I've had numerous discussions with quality management fanatics over the years. They do a great job! Only one problem; you can't have policies, standards and procedures for everything. If something unforseen happens, you can either a) create a new range of documents and execute them, or b) you can take action based on common sense, experience and pure reflexes. Guess once which side I'm at. (Click image for full size)
I would say quality guys should stick to creating procedures for real people - They have exactly the same problem as security guys. We often create security procedures for imaginary people and not real ones...It is definitively something wrong with the procedures. They should take into account the fact that the world is sometimes unpredictable. If they don't - well - they are not really well suited for the real world, are they??
ReplyDeleteDifficult leaving a comment on your blog - all that security stuff I had to go though ;)