Y
Hacker News
new
|
ask
|
show
|
jobs
by
downtown_
2878 days ago
No. You are free to reference nist and use a compensating control for that. No more pw changes :) Source: QSA
1 comments
monocasa
2877 days ago
I guess I was under the impression that compensating controls don't really let you question the efficacy of the point of the original requirement, but instead "we're meeting the requirement in this other way"?
link