There's an aspect to auditing internal controls that has always seemed straight forward to me that for some reason others have trouble grasping. I figure it's just a personality trait. It doesn't really matter if the control is financial, operational, or technological, it all boils down to taking the control in question and asking the … Continue reading From Trust, but Verify to Zero Trust to CYA →