Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Mailing Lists -> Oracle-L -> RE: audit suggestion

RE: audit suggestion

From: <ryan_gaffuri_at_comcast.net>
Date: Mon, 24 Jan 2005 19:12:59 +0000
Message-Id: <012420051912.22090.41F548BB000995B10000564A2207003201079D9A00000E09A1020E979D@comcast.net>


what happened at enron/worldcom came from the CEO. Sarbox wouldn't have done anything.

Here is a funny story about the procedures at NASA Goddard in Greenbelt, MD. I know a project manager there. They went through a long and drawn out security audit last year. After the audit took place he had a problem with his password and called the government help desk. The help desk person gladly told him his password. The government people were not even required to even encrypt passwords. As we all know, many many people use the same password all over the place. -------------- Original message --------------

> Jared,
>
> Make that an "empty but warm & fuzzy feeling". One thing I've
> learned from the latest SarBox round here is that it stops nothing, just
> makes you document the norm. What happen at Enron/WorldCom was not the
> norm, therefore not controllable under SarBox. In the end the folks who

--
http://www.freelists.org/webpage/oracle-l
Received on Mon Jan 24 2005 - 14:17:16 CST

Original text of this message

HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US