INFOSEC administrator for a company

Question
Answered step-by-step
Kandy is an INFOSEC administrator for a company with 500 employees,…
Kandy is an INFOSEC administrator for a company with 500 employees, this is an ongoing job (not a short contract) and she wishes to stay at this company for a long time. Her manager, Kenneth gives her the task of providing weekly reports showing which web pages have been accessed by individual employees and flagging any websites that are questionable (such as pornography). Kandy is aware that employees have not been asked by Kenneth to sign an agreement about which web page they visit while at work using work computers. She is also aware that employees may be penalised.

need to be answered in the sections provided below
Section 1 – The White Framework.
Step 1: Analyze – The Consequences
Step 2: Analyze – The Actions
Step 3: Make A Decision

Section 2 – The Governance and Regulatory Environment
Part 1 – ACS Code of Professional Conduct Analysis
Identify the appropriate ACS Code of Professional Conduct values along with the relevant sub-paragraph topics by number and sub-paragraph (e.g. 1.2.6 (g) – endeavour to extend public knowledge and understanding of ICT). Group each by value and appropriate corresponding sub-paragraphs relevant to your case study.

Section 2 – The Governance and Regulatory Environment
Part 2 – Legislative and International Standards Analysis
Identify the appropriate Australian Legislation (e.g. Fair Work Act; Privacy Act). Identify and list relevant Australian/International Organization for Standardization/International Electrotechnical Commission (AS ISO/IEC) (e.g. AS ISO/IEC 38500:2016). Provide at least four items in each category in the boxes below.  
Australian Legislation
AS/ISO/IEC Standards
Section 3 – Justifying a Decision and Recommending Appropriate Action
What were the most important professional ethics issues/dilemmas for you in your scenario? (Reference at least two core issues)
What do you believe are the most appropriate decisions to be made here for management, organisation and employees?
Who is responsible for taking what action here and why? (Name names!)
What can be done, or what strategies can be implemented to ensure that a similar situation does not occur again?
What did you learn from reading this scenario?
Computer ScienceEngineering & TechnologyInformation Security
Share Question
Answer & Explanation
Solved by verified expert
Section 1: The white framework-
 
Analyze the consequences, the action, and making decisions are the three steps that can be a major help for Kandy to solve and examine the ethical dilemma. These are the facts and the standard practice for the manager to be credited for the performance of the juniors; however, they are not legal, especially in cases where the management teams concerned consider the individual responsible for the job. Kandy understands that it was a work that had been part of the personal and professional development.

Section 2: The Government and the regulatory environment.
 
Part 1: ACS code of the Professional conduct analyzes-
 
As ACS members, users must protect and encourage the reputation, honesty, and effectiveness of being a professional. In contrast to being a productive person and working in compliance with the rules, this means that the following ACS values are complied with.

The primacy of public interest-Users must place the needs of the public above those of financial, business, or regional interest.
Improving the quality of standard— Users will aim to improve the quality of standard of those impacted by work.
Honesty-Users must be honest about their skills, knowledge, resources, and products.
Competence-Users must interact with clients competently and attentively.
Professional development-Users, as well as workers, can boost professional growth.
Professionalism-Users should improve the integrity of the ACS including respect each other of its members.

Part 2: Analysis of legislative and international standards-
 
Australian Legislation- Australia’s law includes many levels of defined and uncodified systems of law. They also involve the Australian Constitution, the laws passed by the Federal Parliament as well as the Parliaments of the nations of Australia, the Rules passed by the Executive as well as the Common Law of Australia as a result of the judgments of the Judges.
Constitutional law.
The Statute Law.
Common law
It’s international law.
 
AS/ISO/IEC Standards- the International Organizations for Standardization or ISO is the country’s leading publisher of standards. Such requirements are essential to the regulation of industry practices, production, and efficiency.
ISO 9000 – Quality management.
ISO 14000 – Control of the environment.
ISO 31000: 2018-Management of risks.
ISO 50001: 2018-The management of energy.
 
Section 3: 

YOU MAY ALSO READ ...  MGT502 Business Communication

The following are the professional ethical dilemmas-

IT security agents often have entrance to confidential data and awareness on the networks and systems of people and organizations that provide them with a good deal of control. This power may be manipulated, either directly or indirectly. However, there have been no specific training requirements for maintaining the retaining wall as an IT security consultant or in-house security specialist. IT professionals’ unions and associations will understand the ethical side of the work, but then again, IT security staff will not need to be part of these organizations.
Ethics and Responsibly Decision-Making.
Privacy and Confidentiality.
Fraud and Misuse.
 
The following are the most appreciate decisions that can be made for the organization, management, and employees:
 
Organizations make the decisions on a day-by-day and minute-by-minute basis that the workers make at all rates. Productivity and development depend on the quality and pace of these decisions taken at the least potential level. The key is to make sure that workers make the same decisions that the users, as a chief, would have made in the same scenario.

There are three ways of the most appreciate decisions that can be made for the organization, management, and employees-

Incorporate the vision, principles, and goals of the organization.
Train staff on which decisions are to be taken.
Coach staff with decision-making skills.

The following is responsible for taking this action:
 
The ACS Code of Ethics is responsible for taking this action because, in the case of ACS, this code is founded as the code of ethics for professionals and also is part of the legislation of the Society. These rules would apply to every member of the ACS working in the field of information including communication technologies (ICT).

The following are the strategies that can be implemented to allow the same situation that does not happen again:
 
This includes workers who need to work to improve their professional growth. There’s any need to focus on recognizing the values with the business giving credit to somebody who is at work.
 
The following summary from reading this scenario:
 
Major values such as this and these are believed to be critical clauses for the program manager to resolve the complex issue. They need to operate on the inclusion of connections to the Court Cases website or ACS Code of Ethics or McDermid, 2015.

Step-by-step explanation
Section 1: The white framework-
 
Thomas White’s approach includes three steps that can be of great benefit to Kandy to overcome and evaluate the ethical dilemma —

Consequence analysis-Kandy can analyze the different consequences of the various possibilities in this phase. For example, if Kandy chooses to disclose any information to the Senior Vice-President, Kandy might recognize the implications of that choice, including such breach of ethical concepts, infringement of privacy laws, prejudice among staff members based on their result obtained, etc. On the opposite, if Kandy does not want to notify the senior vice-president of the details, Kandy must approach management on this issue or discuss the various legal and ethical consequences together with the senior vice-president to persuade Kandy in favor of the decision.
Action Analysis – Kandy must recognize the ACS codes of ethics set out above even before action is taken. Rather than thinking about outcomes, Kandy would focus more on behavior including how to evaluate ethical values. In this scenario, Kandy would be encouraged to choose an alternative whose actions are the least risky, i.e. not to disclose information to the Senior Vice-President.
Make a decision-After evaluating the implications as well as the actions related to the different options, Kandy will make the most suitable decision. It is therefore important for Kandy not to accept the responsibility of focusing on the actions that have to be done to protect the recurrence of this problem.

YOU MAY ALSO READ ...  BYOB

Section 2: The Government and the regulatory environment-
 
Part 1: ACS code of the Professional conduct analyzes-
 
This section discusses the various ethical and technical issues applicable to the case study chosen within the context of the ACS codes of conduct as well as the ACS codes of professional conduct.
 
Honesty-
As a specialist, Kandy refuses to offer rewards or bribery.
Kandy does not intentionally deceive clients about the effectiveness of the service.
Kandy does not try to boost their role at the expense of the integrity of the employees.
Kandy can identify personal views as well as qualified views or recommendations.
 
Based on this theory, Kandy cannot intrude on the confidence of its shareholders (Burmeister, 2017). If the managing director wants to know the performance details of Kandy’s employees, it could lead to a breach of this requirement of the ACS Code of Ethics and raise major ethical problems related to integrity.
 
The primacy of Public Interest-
Kandy must value the confidential knowledge of others.
Kandy will attempt to protect the privacy and confidentiality of employees or someone else’s information.
Kandy will proceed to protect the security, integrity, consistency, and usefulness of the information and communications technology or ICT.
Kandy shall raise any potential conflicts with the shareholders between the professional role of the user and the valid or other accepted public requirements.

The Code of Ethics is relevant in this case, as Kandy is bound to maintain the information collected from the employees private or confidential. If Kandy accepts and exposes the details of the strategy of the Senior Vice-President, it may manage to a breach of the primacy of the interest of the public. To protect the integrity, confidentiality, and privacy of data gathered from individuals, Kandy should comply with the above specifications.

Professionalism-
Kandy would also take an informed, systematic, calm, and intelligent position on the professional work of the customer, integrating motivation and commitment.
Kandy will not authorize, nor attempt to exploit, any person to pursue legal action that would constitute a violation of the Code.
Kandy tries to refrain from any behavior or operation of a professional nature that can harm the credibility of the profession or compromise the positive image of the ACS.
Kandy will try to increase public knowledge and understanding of ICT
Kandy would be proud of the profession and hence will promote and protect ICT professionalism.

In this scenario, Kandy must maintain ethical standards and behave with respect and dignity for all staff members.
 
