[gptalk] Re: PLS help with grouped policies for my audit!!!
- From: "Billy B. Bilano" <mr.bill.bilano@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx>
- To: gptalk@xxxxxxxxxxxxx
- Date: Mon, 14 Jan 2008 13:56:56 -0600
Scottie,
Thanks mucho for the reply on my "best" practices querstion! Evern
though my main question is about groupr polices, I think this clears up
what I suspected after some smart researching I did on wickypediar!
However one thing did prick my ears up a bit when I read it because it
may mean I am not doing something "best"...
So if I can run this old chestnut by you again...
You said one good example for disaster recovery would be to test backups
and keep documentations... That being said, what if:
a. I don't keep backups because they are too hard to deal with and only
introduce discovery problems when certain goverment bodies who oversee
my industry come-a-knockin (like a certain fed chairman that shall
remain nameless to keep me blameless!! if you catch my wind LOSLSL)
b. as i said if I document everthing then that means my job becomes less
important to the bank and that could open the door up to fire me!!! i
got two kids and a wife to feeder!
So is there a way that i can still call that I am doing "best practices"
to the auditors??? I need some spin here!!! (maybe I can call this
"adequate" practices maybe?)
Let me know as soon as possible!! and I have a burrito in the cooker on
this and if I leave it in for too long it's gonna spurt beans and beeff
all over my face and lap and chest!!!
THANKS, BUDDY!
P.S... My bloglog beckons your attention!!! <http://www.bilano.biz/>
PS.S.S: I am still looking for those SAS-70s... Anywhere that I can use
PayPail would be great because my corporate fcard got stolen (which
reminds me i should call HR and get that fixied up someday)
--
Mr. Billy B. Bilano, MSCE, CCNA, CISSP, and now QISP
<http://www.bilano.biz/>
Expert Sysadmin Since 2003!
'C:\WINDOWS, C:\WINDOWS\GO, C:\PC\CRAWL' -- RMS
Scott Klassen wrote:
Best Practices aren't something that you decide and then get certified.
They are generally proscribed by the vendor (manufacturer) of a specific
product, be it hardware or software. Best Practice would be the generally
accepted way of doing/configuring something to achieve a certain goal. The
goal would be an important point, as the settings could be different
depending on what your trying to do. An example of this would be if you
were configuring something for pure usability, which would most likely be
very different than configuring that same thing for pure security. There
are also some Best Practices that operate at a higher level than any
specific product, which fall under the category of common sense. Two good
examples of this for disaster recovery would be to regularly test backups
and to document everything.
Scott Klassen
-----Original Message-----
From: gptalk-bounce@xxxxxxxxxxxxx [mailto:gptalk-bounce@xxxxxxxxxxxxx] On
Behalf Of Billy B. Bilano
Sent: Monday, January 14, 2008 11:27 AM
To: gptalk@xxxxxxxxxxxxx
Subject: [gptalk] PLS help with grouped policies for my audit!!!
Hey dudes!
also they said i need to have some practices that have been declared
"best". Where can I submit them off for review so they are certified?
they wont tell me and that kid that works for me started laughing and
resigned (all the more vacation time for me LOLOLSL!!!!).
thanks dudesss!!!
OH... And does ANYBODY know where I can get some SAS-70's wholesale???
I've been lookin on that Googler thing and can't find it! and YES I have
checked eBay thank you very much!!
P.S. Check out my bloglog!!! <http://www.bilano.biz>
***********************
You can unsubscribe from gptalk by sending email to
gptalk-request@xxxxxxxxxxxxx with 'unsubscribe' in the Subject field OR by
logging into the freelists.org Web interface. Archives for the list are
available at //www.freelists.org/archives/gptalk/
************************
Other related posts:
