By submitting your email address, you agree to receive emails regarding relevant topic offers from TechTarget and its partners. You can withdraw your consent at any time. Contact TechTarget at 275 Grove Street, Newton, MA.
Is compliance really necessary?
The old observation that breaking the law only matters to those who get caught somehow comes to mind in regard to this question, which I sincerely hope isn't serious. The same school of thought that drives compliance should, in fact, also drive the answer to this question -- namely, that corporate or organizational activity should be driven by a formal risk assessment and by careful application of risk management techniques. Though some risks may be improbable enough, or their consequences insignificant enough, to be worth ignoring (and paying for the fallout if and when those risks are realized), the risks that adhere to regulatory and standards compliance usually weigh heavily enough in terms of the costs and consequences involved in ignoring or disobeying them that the answer to the question is simply "Yes." That's because most of the law that backs such regulations involves stiff enough penalties for the individuals and organizations that will be held responsible for such behavior that the cost of compliance is less than those other costs.