- My Forums
- Tiger Rant
- LSU Recruiting
- SEC Rant
- Saints Talk
- Pelicans Talk
- More Sports Board
- Fantasy Sports
- Golf Board
- Soccer Board
- O-T Lounge
- Tech Board
- Home/Garden Board
- Outdoor Board
- Health/Fitness Board
- Movie/TV Board
- Book Board
- Music Board
- Political Talk
- Money Talk
- Fark Board
- Gaming Board
- Travel Board
- Food/Drink Board
- Ticket Exchange
- TD Help Board
Customize My Forums- View All Forums
- Show Left Links
- Topic Sort Options
- Trending Topics
- Recent Topics
- Active Topics
Started By
Message
re: Job with Ernst and Young
Posted on 5/20/23 at 9:33 pm to Centinel
Posted on 5/20/23 at 9:33 pm to Centinel
quote:
The problem I run into is the audit checklist morons who say they are "infosec experts" that have no ability to comprehend or process compensating controls.
Preaching to the choir. People don't understand nearly all auditors (or ex-auditors that work in 3rd party risk management, etc.) have an accounting degree and learned all they need to know about Windows Server security at a three day training in Cincinnati. I watched one consider the on prem mainframe as "out of scope" for a PCI DSS audit, because it was a mainframe. The quickest way to fool them is to bring up subnets and watch them pretend that being in two different class C subnets alone provides some sort of protection.
Posted on 5/20/23 at 9:35 pm to LemmyLives
quote:
I watched one consider the on prem mainframe as "out of scope" for a PCI DSS audit, because it was a mainframe.
Jesus
*laughs in AS/400*
Popular
Back to top
Follow TigerDroppings for LSU Football News