Bingo. And now we are back to the question: 'Who audits the auditors?' Folks from the EU please opine on the effectiveness of ISO 9000. I heard that the EU embraced ISO 9000 to the point of being the law in many countries.
It seems ISO 9000 fell out of favor here in the US a few years ago. Or are we getting to far off topic? -----Original Message----- From: IBM Mainframe Discussion List [mailto:[EMAIL PROTECTED] On Behalf Of Ted MacNEIL Sent: Tuesday, May 16, 2006 7:00 PM To: IBM-MAIN@BAMA.UA.EDU Subject: Re: Password Complexity If they are creating rules, they are corporate compliance auditors. If they are creating, enforcing, and reporting on rules, they have a conflict of duty. These three functions should be under what is known as "separation of duties". That's what got Anderson into trouble. How can I be so certain? I asked an auditor. - -teD O-KAY! BLUE! JAYS! Let's PLAY! BALL! NOTICE: This electronic mail message and any files transmitted with it are intended exclusively for the individual or entity to which it is addressed. The message, together with any attachment, may contain confidential and/or privileged information. Any unauthorized review, use, printing, saving, copying, disclosure or distribution is strictly prohibited. If you have received this message in error, please immediately advise the sender by reply email and delete all copies. ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [EMAIL PROTECTED] with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html