|
|
|
|
|
|
by sh_tinh_hair
3434 days ago
|
|
|
This is insightful. Ran into this sort of thing at a .gov during audits for systems accreditation in 200x.
I made the mistake of using 'mitigation' in my
documentation and opened up a can of worms with the contracted auditing firm. They should have provided
a glossary of weasel words. Took twice as long to get the system accredited because
of a common sense initial approach. |
|
|