Firewall Wizards mailing list archives
Re: iso 17799
From: George Capehart <capegeo () opengroup org>
Date: Wed, 21 Jul 2004 19:11:44 -0400
On Wednesday 21 July 2004 17:57, MHawkins () TULLIB COM allegedly wrote:
"It's only the big companies that are so pervasively populated with stupid middle managers and C-level execs that they can afford to buy $100,000 doo-dads." OUCH! Don't hold back!
Well, since Paul let this through, I'm assuming he's willing to entertain some replies . . . :) I think there are several comments that can be made: 1. Yes, it's probably fair to say that larger companies have larger budgets, and, therefore, are more willing/able to plonk down $100K for a doo-dad. 2. There are companies of all sizes that are pervasively populated with stupid middle managers and C-level execs. We're probably lucky that some of them are willing to spend the money on the doo-dads. Some can't/won't/don't even see the necessity of having anything like a doo-dad, much less "Doing it Right (TM)." In my experience, some of the smallest companies are the worst ostriches. 3. Not all companies of a given size demographic are equally "clueful." It starts at the top. If the Board and the CEO care and actively manage and enforce discipline, there is a much higher "level of clue" throughout the organization. If the CEO is a cowboy or clueless and the Board is a bunch of hand-picked yes-men, guess what . . . At the other end of the spectrum, if the sole proprietor of a small business is actively engaged in day-to-day operations and actively manages his/her risks, that business has no need of the $100K doo-dad . . . I've had the great pleasure of working or consulting in what I would consider pretty well clued very large businesses and very small businesses. I've also had the incredibly traumatic experience of working in very large and very small businesses run by cowboys, and in which the general operating modus was "shoot from the hip, clean up the mess later." The one advantage that the larger organizations had was that, through the law of large numbers, there were enough individuals who truly cared and *were* clued, that some things got done in spite of management . . . So, I guess my conclusion would be, thank goodness for organizations that are clueless enough to be willing to spend money on the $100K doo-dads . . . They're better than nothing . . . :) Cheers, /g _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Re: iso 17799, (continued)
- Re: iso 17799 Paul D. Robertson (Jul 26)
- Message not available
- Re: iso 17799 Frederick M Avolio (Jul 21)
- Re: iso 17799 Dana Nowell (Jul 21)
- Message not available
- Re: iso 17799 Frederick M Avolio (Jul 22)
- Re: iso 17799 Dana Nowell (Jul 23)
- Re: iso 17799 ArkanoiD (Jul 26)
- Re: iso 17799 mlh (Jul 27)
- Re: iso 17799 Marcus J. Ranum (Jul 27)
- Re: iso 17799 Dana Nowell (Jul 28)
- Re: iso 17799 George Capehart (Jul 21)
- Re: iso 17799 Julian Gomez (Jul 23)
- Re: iso 17799 Victor Williams (Jul 25)