>I beg to differ. Although you speak the reality, auditors are not supposed to >*enforce* anything IMHO. Only *report* their findings.
There a three separate duties: 1. Standards creation. 2. Auditing of standards. 3. Standards enforcement (compliance). Auditors should/must NOT have any authority, except #2. Too many people are afraid of them, but auditors have no true power. >Anything else is a conflict of interest at best. I've stated this before; people comment: "In an ideal world"! No. In a world where things are done correctly. When in doubt. PANIC!! ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
