Information to help you stay informed of current compliance trends.




We have a whole library of complimentary resources to help you navigate the complex world of compliance.


+ What is GRC? I thought you offered compliance services. What’s the difference?

A well-rounded compliance program is more than developing policies and procedures and internal controls. GRC is an acronym that stands for governance, risk, and compliance. These are interdependent areas of oversight that reduce companies’ exposure to fines and lawsuits. Riddle Compliance provides numerous solutions that extend well beyond a basic compliance program. Please request a consultation for more information about our services.

+ My company recently added CCO to my title. I am now General Counsel and CCO and have no idea where to start?

Compliance advising is not legal advice. Riddle Compliance encourages companies to separate business and legal functions from compliance programs to fully harness the value of the function within an entity. The compliance department is the “referee” at a company. Its function is more of a management role, not legal. Riddle Compliance understands this distinction. For this reason, we provide pragmatic solutions and processes that can be immediately implemented to prevent regulatory and/or ethical oversights.
It should be noted that the compliance department works closely with the legal department. These two functions, when operating optimally, are independent segments of a business. Companies often merge the two departments together without fully understanding the value and need of separation. Riddle Compliance is here to detangle the web of ambiguity and to provide workable solutions to fulfill your company’s needs.

+ General Counsel handles the transactional work, is a compliance program really needed?

Absolutely! Riddle Compliance does not provide legal advice. Our programs and services have been designed to complement companies’ legal departments. We specialize in developing business practices, processes and controls that keep organizations compliant with corporate and external mandates.

+ We would like to facilitate a program to assess our business partners and vendors. Can Riddle Compliance assist?

Yes. Riddle Compliance can provide a host of vendor management solutions including pre-qualification controls, vendor codes of conduct, field visits, interviews, and a host of other services. Business partners and vendors play a huge role in a business’ operation. Companies must be confident that their business partners, subcontractors, vendors and third parties comply with both legal requirements and company policies. It is often difficult to dedicate company resources to vendor management without a clear plan. Riddle Compliance can assist with program development and facilitation.

+ We’re a small operation and the CEO hates the idea of long, mundane policies and procedures. We need policies that are succinct but efficient.

Riddle Compliance prides itself on tailoring its compliance offerings to meet the demands and culture of our clients. We follow a workflow when drafting policies. This workflow consists of a meeting with executives and managers to gauge a company’s corporate culture. Once this is acquired, Riddle Compliance cultivates a vision for the underlying project and an appropriate execution plan. This includes creating non-conventional or conventional policies and procedures.

+ We’re great at running a profitable business, and we understand our clientele, so what are best business practices?

All companies are faced with regulatory challenges and a host of workplace issues that require proper handling and proactive planning. Best business practices are processes that have been implemented and tested within a given industry. Riddle Compliance harnesses these processes when formulating compliance protocols and controls. In short, even a profitable business requires implementation of strategies to prevent fines and lawsuits.

+ There is no compliance testing or monitoring function at our company, what should we do?

Micro-audits and full-scale monitoring and audit controls are pertinent aspects of a dynamic compliance program. These systems allow companies to identify on-going problems while constantly refining their processes. Each of our clients receives a formal schedule of assessments and audits when they contract with us.

+ Our CCO needs assistance and she has also made mention of retiring in the near future.

We provide interim compliance support and full-scale outsourced solutions to companies that need assistance. We pick up the pieces when support staff or compliance executives resign or if budget restrictions place limitations on hiring.

+ Our HR Department handles internal investigations and reports findings to General Counsel and outside counsel. How can you assist?

Riddle Compliance can perform impartial investigations in conjunction with legal departments and human resources. Our services are tailored to meet the needs of each client. However, internal investigations are more effective when facilitated by an unbiased party without a stake or influence in the underlying company. We provide a roadmap for investigations that includes fact-finding, data gathering, and interviews. Internal investigations may be a huge part of litigation and regulatory evaluations, so it is important to facilitate these assessments efficiently.

+ I keep hearing about cyber-security threats, privacy, and network security issues. Does Riddle Compliance specialize in these areas?

Riddle Compliance manages cyber security threats by performing an initial risk assessment to properly evaluate a company’s network and infrastructure. Riddle Compliance works with multiple companies that specialize in cyber security, attack trends, and penetration tests. After a risk assessment is performed, Riddle Compliance will make relevant recommendations based on any impairments that were discovered. We will then provide a corrective action plan and make suggestions that utilize internal resources and expert vendors to remedy any risks.

+ I’m not sure what services my company needs, but our compliance program is lackluster at best.

Riddle Compliance performs a broad analysis prior to providing services to each new client. This assessment functions as a strategic plan. All external and internal risks are considered during this analysis. In addition, corporate resources are assessed to ensure efficient execution of all recommendations produced during the planning stage. Riddle Compliance will only offer services that add value to your organization and current operation. If your organization is uncertain about its needs or regulatory requirements, Riddle Compliance can help.

+ We’re a small company and prefer to focus on growth, not compliance or licensing issues. Can you assist?

Riddle Compliance can provide a virtual compliance department or outsourced compliance services. Both options afford companies a hassle-free opportunity to focus on operations instead of using limited corporate resources. Our comprehensive solutions are customized to meet your organization’s needs and requirements. Please request a consultation for more details.