Businesses need to consider data security as a whole, not merely as part of the audit process. This approach not only helps reduce the overall length of the audit process, it eliminates unnecessary vulnerability in the organization—providing a far greater reward than merely passing the audit. After all, if an organization suffers an exploit of security vulnerability, they'll face a far more costly and disruptive scenario than any compliance audit could cause. Without having a holistic approach to data security, organizations are doomed to reinvent the wheel.
An unchecked and unmonitored sytem is a vulnerable one. Regular reviews, tests and audits help keep the safeguards you have in place effective.