#177 – NON-COMPLIANCE PROBLEMS COST 3X MORE THAN A STRONG COMPLIANCE PROGRAM – GREG CARROLL

team-carroll-150x150Study shows that non-compliance problems cost nearly three times as much as doing it properly from the start.

Many companies view compliance programs as a headache — something they’re required to invest time and money in, but which produces little. A benchmark report from the United States shows that the opposite is the case. Investing in strong compliance programs saves money in the long run.

The research report by Ponemon Institute LLC in Traverse City, Michigan, examines the real costs, both of setting up a proper compliance program and of cleaning up the damage when proper programs have not been put in place. The study looked at 46 multinational organisations and interviewed 160 leaders.

The cost of compliance worked out to only about $222 per employee, while noncompliance costs averaged about $820 per employee.

“We learned that while the average cost of compliance for the organizations in our study is $3.5 million, the cost of non-compliance is much greater,” the report said. Cleaning up non-compliance problems averaged nearly $9.4 million.

Study cites 10 attributes of a strong compliance structure

The report also looked at the 10 attributes that lend the greatest support to a strong compliance structure. Many of them pertain to governance and oversight of the organization’s security initiatives.

Organizations need to anticipate how changing threats will affect their ability to comply with external, internal and contractual demands, the report said. “The implication for an organization that does not manage compliance risks with the right integrated and holistic response to data security and related compliance challenges are a decrease in revenue that results from both the loss of customer trust and loyalty and the inability to deliver services and products,” the report said.

The study, “The True Cost of Compliance,” is available online at Tripwire.com.

Doing more than keeping authorities at bay

For example, one of the key things we’ve learned in designing and deploying our software, Fast Track, is  that a good compliance program can be a strategic tool rather than merely a way to keep governing authorities at bay.

Why spend $820 per employee cleaning up a mess when it’s much cheaper to prevent the mess in the first place?

Leave a Reply

Your email address will not be published. Required fields are marked *