For too long we have rolled out the young/immature industry arguments. We must stop because quite simply: we know better.

A lot of these industries which have compliance, regulatory and professional frameworks started before we had an understanding that we needed these things. There were no examples for a long time then there was no understanding that the same frameworks were required for other industries. We have never been at that point in IT and for about half a century (in UK and USA at least) we should have been rolling out such things.

The UK has the British Computer Society but that only regulates its members and as membership is not a requirement it can be considered toothless from an industry perspective (although I am sure it does add value for its membership). There is also, to my understanding, other bodies in a similar situation e.g. IEE, ACM and IEEE.