freddykrugerDelve – Fake Compliance as a Service
https://deepdelver.substack.com/p/delve-fake-compliance-as-a-service
80% of Compliance has always been a performative box checking exercise.
They delivered the product that every company wanted - make the box checking faster.
> 80% of Compliance has always been a performative box checking exercise.
You're making the same mistake as most people do: it's 80% box checking but that doesn't make it performative, the box checking is here so that the dude who checked the box become legally responsible for what's happening if they haven't done what they said they did.
If you didn't check that box you could always claim you didn't know you weren't supposed to do what you did. As soon as you've checked “yes, I'm doing things in the approved way”, this excuse disappears.
> the box checking is here so that the dude who checked the box become legally responsible for what's happening if they haven't done what they said they did.
Maybe so, but how often are small companies actually sued for compliance survey misrepresentations? My most positive look at such surveys, after filtering out all the nonsense, is sometimes they flag something we've missed in our self-directed efforts.