IHP4 Task 2: Ethics and Cybersecurity

A1/A1a. Ethical Guidelines Related to Information Security

Identify an organization other than those listed in the case study. From that organization's code of ethics document or listing, select and discuss a specific guideline related to information security that would apply to specific activity you observed in the case study. Present the selected guideline as an "ethical guideline" OR "ethical standard" NOT as a "code of ethics" or anything other than an "ethical guideline" OR "ethical standard". Discuss how the guideline is applicable to the activity (how the guideline relates, how the guideline could have helped prevent the activity had it been adopted by TechFite etc.).

Identify a second specific ethical guideline related to information security and related to the case study from the same organization OR a different organization OR somewhere else. Discuss how the guideline is applicable to specific activity from the case study. (how the guideline relates, how the guideline could have helped prevent the activity had it been adopted by TechFite etc.).

A2. Unethical Practices

Discuss a specific behavior/omission of behavior you observed and the unethicalpractice it fostered. Be sure to discuss who the specificactor(s) who exhibited the behavior were.

Discuss a second specific behavior/omission of behavior you observed and the unethicalpractice it fostered. Be sure to discuss who the specificactor(s) who exhibited the behavior were.

A3. Factors

Discuss a specific factor you observed in the case study that influenced/led to/contributed, to follow-on lax ethical behavior within Techfite. Be sure to logically tie your factor to the resultant behavior.

Discuss a second specific factor you observed in the case study that influenced/led to/contributed, to follow-on lax ethical behavior within Techfite. Be sure to logically tie your factor to the resultant behavior.

B1. Information Security Policies

State and describe a specific information security policy (by name i.e. Password Lockout Policy") and a specific instance of criminal activity and negligent activity it could have prevented/reduced/deterred. Discuss how the policy could have decreased threats to intellectual property.

State and describe a second specific information security policy (by name i.e. Password Lockout Policy") and a specific instance of criminal activity and negligent activity it could have prevented/reduced/deterred. Discuss how the policy could have decreased threats to intellectual property.

B2. SATE Components

Discuss a component that you would recommend this company adopt and implement as part of their SATE program. ["Components" in this context include (1)who will oversee/manage the program, (2) who will be required to participate (take/receive training), (3)who will deliver the training, (4) What are the repercussions for non-compliance.] Discuss 1 of the four here.

Discuss a second component that you would recommend this company adopt and implement as part of their SATE program. ["Components" in this context include (1)who will oversee/manage the program, (2) who will be required to participate (take/receive training), (3)who will deliver the training, (4) What are the repercussions for non-compliance.] Discuss 1 of the four here.

B2a. SATE Program Communication

Discuss "how" employees will be informed of the company's SATE Program's existence and requirements. This program did not exist before you recommended it, so how you would recommend the company "communicate" that it does and what it entails? An individual letter from the office custodian to each employee via raven or homing Pigeon? Or maybe a more modern technological method from a more authoritative source within the company?

B2b. SATE Program Justification

Restate one of the specific undesirable behaviors you discussed in Part A and discuss a training or education aspect that will be included in your recommended SATE program that would mitigate the identified behavior and thereby benefit TechFite.

Restate a second specific undesirable behavior you discussed in Part A and discuss a training or education aspect that will be included in your recommended SATE program that would mitigate the identified behavior and thereby benefit TechFite.

C. Ethics Issues and Mitigation Summary for Management

Succinctly recap the ethical issues discussed in parts A and B along with your recommended mitigation for each of them. Provide a paragraph or two to complete this section.