I was at a client’s site looking for more contract work when the manager of the department started telling me about their great IT security website on their Intranet. She clicks on their random generator password page and shows me how you can generate a block of “approved” passwords, sanctioned by their security department. At the top of the page, a banner read: Select a Strong Password!
Tag Archives: random
Sampling Hazards
A couple of us were arguing about the differences between random, haphazard, and judgmental sampling. One person said that picking samples here and there manually was random sampling. I argued the method described was actually haphazard sampling. Another said that haphazard sampling was not appropriate and that “audit judgment” was valued, not haphazard sampling.
Filed under Audit
ITauditSecurity 