> To a point, it seems all certification processes can be > defeated by creative responses or other activity one could > loosely call "cheating".
I don't think it's a matter of "cheating" PCI and various things that start with ISO: most of them have an element of "tell us what you do and we'll audit you for conformance with that". The cheating is to pass off such a certification as something it isn't. -- David Harley BA CISSP FBCS CITP Small Blue-Green World __________ Information from ESET Smart Security, version of virus signature database 3956 (20090323) __________ The message was checked by ESET Smart Security. http://www.eset.com _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
