At ThreatSwitch we often talk about "outside-in" security compliance. A large part of the security team's time comes from tasks or reports originating from outside the compliance team - employees, program managers, executives, HR, legal, etc. These requests usually end up in your email, inexhaustibly piling up day-after-day.
There's also a wide variety of requests security professionals need to track. Good luck tracking all of this in your inbox or spreadsheets: VARs, FOCI VARs, PARs, PSQ briefs, CUI briefs, pre-screens, foreign travel, agency-specific foreign-travel, asset transfer requests, asset deletion requests, and probably a whole list of other things that are unique to your company.