Quote:
Originally posted by djmcmath
I don't do network security, but I often advise my boss on legal issues. When it comes down to one of these cases where the two of us disagree, I have a special "CYA Log" that I write stuff like this down in. "At time/date, I advised my boss that the intended course of action would likely result in legal action being taken against us." Your boss is your boss, and will do what they want to do -- if they want to release a piece of software that doesn't comply with the legal requirements, it isn't, ultimately, your call. Your responsibility is to ensure that your boss understands the requirements, understands that the requirements are being violated, then note it down so if it comes up later you're covered.
Or maybe I've misunderstood the whole thing, and my answer is only applicable to military-types. 
Dan
|
I advise anyone in any administrative role to keep a log like that. Came in handy for my little brother on his recent review. His boss wouldn't approve the purchase of new AV software for their servers and they got infected bringing them down for a few days. Then the boss brought them back up against my bro's recommendation and infected two clients.
Two log entries that the boss attributed to him so when he came up for review with the head of the dept my Bro brought that log and referenced those entries - clearing his record and securing his good name.