[Gllug] Audit Season...
Karanbir Singh
mail-lists at karan.org
Fri Jun 26 23:47:57 UTC 2009
On 06/27/2009 12:20 AM, Jose Luis Martinez wrote:
> I would be extremely careful with dishing such advice. Seriously, SOX
> and other national and international regulations could mean you are
> actually breaking the law if you are obtrusive to certain types of
> auditors, and certainly your boss may have to do lots of explaining if
> one of his charges is being unhelpful.
depends a lot on the type and scope of the audit... I've often denied
information to infrastructure auditors to things they cant justify.
> To say that you got away with it implies that there was a certain
> level of risk to your position, to each one his own, but I frankly
> fail to see why one should be obtrusive.
eg. I tend to middle finger most 'security auditors' who want to run
intrusion detection stuff on the inside, using acl's put in place
specifically for the audit.
--
Karanbir Singh : http://www.karan.org/ : 2522219 at icq
--
Gllug mailing list - Gllug at gllug.org.uk
http://lists.gllug.org.uk/mailman/listinfo/gllug
More information about the GLLUG
mailing list