We hit half-million: The Cidr Report

Owen DeLong owen at delong.com
Thu May 1 16:41:07 UTC 2014

On May 1, 2014, at 2:01 AM, John Souter <john at linx.net> wrote:

> Hash: SHA1
> On 30/04/14 17:30, Valdis.Kletnieks at vt.edu wrote:
>> ...
>> Anybody got recommendations on how to make sure the company you engage
>> for the audit ends up sending you critters that actually have a clue? (Not
>> necessarily PCI, but in general)
> If more auditors (of whatever type) were put in the street when they
> annoy their customer or act irrationally, the world might become a
> better place.

The problem with this theory is that if auditors can be so easily put to the
street, you run into the risk of auditors altering behavior to increase customer
satisfaction in ways that prevent them from providing the controls that are the
reason auditors exist in the first place.

If you don’t believe me, examine the history of Arthur Anderson and their
relationship with a certain Houston-based company which failed spectacularly.


More information about the NANOG mailing list