Many development shops have a very big mantra for quality control surrounding code. What gets missed from the operations or DevOps teams is very similar in terms of requiring quality control over the infrastructure. The movement lately is to be ensured that the infrastructure is treated the same as the code itself. By putting the same practices in place; it is easy to view, control, and replicate these environments. For example, if security groups are modified, then it is easy to track down what caused the change.
This enables us to do audits as well. If something were to open up ports to a server or security group configuration, we would know fairly quickly whether it was done by accident or through malicious intent. This also means that if our infrastructure needed to shift to a new region or availability zone, or if the hardware underneath our infrastructure experiences a catastrophic failure, we can recover somewhat easily.