Anda di halaman 1dari 96

5e

Ethics in Information Technology


Chapter 2
Ethics for IT Workers and IT Users
George W. Reynolds
2015 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part.

Learning Objectives
What key characteristics distinguish a professional
from other kinds of workers, and is an IT worker
considered a professional?
What factors are transforming the professional
services industry?
What relationships must an IT worker manage,
and what key ethical issues can arise in each?

2015 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part.

Ethics
and
IT
Our increasing reliance on computing and networks has created
many benefits for society
However, in addition to intended consequences, every social
action also has unintended consequences
The dark side of computing
Computer crime
Unreliable hard/software
Software piracy
Invasion of privacy
Hacking and cracking
Workplace surveillance
Viruses and worms
Data mining

2015 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part.

Approaches to Promote Ethical


Conduct
Establishing rules and regulations
Developing training and education programs
Punishing individual for ethical violations
Establishing an ethics code for the organization
Hiring and promoting individuals with ethical
behavior and understanding
Developing a system of rewards for both ethical
actions and unethical ones

2015 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part.

Figure 2.1 - Professional


Relationships IT Workers Must
Manage

Credit: Course Technology/Cengage Learning.


2015 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part.

Ethical Issues between IT


enforce policies
Workers
and
Employers
regarding
the ethical use of IT
software privacy
librarian are not allow to download or use illegal
software
employers join Bsusiness software Alliance

2015 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part.

An IT worker and an employer typically agree on


fundamental aspects of this relationship before the
worker accepts an employment offer.
software piracy in a corporate setting is sometimes
directly traceable to IT staff memberseither they
allow it to happen or they actively engage in it,
often to reduce IT-related spending.

2015 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part.

Business Software Alliance (BSA): Trade


group that represents the worlds largest software
and hardware manufacturers
Aims to stop the unauthorized copying of
software
members, Adobe, Apple, Intel, McAfee, Microsoft,
Symantec, The Math Works
http://ww2.bsa.org/country.aspx?sc_lang=hi-IN

2015 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part.

Software privacy Malaysia,


where to report?
https://reportingasia.bsa.org/New_Design/submit?src=my&ln=enus
https://www.facebook.com/bsamalaysiagenuine/

2015 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part.

2015 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part.

Malaysia copyright acts


Copyright Act 1987.
any businesses and its director(s) would be liable
to a minimum fine of RM2,000 and maximum
RM20,000 for each infringed copy of computer
programme, and/or a prison sentence of up to five
years.

2015 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part.

trade secret
Information that is of economic value and that has
required effort or cost to develop and has some
degree of uniqueness or novelty
http://www.fbi.gov/news/stories/2010/september
/steal-hybrid-technology

2015 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part.

example, trade secret


design of new software code
hardware design
business plan
design of a user interface to a computer program
manufacturing process
any formula, patent, physical device, idea, process
or compilation of information - See more at: e.g
KFC, Coke, Intel's manufacturing process

2015 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part.

http://www.themalaymailonline.com/features/arti
cle/coca-cola-and-trade-secrets

2015 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part.

how to get support for trade


secret

PlaTCOM Ventures specialises in technology


transfer and commercialisation of Intellectual
Property Rights (IPRs) via end-to-end facilitation.
As such, we help SMEs, universities and research
institutes to transfer their trade secrets via Knowhow Transfer Agreements to interested parties for
further development and commercialisation of
these inventions. For further information, please
contact us at info@platcomventures.com

2015 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part.

http://blogs.orrick.com/trade-secretswatch/category/china/

2015 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part.

trade secret in Malaysia


http://www.theborneopost.com/2016/04/17/ee-agateway-to-malaysias-trade/
TPPA signed With TPPA, stronger trade secret
protection will be strengthened and higher
standards of labour practices will be implemented
by companies in Malaysia, it will enhance Malaysia
as a choice location for investment.

2015 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part.

whistle blowing
Effort by an employee to attract attention to a
negligent, illegal, unethical, or abusive act by a
company that threatens the public interest

2015 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part.

Relationships between IT
Workers
and
Clients

IT workers provide services to clients; sometimes those


clients are coworkers who are part of the same
organization as the IT worker. In other cases, the client is
part of a different organization. Note that in relationships
between IT workers and clients, each party agrees to
provide something of value to the other.

Typically, the client makes decisions about a project on the


basis of information, alternatives, and recommendations
provided by the IT worker.
The client trusts the IT worker to use his or her expertise
and to act in the clients best interests.
2015 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part.

Ethical Issues between IT


Workers and Clients
Conflict of interest
Conflict between the IT workers self-interest and the interests of the client

Fraud
Obtaining goods, services, or property through deception or trickery

Misrepresentation
Misstatement or incomplete statement of a material fact

Breach of contract
Occurs when one party fails to meet the terms of a contract

Material breach of contract


Occurs when a party fails to perform certain obligations, thereby impairing or
destroying the essence of the contract
2015 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part.

20

conflict of interest
e.g. an IT consulting firm might be hired to assess
a firm's IT strategic plan
after a few week of analysis, the consulting firm
might provide a poor rating for the existing
strategy that its properitary products and services
are required to develop a new strategic plan
Can it be trused?

2015 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part.

example
Note that problems can arise during a project if IT
workers find themselves unable to provide full and
accurate reporting of the projects status due to a
lack of information, tools, or experience needed to
perform an accurate assessment.

2015 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part.

project manager relunctant to share status


information because of contractual penalties for
failure to meet the schedule

2015 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part.

Fraud
crime of obtaning goods, services or property
through deceoption or trickery
when a person conscously decides to induce
another person to rely and act on a
misrepresentation

2015 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part.

Prove fraud in a court of law


the wrongdoer made a false representation of
material fact
the wrongdoer intended to deceive the innocent
party
the innocent party justifiably relied on the
misrepresentation
the innocent party was injured

2015 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part.

misrepresentation
misstatement or incomplete statement of a
material fact
if the misrepresentation causes the other party to
enter into a contract, that party may have the legal
right to cancel the contract or seek reimbursement
for damages
e.g. Siri, voice-activated software from Apple
iphone, filed a lawsuit as long dealy gave incorrect
direction,
2015 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part.

breach of contract
one party fails to meet the terms of a contract
1. escind the contract, seek restitution of any
compensation paid under the contract ot the brea.
treat the contract as being in effect and sue the
breaching party to receover damages

2015 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part.

what can you do?


when IT projects go wrong because of cost
overruns, schedule slippage, lack of system
functionality

2015 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part.

the parties might charge fraud


fraudulent misrepresentation
breach of contract

2015 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part.

frequent causes of problems in


IT
projects
the
customer changes the scope of the project or the system
requirements
poor communication between customer and vendor leads
to performance that does not meet expectations
the vendor delivers a system that meets customer
requirements, but a competitor comes out with a system
that offers more advanced and useful features
the customer fails to reveal information about legacy
systems or databases that make the new system extremely
difficult to implement

2015 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part.

Ethical Issues between IT


relationshipand
Workers
Suppliers
between
IT workers and suppliers
encourages the flow of useful communication as weel as the
sharing of ideas
lead to innovative and cost-effective ways of using the
suppliers' products and services

2015 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part.

Ethical Issues between IT


Workers and Suppliers

Bribery: Providing money, property, or favors to


someone in business or government in order to
obtain a business advantage
Foreign Corrupt Practices Act (FCPA): Makes it a
crime to bribe a foreign official, a foreign political party
official, or a candidate for foreign political office
The United Nations Convention Against Corruption Global treaty designed to fight bribery and corruption

2015 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part.

32

FCPA penalties
fine of up to $2million per violation
individual violatorsmaybe fined up to $100,000
imprisoned for up to five years

2015 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part.

Table 2.1 - Distinguishing


between Bribes and Gifts

2015 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part.

34

what do you think?


Note that in some countries, gifts are an essential
part of doing business. In fact, in some countries, it
would be considered rude not to bring a present to
an initial business meeting.

2015 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part.

A gift maybe considered a bribe if it is not declared


e.g. some companies have a policy of pooling the
gifts received by their employees, auctioning them
off and giving the proceeds to charity

2015 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part.

relationships between IT workers


and other professionals
professionals often quick to help each other obtain
new positions but slow to criticize each other in
public
have an interest in their profession as a whole
profession's code of conduct
serve as mentors and help develop new members
of the profession.

2015 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part.

Example professional code of


conduct

https://www.acm.org/about-acm/acm-code-ofethics-and-professional-conduct

2015 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part.

ethical issue
rsum inflation
exaggerating his/her qualification

Yahoo!, Scott Thompson, the president of eBay's


PayPal electronic payments, left the company due to
revelations that his resume falsely claimed that he
had earned a bachelor's degree in computer science
bigger problem in Asia
University of HK study, over 62% of respondents
exaggerating their year of experience, previous
positio held, job responssibilities
2015 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part.

http://www.hloom.com/resumelies/

2015 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part.

https://www.fastcompany.com/3058918/the-most-commonresume-lies-and-who-is-most-likely-to-tell-them

2015 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part.

http://www.hloom.com/resumelies/

2015 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part.

ethical issue, between IT


workers and other professionals
sharing of corporate information

sold to other organizations or shared informally


during work conversations with other

2015 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part.

relationships between IT workers


and IT users
IT user refers to a person who uses a hardware or
software product; the term distinguishes end users
from the IT workers who develop, install, service,
and support the product.
Note that IT workers have a duty to understand a
users needs and capabilities and to deliver
products and services that best meet those needs
subject, of course, to budget and time constraints.

2015 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part.

IT workers have key responsibility to establish an


environment that support ethical behavior by users
Hence, discorages software privacy, minimizes the
inappropriate use of corporate computing
resources and avoid the shari of information

2015 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part.

Relationships Between IT
Workers and Society

Society expects members of a profession to:


Provide significant benefits
Not cause harm through their actions

actions of anIT worker can affect society


e.g. a system analysit may design a computer based
control system to monitor a chemical
manufacturing process
failure or an error in the system, workers or
residents near the plant at risk
2015 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part.

46

body to protect the public


Professional organizations provide codes of ethics
to guide IT workers actions

2015 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part.

Impact of Codes of Ethics on


Ethical Behavior
Defines:

What the organization aspires to become


Rules and principles by which members of the organization
are expected to abide
A commitment to continuing education for those who
practice the profession

Result in following benefits for the individual,


profession, and society
Ethical decision making and ethical behavior
Trust and respect from general public
Evaluation benchmark for self-assessment
2015 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part.

48

Impact of Professional
Organizations on Ethical
Help IT workers to network with others, seek out
Behavior
new ideas, and continually build on their personal
skills and expertise
Prominent organizations
Association for Computing Machinery (ACM)
Institute of Electrical and Electronics Engineers
Computer Society (IEEE-CS)
Association of Information Technology Professionals
(AITP)
SysAdmin, Audit, Network, Security (SANS) Institute
2015 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part.

49

laws do not provide a complete guide to ethical


behaviour
an activity that is not defined as illegal does not
mean it is ethical

2015 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part.

benetifs of professional code of


ethics
ethical decision making

high standards of practice and ethical behavior


trust and respect from the general public
evaluation benchmark, act as self assessment

2015 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part.

Professional organizations
ACM, Association for computing machinery
computing society
IEEE, Institute of electrical and Electronics
Engineers Computer Society
Electrical and Electronics Engineers (IEEE) covers
the broad fields of electrical, electronic, and
information technologies and sciences. The IEEECS is one of the oldest and largest IT professional
associations, with about 85,000 members.
2015 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part.

SysAdmin, Audit, Network, Security (SANS)


institute -provide security training and
certification https://www.sans.org/

2015 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part.

homework
Compare the ACM to the IEEE, noting that IEEE
includes a wide number of professions and
provides a variety of services to each.
2.SANS makes available, at no cost, a collection of
some 1,200 research documents about various
topics of information security.

2015 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part.

1.(True or False) IT workers are not liable for malpractice because they
do not meet the legal definition of a professional.
Answer: True
2._____ is that act of providing money, property, or favors to someone
in business or government in order to obtain a business advantage.
Answer: Bribery
3._____ occurs when one party fails to meet the terms of a contract.
Answer: Breach of contrac
4._____ is the misstatement or incomplete statement of a material
fact.
Answer: Misrepresentation

2015 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part.

Impact of Certification on Ethical


Behavior
Certification: Indicates that a professional
possesses a particular set of skills, knowledge, or
abilities, in the opinion of the certifying
organization

Obliges an individual to have the prerequisite education


and experience, and to sit for and pass an exam
Certifications from industry associations requires a
higher level of experience and a broader perspective than
vendor certifications

2015 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part.

56

unlike licensing, which applies only to people and


is required by law, certification can also apply to
products (e.g., the Wi-Fi CERTIFIED logo assures
that the product has met rigorous interoperability
testing to ensure that it will work with other WiFi-certified products) and is generally voluntary.

2015 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part.

certification is no substitute for experience and


doesnt guarantee that a person will perform well
on the job, some hiring managers are rather
cynical about the value of certifications.

2015 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part.

Vendor Certifications

Many IT vendorssuch as Cisco, IBM, Microsoft,


SAP, and Oracleoffer certification programs for
those who use their products.
workers who successfully complete a program can
represent themselves as certified users of a
manufacturers product.
Depending on the job market and the demand for
skilled workers, some certifications might
substantially improve an IT workers salary and
career prospects.

2015 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part.

Impact of Government Licensing


on Ethical Behavior
Government license: Permission to engage in
an activity or to operate a business
Encourages IT workers to follow the highest
standards of the profession and practice a code of
ethics
Allows for violators to be punished
Ensure the IT workers take heightened care and
abstain from professional malpractice

2015 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part.

60

Issues Associated with


Government Licensing of IT
No universally accepted core body of knowledge
Workers
Body of knowledge: Outlines agreed-upon sets of
skills and abilities that all licensed professionals must
possess

Lack of clarity on who should manage the content


and administration of licensing exams
No administrative body to accredit professional
education programs
No administrative body to assess and ensure
competence of individual workers
2015 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part.

61

no administrative body to accredit IT professional


education like American Medical Association for
medical schools
no well defined, step by step process to train IT
workers
not broad agreement on what skills a good
programmer must posses

2015 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part.

IT Professional Malpractice
Negligence: Not doing something that a
reasonable person would do, or doing something
that a reasonable person would not do
Duty of care: Obligation to protect people against
any unreasonable harm or risk
Failure results in breach of the duty of care

2015 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part.

63

example
Duty of care
people have a duty to keep their pets from
attacking others and
to operate their car safely
businesses must keep dangerous pollutants out of
the air and water, make safe products, maintain
safe operating conditions for employees

2015 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part.

1.A(n) _____ is a government-issued permission to engage


in an activity or to operate a business.
Answer: government license
2._____ refers to the obligation to protect people against
any unreasonable harm or risk.
Answer: Duty of care
3._____ operates Internet Storm Centera program that
monitors malicious Internet activity and provides a free
early warning service to Internet users
Answer: The SysAdmin, Audit, Network, Security (SANS)
Institute
2015 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part.

IT Professional Malpractice
Reasonable person standard: Evaluates how
an objective, careful, and conscientious person
would have acted in the same circumstances
Reasonable professional standard: Evaluates those
who have particular expertise

Professional malpractice: Liability that applies


to professionals who breach the duty of care
Are liable for injuries that their negligence causes

2015 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part.

