Code of Conduct Training: What to Include and How to Do It
What is code of conduct training? 6 topics to cover, how to create a program, delivery methods, and how to make it effective at a growing business.
Code of Conduct Training
What to cover, how to deliver it, and why it matters at every company size
At a previous company, we had a code of conduct. It was a 14-page document that every employee signed during their first week. Nobody read it. I know because when a conflict-of-interest issue surfaced eight months later, the employee involved said: "I did not know that was against policy." He had signed the acknowledgment. He had not understood what he signed.
That is the difference between having a code of conduct and having code of conduct training. The document defines the rules. The training ensures people understand them, can apply them to real situations, and know what to do when they see violations. This guide covers what code of conduct training should include, the six topics every program needs, how to create and deliver training that actually changes behavior, and how often to repeat it. I built training modules and document management into FirstHR because code of conduct training requires both delivering content and collecting signed acknowledgments, and most growing businesses need a single system that handles both.
What Is Code of Conduct Training?
Code of conduct training is structured employee education that covers the behavioral, ethical, and legal standards employees are expected to follow. It goes beyond handing someone a document: it explains what the rules mean, shows how they apply to real workplace situations, and ensures employees know how to report violations.
The code of conduct guide covers how to write the document itself. This guide covers how to train employees on it effectively.
Why Code of Conduct Training Matters
Code of conduct training matters for three reasons, each of which is independently sufficient to justify the investment.
First, legal protection. When an employee files a harassment complaint and the employer cannot demonstrate that the employee received anti-harassment training, courts treat this as evidence that the employer did not take prevention seriously. Research from SHRM emphasizes that documented training is a critical component of an employer's affirmative defense. Six states (CA, CT, DE, IL, ME, NY) mandate anti-harassment training by law, but even in states without mandates, training significantly reduces legal exposure.
Second, behavioral standards. A code of conduct that employees have not been trained on is a document nobody follows. Training transforms abstract policies into concrete expectations: not "act with integrity" but "if a vendor offers you tickets to a game, here is what you do." The compliance training guide covers the broader legal training landscape.
Third, culture protection. At growing businesses, culture is fragile. Every new hire either reinforces or dilutes the existing culture. Code of conduct training explicitly communicates "this is how we operate here" to every person who joins. Without it, cultural norms are transmitted informally, inconsistently, and sometimes incorrectly. Research from the Work Institute shows that cultural fit issues are a significant driver of early turnover.
6 Topics Every Code of Conduct Training Should Cover
Regardless of industry or company size, effective code of conduct training covers six core topics. Not every topic requires equal depth: prioritize based on your industry, your regulatory requirements, and the issues most likely to arise at your company.
How to Create a Code of Conduct Training Program
Creating code of conduct training does not require an external compliance vendor or a dedicated L&D team. It requires your code of conduct document, real scenarios from your business, and 90 minutes of structured delivery.
| Step | What to Do | Time Investment |
|---|---|---|
| 1. Identify your core topics | Select which of the six topics apply to your business. All six are relevant for most companies, but depth varies by industry. | 30 minutes |
| 2. Write real scenarios | For each topic, create 1-2 scenarios based on situations that have actually happened or could realistically happen at your company. | 1-2 hours |
| 3. Structure the training session | For each topic: state the rule (2 min), present the scenario (3 min), discuss as a group (5 min). Total: 10 min per topic, 60-90 min for all six. | 30 minutes |
| 4. Prepare acknowledgment | Create a document that employees sign confirming they received and understood the training. Include the date, topics covered, and a statement of understanding. | 15 minutes |
| 5. Schedule delivery and refreshers | Train new hires within 30 days. Schedule annual refreshers. Add to the calendar now. | 15 minutes |
Total setup time: approximately 3 to 4 hours for the first time. Annual refresher updates take 1 to 2 hours (update scenarios, add new policies, remove outdated content). The SOP guide covers how to document the training process so any manager can deliver it consistently.
Delivery Methods for Code of Conduct Training
| Method | Best For | Pros | Cons |
|---|---|---|---|
| Live session (in-person or video) | Initial training, small teams (5-30 people) | Interactive, allows questions, most effective for behavior change | Requires scheduling, manager time commitment |
| Self-paced online modules | Annual refreshers, distributed teams, compliance documentation | Scalable, trackable, employees complete at own pace | Less interactive, lower engagement without discussion component |
| Hybrid (online module + live discussion) | Companies with 20-100 employees | Combines scalability with interactivity. Employees review content first, then discuss in a group. | Requires more planning |
| Third-party compliance courses | Industry-specific requirements (HIPAA, FCPA), state-mandated training | Expert content, legally validated, updated automatically | Cost per employee ($20-$75), may not reflect your specific policies |
For most growing businesses, the practical approach is live sessions for initial training (where discussion matters most) and self-paced modules for annual refreshers (where scalability matters more). The HR technology guide covers how training delivery tools fit within the broader tech stack.
How Often to Conduct Code of Conduct Training
| Timing | What to Cover | Format |
|---|---|---|
| First 30 days (new hires) | Full training: all six topics with company-specific scenarios and acknowledgment signature | Live session (90 min) or hybrid |
| Annual refresher | Updated scenarios, new policies, reinforcement of key points. Focus on topics where incidents occurred. | Self-paced module (30-60 min) + brief group discussion |
| After policy changes | New or updated policies only. Explain what changed, why, and what employees need to do differently. | Email notification + brief module (15-30 min) |
| After incidents | Relevant topic only. No need to name the specific incident. Reinforce the standard and reporting process. | Team meeting or targeted module (15-30 min) |
| Promotion to management | Supervisor-specific responsibilities: recognizing violations, handling reports, modeling behavior, additional legal requirements | Live session (60 min) |
The HR rules and regulations guide covers state-specific training frequency requirements, particularly for anti-harassment training where renewal periods vary.
Common Mistakes in Code of Conduct Training
Five mistakes that turn code of conduct training from a protective measure into a liability. Each one is avoidable.
Frequently Asked Questions
What is code of conduct training?
Code of conduct training is structured employee education that covers the behavioral and ethical standards employees are expected to follow at work. It includes topics like anti-harassment, conflicts of interest, confidentiality, reporting procedures, and professional communication standards. The training ensures employees understand not just the rules but why they exist, how they apply to real situations, and what to do when they see violations.
Is code of conduct training legally required?
The code of conduct itself is not federally mandated, but several components within it are legally required. Anti-harassment training is mandatory in California, Connecticut, Delaware, Illinois, Maine, and New York. Data privacy training (HIPAA, PCI DSS) is required for employees handling sensitive information. Anti-bribery training is required under FCPA for companies with international operations. Even where not legally required, code of conduct training significantly reduces legal liability in harassment and discrimination lawsuits.
How often should code of conduct training be conducted?
At minimum, train during onboarding (first 30 days) and annually thereafter. Additional training should occur when the code of conduct is updated, after a workplace incident that relates to the code, when employees are promoted to management (supervisors often need additional training), and when laws change that affect your policies. Annual refreshers prevent the training from fading into forgotten paperwork.
What should a code of conduct training program include?
Six essential topics: anti-harassment and discrimination (what it is, how to report it), conflicts of interest (financial, personal, and professional conflicts and disclosure requirements), confidentiality and data privacy (handling sensitive information), workplace communication standards (email, social media, representing the company), reporting and whistleblower protections (how to report violations safely), and gifts and anti-bribery (what employees can accept, documentation requirements). Each topic should include real-world examples relevant to your specific business.
How long should code of conduct training take?
Initial training during onboarding should take 1 to 2 hours, covering all six core topics with examples and discussion. Annual refresher training can be shorter, 30 to 60 minutes, focusing on updates, new scenarios, and reinforcement of key points. Anti-harassment training has specific duration requirements in some states: California requires 2 hours for supervisors and 1 hour for non-supervisory employees.
What is the difference between a code of conduct and a code of ethics?
A code of conduct defines specific behavioral rules: what employees should and should not do in concrete situations (gift acceptance limits, social media policies, harassment reporting procedures). A code of ethics defines broader principles and values: integrity, fairness, respect, accountability. The code of ethics is the 'why.' The code of conduct is the 'how.' Most companies combine both into a single document, but the training should cover both the principles and the specific rules.
How do you make code of conduct training effective?
Three practices separate effective training from checkbox exercises. First, use real scenarios from your industry instead of generic examples. Second, make the training interactive: discussion, case studies, and questions rather than a passive document review. Third, demonstrate that leadership follows the same code: employees pay attention to what leaders do, not what the training says. A code of conduct that leadership visibly ignores is worse than no code at all.
Do small businesses need code of conduct training?
Yes. Small businesses face the same ethical and legal risks as large companies, often with less infrastructure to handle them. A harassment complaint at a 15-person company does not receive a gentler legal standard than one at a 15,000-person company. Code of conduct training establishes expectations, provides reporting mechanisms, and creates documentation that protects the business. The training does not need to be elaborate. A 90-minute session covering the six core topics with your company-specific examples is sufficient.