--
On 2012-09-26 7:26 AM, Peter Thoenen wrote:
> Speaking as a long time internal and external IT auditor I
> would suggest there is a bearing and it's inverted once you
> exceed a certain organizational size and discount the
> outliers (mom&pops on the low end, national security
> systems on the high end).?It's also best applied to
> industries or sectors, not individual organizations. ?It's
> the standard do as I say, not as I do / who watches the
> watchers / ugly baby syndrome problem. ?Of course that is
> anecdotal but conversations with peers over the years seem
> to bear it out. ?Although large groups can function at above the level of individual members (civilization, the wisdom of crowds) it is far more common that they function below the level of the individual members (diseconomies of scale, the madness of crowds, Parkinson's law, Pournelle's iron law of bureaucracy, etc) In a large group whose expertise is in computers, well, you have a large group. So it screws up disastrously. In a large group whose expertise is not in computers, then within that group you have a small group, the computer priesthood, who can easily outstare the CEO and the Chairman of the board while saying "Industry best practice is X" The small group is less likely to screw up disastrously than the large group. _______________________________________________ cryptography mailing list [email protected] http://lists.randombit.net/mailman/listinfo/cryptography
