![[OC] What People Think Privacy/Security Is](https://lemmy.ml/pictrs/image/30cec389-1586-4849-84ac-d8a9f4f0df5b.png){kind=link}
I know there are plenty of software missing from here. This is just a fun infographic I made, no need to take it seriously :)
I know there are plenty of software missing from here. This is just a fun infographic I made, no need to take it seriously :)
My guess is they think that since you’re paying for the audit the auditors won’t bust you for fraud, which is cute, since the auditors are asked to audit specific things that the company asks them to audit. They’re not released on the company like witch hunters, with wide open access to everything, cutting a swathe through fraud and criminality while people are furiously burning documents in the basement. So there is no conflict of interest, since the auditors are looking at what the people using them are asking them to look at.
I know, it’s just kind of laughably shouting they don’t know what either an audit or conflict of interest actually are.
The hardest part some times is finding an audit firm that isn’t stupid expensive, but also won’t do a shit job and give you a report that looks like some knock-off free LLM didn’t write it to maximize their own payday. I love a good audit report with findings, it means I didn’t waste money. But my shit is (well, was, at another place years back) locked down tight, so we didn’t ever expect anything terrible.
Same here, everyone was so stressed about “the audit” but we had written common sense processes and executed them as needed, with mechanisms in place to flag potential areas for improvement if we found gaps.
The audit was fine.