Comments embedded in the message below.
Susan Joslyn wrote:
Allen, This is a fantastic story. I am warning IT folks about just such a scenario ALL THE TIME. I've found that in these SOX audits the IT folk seem to think along two (deadly) lines. First, they tend to be "just tell me what you want / give me a list (e.g. don't make me think)" and secondly "yeah, yeah, we'll make sure you can't use vi on the data <wink, wink> : good thing they don't know about ed!"
I occasionally run into a third scenario, what I call the passive-aggressive manager. "Fine. We'll do EVERYTHING *exactly* the way they ask, and then more so. We'll pay so much attention to analyzing requests and going back for more and more details and authorizations, *nothing* will get done. When the company business grinds to a halt, THEN they'll be sorry they messed with the IT department!"
(It amuses me that this type never seems to realize how obvious this will be and how likely it is to lead to "terminatus abruptus.")
<collapsing portable soapbox that I seem to carry everywhere these days> SJ
As IT governance becomes more and more mandated, you, me, and the other controls advocates won't need to carry soapboxes around with us anymore, Susan. There will be plenty of corpses of IT managers around to stand on.
--
Regards,
Clif
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ W. Clifton Oliver, CCP CLIFTON OLIVER & ASSOCIATES Tel: +1 619 460 5678 Web: www.oliver.com ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ------- u2-users mailing list u2-users@listserver.u2ug.org To unsubscribe please visit http://listserver.u2ug.org/
