When are IT executives as well as the analyst community going to recognize that compliance and security need to be tightly integrated and based on risk management discipline in order to achieve corporate governance objectives?

As IT practicioners, we need to be careful not to alienate our friends in the audit community by taking an IT centeric view of the world.