What is Your Compliance Tax?

Quantify the financial impact of your software compliance efforts

Software compliance is a financial and logistical burden. If done incorrectly, it can incur large legal and regulatory fees, and result in lost developer time and talent retention issues.

Your Compliance Tax: How to Understand the Financial Impact of Your Software Compliance Efforts

Proving compliance involves:

  • Assessing the current state of the software delivery lifecycle

  • Asserting that the process and digital assets are in compliance with both internal and regulatory controls

  • Providing the evidence that supports that assertion

Resources spent on compliance + opportunity cost = compliance tax

This process requires ample dedicated time from team members, all of whom could be focused on driving value elsewhere. The sum of resources spent, financial and otherwise, combined with the opportunity cost, could be equated to a compliance tax all organizations in highly regulated industries pay.

Assessing the compliance tax: A real-world example

CloudBees recently explored the real-world cost of the compliance tax at a global banking customer that devotes 100 employees full time to proving software compliance. This is how it was calculated:

Fully burdened cost of labor: $16.8 million

The average salary was $140,000, but the fully burdened cost added 20% to that figure, bringing it to $168,000 per employee. That equated to a total labor cost of $16.8 million for 100 workers.

Opportunity cost: $33.6 million

The bank expected each employee to deliver twice their fully burdened cost in value. This amounted to $336,000 per worker for a total of $33.6 million.

Compliance tax: $50.4 million

The compliance tax comprised the fully burdened labor cost ($16.8 million) added to the opportunity cost ($33.6 million), bringing us to a total compliance tax of $50.4 million.



Compliance Tax Whitepaper

Read the report to find out what your compliance tax costs you and ways to reduce that burden across the software development lifecycle (SDLC) with automation.

Stop Counting CVEs

Watch the demo to see how CloudBees Compliance uses a corporate-wide compliance catalog to declaratively state what is safe, compliant, and secure in the organization.

C-Suite Security Survey

Read the report to learn about the state of enterprise security with input from 500 executives.

Talk to a Compliance Expert

Learn how CloudBees Compliance answers what risks must be addressed, the effectiveness of your controls, and the impact of those risks on your critical business services and applications.