Organizations that don’t write policies with flexible enough language to account for business and technology changes are setting themselves up for failure. Organizations need to work to not only future-proof internal policy documents, but also to align current security practices with sometimes outdated regulations. The buck stops at IT’s doorstep when it comes to carrying out compliance objectives, many fail because line-of-business executives and the legal department aren’t looped into the process. The biggest mistake is biting off more than the organization can chew.”]
Source: https://www.darkreading.com/compliance/seven-mistakes-that-make-compliance-efforts-fail