Review this exciting guide to some of the recent content additions to Practical Guidance, designed to help you find the tools and insights you need to work more efficiently and effectively. Practical Guidance...
By: Romaine Marshall and Jennifer Bauer , Polsinelli PC This article addresses the broad scope of artificial intelligence (AI) laws in the United States that focus on mitigating risk, and discusses the...
By: Bijan Ghom , Saxton & Stump This article addresses existing deepfake technology and covers topics such as the available platforms to both create and detect deepfakes and the best practices for...
By: Ellen M. Taylor , SLOAN SAKAI YEUNG & WONG LLP THIS ARTICLE ADDRESSES THE BROAD SCOPE OF artificial intelligence (AI) laws in the United States that focus on mitigating risk. AI-driven employment...
By: Jessica Bishop and Sarah Stothart , GOODMANS LLP This checklist provides an overview of key legal considerations attorneys should review when advising clients on negotiating and drafting contracts...
Copyright © 2025 LexisNexis and/or its Licensors.
Checklist provided by Stephen R. Martin, partner at Arnold & Porter Kaye Scholer LLP
This checklist includes key themes from the compliance program expectations of government regulators around the world and best practices broken into five essential elements of corporate compliance that should be present in every company’s compliance program: (1) Leadership; (2) Risk Assessment; (3) Standards and Controls; (4) Training and Communication; and (5) Monitoring, Auditing, and Response. This framework serves as the structure for the interview questions listed below. (This is a limited sample set of questions. Actual questions and follow-up queries posed in a risk assessment should be based on the scope and focus of the risk assessment, the company’s industry and/or business sector, the level and position of the interviewee, and information gathered from the review of internal documents.)
1. How would you evaluate or describe the tone at the top of the organization?
2. How does the company communicate about the compliance program and/or compliance values?
3. Does the company take compliance seriously? Are there adequate resources?
4. Does the company have an assessment process for identifying risks? Describe the process.
5. What types of compliance risks exist in the operating market(s)? How severe are these risks?
6. Do you agree or disagree with the top risks that have been identified by management?
7. How are the risks to the organization currently managed?
8. Are you familiar with the policies and/or procedures for the following transaction and/or activities? [Review of key activities or transactions based on the company profile.]
9. How would you evaluate or describe the company policies regarding compliance?
10. What type of training and/or communications do employees receive regarding compliance risks?
11. Was the training relevant to your job responsibilities and compliance risks? Are the training materials adequate?
12. Is there compliance messaging available in your office/location?
13. What is the culture of reporting issues in the workplace? Do you think people are generally comfortable doing so? Do you think employees fear exposure from, or retaliation due to, compliance reporting?
14. Has the company completed compliance audits? Please describe the process and significant audit findings.
15. When is senior management updated on legal compliance issues? Do they receive written reports or oral briefing? How frequently do updates occur?
RESEARCH PATH: Corporate Counsel > Compliance, Risk Assessment and Governance > Compliance Programs and Risk Assessment > Checklists