I am part of a small IT firm that deals with Community banks and their networks. Each of our banks get audited quarterly. For years we've been explaining to our customers the real risks to their networks...themselves.
The audits are always going to find SOMETHING. That's what they're designed to do. You can always explain the "holes, warnings, and notes" away without losing integrity as long as you have a good relationship with your boss/clients/whoever pays you.
There are times when nothing but a squeaky clean audit will do for our clients...we can always provide a total lockdown...then they pay us to open up their network again for functionality.
It's all about perception...if they think you're caught off guard, they're worried. If they think you're an IT mastermind...well then they're right.
Slashdot Mirror
I am part of a small IT firm that deals with Community banks and their networks. Each of our banks get audited quarterly. For years we've been explaining to our customers the real risks to their networks...themselves. The audits are always going to find SOMETHING. That's what they're designed to do. You can always explain the "holes, warnings, and notes" away without losing integrity as long as you have a good relationship with your boss/clients/whoever pays you. There are times when nothing but a squeaky clean audit will do for our clients...we can always provide a total lockdown...then they pay us to open up their network again for functionality. It's all about perception...if they think you're caught off guard, they're worried. If they think you're an IT mastermind...well then they're right.