Are you familiar with Sarbanes-Oxley? It only applies to publicly-traded companies. It hasn't killed any of them yet, unless of course they were actually committing fraud.
If security audits were to become mandatory, they would only apply to companies of a certain size.
If security audits were to become mandatory, they would only apply to companies of a certain size.