Your employer is being audited. An unaccompanied stranger wearing a visitor pass comes up to your desk. He says "Hello I'm the password security auditor, tell me your password so I can make sure it's secure"

Will your company fail the audit if don't hand over the information?

Or will your company fail the audit if if you do hand it over?

Therein lies the problem: it's not a government agency, at least not without Congressional approval.

Usually, you do not hand out “root access” to auditors. Auditors are there to gather information (e.g to audit) and report.

In general, you don’t give out broadly permissive access to sensitive systems because people (yes even incredibly competent people) are prone to getting confused or mistyping and you really don’t want anyone deleting the entire database at the drop of a hat because they didn’t have enough coffee that morning and were logged into the wrong system.

Is it an actual government agency? From what I've (casually) read, it's an ad-hoc thing that isn't actually genuinely legitimate, from that standpoint?

> Well, it is a government agency tasked with audits. Why shouldn't it have root access?

Why should it? I've participated in a number of audits. None of them involved giving the auditors root access. They get read-only access to exactly what they need and nothing more, if they get access at all. Oftentimes it's the people with access pulling data based on what they request.

No, it is not a government agency.

No, it is not tasked with audits. It is not performing any audit before its actions, nor is it producing anything resembling an audit.

No, audits do not require root access. And in fact root access (the ability to change data) contradicts audit best practices.

Just curious: have you ever been a part of any audit? May be at your workplace or a tax audit?

This is an idea you just made up to defend this BS.

Like, audit's require root access? What? Is this real life? Are people just making things up and saying whatever to defend someone who has no allegiance to this country getting the keys to the kingdom while also coincidentally making a fortune off of taxpayers through federal subsidies? Are you slow?

Not a government agency.