[sokoloff]

The “proof via a series of tedious screenshots” method of audit is absolutely infuriating. Please bring on the 10x auditors…

[busterarm]

When you don't know what you're doing, dazzle them with bullshit.

Best part of the story above is that in our system there are no human users that can access a live system. And proof of that is insufficient because the IT person isn't familiar with the practice.

[lasereyes136]

> When you don't know what you're doing, dazzle them with bullshit.

100% because most people don't know what makes good security so it is easy to get them to mistake volume with quality.

[mianos]

Then they printed those screenshots out to be bound into a thick report to be presented the board. (Not where I am but in a previous employer. Still makes me laugh).