My presentation for DojoCon 2009 talking about compliance, where it fails, and how to make life better.

1. Compliancy, Why Me? Living with the Compliance Staff, a BSOFH Guide Michael Smith

3. Compliance is the arsenic and cyanide of the information security world! Source: Wikimedia Commons

5. But First, a Dramatization… Hi, I’m from the Compliance Team, I’m here to help!

6. But First, a Dramatization… And the Security Engineering Team is glad to have you here!

7. But First, a Dramatization… Here’s a report for you too look at on our current compliance status.

8. But First, a Dramatization… Wow, it’s big.

9. But First, a Dramatization… Your project is out of compliance with Section 15 of the FROBITZ Act of 1994. This is troublesome!

10. But First, a Dramatization… First of all, what the hell does that mean? And secondly…why should I care?

11. But First, a Dramatization… It means you have to fix it.

12. But First, a Dramatization… I can't do it—the YoyoDyne Frobulator is the only product that fits our needs.

13. But First, a Dramatization… But the rulebook says...

14. But First, a Dramatization… I’m not going to do it. Besides, the rulebook was made by a bunch of old men who have no idea what technology is.

15. But First, a Dramatization… You suck and are a rogue cowboy

16. But First, a Dramatization… You suck and are a wannnabe data center lawyer.

17. But First, a Dramatization… This guy is brain-damaged and I can’t work with him. We’ll never be secure now. This guy is brain-damaged and I can’t work with him. We’ll never be secure now.

19. With compliance, you can strong-arm people into doing your bidding. Source: Wikimedia Commons

32. Source: Wikimedia Commons So there isn’t any magic where we become ultra-compliant?

39. The more non-compliant you are, the more we can forgive you for! Source: Wikimedia Commons

46. Source: Wikimedia Commons Compliancy: it’s not so bad after all as long as you’re driving the oxcart!