|
|
|
|
|
|
by bkor
3712 days ago
|
|
|
> As a matter of fact, our system had to face penetration tests conducted by Ernst and Young, a big 4 Auditing Firm Auditing is not about security. It's about checking if proper procedures are in place, separation of duties, there's "access control", etc. One thing it'll miss out on is the security of the system. You say that they performed penetration tests, but IMO saying that E&Y performed it makes me doubt the security. FWIW, company I work for also has the big auditing firms (all of them) come along and perform audits. |
|
|