On Mon, May 13, 2019 at 02:35:51PM -0700, fchassery--- via dev-security-policy wrote: > Issue A found its source in the good relationships between Franck and > Iñigo, who both are no more in charge;
Is the only change to address Issue A the removal of Franck from a position of leadership within Certinomis? > Issue F in various occurrences is a consequence of too much reliance on human > controls. What changes have been made to address the underlying failure in risk management which allowed such a high degree of reliance on human controls? Further, what changes have been made in management policies and procedures to address the fact that this reliance was allowed to continue for an extended period after the limitations were clearly identified? > But of course I would really appreciate that there would be a clear > distinction in considering apart events of the past (before 1st of > December 2018) from present and coming events, because we really initiated > a strong change in Certinomis’ technical management. That is yet to be established. - Matt _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy