Tuesday, May 5, 2020
Effective Information Security Management Polices Free-Samples
Questions: 1.Identify Potential Ethical and Social Issues related to ITadministration Ethics 2.Discuss Ethical and social issues pertaining to IT systems 3.Interpret Professiona lcodes of ethics developed by various Industry bodie 4.Discuss Ethical behaviourin accordance with Professional codes. 5.Explain Ethicalsolutions to Ensure that the Society Benefits. Answers: Security Information Management 1.Network security professional need to be professional in their undertaking and have to consider ethical guidelines and considerations in the process of their engagement. According to Weiss (2014), it is unethical to read private emails for individuals just because of the privilege to the ability. However, if it is in line with security concerns of the company, it is necessary to inform employees of the need to use company emails for professional purposes and have them notified of the ability of the e-mails being read and used for security and privacy address. Employees deserve the right to privacy and have to be informed of the security measures to stay away from the using emails for private purposes. The professionals must uphold the right to privacy. 2.Monitoring websites for professional reasons such as carrying out statistics and trend patterns are allowed. However, monitoring private information of network users is unethical as it infringes the right to privacy. Concern can be taken to prevent access to pornography by blocking the sites from access for an organizations sake as long as the individuals involved have been warned of the same (Peltier 2016). Therefore, the right to privacy must be upheld as an ethical move by network management professionals. 3.Placing key loggers on machines on the network to capture user information is a security measure used by organizations. However, the move infringes the privacy concerns of individuals and the right to information secrecy. The practice is unethical as it violates the right to information privacy on the employees. In any case, an organization wants to monitor the information searched by employees for quality management and organization security; it is necessary for the employees to be notified in advance to be aware of the practice (Carroll and Buchholtz 2014). 4.Reading of documents and examination of graphic files on users computers is a practice that infringes the right to privacy. According to Jansen, Brinkkemper, and Finkelstein (2013), the ability to access information on a server should not be used for personal advantage since a professional would not desire others to access their information. Since security professional would not feel at peace if their information is accessed without their knowledge, it becomes equally unethical to do the same on others without their knowledge. The right to privacy must be upheld, and in any case, it has to be breached for security reasons, individuals have to be informed in advance for professionalism. 5.Ethics call for carrying out activities that are true according to conscience and whose actions do not harm other individuals. Professionals should not allow bribing or coercing towards measures that limit full implementation of security measures. Putting information risk of clients at the expense of saving costs serves as an unethical issue on the side of the network professional as they remain accountable for the loss of data which paints negatively on their professionalism (Jansen, Brinkkemper and Finkelstein 2013). It is proper for the network professionals to exercise full security operation desired by clients even if the costs remain high. Compromising security to save costs is unethical since it provides a short term benefit but deprives customers of their safety protocols which make them vulnerable to attacks. Therefore, adamant clients should have their services terminated in acting ethically to the profession until they comply to the full demands of network security manag ement. Reference List Jansen, S., Brinkkemper, S. and Finkelstein, A., 2013. Business network management as a survival.Software ecosystems: analyzing and managing business networks in the software industry,29. Weiss, J.W., 2014.Business ethics: A stakeholder and issues management approach. Berrett-Koehler Publishers. Carroll, A. and Buchholtz, A., 2014.Business and society: Ethics, sustainability, and stakeholder management. Nelson Education. Peltier, T.R., 2016.Information Security Policies, Procedures, and Standards: guidelines for effective information security management. CRC Press.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.