I am "forced" to allow "our" domains to be DNSSEC because... an auditor suggested it as a possible improvement and some manager thought it a good idea to do whatever said auditor proposes.

The argument that absolutely nothing that the world relies on, is not being singed (google Facebook reddit Cisco MicroSoft etc) holds no clout with the believers, unfortunately.