“The True Cost of Compliance” study done by Ponemon Institute and sponsored by Tripwire. Payment Card Industry Data Security Standard deemed to be “most important” in terms of influence and “most difficult to comply with” Study: Costs related to “business disruption, reduced productivity, fees, penalties and other legal and non-legal settlement costs” pile up when legal and regulatory compliance goals are not met. Internal compliance audits seem to be worth it, according to the Ponemon report. The highest compliance cost (average $341) is associated with organizations that do not conduct any internal compliance audits.”]