Why is it important to be compliant?
Compliant companies follow industry regulations and implement regulatory standards for data security, privacy protection, and confidentiality.
Digging into the compliance section at Amazon is not an optional extra. Companies that fail to comply face massive penalties or even criminal prosecutions. Compliance also promotes robust security and improves business processes—giving companies a crucial competitive advantage.
Every employee should be aware of compliance. However, compliance books target senior management and security experts. Anyone responsible for handling customer data or defending against cyberattacks should expand their compliance library.
Top compliance books for beginners and professionals
Compliance is a complex and constantly evolving field. It's also a minefield for poorly informed businesses. Fortunately, a busy community of expert writers interprets regulations and simplifies the compliance challenge.
We don't have space to list every manual or think-piece here, but the following compliance books are well worth consulting:
Governance, Risk Management, and Compliance: It Can't Happen to Us—Avoiding Corporate Disaster While Driving Success
Intentional Integrity: How Smart Companies Can Lead an Ethical Revolution
How to Be a Wildly Effective Compliance Officer
The Business Guide to Effective Compliance & Ethics
Fully Compliant
A Concise Guide to HIPAA Compliance
The Risk-Based Approach to Data Protection
Big Breaches: Cybersecurity Lessons for Everyone
How To Pay A Bribe: Thinking Like a Criminal to Thwart Bribery Schemes
Governance, Risk Management, and Compliance: It Can't Happen to Us—Avoiding Corporate Disaster While Driving Success
Author: Richard M. Sternberg
Steinberg founded Pricewaterhouse Cooper's Strategic Risk Services division and has become one of America's leading risk consultants. This text primarily aims at senior executives and managers. It provides a general introduction to risk management from a boardroom perspective.
Steinberg's book is a how-to guide for designing compliant processes and leadership structures. There's no better way to learn about integrating gold-standard risk management practices into your business organization.
Intentional Integrity: How Smart Companies Can Lead an Ethical Revolution
Authors: Robert Chesnut and Joan O'C. Hamilton
Wouldn't it be great if every business had an incentive to meet industry regulations and act like a model citizen? Experience suggests that many companies fail to live up to these ideals. But Chesnut argues that's a mistake. The future belongs to businesses that uphold stellar compliance records and drive an "ethical revolution."
Chesnut is an expert on Silicon Valley, and he knows about dubious morals. However, things can change for the better. This book is a clear-eyed guide to a world where companies with poor data protection or security records are shamed and punished.
Readers will find inspiration in Chesnut's advice about building an enterprise-wide ethical culture. And they will also come away with plenty of nuggets about improving corporate governance and how to join the ethical elite.
How to Be a Wildly Effective Compliance Officer
Author: Kristy Grant-Hart
Grant-Hart is the CEO of Spark Compliance and a regular winner of Women in Compliance awards. This short primer targets compliance officers. Distilling all of her experience, Grant-Hart provides invaluable advice about persuading colleagues and shaping corporate culture.
This isn't one of those dust-dry compliance books that overwhelm readers with statistics. Grant-Hart specializes in motivation. Readers will close the book feeling energized, confident, and with a renewed sense of their potential to change business processes.
The Business Guide to Effective Compliance & Ethics
Authors: Tony Osborn and Andy Hayward
Hayward and Osborn tackle the critical question, "Why is corporate compliance failing to prevent scandals and data breaches?" Their answer is radically simple. Tick-box checklists and compliance strategies based on documentation are not enough. Businesses need to be proactive and dynamic to build a culture of compliance.
This book lays out a strategy to create a compliance management program that works. The authors contextualize compliance, focusing on benefits like trust and employee satisfaction. As with all good compliance books, the reader emerges empowered and clear about how to move forward.
Fully Compliant
Author: Travis Waugh
Waugh is a leading expert in compliance training. If you struggle to convey compliance information to employees, this book is an essential read.
Fully Compliant argues that it is not enough to tell employees about the consequences of non-compliance. Successful compliance programs immerse learners in real-life scenarios. Immersive learning induces long-term behavior change—a critical component of continuous compliance strategies.
A Concise Guide to HIPAA Compliance
Author: Lucas M. Slattery
Health Insurance Portability and Accountability Act (HIPAA) compliance is stressful and complicated. It helps to have a go-to reference text as you design compliant systems. Slattery's work is one of the best compliance books for anyone who needs a grounding in HIPAA rules.
Based on official documents from the Department for Health and Human Services (HHS), this book explains tricky issues like defining personally identifiable health information and applying security controls. Slattery keeps things practical, focusing on affordable and proportionate solutions that meet HIPAA standards.
The Risk-Based Approach to Data Protection
Author: Raphael Gellert
Regulations like the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA) have made data protection a hot topic for all digital businesses. Adopting a risk-based approach to compliance balances security and costs—but what does "risk-based" mean? If you have any doubts, Gellert's expert advice will come in handy.
Gellert is a Professor of Private Law at Radboud University in the Netherlands and isn't afraid of complexity. His book delves into the history of data protection and conceptual approaches to risk. But it shines when discussing modern-day compliance programs.
Expect to come away with a deeper understanding of how to execute GDPR risk assessments. With Gellert's help, you should be able to lock down personal data without wasting scarce resources.
Big Breaches: Cybersecurity Lessons for Everyone
Authors: Neil Daswani and Moudy Elbayadi
Brushing up on your compliance knowledge is great, but it also helps to consider the consequences of lax security and privacy processes. Daswani and Elbayadi mercilessly explain worst-case scenarios, using real-world case studies to paint a grisly picture.
Big Breaches range widely. The authors explore phishing and ransomware attacks. They look at software exploits, compromised supply chains, and encryption foul-ups. But it's not just a tale of woe. Readers learn seven critical habits to avoid data breaches and design a rock-solid compliance program.
How To Pay A Bribe: Thinking Like a Criminal to Thwart Bribery Schemes
Author: Alexandra Wrage and Severin WirzÂ
This short book dates back to 2016, but it sadly remains evergreen. Comprising a series of essays from prominent anti-corruption lawyers, "How to Pay a Bribe" explains how corruption occurs. The authors use real-life examples of ordinary companies falling victim to bribery or other scandals. They also frame corruption as a compliance failure—suggesting ways to eradicate it from business culture.
Both a good read and a useful guide, this book is essential reading for companies that do business abroad or work in sectors like finance, where US bribery regulations are extremely tight.
Navigating compliance regulations
Reading compliance books is a great way to refresh your knowledge and gain insights into compliance best practices. However, reading is not enough. Compliance professionals should leverage every source of information and assistance to stay one step ahead of the pack.
Podcasts supplement books with expert interviews and analysis and are perfect for gym sessions or commutes, providing up-to-date opinions from the compliance battlefront. YouTube channels also mix entertainment and information. Webinars from experts provide a gold mine of information about GDPR compliance.
Universities and accreditation bodies offer online compliance courses. There are plenty of course options, including specialized HIPAA or anti-corruption certificates. It’s also worth bookmarking relevant information libraries and referring to them for practical guidance.
NordLayer's learning center is a good starting place. We have created regulatory compliance articles about regulatory requirements, penalties, and frameworks companies can use to make their operations compliant. Learn about compliance basics and fundamental to advanced techniques, and integrate the latest knowledge into your compliance strategy.
Businesses should never face compliance challenges alone. Order relevant books, binge on podcasts, and bookmark resources to guide your way. You'll soon find that others have confronted similar problems, and solutions should be easily achievable.
