Principles of Information Systems (MindTap Course List)
13th Edition
ISBN: 9781305971776
Author: Ralph Stair, George Reynolds
Publisher: Cengage Learning
expand_more
expand_more
format_list_bulleted
Concept explainers
Question
Chapter 14, Problem 1CE
Program Plan Intro
Code of ethics:
- The “ethics” word comes from the Greek term “duty”. The code of ethics means all the responsibilities that professional must respect when carrying out their work.
- It also contains the core value of the work and the behavior which should be adopted.
Example:
Professional and confidentiality secrecy are responsibilities contained in code of ethics and conduct in numerous professions like accountants, lawyers, doctors and journalists.
Intent of code of ethics:
- The intent of code of ethics established by a professional order as a way to safeguard public and the status of professionals.
- The employee who breach their code of ethics suffer disciplinary actions that can range from a warning or rebuke to dismissal or ejection from their professional order.
Privacy policy:
- A privacy policy denotes a statement that discloses some or all ways an organization would gather, use, disclose and manage data of customers as well as clients.
- It fulfills a legal requirement for protecting privacy of customers as well as clients.
- Personal information denotes anything that could be used to identify an individual.
- It represents a generalized treatment that tends to be more specific and detailed.
- The exact content of certain privacy policy will depend upon applicable law and need to address requirements across all boundaries.
Expert Solution & Answer
Want to see the full answer?
Check out a sample textbook solution
Students have asked these similar questions
You have been assigned to be a computer security trainer for your firm’s 2,000 employees and contract workers. What are the key topics you would cover in your initial one-hour basic training program for non-IT personnel? What sort of additional security-related training might be appropriate once people have the basics covered ?
You are a computer security trainer for your firm’s 200 employees and contract workers. What are the key topics you would cover in your initial half-hour basic training program on security for non-IT personnel? What sort of additional security-related training might be appropriate once people have the basics covered?
You were been given the position of Chief Information Officer at your organization. In your role as Chief Information Security Officer, the first thing you'll need to do is provide recommendations for how your company can protect its data from being lost on purpose or by mistake. Kindly suggest any precautions that might be taken to protect the information of your firm.
Chapter 14 Solutions
Principles of Information Systems (MindTap Course List)
Ch. 14.1 - What is the harm in nonproductive use of...Ch. 14.1 - Prob. 2RQCh. 14.1 - Do you think that it would help to involve a small...Ch. 14.1 - Prob. 2CTQCh. 14.2 - Prob. 1RQCh. 14.2 - Prob. 2RQCh. 14.2 - Prob. 1CTQCh. 14.2 - Prob. 2CTQCh. 14.3 - Prob. 1RQCh. 14.3 - Prob. 2RQ
Ch. 14.3 - Prob. 1CTQCh. 14.3 - Prob. 2CTQCh. 14.4 - Prob. 1RQCh. 14.4 - Prob. 2RQCh. 14.4 - Prob. 1CTQCh. 14.4 - Prob. 2CTQCh. 14 - Prob. 1SATCh. 14 - Prob. 2SATCh. 14 - Prob. 3SATCh. 14 - Prob. 4SATCh. 14 - Prob. 5SATCh. 14 - Prob. 6SATCh. 14 - Prob. 7SATCh. 14 - Prob. 8SATCh. 14 - Prob. 9SATCh. 14 - Prob. 10SATCh. 14 - Prob. 11SATCh. 14 - Prob. 12SATCh. 14 - Prob. 13SATCh. 14 - Prob. 14SATCh. 14 - Prob. 15SATCh. 14 - Prob. 16SATCh. 14 - Prob. 1RQCh. 14 - Prob. 2RQCh. 14 - Prob. 3RQCh. 14 - Prob. 4RQCh. 14 - Prob. 5RQCh. 14 - Prob. 6RQCh. 14 - Prob. 7RQCh. 14 - Prob. 8RQCh. 14 - Prob. 9RQCh. 14 - Prob. 10RQCh. 14 - Prob. 11RQCh. 14 - Prob. 12RQCh. 14 - Prob. 1DQCh. 14 - Prob. 2DQCh. 14 - Prob. 3DQCh. 14 - Prob. 4DQCh. 14 - Prob. 5DQCh. 14 - Prob. 6DQCh. 14 - Prob. 7DQCh. 14 - Prob. 8DQCh. 14 - Prob. 9DQCh. 14 - Prob. 10DQCh. 14 - Prob. 1PSECh. 14 - Prob. 1TACh. 14 - Imagine that your team has been hired to conduct a...Ch. 14 - Prob. 3TACh. 14 - Prob. 1WECh. 14 - Prob. 2WECh. 14 - Prob. 3WECh. 14 - Prob. 1CECh. 14 - Prob. 2CECh. 14 - Prob. 3CECh. 14 - Prob. 1CTQ1Ch. 14 - Prob. 2CTQ1Ch. 14 - Prob. 3CTQ1Ch. 14 - Prob. 1CTQ2Ch. 14 - Prob. 2CTQ2Ch. 14 - Prob. 3CTQ2
Knowledge Booster
Learn more about
Need a deep-dive on the concept behind this application? Look no further. Learn more about this topic, computer-science and related others by exploring similar questions and additional content below.Similar questions
- You have recently started working for your firm in the role of Chief Information Officer. As the Chief Information Security Officer of your company, the first thing you need to do is think of ways to stop the unintentional or intentional destruction of the data that belongs to your company. I would really appreciate it if you could kindly recommend any data security procedures for our firm.arrow_forwardThis week, your flooring sales and installation company client wants you to explain the different kinds of attack threats their business faces from hackers. Write a 1- to 2-page memo or create a 1- to 2-page table that summarizes attack threats from hackers to any business, noting which are applicable to your client's business; how the vulnerabilities in a system can be exposed; and countermeasures that can mitigate against threats from attack. Describe sniffing attacks, identify a protocol that is vulnerable to sniffing, and suggest appropriate countermeasures. Describe session hijacking, provide an example of a specific threat from session hijacking, and recommend appropriate countermeasures for the threat. Describe spoofing, provide an example of a specific threat from spoofing, and recommend appropriate countermeasures for the threat. Describe poisoning attacks, provide an example of a specific threat from a poisoning attack, and recommend appropriate countermeasures…arrow_forwardYour company has acquired Joggers PLC, a smaller company. The integration of the information systems can take up to 6 months, and until then Joggers PLC workers will continue following their policies. You have been tasked with ensuring that their IT practices will be safe and lead to a secure system. What advice would you give your manager regarding information security policies?arrow_forward
