Posted on 11/11/2013 5:23:15 PM PST by kristinn
What difference, at this point, does it make?
i remember that thread even though it was years ago...
I’m a project manager. This is blatant BS. There is NO WAY this was not known unless the PM was asleep at the wheel or off doing crack with the mayor of toronto.
Good point!...We've spent 600 million on a site that could have been done for a couple of million at most by free enterprise...Why stop now??...I don't care if it takes us gazillions.....This is America.....we can do it!!!.....YES WE CAN!....../s
Forward Comrades!!!
He would have had a copy of the security assessment.
I did the security assessment for a state exchange to the IRS. The PM most certainly received my report. I most certainly went through each of the findings with them.
How convenient.
The person who authored the memo that Chao "never saw" is now out of the picture.
No doubt Jarrett told him to go into hiding.
Chao said he was unaware of a Sept. 3 government memo written by another senior official at CMS. It found two high-risk issues
No. Absolutely not. Total BS. There is a risk manager. He knows all the risks. He reports the risks up the chain of command. For risks to -- instead -- be compartmentalized and kept hidden from the PM ... that's either a lie or an inconceivable level of managerial incompetence.
Bart Simpson
I’ll take “inconceivable level of managerial incompetence” for $100 if you please Alex.
According to federal guidelines, high risk means “the vulnerability could be expected to have a severe or catastrophic adverse affect on organizational operations ... assets or individuals.”
So this is what is meant by a catastrophic insurance policy. A policy devised by Leftists.
How to fix it? Implant a chip in your hand or your forehead. Of course it will contain that well known number 666.
Better odds than Powerball for sure!
Given the fact that the federal government requires organizations handling financial information to conform to SOX (Sarbanes Oxley) audits, and organizations handling health care information to conform to HIPPA audits, it sounds like the system developed (NOT JUST THE WEB SITE!!!) doesn’t conform to either.
In addition to that, any self respecting financial company, especially one that uses credit cards, is supposed to meet PCI security specifications ( https://www.pcisecuritystandards.org/security_standards/index.php )
What are the chances that any of these security standards have been met?
Mark
Either one of two things happened:
1. Henry Chao lied to Congress when he testified behind closed doors last week for 9+ hours. He stated that he never saw the memo and he had been told that there were no significant problems with the web site.
Or:
2. Chao was never shown the Trenkle memo [but his superiors were] and they realized that [if he was shown the memo], he would never sign off on the Oct. 1st release.
Its either one or the other ...
Isn’t it sad that this is getting exponentially more play than Fast & Furious and the IRS.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.