Interesting Statistics on Compliance Costs

There were some interesting statistics in a Sarbanes Oxley Compliance Journal article yesterday regarding the costs of compliance for various regulations.

"According to Gartner, the average company spends $2 million on SOX, and Accenture says the average bank will spend $61 million on Basel II over the next couple of years."

"Despite the investment being made in compliance, companies are still failing to meet requirements. In fact, only 18% of hospitals and health systems can prove compliance with HIPAA security regulations, according to the AHIMA, and Gartner says two-thirds of all companies found material weakness in controls this year, with audit deficiencies expected to double until 2008."

"Each case of fraud costs companies an average of $15,000, and IT departments spend about 175 hours on remediation after a security incident. Corporations can be held liable, leading to legal debt and other related expenses. Additionally, brand damage resulting from waning consumer trust can cause huge losses in revenue. According to Gartner, by 2006, 20-30% of Global 1000 companies will suffer exposure due to privacy mismanagement. The costs to recover from these mistakes could range from $5-20 million per incident. In addition to legal risks, intellectual property leakage, such as shared trade secrets or pre-announced products, can cost companies millions in lost profits."

Technorati Tags


Basel II




Leave a Reply