part of its overall fleet structure. The motor pool serves the many employees of the University who rely on the pool vehicles for anything from short trips around the university to longer term rentals for research trips. However, motor pool vehicles were only available for customers to pick up and drop off Monday through Friday between 8am and 5pm, which was inconvenient for many people who depend on the motor pool service. Customers had to make a request via fax or email which was then processed manually by a Transportation Services staff member. The customer also recorded an odometer reading which was manually input into FleetFocus by the Transportation Services staff member. UC Boulder wanted a solution that would reduce manual entry, improve accuracy and expand service.

In 2006, the State of Utah set an ambitious goal of increasing the state’s overall energy efficiency by 20% by the year 2015. This goal had dramatic implications for all the state agencies, especially its major energy consumers; the Division of Fleet Operations. Fleet Operations is charged with handling State vehicle acquisition, repair, preventive maintenance, surplus, and fueling for those vehicles, as well as offering a daily rental option for state employees needing to complete official state business. Fleet Operations provides support for over sixty agencies including the Department of Transportation, Department of Corrections, the National Guard and all of Utah’s state universities and colleges, totaling some 7,500 vehicles. In 2007, the Utah State Legislature passed House Bill 110 titled “State Fleet Efficiency Requirements” which covers a three-fold objective from the Governor and Legislature: Reduce fleet costs or increase energy efficiency, Improve air quality in Utah by decreasing the carbon output from the state vehicles, Contribute to a general decreased United States dependency on foreign oil.

The State of Oklahoma’s Fleet Management Division was using fuel cards that lacked controls, making it possible for employees to purchase non-authorized items. Employees were required to submit paper reports that had to be manually reconciled with the monthly fuel card bill. This was labor intensive for both the employee cardholders and the administrative team responsible for reconciling the bills. Any discrepancies had to be investigated manually, and due to the delay in time between the purchase and the monthly bill, it was often hard for employees to provide information about the purchases in question.

King County Metro Transit, located in Washington State, is committed to environmentally healthy and energy-wise transportation. The agency has been using AssetWorks FleetFocus™ fleet management software to manage its fleet since the late 90s. However, in 2005, Metro Transit decided it was time to gain even more control over its fuel and fluid usage to prevent waste, theft and the possibility of running out of fuel while en route. They needed a state of the art automated system that accurately tracked fuel and fluids in real-time to look for anomalies and source problems before they cost the agency money.

Gwinnett County, Georgia, is home to over 750,000 residents and has been one of America’s fastest-growing counties for the past twenty years. The Gwinnett County Fleet Management Division is responsible for providing the most efficient and cost-effective support, maintenance, and operation of all Gwinnett County vehicles, associated equipment, and fueling sites. The fleet management department owns and maintains over 2,700 vehicles utilized for road maintenance, parks and public services, police protection and other government business. In addition to the vehicles and equipment in Gwinnett County’s fleet, Gwinnett County provides fuel for over 5,500 vehicles including the Board of Education, the Health Department, Gwinnett Medical Center, the Gwinnett Library System and the cities located inside Gwinnett County. The challenge was to manage these vehicles and fuel consumption in an efficient and cost-effective manner.

The City of Columbus, recognized as one of the best managed fleets in the country, was looking for ways to improve their fleet operations. They had already implemented GPS functionality on approximately 2,500 vehicles, ranging from light duty city vehicles to large bat wing mowers. However, they were looking for ways to leverage this technology to further improve their operations. They were particularly interested in monitoring vehicle location, geofence monitoring, and collecting telematic data such as diagnostic trouble codes, vehicle speeds, and idling times. The challenge was to analyze this data and identify areas where improvements could be made.