- You are required to explore the online properties of three major IT firms (Cisco, Oracle, and Microsoft) plus two more sites of your selection (see Resources). Look for examples of good security measures on the sites you visit often. In what ways do you learn?arrow_forwardDo you have any suggestions for protecting the company's network from being attacked by cybercriminals?arrow_forwardThe CISO approaches the interns who seem to be breaking various security standards, who express their displeasure. According to the organization, they don't encrypt their workstations, download unlicensed music, connect personal devices to corporate computers, spend too much time on social media, and download pornographic content on workplace systems. The CISO recommends that you create a security document (Rules of Behavior) that has at least 15 rules limiting what employees may and may not do when connected to the corporate network.arrow_forward
- In this discussion post, you will analyze a real-world incident involving penetration testing and the required ethics of professionals. The GIAC Code of Ethics and Coalfire incident readings will help you prepare for the discussion board. When writing your post, answer the following: What are the legal implications of pentesting and hacking information systems? How has providing penetration testing services changed since the arrest of the two Coalfire employees on September 11, 2019? As a security professional, what concerns would you have regarding what happened? What impact did this event have on the PenTester community?arrow_forwardIn 2018, the credit rating agency Equifax disclosed a major data breach involving the personal information of nearly 150 million people. Although Equifax's internal policy required patching critical vulnerabilities within 48 hours, a vulnerability was left unpatched for about 2 months. This was the vulnerability that was exploited by hackers to gain access to the system and obtain the personal information. In this exercise, you will analyze the Equifax incident and consider how the RMF could have helped Equifax prevent the incident. Carefully review this report and identify two vulnerabilities from different organizational levels, such as one vulnerability from Level 3 and one vulnerability from Level 1 or 2. Now think about the seven steps of the RMF. Summarize how these steps could have helped Equifax prevent or mitigate the vulnerabilities you identified. Identify at least one step for each vulnerability.arrow_forwardYou were just appointed to the position of CIO at your company. The first order of business for a Chief Information Security Officer is to devise measures to safeguard against the unintentional or malicious destruction of sensitive company information. What data security recommendations do you have for our business?arrow_forward
- The school and your employer were so pleased with your outline and handout for the high school career fair that you have been asked back to present on security threats, security measures, and hacking countermeasures to the entire student body and staff of the school. Create a 10- to 12-slide media-rich presentation including detailed speaker notes about a variety of security threats and security measures and hacking countermeasures to combat the threat. In your presentation, you should: Identify 1 threat and 1 security measure or hacking countermeasure for wireless networks. Identify 1 threat and 1 security measure or hacking countermeasure for mobile networks. Identify 1 threat and 1 security measure or hacking countermeasure for OT or IoT. Identify 1 threat and 1 security measure or hacking countermeasure for cloud-based platforms. Summarize the threats, security measures, and hacking countermeasures you identified. Recommend practical methods the staff and students at the school to…arrow_forwardQuestion 15 kk.Regarding security procedures, discuss the following: What are Security Procedures? What is the relationship Between Security Policies and Security Procedures? Why are security procedures needed in an organization? Full explain this question and text typing work only We should answer our question within 2 hours takes more time then we will reduce Rating Dont ignore this linearrow_forwardWhat are the most important IT security issues facing companies today? Have these changed over the last five years and do you think they'll continue to change? How should companies prepare themselves for security threats in the future?arrow_forward
arrow_back_ios
SEE MORE QUESTIONS
arrow_forward_ios
Recommended textbooks for you
Fundamentals of Information SystemsComputer ScienceISBN:9781337097536Author:Ralph Stair, George ReynoldsPublisher:Cengage Learning
Principles of Information Systems (MindTap Course...Computer ScienceISBN:9781305971776Author:Ralph Stair, George ReynoldsPublisher:Cengage Learning
Fundamentals of Information Systems
Computer Science
ISBN:9781337097536
Author:Ralph Stair, George Reynolds
Publisher:Cengage Learning
Principles of Information Systems (MindTap Course...
Computer Science
ISBN:9781305971776
Author:Ralph Stair, George Reynolds
Publisher:Cengage Learning