I would definitely ask WHY the SQL Agent tasks are prohibited. The answer needs to be more than 'the auditor said so', as this just shows the auditor probably knows very little about SQL Server.
You should be told what exposure exists with SQL Agent, and how that exposure does not exist with the alternatives allowed by the auditor.
Original author: SQL Server FineBuild 1-click install and best practice configuration of SQL Server 2017 2016, 2014, 2012, 2008 R2, 2008 and 2005. 1 Dec 2016
: now over 39,000 downloads.
Disclaimer: All information provided is a personal opinion that may not match reality.
Quote: "When I give food to the poor they call me a saint. When I ask why they are poor they call me a communist." - Archbishop Hélder Câmara