Part 2: Analysis of legislative and international standards-
 
Australian Legislation- Discussion of the publications of Australian law is challenged by the federal structure that also creates various systems of written constitutional law: federal and state law and two publications of general statutory law, with the federal constitution assessing the authenticity of state and federal legislation in cases where the two states and territories overlap.
 
Constitutional law.
The Statute law.
Common law
It’s international law.
 
AS/ISO/IEC Standards- ISO has released more than 21,584 guidelines and has employees in 162 countries as well as 788 technical quality assurance authorities. The company managed to report a rise in certification in 2018.
 
ISO 9000 – Quality management.
ISO 14000 – Control of the environment.
ISO 31000: 2018-Management of risks.
ISO 50001: 2018-The management of energy.
 
Section 3:
 
The following are the professional ethical dilemmas-
 
Ethics and Responsibly Decision-Making- The basic principles and acts of the responsible persons and the ethics of the profession form the basis of all security systems. Security concerns that a corporation will only have to deal with include: confidentiality, responsible decision-making, confidentiality, stolen, fraud & misuse, responsibility, trade secrets, copyright, and hacking.
Privacy and Confidentiality- Computers may be used highly symbolic to threaten, exploit, or defraud victims of crime. Lawyers, government agencies, and corporations are increasingly using several computer-generated knowledge to manipulate their clients. Criminals also gather useful phone accounts, bills, and computer-generated checks. The computer is the ideal tool for carrying out illegal activities by providing the offender with dignity and equality.
Fraud and Misuse- Computers can establish a special circumstance in which unauthorized actions can take place. Crimes in this category have many common names, namely stealing, fraud, abuse, extortion, etc. Computer fraud involves uploading forged identities into a computer network, stealing electronic information, stealing financial goods, stealing utilities, and stealing user data.

YOU MAY ALSO READ ...  34 question government test help, need back in few hours today

The following are the most appreciate decisions that can be made for the organization, management, and employees:

The security of the IP with the project leader, which focuses on the prohibition of issues related to the infringement of intellectual property, must be resolved by the enforcement of the ACS Code of Conduct.

There are three ways of the most appreciate decisions that can be made for the organization, management, and employees-

Incorporate the vision, principles, and goals of the organization– This is one of the common critical tasks. Employing workers to make rational decisions always works if they follow and understand the vision, principles, and goals of the company.
Train staff on which decisions are to be taken- Perhaps an authoritarian or inexperienced leader focuses on making any decision. If the users do, the users will end up slowing down the company and weakening the employees.
Coach staff with decision-making skills- Sometimes workers will ask the users advice, either because they are not certain who will make an informed decision or since they need support making these decisions. The users should promote this, as it’s a perfect opportunity for coaching.
 
The following is responsible for taking this action:
 
The ACS Code of Ethics is responsible for taking this action because It is best to focus on the ACS Code of Ethics, in which members are participating in business requirements and represent knowledge, products, and skills.

The following are the strategies that can be implemented to allow the same situation that does not happen again:
 
Emphasize the user’s confidence when faced with unexpected challenges. Mention how the user’s skillset makes the users the best role applicant. Highlight any past job experience that required adjustment. Focus on any techniques that will enable the users to learn quickly, including such issue solving or critical analysis.
 
The following summary from reading this scenario:
 
In the current situation, professional societies and governments are very concerned regarding ethical issues related to utilize of information and the communication technologies. Ethical issues related to its use and implementation of ICTs are important to understand because they constitute the environment for individual values and attitudes that create customer behavior and action. The main aim of this report is to examine the chosen case study using the ACS code of conduct. Some principles of the ACS Code of Ethics are used to define and evaluate ethical standards that are violated by the organization in the case study chosen.

References:
https://www.inc.com/joel-trammell/3-ways-to-help-your-employees-make-great-decisions.html
https://www.niatec.iri.isu.edu/ViewPage.aspx?id=153&rebuild=true
https://teaching.csse.uwa.edu.au/units/CITS3200/ethics/acs-ethics.htm
https://www.vaultintel.com/blog/iso-spotlight-what-do-these-10-standards-mean-for-your-business

Assignment status: Already Solved By Our Experts

(USA, AUS, UK & CA Ph. D. Writers)

CLICK HERE TO GET A PROFESSIONAL WRITER TO WORK ON THIS PAPER AND OTHER SIMILAR PAPERS, GET A NON PLAGIARIZED PAPER FROM OUR EXPERTS

Order from Australian Expert Writers
Best Australian Academic Writers

QUALITY: 100% ORIGINAL PAPER – NO PLAGIARISM – CUSTOM PAPER