Wednesday, October 16, 2013

Trust ,but don't be naive !

Today, I have attended IIA's Ottawa training session which focused on Asset Protection and Security( AP & S). Two mantras stuck on my head by the time we were done :

The first is:" AP & S is largely based on trust!"
The second:" Being compliant does not mean being secure "

While I agree with the second, I have trouble with the first!

The examples of trust provided during the session made me more skeptical ( i.e I trust you because A trusts you and I trust A )!

 Trust is good, but it is not enough and certainly does not provide security.

Trust, but verify!
Trust.but monitor!
Trust, but don't be naive!

 In God we trust, others will be audited!

What do you think?

No comments:

Post a Comment

Are you getting the most from the ethics mandatory hours?

 Like many of you at this time of year, I have been looking to take the mandatory two hours of ethics training to comply with the IIA cpe  r...