They would not agree to audit each other... Why? To much risk!

Funny story, we have a client that got walked out on during a security audit by one of the big guys. The reason? They found so many security issues very early in the audit that they were concerned about the liability of something occuring after they security audit was done.

ie. they do the audit, make reccomendations and get the problems fixed but something still happens and they get sued. So, they stopped their work, asked for much more money to cover "thier risk". When the client refused to pay more for the same work they bailed.

Sad... Kinda understandable but still sad.

[ reply ]

Link to this comment: http://www.securityfocus.com/comments/newsbriefs/147/696#696