El martes, 26 de junio de 2018, 22:36:23 (UTC+2), Ryan Sleevi escribió: > > To be fair, you can align those periods by having one report prepared for 9 > May 2017 to your current audit period, and then include GC in with your > normal audit - without having to alter your period. It allows you to > maintain your current audit cycle entirely. >
I'll check with the auditors, but I don't think it will make a difference, as in this case we'd have to engage (and pay) for an additional audit report, so losing one month of the annual audit by advancing the start date isn't that bad. > > > Is it too adventurous of me to say that we have a deal? > > > > With a heads up that we'll be looking very closely compared to illustrative > reports to understand if any deviations are meaningful and significant, I > think that sounds like a way of addressing the uncertainty gap present :) Hopefully the audit report will be just as boringly positive as usual... :) I'll come back then in a few weeks, once the audit process is over and we get the result. Best, Pedro _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy
