Study shows that non-compliance problems cost nearly three times as much as doing it properly from the start
Many companies view compliance programs as a headache — something they’re required to invest time and money in, but which produces little. A benchmark report from the United States shows that the opposite is the case. Investing in strong compliance programs saves money in the long run.
The research report by Ponemon Institute LLC in Traverse City, Michigan, examines the real costs, both of setting up a proper compliance program and of cleaning up the damage when proper programs have not been put in place. The study looked at 46 multinational organisations and interviewed 160 leaders.
The cost of compliance worked out to only about $222 per employee, while noncompliance costs averaged about $820 per employee.
“We learned that while the average cost of compliance for the organizations in our study is $3.5 million, the cost of non-compliance is much greater,” the report said. Cleaning up non-compliance problems averaged nearly $9.4 million.
Study cites 10 attributes of a strong compliance structure
The report also looked at the 10 attributes that lend the greatest support to a strong compliance structure. Many of them pertain to governance and oversight of the organization’s security initiatives.
Organizations need to anticipate how changing threats will affect their ability to comply with external, internal and contractual demands, the report said. “The implication for an organization that does not manage compliance risks with the right integrated and holistic response to data security and related compliance challenges are a decrease in revenue that results from both the loss of customer trust and loyalty and the inability to deliver services and products,” the report said.
The study, “The True Cost of Compliance,” is available online at Tripwire.com.
Doing more than keeping authorities at bay
Fast Track has long held that a good compliance program can be a strategic tool rather than merely a way to keep governing authorities at bay. That’s why we offer 11 different modules covering everything from documents to equipment inventories.
Why spend $820 per employee cleaning up a mess when it’s much cheaper to prevent the mess in the first place?
Bio:
Greg Carroll - Founder & Technical Director, Fast Track Australia Pty Ltd.
Greg Carroll has 30 years’ experience addressing risk management systems in life-and-death environments like the Australian Department of Defence and the Victorian Infectious Diseases Laboratories among others. He has also worked for decades with top tier multinationals like Motorola, Fosters and Serco.
In 1981 he founded Fast Track (www.fasttrack365.com) which specialises in regulatory compliance and enterprise risk management for medium and large organisations. The company deploys enterprise-wide solutions for Quality, Risk, Environmental, OHS, Supplier, and Innovation Management.
Mastering 21st Century Risk Management” which will be available from the www.fasttrack365.com website in a couple of weeks. Meanwhile a recent Webinar on the topic can be seen at http://www.youtube.com/watch?v=nQoJj6FBxrY&feature=youtu.be in which we show how emerging best practices provide a good picture for how enterprise risk management should look in the 21st century.