Principles of Information Systems (MindTap Course List)
13th Edition
ISBN: 9781305971776
Author: Ralph Stair, George Reynolds
Publisher: Cengage Learning
expand_more
expand_more
format_list_bulleted
Question
Chapter 14, Problem 2CE
Program Plan Intro
Code of ethics:
- The “ethics” word comes from the Greek term “duty”. The code of ethics means all the responsibilities that professional must respect when carrying out their work.
- It also contains the core value of the work and the behavior which should be adopted.
Example:
Professional and confidentiality secrecy are responsibilities contained in code of ethics and conduct in numerous professions like accountants, lawyers, doctors and journalists.
Intent of code of ethics:
- The intent of code of ethics established by a professional order as a way to safeguard public and the status of professionals.
- The employee who breach their code of ethics suffer disciplinary actions that can range from a warning or rebuke to dismissal or ejection from their professional order.
Privacy policy:
- A privacy policy denotes a statement that discloses some or all ways an organization would gather, use, disclose and manage data of customers as well as clients.
- It fulfills a legal requirement for protecting privacy of customers as well as clients.
- Personal information denotes anything that could be used to identify an individual.
- It represents a generalized treatment that tends to be more specific and detailed.
- The exact content of certain privacy policy will depend upon applicable law and need to address requirements across all boundaries.
Expert Solution & Answer
Want to see the full answer?
Check out a sample textbook solutionStudents have asked these similar questions
You were been given the position of Chief Information Officer at your organization. In your role as Chief Information Security Officer, the first thing you'll need to do is provide recommendations for how your company can protect its data from being lost on purpose or by mistake. Kindly suggest any precautions that might be taken to protect the information of your firm.
Provide a summary and explanation of the numerous preventative measures available against phishing and deception techniques.
The CISO approaches the interns who seem to be breaking various security standards, who express their displeasure. According to the organization, they don't encrypt their workstations, download unlicensed music, connect personal devices to corporate computers, spend too much time on social media, and download pornographic content on workplace systems. The CISO recommends that you create a security document (Rules of Behavior) that has at least 15 rules limiting what employees may and may not do when connected to the corporate network.
Chapter 14 Solutions
Principles of Information Systems (MindTap Course List)
Ch. 14.1 - What is the harm in nonproductive use of...Ch. 14.1 - Prob. 2RQCh. 14.1 - Do you think that it would help to involve a small...Ch. 14.1 - Prob. 2CTQCh. 14.2 - Prob. 1RQCh. 14.2 - Prob. 2RQCh. 14.2 - Prob. 1CTQCh. 14.2 - Prob. 2CTQCh. 14.3 - Prob. 1RQCh. 14.3 - Prob. 2RQ
Ch. 14.3 - Prob. 1CTQCh. 14.3 - Prob. 2CTQCh. 14.4 - Prob. 1RQCh. 14.4 - Prob. 2RQCh. 14.4 - Prob. 1CTQCh. 14.4 - Prob. 2CTQCh. 14 - Prob. 1SATCh. 14 - Prob. 2SATCh. 14 - Prob. 3SATCh. 14 - Prob. 4SATCh. 14 - Prob. 5SATCh. 14 - Prob. 6SATCh. 14 - Prob. 7SATCh. 14 - Prob. 8SATCh. 14 - Prob. 9SATCh. 14 - Prob. 10SATCh. 14 - Prob. 11SATCh. 14 - Prob. 12SATCh. 14 - Prob. 13SATCh. 14 - Prob. 14SATCh. 14 - Prob. 15SATCh. 14 - Prob. 16SATCh. 14 - Prob. 1RQCh. 14 - Prob. 2RQCh. 14 - Prob. 3RQCh. 14 - Prob. 4RQCh. 14 - Prob. 5RQCh. 14 - Prob. 6RQCh. 14 - Prob. 7RQCh. 14 - Prob. 8RQCh. 14 - Prob. 9RQCh. 14 - Prob. 10RQCh. 14 - Prob. 11RQCh. 14 - Prob. 12RQCh. 14 - Prob. 1DQCh. 14 - Prob. 2DQCh. 14 - Prob. 3DQCh. 14 - Prob. 4DQCh. 14 - Prob. 5DQCh. 14 - Prob. 6DQCh. 14 - Prob. 7DQCh. 14 - Prob. 8DQCh. 14 - Prob. 9DQCh. 14 - Prob. 10DQCh. 14 - Prob. 1PSECh. 14 - Prob. 1TACh. 14 - Imagine that your team has been hired to conduct a...Ch. 14 - Prob. 3TACh. 14 - Prob. 1WECh. 14 - Prob. 2WECh. 14 - Prob. 3WECh. 14 - Prob. 1CECh. 14 - Prob. 2CECh. 14 - Prob. 3CECh. 14 - Prob. 1CTQ1Ch. 14 - Prob. 2CTQ1Ch. 14 - Prob. 3CTQ1Ch. 14 - Prob. 1CTQ2Ch. 14 - Prob. 2CTQ2Ch. 14 - Prob. 3CTQ2
Knowledge Booster
Similar questions
- Where do you think an organization's information security begins and ends, in your opinion? To put it another way, when does a company's security policy and measures go into effect, and when do they stop? Do you think any of these restrictions will be lifted in the future? Explain how and why this is the case if this is the case. What would be the reason if that was not the case?arrow_forwardTo learn more about your institution's security rules, look them up on the intranet or website. Is there a corporate security policy somewhere? Where have you come across security rules that are tailored to address a particular problem? What agency or department is in charge of issuing or coordinating all of these policies, or are they dispersed across the organization? Use the framework provided in this chapter to determine whether or not the policies you found in the preceding exercise are complete. What are the omissions in these areas?arrow_forwardOver the last three years, a security breach of personal information has resulted in certain instances of identity theft. What can you do to safeguard against identity theft? Give a concrete illustration of what you mean.arrow_forward
- Where do you believe the responsibility for information security begins and ends in a company? In order to know when security policies and procedures become active and inactive, we must know how much control the organization has over those times. Perceived or actual, do you think any of these boundaries will be increased in size? If this is the case, tell us how and why you went about it. If this isn't the case, why is that?arrow_forwardSome experts in the area of information technology security believe that companies should bring on former hackers to act as consultants in order to strengthen their defenses. That's what you think, right? A good justification or a terrible one?arrow_forwardAnswer the given question with a proper explanation and step-by-step solution. In this week's lecture, we are looking at the SANS CISO Mind Map and how we focused on Security Operations. Pick one of the items (for example - - Data Loss Prevention (DLP), VPN, Security Gateway, etc.) and research the topic and provide a two-paragraph minimum with references on the topic. Pick something you are interested in or do not know but would like to learn more about the topic. Sell me, make me excited.arrow_forward
