IT Compliance is taking appropriate control of and protecting information, including how it is obtained and stored, how it is secured, its availability (how it is distributed internally and externally), and how the data is protected. The internal compliance functions revolve around the policies, goals, and organizational structure of the business. External considerations include satisfying the customer/end user while protecting the company and end user from harm. Specialized tools are used to continuously identify, monitor, report, and audit to achieve and remain in compliance.