> I pushed my cannelloni around while he expounded on the future of Hong Kong and when he finally wound down, asked, “Does it not occur to you that people want to do business with honest people they can trust? Not dishonest people they have to watch?”
> He became exasperated. “Didn’t you tell your client you have to create checks and balances in the company and watch each and every employee?”
> “Yes, but…”
> “And don’t you insist on systems being created in every company so that no one can get away with cooking the books or taking from the company no matter who is in charge?”
> “Yes…”
> “Then what difference does it make if someone you don’t trust is involved? You don’t trust anyone anyway. If your systems work, they work. I am not any more of a danger to you than any other person. I don’t see the problem.”
The risk for the employer is (risk that an employee is an embezzler) x (risk that your systems fail to catch them), though, so you probably want to minimize both terms?
Not quite because they are correlated. As he says, embezzlers are smart. So lowering the second risk also lowers the first as a smart embezzler is not likely to try when the risk of getting caught is high.
If I’m careful, I’m sure I could pet a tiger. If it sees me take enough precautions, it’s less likely to try and eat me. If it judges that’s it’s worth a pop and I don’t take sufficient precautions, I’m dinner.
> He became exasperated. “Didn’t you tell your client you have to create checks and balances in the company and watch each and every employee?”
> “Yes, but…”
> “And don’t you insist on systems being created in every company so that no one can get away with cooking the books or taking from the company no matter who is in charge?”
> “Yes…”
> “Then what difference does it make if someone you don’t trust is involved? You don’t trust anyone anyway. If your systems work, they work. I am not any more of a danger to you than any other person. I don’t see the problem.”
Eddie would have made a good security consultant.