66

Common Ethical Issues for IT


Software piracy
Users

Inappropriate use of computing resources


Erode worker productivity and waste time
Could lead to lawsuits

Inappropriate sharing of information


Violation of someones privacy, if its private data
Potential that company information could fall into the
hands of competitors, in the case of confidential
information

2015 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part.

67

Software Piracy
A common violation occurs when employees copy
software from their work computers for use at
home.
Some IT end users have figured out how to
download applications from the Android Market
Web site without paying for them and then use the
software or sell it to others.

2015 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part.

inappropriate use of computing


resources
Some employees use their computers to surf
popular Web sites that have nothing to do with
their jobs, participate in chat rooms, view
pornographic sites, and play computer games,
which eat away at worker productivity and waste
time.

2015 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part.

Inappropriate Sharing of
Information
private and confidential information.

2.WikiLeaks Web site (http://wikileaks.org) in late


2010.

2015 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part.

Supporting the Ethical Practices


of
Policies that protect against abuses help:
IT Users
Set forth general rights and responsibilities of all users
Establish boundaries of acceptable behavior
Enable management to punish violators

Policy components include:


Establishing guidelines for use of company software
Defining appropriate use of IT resources
Structuring information systems to protect data and
information
Installing and maintaining a corporate firewall
2015 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part.

71

Table 2.5 - Managers Checklist


for Establishing an IT Usage
Policy

2015 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part.

72

Table 2.5 - Managers Checklist


for Establishing an IT Usage
Policy

2015 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part.

73

Table 2.5 - Managers Checklist


for Establishing an IT Usage
Policy

2015 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part.

74

Compliance
To be in accordance with established policies,
guidelines, specifications, or legislation
Requires an individual to behave in accordance
with legislation
Failure to be in compliance with legislation can
lead to lawsuits or government fines

2015 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part.

75

Compliance
To ensure compliance, companies:
Implement software to track and record compliance
actions
Hire management consultants for advice and training
Create the position of chief compliance officer (CCO), to
deal with the issues related to compliance

2015 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part.

76

Compliance
Audit committee: Board of directors provides
assistance to the board with respect to the:
Quality and integrity of accounting and reporting
practices and controls
Organizations compliance with legal and regulatory
requirements
Qualifications, independence, and performance of the
organizations independent auditor
Performance of the companys internal audit team

2015 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part.

77

Compliance
Internal audit committee responsibilities:
Determine that internal systems and controls are
adequate and effective
Verify existence of company assets and maintain proper
safeguards over their protection
Measure the organizations compliance with its own
policies and procedures
Ensure that institutional policies and procedures,
appropriate laws, and good practices are followed
Evaluate adequacy and reliability of information
available for management decision making
2015 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part.

78

Summary
Professionals
Require advanced training and experience
Must exercise discretion and judgment in their work
Their work cannot be standardized

From a legal standpoint, a professional:


Has passed the state licensing requirements
Has earned the right to practice in a state(s)

IT professionals have many different relationships


Each with its own ethical issues and potential problems
2015 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part.

79

Summary
Professional code of ethics
States the principles and core values essential to the work
of an occupational group
Serves as a guideline for ethical decision making
Promotes high standards of practice and behavior
Enhances trust and respect from the general public
Provides an evaluation benchmark

Licensing and certification of IT professionals


Increases the reliability and effectiveness of information
systems
2015 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part.

80

Summary
IT-related professional organizations have
developed their code of ethics that:
Outlines what the organization aspires to become
Lists rules and principles for members
Includes a commitment to continuing education for those
who practice the profession

Audit committee and internal audit team have a


major role in ensuring that both the IT organization
and IT users are in compliance with guidelines and
various legal and regulatory practices
2015 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part.

81

1.A(n) _____ is a hardware or software device that serves as a barrier


between an organizations network and the Internet.
Answer: firewall
2.The term _____ means to be in accordance with established policies,
guidelines, specifications, or legislation.
Answer: complianc
3.(True or False) A firewall can also serve as an effective barrier to
incoming email from certain Web sites, companies, or users.
Answer: True
4.(True or False) In 1992, the SEC recommended that publicly held
organizations establish audit committees.
Answer: False
2015 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part.

