Appearance
2.3 Compliance & Governance
Projects operate within a web of "Unwritten Rules" (Politics) and "Written Laws" (Compliance). The 2026 PMP Exam tests your ability to navigate both without crashing.
⚖️ The Compliance Radar
Compliance failures are business threats, not just risks.
Data Privacy
GDPR / CCPA. If you touch customer data (especially for AI training), you must have consent.
EHS
OSHA / ISO 14001. Environmental, Health, and Safety regulations are non-negotiable. Safety > Schedule.
Financial
SOX / AML. Anti-bribery and accurate financial reporting. "Cooking the books" is an automatic fail.
Codes
Building / Cyber. Technical standards (IEEE, Building Codes) that dictate minimum quality.
⚠️ The Retroactive Rule
If a new law is passed in the middle of your project, you must adopt it, even if it wrecks your baseline. A project cannot be "successful" if it is illegal.
🏛️ Governance vs. Management
Who makes the call?
| Role | Responsibility | Authority |
|---|---|---|
| Governance (Steering Committee) | "We are going North." (Direction) | Can cancel the project or approve budget increases. |
| Management (Project Manager) | "Here is the map to get North." (Execution) | Can manage the team and budget within the approved tolerance. |
🧩 The Ethical Compass
PMI mandates four core values: Responsibility, Respect, Fairness, and Honesty.
- Conflict of Interest: If you own stock in a vendor, you must Disclose it and recuse yourself from the selection process.
- Bribery: Zero tolerance. Even a "facilitation payment" (grease payment) is questionable globally and strictly banned by PMI ethics.
- Truth: Never lie about project status (The "User-friendly" Traffic Light). If the project is Red, report Red.
📝 Exam Insight: You discover a team member is cutting safety corners to meet a deadline. What do you do? **Stop the work immediately.** Safety violations are never "mitigated"; they are "avoided."