- Where do you think the duty for information security in a firm starts and ends? We need to know how much control the organization has over when security policies and procedures become active and inactive in order to recognize when they do. Do you believe any of these borders, whether perceived or real, will be expanded? Tell us how and why you went about it if this is the case. Why isn't this the case if it is?arrow_forwardWhy CIA triad is an important concept while studying cryptography and data security? Why other attributes such as Usability, Testability, and Flexibility etc. are not considered while studying cryptography and data security? Justify your answerarrow_forwardSuppose that you are appointed as Chief Security Office (CSO) in an organization which deals with very critical and classified resources. The resources are so highly confidential that only authorized personnel should be given access to this facility. Access to unauthorized people may cause severe threats to national security. This facility is newly built and currently doesn’t have any automated information technology-based authentication system. After being appointed as CSO, the first task you have been assigned is to design an IT based authentication system which verifies the identity of a person when he/she wants to access the facility. Propose and explain an authentication system which can be used for verification of employees to let only those personnel give access to classified resources who have proper access rights. Please note that single factor authentication may not serve the purpose well.arrow_forward
- You are assigned as a Cyber Investigator to a Computer Crimes Unit within the Department of Homeland Security. In your role, you are responsible for responding to crime scenes to collect items of digital evidence and conducting subsequent examinations of the things ordered. Legal analysis is inherent in your position, and you are required to document your legal authority for each investigation. Today, you responded to a College Dormitory to investigate an unidentified individual downloading Child Sexual Abuse Material (CSAM). In the proceeding days, you downloaded 200 Gigabytes of known CSAM from a user over Peer2Peer software. During the download, you were able to identify the Suspect's Internet Protocol Address, as well as a Port Number. You specified the Suspect was using IP Address 71.143.70.239:8451. Subsequently, the Internet Service Provider identified that l leased the IP Address to University Dorm Rooms. After coordinating with the university Office of Technology…arrow_forwardExplore the use of keyword-based encryption and its applications in cybersecurity. How does it enhance data security and privacy?arrow_forwardChoosing The Right Security Framework For Your Organization The many challenges related to building and running an information security program can be overwhelming. The chief information security officer (CISO) is responsible for running Identity And Access Management (IAM), Data Loss Prevention (DLP) and many other security programs. On top of those daunting considerations are the complex areas of governance, risk and regulatory compliance. One of the most effective ways to build and maintain these programs is to use a hybrid security framework that is customized to meet business objectives, and to define policies and procedures for implementing and managing controls in the organization. It should be tailored to outline specific security controls and regulatory requirements that impact the business.Common Security FrameworksTo better understand security frameworks, let’s take a look at some of the most common and how they are constructed.NIST SP 800-53First published in 1990, National…arrow_forward
arrow_back_ios
SEE MORE QUESTIONS
arrow_forward_ios
Recommended textbooks for you
- Principles of Information Systems (MindTap Course...Computer ScienceISBN:9781305971776Author:Ralph Stair, George ReynoldsPublisher:Cengage LearningFundamentals of Information SystemsComputer ScienceISBN:9781337097536Author:Ralph Stair, George ReynoldsPublisher:Cengage LearningPrinciples of Information Security (MindTap Cours...Computer ScienceISBN:9781337102063Author:Michael E. Whitman, Herbert J. MattordPublisher:Cengage Learning
- Management Of Information SecurityComputer ScienceISBN:9781337405713Author:WHITMAN, Michael.Publisher:Cengage Learning,Principles of Information Systems (MindTap Course...Computer ScienceISBN:9781285867168Author:Ralph Stair, George ReynoldsPublisher:Cengage LearningFundamentals of Information SystemsComputer ScienceISBN:9781305082168Author:Ralph Stair, George ReynoldsPublisher:Cengage Learning
Principles of Information Systems (MindTap Course...
Computer Science
ISBN:9781305971776
Author:Ralph Stair, George Reynolds
Publisher:Cengage Learning
Fundamentals of Information Systems
Computer Science
ISBN:9781337097536
Author:Ralph Stair, George Reynolds
Publisher:Cengage Learning
Principles of Information Security (MindTap Cours...
Computer Science
ISBN:9781337102063
Author:Michael E. Whitman, Herbert J. Mattord
Publisher:Cengage Learning
Management Of Information Security
Computer Science
ISBN:9781337405713
Author:WHITMAN, Michael.
Publisher:Cengage Learning,
Principles of Information Systems (MindTap Course...
Computer Science
ISBN:9781285867168
Author:Ralph Stair, George Reynolds
Publisher:Cengage Learning
Fundamentals of Information Systems
Computer Science
ISBN:9781305082168
Author:Ralph Stair, George Reynolds
Publisher:Cengage Learning