100% satisfaction guarantee Immediately available after payment Both online and in PDF No strings attached
logo-home
Previously searched by you
Previously searched by you
logo
C841 Legal Issues in Information Security Performance Assessment Task 2 C841 Legal Issues in Information Security Performance Assessment Task 2 $8.99   Add to cart
Quickly navigate to
Preview
  2.  
  3. C841
  4.  
  5. C841

Exam (elaborations)

C841 Legal Issues in Information Security Performance Assessment Task 2 C841 Legal Issues in Information Security Performance Assessment Task 2
 8 views  1 purchase
  • Course
  • C841
  • Institution
  • C841

C841 Legal Issues in Information Security Performance Assessment Task 2 C841 Legal Issues in Information Security Performance Assessment Task 2 lOMoARcPSD| C841 Legal Issues in Information Security PA Task 2 Legal Issues in Information Security (Western Governors University) 1 / 2 lOM...

[Show more]

Preview 2 out of 7  pages

Document information

  • August 31, 2022
  • 7
  • 2022/2023
  • Exam (elaborations)
  • Questions & answers

Subjects

  • c841 legal issues in information security performance assessment task 2 c841 legal issues in information security performance assessment task 2
  • c841 legal issues in information security performance as

Written for

  • C841
All documents for this subject (7)

Seller

avatar-seller
Classroom

Reviews received

Content preview

C841 Legal Issues in Information Security Performance Assessment Task 2 C841 Legal Issues in Information Security Performance Assessment Task 2

C841 Legal Issues in Information Security Task 2 Page 1




Western Governors University
C841 Legal Issues in Information Security Task 2


 A1: Discussion of Ethical Guidelines or Standards: In regards to the TechFite case study,

there are a number of relevant information security moral principles. First, all sensitive or

proprietary information encountered on the job should be treated with respect and kept

private. Second, professional responsibilities are to be discharged with integrity and

diligence in accordance with all applicable laws. In addition, the professional reputations of

coworkers, employers, and customers should not be intentionally slandered or brought into

question. Moreover, all work should be conducted in a manner consistent with information

security best practices. Finally, employees should not engage in any activities that may

constitute a conflict of interest.

 A1a: Justification of Standards or Guidelines: All of these tenets can be found in the

ethics policies of prominent organizations throughout the IT community. For example,

the Information Systems Security Association International (ISSA) Code of Ethics

echoes the sentiment that data privacy must be maintained (ISSA Code of Ethics, 2016).

It also emphasizes the importance of industry best practices and prohibits relationships

that could be construed as a conflict of interest (ISSA Code of Ethics, 2016). The

International Information Systems Security Certification Consortium (ISC)² addresses

professional responsibilities, stating that individuals should “act honorably, honestly,

justly, responsibly, and legally” ((ISC)² Code of Ethics, 1996). The American Society for

Industrial Security (ASIS) speaks to the issue of professional reputations, declaring that

personnel must not “maliciously injure the professional reputation or practice of


This study source was downloaded by 100000844708667 from CourseHero.com on 08-31-2022 03:02:44 GMT -05:00


https://www.coursehero.com/file/35430640/C841-Legal-Issues-in-Information-Security-Task-2docx/

, C841 Legal Issues in Information Security Task 2 Page 2


colleagues, clients, or employees” (ASIS Certification Code of Professional

Responsibility, 2018).

 A2: Description of Unethical Behaviors: There were a number of individuals and groups

within TechFite whose behavior was unethical. The head of the Applications Division, Carl

Jaspers, failed to safeguard sensitive data, encouraged immoral surveillance techniques and

had a relationship with IT Security Analyst Nadia Johnson that represented a clear conflict

of interest. This relationship was a quid pro quo arrangement where Mr. Jaspers gave Ms.

Johnson gifts and positive reviews in exchange for not reporting the division’s violations

(Jackson, n.d., p. 2). Nadia Johnson accepted these bribes and subsequently produced false

reports that claimed there was no unusual activity within the division (Jackson, n.d., p. 2).

The Business Intelligence (BI) Unit within the Applications Division accessed other

divisions without authorization, viewed private information without permission, mishandled

customer data and performed penetration tests without obtaining consent (Jackson, n.d., p.

3). Specifically, BI Unit employees Sarah Miller, Jack Hudson, and Megan Rogers

performed vulnerability scans of rival company’s networks. In addition, Mr. Hudson

“coordinates efforts by third parties to gather intelligence through surveilling and through

mining companies’ trash” (Jackson, n.d., p. 3). Furthermore, the Marketing/Sales Unit did

not perform proper separation of duties and the Financial Unit neglected to audit their

payment records.

 A3: Factors: The most obvious issue is the lack of an established Code of Ethics at

TechFite. Employers often make the mistake of assuming their staff understand what

conduct is considered acceptable and will abide by these precepts without instruction. While

in a perfect world this would be true, in reality this is not the case. A formal policy must be




This study source was downloaded by 100000844708667 from CourseHero.com on 08-31-2022 03:02:44 GMT -05:00


https://www.coursehero.com/file/35430640/C841-Legal-Issues-in-Information-Security-Task-2docx/

The benefits of buying summaries with Stuvia:

Guaranteed quality through customer reviews

Guaranteed quality through customer reviews

Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.

Quick and easy check-out

Quick and easy check-out

You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.

Focus on what matters

Focus on what matters

Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!

Frequently asked questions

What do I get when I buy this document?

You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.

Satisfaction guarantee: how does it work?

Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.

Who am I buying these notes from?

Stuvia is a marketplace, so you are not buying this document from us, but from seller Classroom. Stuvia facilitates payment to the seller.

Will I be stuck with a subscription?

No, you only buy these notes for $8.99. You're not tied to anything after your purchase.

Can Stuvia be trusted?

4.6 stars on Google & Trustpilot (+1000 reviews)

78861 documents were sold in the last 30 days

Founded in 2010, the go-to place to buy study notes for 14 years now

Start selling
$8.99  1x  sold
  • (0)
  Add to cart