Regulatory compliance was cited as a driver for security investments by 40% of respondents in the March 2009 OWASP Security Spending Benchmarks Project Report. This reflects one of the drivers for the development of industry, state, and federal regulations the confidentiality and integrity of customer data. Most businesses do not list compliance among their core competencies. Organizations should assess their compliance obligations. Once determined, governance tools should be implemented to manage these obligations effectively, says TruArx VP of Product Management Chris Noell.”]
Source: https://www.csoonline.com/article/2137089/compliance-management-challenges—incomplete-coverage.html