Hacker News new | past | comments | ask | show | jobs | submit login

There's a common systematic belief of that because that's the sort of thing a lot of actual compliance regulations de facto require (i.e., they demand controls around software deploys, and putting enforcing that in the same hands as those wanting to deploy it, i.e., devs, will fail an audit).

Source: My employer is currently undergoing SOX compliance






And there's a good reason that separation of duties is in every compliance standard...

Not saying whether it's a good or bad idea, just that it's a common systematic belief because it's a required thing in many organizations.



Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact

Search: