Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Mailing Lists -> Oracle-L -> RE: OT - SarBox paranoia prevention ?

RE: OT - SarBox paranoia prevention ?

From: David Wendelken <davewendelken_at_earthlink.net>
Date: Sat, 19 Feb 2005 19:17:16 -0500
Message-ID: <000001c516e1$89356e00$6401a8c0@davidwendelken> 






Mladen,



    
  
  1.   Auditors are hired by management, not dbas.

  
  2.   Auditors want to keep the people who hire them happy.

  
  3.   Making life a pain in the butt for anybody but management will keep
management happier.

  
  4.   Duh.







And, if memory serves, way back when software was first going into banks,
didn't some programmer funnel the fractional pennies of the interest
calculations into a private account?



And programmers often program in back-doors to subvert security procedures.



Those could only be caught with a walkthru the code.  Change control
wouldn't stop it by someone authorized to work on the program.



But the auditors are probably too ignorant to figure that one out.



Duh.




--
http://www.freelists.org/webpage/oracle-l


Received on Sat Feb 19 2005 - 19:02:44 CST












Original text of this message













  HOME |
  ASK QUESTION |
  ADD INFO |
  SEARCH |
  E-MAIL US