Skip to content ↓ | Skip to navigation ↓

This is the fourth and final blog in my series of Understanding the Cost of Compliance, and I’ll discuss the per capita cost of compliance and non-compliance. The True Cost of Compliance report estimates the cost of compliance to be $3.5M and the cost of non-compliance to be $9.3M. In my conversations with practitioners, I’ve found that they’re better able to benchmark themselves if they utilize the per capita cost of compliance findings.

A few outcomes that become apparent when we look at this graph:

  1. Per capita costs are significantly higher for smaller organizations
  2. Larger organizations can take advantage of economies of scale — per capita cost is much lower
  3. The gap between compliance cost and non-compliance cost is much larger in smaller organizations — four times larger in organizations that have less than 1,000 employees versus one and a half times as much for organizations with more than 75,000 employees.

As we’ve discussed in previous posts, organizations experience both compliance and non-compliance costs. The goal is to utilize compliance investments to help improve security effectiveness.

Hasta pronto!