> > That's going to be pretty tough to do for Linux/390 shops, unless they're > > allowed to maim their operators by blinding them. :) Not something I woul > d > > recommend, in any case. I think auditors are going to have to change their > > mindset a little in this area. > Auditors exist for business reasons. Support computer systems exist for busin > ess > reasons too. I think it is a little backwards to assume that shortcomings in > software that might cause it to not meet some of the business needs mean that > the auditors should abandon their goal of making sure that these systems meet > the business needs... > > It is (for some businesses) the "right" thing for operations and development > to > be segregated to the extent that operations has zero access to the code. Just > because some software does not make this easy does not mean that the goal sho > uld > be abandoned.
Oh, come on Nick. How are you going to prevent any operations staff with the inclination either downloading the source code to Linux in their one time on their own equipment? OCO code aside, they can get the lot, just as I can. > Personally I believe this is a good indication of an area where this young > technology can indeed learn and benefit from the knowledge gained in the past > . > And we can start that process too... all we need to do is to place a > standardized message identifier on the front of every message we generate and > then write that section of the man page to describe what that message means. > > Big trips start with small steps. > > Peace. -njg > -- Cheers John Summerfield Microsoft's most solid OS: http://www.geocities.com/rcwoolley/ Note: mail delivered to me is deemed to be intended for me, for my disposition.
