[gptalk] Re: PLS help with grouped policies for my audit!!!

  • From: "Jakob H. Heidelberg" <jakob@xxxxxxxxxxxxxxx>
  • To: <gptalk@xxxxxxxxxxxxx>
  • Date: Mon, 14 Jan 2008 21:51:50 +0100

That's definitely the most funny stuff I've been reading for a long time -
keep it up Bill :-)

/Jakob

-----Original Message-----
From: gptalk-bounce@xxxxxxxxxxxxx [mailto:gptalk-bounce@xxxxxxxxxxxxx] On
Behalf Of Billy B. Bilano
Sent: 14. januar 2008 20:57
To: gptalk@xxxxxxxxxxxxx
Subject: [gptalk] Re: PLS help with grouped policies for my audit!!!

Scottie,

Thanks mucho for the reply on my "best" practices querstion! Evern 
though my main question is about groupr polices, I think this clears up 
what I suspected after some smart researching I did on wickypediar! 
However one thing did prick my ears up a bit when I read it because it 
may mean I am not doing something "best"...

So if I can run this old chestnut by you again...

You said one good example for disaster recovery would be to test backups 
and keep documentations... That being said, what if:

a. I don't keep backups because they are too hard to deal with and only 
introduce discovery problems when certain goverment bodies who oversee 
my industry come-a-knockin (like a certain fed chairman that shall 
remain nameless to keep me blameless!! if you catch my wind LOSLSL)

b. as i said if I document everthing then that means my job becomes less 
important to the bank and that could open the door up to fire me!!! i 
got two kids and a wife to feeder!

So is there a way that i can still call that I am doing "best practices" 
to the auditors??? I need some spin here!!! (maybe I can call this 
"adequate" practices maybe?)

Let me know as soon as possible!! and I have a burrito in the cooker on 
this and if I leave it in for too long it's gonna spurt beans and beeff 
all over my face and lap and chest!!!

THANKS, BUDDY!


P.S... My bloglog beckons your attention!!! <http://www.bilano.biz/>

PS.S.S: I am still looking for those SAS-70s... Anywhere that I can use 
PayPail would be great because my corporate fcard got stolen (which 
reminds me i should call HR and get that fixied up someday)

-- 
Mr. Billy B. Bilano, MSCE, CCNA, CISSP, and now QISP
<http://www.bilano.biz/>
Expert Sysadmin Since 2003!
'C:\WINDOWS, C:\WINDOWS\GO, C:\PC\CRAWL' -- RMS




Scott Klassen wrote:
> Best Practices aren't something that you decide and then get certified.
> They are generally proscribed by the vendor (manufacturer) of a specific
> product, be it hardware or software.  Best Practice would be the generally
> accepted way of doing/configuring something to achieve a certain goal.
The
> goal would be an important point, as the settings could be different
> depending on what your trying to do.  An example of this would be if you
> were configuring something for pure usability, which would most likely be
> very different than configuring that same thing for pure security.  There
> are also some Best Practices that operate at a higher level than any
> specific product, which fall under the category of common sense.  Two good
> examples of this for disaster recovery would be to regularly test backups
> and to document everything.
> 
> Scott Klassen
> 
> -----Original Message-----
> From: gptalk-bounce@xxxxxxxxxxxxx [mailto:gptalk-bounce@xxxxxxxxxxxxx] On
> Behalf Of Billy B. Bilano
> Sent: Monday, January 14, 2008 11:27 AM
> To: gptalk@xxxxxxxxxxxxx
> Subject: [gptalk] PLS help with grouped policies for my audit!!!
> 
> Hey dudes!
> 
> also they said i need to have some practices that have been declared 
> "best". Where can I submit them off for review so they are certified? 
> they wont tell me and that kid that works for me started laughing and 
> resigned (all the more vacation time for me LOLOLSL!!!!).
> 
> thanks dudesss!!!
> 
> OH... And does ANYBODY know where I can get some SAS-70's wholesale??? 
> I've been lookin on that Googler thing and can't find it! and YES I have 
> checked eBay thank you very much!!
> 
> P.S. Check out my bloglog!!! <http://www.bilano.biz>
> 
> 
***********************
You can unsubscribe from gptalk by sending email to
gptalk-request@xxxxxxxxxxxxx with 'unsubscribe' in the Subject field OR by
logging into the freelists.org Web interface. Archives for the list are
available at http://www.freelists.org/archives/gptalk/
************************

***********************
You can unsubscribe from gptalk by sending email to 
gptalk-request@xxxxxxxxxxxxx with 'unsubscribe' in the Subject field OR by 
logging into the freelists.org Web interface. Archives for the list are 
available at http://www.freelists.org/archives/gptalk/
************************

Other related posts: