{"id":43,"date":"2010-10-07T11:38:00","date_gmt":"2010-10-07T11:38:00","guid":{"rendered":"http:\/\/mayanktrivedi.net\/technotes\/2010\/10\/07\/cardsystems-solutions-hack-2005-legal-suit-targetting-auditor\/"},"modified":"2022-04-06T20:23:29","modified_gmt":"2022-04-06T20:23:29","slug":"cardsystems-solutions-hack-2005-legal-suit-targetting-auditor","status":"publish","type":"post","link":"http:\/\/mayanktrivedi.net\/technotes\/2010\/10\/07\/cardsystems-solutions-hack-2005-legal-suit-targetting-auditor\/","title":{"rendered":"CardSystems Solutions Hack 2005 &#8211; Legal Suit Targetting Auditor"},"content":{"rendered":"<div style=\"font-family: Verdana,sans-serif;\"><span style=\"font-size: small;\">The topic sounds to be shocking, but if you read the article <a href=\"http:\/\/www.wired.com\/threatlevel\/2009\/06\/auditor_sued\/#ixzz11fV6veXH\">&#8220;<\/a><\/span><a href=\"http:\/\/www.wired.com\/threatlevel\/2009\/06\/auditor_sued\/#ixzz11fV6veXH\"><span style=\"font-size: small;\">In Legal First, Data-Breach Suit Targets Auditor&#8221;<\/span><\/a> you would be surprised to know the proceedings that led to the Legal Suit.&nbsp;<\/p>\n<p><span style=\"font-size: small;\">It will be really interesting to note the developments from here on as the Auditor may contest that the report was good for &#8220;As on Date&#8221; of Report and they are not liable for any subsequent breach as they are not keeping an eye on how the organization dealt with the information post the Audit Completion.<\/span><br \/><span style=\"font-size: small;\"><br \/><\/span><br \/><span style=\"font-size: small;\">But does the role of Auditor end with the submission of report, specifically when the identified organization fails a previous Audit for storing sensitive data in an unprotected manner or in a manner that is not as per the specifications?&nbsp;&nbsp;<\/span><\/p>\n<p><span style=\"font-size: small;\">Should not the Auditor go back at the records of previous Audit and identify the reasons that might have led to the failure in complying to the requirement?<\/span><br \/><span style=\"font-size: small;\"><br \/><\/span><br \/><span style=\"font-size: small;\">Isn&#8217;t the Auditor supposed to maintain the integrity of Audit Process and NOT overlook serious issue that were being reported for a period of 5 years preceding the Audit?<\/span><br \/><span style=\"font-size: small;\"><br \/><\/span><br \/><span style=\"font-size: small;\">There are lot of questions that create a eye of suspicion on the role of Auditors.&nbsp; Many a times the Auditors tend to turn a blind eye towards certain issues that are present due to organizational work culture.&nbsp; They don&#8217;t tend to highlight the issues for the reason that they feel they are not responsible for that.<\/span><br \/><span style=\"font-size: small;\"><br \/><\/span><br \/><span style=\"font-size: small;\">We had earlier seen a law emanating out from the hi-profile case of Enron and Arthur Anderson, where both the companies disappeared from the Market.&nbsp; As if that was not enough a lesson to be learnt by the Auditors that we often get to know of similar cases, though not of that profile.<\/span><br \/><span style=\"font-size: small;\"><br \/><\/span><br \/><span style=\"font-size: small;\">Would that mean we will soon see another law stemming out, something that would Regulate and Govern the Audit Scenario?&nbsp; Should not the Auditors tighten their belts to ensure that the Audits and the Audit Reports are fair and square, resulting in what they are actually supposed to result in, rather than twisting the results one way or other?<\/span><br \/><span style=\"font-size: small;\"><br \/>It is quite interesting that the Noble Profession of Auditors is fast becoming Commercialized, and at this pace, i would not be surprised to see a License Regime enforced for the Auditors on same line as the Lawyers and Formation of a Regulatory Body Like Auditor&#8217;s Council to Govern Auditors&#8217;. <\/span><\/div>\n","protected":false},"excerpt":{"rendered":"<p>The topic sounds to be shocking, but if you read the article &#8220;In Legal First, Data-Breach Suit Targets Auditor&#8221; you would be surprised to know the proceedings that led to the Legal Suit.&nbsp; It will be really interesting to note the developments from here on as the Auditor may contest that the report was good &hellip;<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[13,51,52],"tags":[],"class_list":["post-43","post","type-post","status-publish","format-standard","hentry","category-audits","category-breaches","category-security-breaches","entry entry-center"],"_links":{"self":[{"href":"http:\/\/mayanktrivedi.net\/technotes\/wp-json\/wp\/v2\/posts\/43","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/mayanktrivedi.net\/technotes\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/mayanktrivedi.net\/technotes\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/mayanktrivedi.net\/technotes\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"http:\/\/mayanktrivedi.net\/technotes\/wp-json\/wp\/v2\/comments?post=43"}],"version-history":[{"count":1,"href":"http:\/\/mayanktrivedi.net\/technotes\/wp-json\/wp\/v2\/posts\/43\/revisions"}],"predecessor-version":[{"id":184,"href":"http:\/\/mayanktrivedi.net\/technotes\/wp-json\/wp\/v2\/posts\/43\/revisions\/184"}],"wp:attachment":[{"href":"http:\/\/mayanktrivedi.net\/technotes\/wp-json\/wp\/v2\/media?parent=43"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/mayanktrivedi.net\/technotes\/wp-json\/wp\/v2\/categories?post=43"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/mayanktrivedi.net\/technotes\/wp-json\/wp\/v2\/tags?post=43"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}