When do you need to test change management at the infrastructure layer (i.e. OS and DB) for an in-scope application?

like
Posting as :
works at
You are currently posting as works at

Sometimes these underlying components are integrated into the "app layer". Sometimes you could risk assess omitting an OS. DB is harder if they can make direct data changes

Related Posts

Anyone know more about the ad school that’s opening up in Denver?

like

Hi fishes, DM for refferal.

Business Systems Analyst - Cloud Renewal Operations
Location: Lowell - Massachusetts - United States, Weston - Florida - United States
Function:: Customer Success & Renewals

Post Photo
like

HSBC I have an offer for Consultant Specialist GCB5. Not sure what the role is..is it a team lead role or is it a junior role? I have 10 yoe .. is it apt? Pls help Thanks

HSBC India

like

36M here and I find beards / facial hair absolutely cringe. I feel like everyone has just gone for the 'I can't be bothered to shave' look for convenience. Especially desi guys, it's like a uniform now.

Anybody else feel the same?

funnylike

When you sell a dedicated website for a special deal, do you give the CRM for free? Is vTiger CRM your advice? Otherwise, what are your most common recommendations about CRM?

like

has any of you attended/know about cross-geo interview round at "Servicenow" company? If so, what's the pattern?
Role : Senior software engineer

like

After 10 years of working as a FTE PM/producer I’ve now been laid off (thanks Covid) and am looking to start freelancing for the first time. What advice do you have for a new freelance PM/producer?
Also, what kind of insurance do you take out as a freelancer?

like

Hi All,

Anyone have a recommendation for a good headhunter? I am currently a 2nd year associate (many years paralegaling before that) at a mid-sized firm in NY and am looking for a change.

Also, any cons of working with a headhunter?

like

Is an SDR in tech sales for a saas company typically a very challenging role? Do you feel a lot of pressure? Can the sales skill be learned?

like

Opinions on BagYork(dot)com? It shows great deals on most branded items and is a verified merchant on Pinterest but I’m worried if it’s legit

like

If you’re looking for a good show to watch, I recommend White Collar. I watched it about 8 years ago and just started it again.

like

Average bonus in PEPI at the Director level please?

like

When another contractor inserts themselves into your work with the client and is an absolute idiot

Post Photo
likehelpfulfunny

Freelance social media managers: how to you charge for your services? What deliverables are included? What’s your rate?

like

Hey guys I’ve 3 years of US Government consulting experience in Data Analytics and reporting for decision making and I have to move Canada because of personal reasons.

Can anyone help me out with landing an opportunity? I’ve Canadian Permanent Residency.

like

Recently received an offer for Staff Software Test Engineer for Austin. YOE :11 yrs 150K, 10-20% bonus and 15K sign on and no rsu. Can someone tell me if this is a good offer?

likehelpful

From Los Angeles, looking to get into the vending machine side gig. Any advice for someone just starting?

like

I'm in Texas and its hot. Looking to get away for a few; does anyone have long weekend (3-4 day) trip recommendations? Ideally cooler climate & thinking more nature v. city.

like

Additional Posts in Risk Assurance

I'm a Tech Risk SC, but have an accounting/finance background. I'm doing the FRM now for broader cert experience, is it worth doing CA long term in my area?

What’s the salary range for IT Audit Seniors in the Seattle market?

like

Any idea on what I industry senior risk analysts are making?

like

Is KPMG, EY and PWC considerate about one not wanting to travel and chosing local projects in the IT Assurance practice? Please share your experiences. Thanks!

How do you all keep up with trends in risk and internal audit?

like

How do you apply design factors to IT Audits. Just overheard someone explain 'level of aggregation' for IT Security policies by describing how many people have access to it. Why is this a thing???

like

I lead our SOC practice for a US mid tier cpa/consulting firm. I've been losing a lot of deals due to lower cost / boutique vendors who are partnered with these SOC automation platforms (Vanta, Laika, etc.). Have any of you used these tools for the audit and what has your experience been like? Thanks

like

Hi! I used to work at PwC and currently work at Friedman. I’ve been at Friedman for about a year and a half and I love it! We are hiring at an experienced associate and senior associate level! Cont..

like

Be honest, do you see yourself staying in the game to make partner?

likehelpful

What makes more money IT Audit or IT GRC?

like

Do you audit users with Sudo access and a log of sudo activity or just users with access to sudo?

like

Is anyone here in KPMG’s CRM Risk practice? If so do you know if they are still hiring??

like

Mid year promotions, I found out you need to make your own case for it rather than the firm coming to you. If you think you’re ready make sure you speak up!

Does business Process Internal Audit or IT Internal Audit make more?

like

When is busy season over for the SOX side of stuff? Please tell it doesn’t go past 12/31.

funny

I have an offer for a Director of IT Compliance role. Small/mid size company and in MCOL, I have +12 YOE. Base salary in the offer is 160k and annual bonus 20-45k (depends on company performance). Any thoughts on the offer? I’m inclined to ask for a base of 170k since not in rush to change jobs.

like

Tried to jump to a big 4 as a senior 2 in risk assurance . SF market - offered 93k base and 15k bonus. Is this worth?

If anyone is looking for a referral as an experienced hire to the PwC DAT (Digital Assurance & Transparency - formerly Risk Assurance) practice let me know and would be happy to refer you. We are actively looking to hire.

like

Anyone can give insight in B4 Risk in Houston/Dallas market?

like

I’m getting put up for manager a year early. I have PPMD ,SM, and M support. Pretty much support from all the key individuals on my team and in my service line. Since it is a year early if i don’t get promoted this round I know it’ll come mid year but I do expect a good salary increase still without the promo. If I don’t get the promo nor a salary increase that I’m okay with, how do I let my partner know that I will begin to entertain outside offers? some of which have offered the manager role.

like

New to Fishbowl?

Download the Fishbowl app to
unlock all discussions on Fishbowl.
That was just a preview…
Sign Up to see all discussions
  • Discover what it’s like to work at companies from real professionals
  • Get candid advice from people in your field in a safe space
  • Chat and network with other professionals in your field
Sign up in seconds to unlock all discussions on Fishbowl.

Already a user?
Login here

Share

Embed this post

Copy and paste embed code on your site

Preview

Download the
Fishbowl app

See what’s happening in your industry
from the palm of your hand.

A phone with Fishbowl app

Scan your QR code to download
Fishbowl app on your mobile

Download app

Sign up for free to view this conversation on Fishbowl

By continuing you agree to Terms of Use and Privacy Policy

Already have an account? Log in

Sign up for free to continue using Fishbowl

By continuing you agree to Terms of Use(New) and Privacy Policy(New)
Messaging rates may apply

Already have an account? Log in

For account settings, visit Fishbowl on Desktop Browser or

General

Legal