In <50475f32.9050...@acm.org>, on 09/05/2012
at 09:18 AM, "Joel C. Ewing" <jcew...@acm.org> said:
>and this is the only
>locally produced documentation that makes sense on z/OS,
While the auditors in question may be stark raving bonkers, there is
other relevant documentation; change control procedures for production
libraries.
>If they were competent auditors they would know this.
rara avis
>We were fortunate in that our corporation had its own audit
>department that interfaced with the annual external auditors and
>our auditors were fairly well versed in z/OS security concepts from
>interfacing with Technical Services over several decades. If the
>external auditors were ever totally clueless, we could reasonably
>expect our own auditors to recognize requests that didn't make
>sense in the context of the mainframe and side with us on
>suggesting sensible alternatives.
I'm jealous. I hope that management appreciates them.
--
Shmuel (Seymour J.) Metz, SysProg and JOAT
Atid/2 <http://patriot.net/~shmuel>
We don't care. We don't have to care, we're Congress.
(S877: The Shut up and Eat Your spam act of 2003)
----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
