http://www.schneier.com/blog/archives/2010/11/control_fraud.html
I keep telling people that the "internal controls" (so beloved of SOX, Basel, COSO, and so many other financial industry frameworks) are just not all they're cracked up to be ... The insider is still the biggest problem, and "control fraud" is simply a special case of that. ====================== (quote inserted randomly by Pegasus Mailer) [email protected] [email protected] [email protected] Don't go around saying the world owes you a living. The world owes you nothing. It was here first. - Mark Twain victoria.tc.ca/techrev/rms.htm blog.isc2.org/isc2_blog/slade/index.html http://blogs.securiteam.com/index.php/archives/author/p1/ http://www.infosecbc.org/links http://twitter.com/rslade _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
