Sometimes people can look at something and come to completely different conclusions. Take my ten-year-old son. To him, if he has to do something (or if he’s required to do something) it’s not worth doing. He can always think of something else that’s more interesting or more worthwhile.
However (perhaps just because I’m a parent) I believe the opposite. That just because you have to do something doesn’t mean that it’s not worth doing. In many cases, the things that we’re required to do can end up being very beneficial for us. It’s just that it’s not always obvious how they’re beneficial.
I believe that the same thing principle operates when it comes to compliance, IT compliance and auditing. By now everyone’s aware of the impact that regulatory and industry requirements have had on just about all sizes of organizations. And while the majority of regulations and compliance requirements apply to public companies, in many cases even private companies have been swept along on the compliance tide. Over the past few years, all types of organizations have had to implement a wide variety of compliance-oriented tasks, steps and processes to help them define, document and manage data and processes.