Comment by Chris2048
9 days ago
Which begs the question, Does N Korea have governmental whistle-blower laws and/or services?
Also, internal audit aren't supposed to be the only audit, they are effectively pre-audit prep for external audit. And the first thing an external auditor should do - ask them probing questions about their systems and process.
Wrong Korea, this is South Korea
I have never been to DPRK but based on what I've read, I wouldn't even press "report phishing" button in my work email or any task at work I was not absolutely required to do, much less go out of my way to be a whistleblower.
That's true, but by their nature, external audits are rarer so one would have expected the IA people to have caught this first.