Today, my colleague and I traveled to our second fieldwork location in Johor Bahru, which was quite far from our hostel. We had to prepare early and take a Grab ride to reach the client's premises.
Upon arrival, we were directed to a meeting room where we discussed the information request list with the person in charge, who mainly dealt with the IT operations of the company. We noted that matters related to the accounting software were mainly handled by the assistant accounting manager, who was not present at the meeting.
Following our usual fieldwork arrangement, we proceeded to conduct a sighting of the server room. During our inspection, we observed that the server room lacked some essential features, such as CCTV cameras and fire extinguishers.
During our discussion with the client about our audit findings, there was some disagreement about our suggested password policy. The person in charge mentioned that the staff would disagree with the suggested password configuration. In response, my senior colleague gently explained that we noticed the password configuration on the active directory was weak, and from a cybersecurity perspective, the system was vulnerable to hacking. We decided to raise this concern to the director and wait for their response.
With that, our fieldwork concluded, and we returned to our hostel.
Main things that have learnt
To learn how to deal with clients if there is a disagreement in a polite way.
Comment/idea/opinion
N/A
Comments