In addition, every system that can be taken out of scope is one less system that needs to be validated for compliance, which reduces both the amount of work required, and its cost.
"Working on scoping before checking on the actual compliance is critical," said Simonetti.
Scoping can also make help companies make compliance an ongoing, regular part of doing business.
"Do not approach compliance as a firedrill -- it is not an annual exercise," he said.
Sign up for CIO Asia eNewsletters.