Has anyone noticed how much CIS has been encroaching into infrastructure these days? For a role that has traditionally been reporting, governance and auditing, they are taking a lot upon themselves. They have been ramping up to an alarming level, citing audit findings, capitalizing on security incidents and board commits to further expand their operations teams. It is a major conflict of interest when they make decisions to perpetuate their own existence in operations over meeting the shifting needs of the company.
2 replies (most recent on top)
"citing audit findings, capitalizing on security incidents and board commits"
don't screw up for long enough that it get's auditted, or bad enough that it gets an incident, or big enough that the board looks at it