alt Hacker NewsPolicy and practice might not be the same thing. The company and the entire management staff should be on somebody’s blacklist for future procurement.
Policy and practice might not be the same thing. The company and the entire management staff should be on somebody’s blacklist for future procurement.
The whole point of stuff like SOC2 and audit to verify that policy is actually implemented. Seems like nobody actually checked.