No offense to my auditor friends/colleagues and all the hands-on auditors of the world who DO know their stuff...Here's a new piece I wrote about one of the greatest impediments to reasonable information security in business today:
Why do so many people buy into “checklist” audits?
...goes back to the compliance crutch mentality that my colleague Charles Cresson Wood and I wrote about last year. Time to move on?? Looking at how we treat other things involving risk (automobiles and healthcare come to mind) I suspect we never will.
As the saying goes good enough hardly ever is.
Tuesday 21 September 2010
Just run down the checklist - that's "good enough"
Posted on 04:47 by Unknown
Subscribe to:
Post Comments (Atom)
0 comments:
Post a Comment