It all started when the phone rang, which was typical.
Typical in the days when I was a security manager…
“Information Security, Mack here,” I said, as I continued to read the magazine in front of me.
“Hey Mack, this is Leeda. I need your help,” the voice said, as my mind started coming back online.
Leeda was a manager in Internal Audit; when I heard from her, it usually meant I had to carve a few weeks out of my schedule. Fast.
“Hi, Leeda, what adventures did you have in mind?” I looked at the next two weeks of my calendar with dismay: they were full.
“I need access to someone’s email, but I need to limit who knows that I’m looking. We’re following up on some items that fell out of an audit. Can you get me that access without anyone knowing?”
“No, I said, but only 1 other person needs to know. He owes me a favor big time.”
“OK, Mack, that’s good enough,” Linda said. “How soon can you do it?”
I chuckled. “How soon do you need it?”
“Today would really help,” Leeda replied, giving me the name. I looked at my watch and saw it was already 3 PM.
“Not a problem,” I promised. “As long as I get the usual approval signoffs by 3:30 PM today, I’ll call you when everything’s ready. Do you know how to attach to another person’s email?”
“Yes, I monitor the whistleblower emails, so I know how,” Leeda assured me.
I had one last question to ask. “Leeda, can you tell me what this is about so I know what’s coming and how much time I’ll need to plan for?”
“No I can’t,” she said. “But if our suspicions are correct, we’ll be talking again real soon.”
ITauditSecurity 
Interesting story! I will check back on Tuesday :)
LikeLike
It gets even better….
LikeLike
Pingback: Top 10 Reasons Why Being an IT Auditor is So Hard | ITauditSecurity