What strategies can a company employ to maintain


trade secrecy, given the high turnover among IT
workers?

2015 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part.

Homework
1.Write a paper researching various ways companies
monitor employee use of computing resources, including
access to the Internet and e-mail.
2.Design an IT use policy for a software company that
develops banner ads for a search engine, tailored to the
subject for which the user is searching. Keep in mind that
the employees of such a company would need unlimited
access to the Web.
3.Write a paper surveying vendor certifications, and
discuss the tradeoff between the usefulness and cost of each
certificate.
2015 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part.

How do you distinguish between


misrepresentation and embellishment of ones
professional accomplishments in order to win a
contract to complete a major project? Provide an
example of an embellishment that would not be
considered misrepresentation.

2015 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part.

Embellishment (rsum inflation) is the addition


of false information to ones resume in order to
appear more attractive to business interests, while
misrepresentation is the misstatement or
incomplete statement of a material fact. Students
examples will vary. If the misrepresentation causes
the other party to enter into a contract, that party
may have the legal right to cancel the contract or
seek reimbursement for damages.

2015 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part.

Do laws provide a complete guide to ethical


behavior? Can an activity be legal but not ethical?

2015 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part.

Laws do not provide a complete guide to ethical


behavior. They do not provide principles and core
values that are essential to a particular occupation.
Although some activities are considered legal, they
may not meet the ethical standards set forth by a
company. Students examples will vary.

2015 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part.

Does charging by the hour encourage unethical


behavior on the part of contract workers and
consultants?

2015 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part.

Students answers will vary. There is the possibility


that contract workers may be tempted to inflate
their billable hours.

2015 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part.

Describe a situation in which there could be a


conflict of interest between an IT workers selfinterest and the interests of a client. How should
this potential conflict be addressed?

2015 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part.

Students answers will vary. One example would be


project delays. An IT worker or the project
manager would be reluctant to share status
information with the client that could cause
further complications. However, these issues can
be eliminated by intimating the clients about the
project status, concentrating on getting the project
back on track by resolving issues in a timely
manner, and be transparent with the clients as
well.
2015 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part.

Should all IT professionals be licensed or certified?


Why or why not?

2015 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part.

Students answers will vary. Most of them will say


that licensing and certification should be the
requirements for IT professionals as it offers
benefits to the professionals and their employers
and/or clients. Possession of a license or certificate
is proof that the professional has achieved a
certain level of education and experience. It gives
the prospective employer and/or client an
objective measure of the professionals ability, and
it helps improve the level of respect and trust given
by the general public.
2015 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part.

You are caught in the middle of a dilemma. You have been


subpoenaed to be a witness in a work-related sexual
harassment case involving your boss and a coworker. On
many occasions, you heard your boss make statements to
this employee that could be interpreted as sexual
advancements. Your boss has made it clear that he will make
things difficult for you at work if you testify in favor of the
employee. You could choose to testify in a manner that would
make it appear that your boss was not serious and that the
employee was overreacting. On the other hand, it was clear to
you that your boss was not joking with the employee and that
he was harassing her. What kind of repercussions could there
be if you testify in favor of your coworker? Would you be
willing to risk those repercussions? Does it really matter if
the case is dismissed because of your testimony?
2015 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part.

Students answers will vary. Some of them could say


that they would be inclined to testify in support of
their coworker who was being harassed. This would
be the ethical thing to do in the current situation
regardless of the threats from the boss. As a
repercussion, the boss could assign more work or
give negative reviews. However, if the boss is unfair,
the employee can approach someone superior to the
boss to tackle the problem. If the students have a
strong sense of ethics, it would really matter to them
if the case is dismissed because of their testimony.
2015 Cengage Learning. All Rights Reserved. May not be scanned, copied or duplicated, or posted to a publicly accessible website, in whole or in part.