hMmp

A man does what he must - in spite of personal consequences, in spite of obstacles and dangers and pressures - and that is the basis of all human morality.
Winston Churchill

We fear violence less than our own feelings. Personal, private, solitary pain is more terrifying than what anyone else can inflict.
Jim Morrison

Thursday, March 10, 2011

Review of the Code of Ethics



The Code of Ethics and Standards of Conduct constitutes a “living document,” that is intended to evolve given the development of new technologies and media and enactment of new laws and regulations.  As a result, WOMMA has adopted two mechanisms for the membership and third parties to comment upon the Code and Standards.

The first mechanism is the annual review process that is announced at the beginning of November each year and which concludes in February of the immediate following year.  It is designed to be transparent and inclusive, seeking thoughtful input and dialogue.

Specifically, there will be an announcement to WOMMA’s membership concerning the opportunity to submit written comments on the current Code of Ethics and Standards of Conduct.  This announcement will be sent to the membership via email and posted on WOMMA’s web site; in addition, an announcement will be made to non-members and other interested parties concerning the opportunity to submit comments on the current code.  Contemporaneous with the announcement WOMMA’s Living Ethics Blog will be made live.  All comments received by the Living Ethics Blog will be captured and posted on the web site under WOMMA’s Ethics/Living Ethics Project.  During this process, several reminders will be sent concerning opportunity to submit comment during this time period.  In addition, an open session on the Living Ethics Project will be held at the Annual WOMMA Summit Meeting.  All comments received will be provided to the Board to render any amendments to the Code and Standards.  The decision of the Board will then be made public and WOMMA members will be immediately notified.  Any members that are unable to comply with the amendments will be asked to resign their membership.

The second mechanism is a review that can be triggered by a petition concerning a specific issue to WOMMA’s Executive Director by three members in good standing.  Specifically, once the petitions by the three members are received, the following steps will occur:
The Living Ethics Blog will be made live within five business days and an announcement will be made to the membership both via email and on our web site.
There will be a comment period for thirty days. The dates will be announced via email and WOMMA’s web site concerning the time frame and the topic under review.
Once the comment period is officially opened, the implementation of that particular issue of the Code or Standards will be held in abeyance for a period of sixty days.
All of this information received will be made public on WOMMA’s website so that the entire process will be transparent, inclusive, and robust.
At the conclusion of the comment period, the Board will take all communications received and render a final and binding decision.
The Board’s decision will be announced to the membership via email and website.

Once the Board’s decision has been announced, there will be a one hundred and eighty (180) day compliance period, which will be clearly set out for the membership.  If any member is unable to comply, the affected member will be asked to resign from the membership.

Reference:
http://womma.org/ethics/code/
Posted by at No comments:

The Ten Commandments of Computer Ethics


Written by the Computer Ethics Institute
by the Computer Ethics Institute
  1. Thou shalt not use a computer to harm other people.
  2. Thou shalt not interfere with other people's computer work.
  3. Thou shalt not snoop around in other people's computer files.
  4. Thou shalt not use a computer to steal.
  5. Thou shalt not use a computer to bear false witness.
  6. Thou shalt not copy or use proprietary software for which you have not paid.
  7. Thou shalt not use other people's computer resources without authorization or proper compensation.
  8. Thou shalt not appropriate other people's intellectual output.
  9. Thou shalt think about the social consequences of the program you are writing or the system you are designing.
  10. Thou shalt always use a computer in ways that ensure consideration and respect for your fellow humans.
Reference:
 http://cpsr.org/issues/ethics/cei/
Posted by at No comments:

Real world ethical dilemmas


What if your perusal of random documents reveals company trade secrets? What if you later leave the company and go to work for a competitor? Is it wrong to use that knowledge in your new job? Would it be “more wrong” if you printed out those documents and took them with you, than if you just relied on your memory?
What if the documents you read showed that the company was violating government regulations or laws? Do you have a moral obligation to turn them in, or are you ethically bound to respect your employer’s privacy? Would it make a difference if you signed a non-disclosure agreement when you accepted the job?
IT and security consultants who do work for multiple companies have even more ethical issues to deal with. If you learn things about one of your clients that might affect your other client(s), where does your loyalty lie?
Then there are money issues. The proliferation of network attacks, hacks, viruses, and other threats to their IT infrastructures have caused many companies to “be afraid, be very afraid.” As a security consultant, it may be very easy to play on that fear to convince companies to spend far more money than they really need to. Is it wrong for you to charge hundreds or even thousands of dollars per hour for your services, or is it a case of “whatever the market will bear?” Is it wrong for you to mark up the equipment and software that you get for the customer when you pass the cost through? What about kickbacks from equipment manufacturers? Is it wrong to accept “commissions” from them for convincing your clients to go with their products? Or what if the connection is more subtle? Is it wrong to steer your clients toward the products of companies in which you hold stock?
Another ethical issue involves promising more than you can deliver, or manipulating data to obtain higher fees. You can install technologies and configure settings to make a client’s network more secure, but you can never make it completely secure. Is it wrong to talk a client into replacing their current firewalls with those of a different manufacturer, or switching to an open source operating system – which changes, coincidentally, will result in many more billable hours for you – on the premise that this is the answer to their security problems?
Here’s another scenario: what if a client asks you to save money by cutting out some of the security measures that you recommended, yet your analysis of the client’s security needs show that sensitive information will be at risk if you do so? You try to explain this to the client, but he/she is adamant. Should you go ahead and configure the network in a less secure manner? Should you “eat” the cost and install the extra security measures at no cost to the client? Should you refuse to do the job? Would it make a difference if the client’s business were in a regulated industry, and implementing the lower security standards would constitute a violation of HIPAA, GLB, SOX or other laws?

Reference:
http://www.windowsecurity.com/articles/Ethical-Issues-IT-Security-Professionals.html
Posted by at No comments:
Subscribe to: Posts (Atom)