In <[email protected]>,
on 08/06/2012
at 07:39 AM, "McKown, John" <[email protected]> said:
>But the ultimate problem is likely management.
That's not only true for bad auditors.
>they likely just say something vague like "audit IT according to
>generally accepted IT standards and all applicable legal
>requirements".
That might not be so bad if the contract requires the auditors to
identify those standards and requirements up front, with appropriate
citations of their provenance.
Quis custodiet ipsos cutodes?
--
Shmuel (Seymour J.) Metz, SysProg and JOAT
Atid/2 <http://patriot.net/~shmuel>
We don't care. We don't have to care, we're Congress.
(S877: The Shut up and Eat Your spam act of 2003)
----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [email protected] with the message: INFO IBM-MAIN
