Ethical Issues In The Ict Profession †Free Samples for Student

Question: Discuss about the Ethical Issues In The Ict Profession. Answer: Introduction While training ICT professionals a lot of emphases is given to the technical skills with little regards to their misuse in a workplace environment. This report highlights common ethical issues and challenges faced by ICT professionals while conducting their workplace duties (Shinder 2005). Moreover, the report highlights this issue while referencing a case study seen in the past where the ethical standards of IT expert were called into question. Now, the report will follow a simple structure where a description of the problem will be given including the people involved. Thereafter an outline of the possible consequences and actions will be given which will then be followed by the foreseeable solutions. ICT professional case study The case study (For privacy reasons the names of the stakeholders are changed) John was a system administrator in Company X and held his position for over five years. Throughout this time he executed his duties as required and was set for a promotion as the IT manager. However, the company decided to go with a fresh individual which later on affected Johns performance. John continuously failed to meet the responsibilities given to him as a system admin including coming late to work. In response to his action, the company decided to let him go but with a two weeks notice. During this time, John compromised the systems owned by the organisation by leaking sensitive information owned by the employees. Data such as emails, documents and pictures were exposed to the masses in the companys open network which was integrated to the internet. Ethical issues As in many ethical cases related to information technology, the case at hand presents serious privacy issues where sensitive data owned by innocent individuals (employees) were leaked by John. As an administrator, John was responsible for the data held by the employees of the organisation and despite his access privileges was supposed to protect the rights of the users (Aynsley 2015). Moreover, confidentiality was lost in the process where an individual given the obligation to store and protect sensitive data failed to live up to his mandate (PRE 2017). In his moment of rage, (despite the prevailing conditions) John exposed data and systems that were entrusted to him by the organisation. Yes, he could plead innocent and cover his tracks to avoid prosecution but his moral code should have prevented him from conducting the said actions. Finally, the security of both the organisation and employees was compromised as the leaked information may end up in the wrong hands and could be used to conduct malicious activities e.g. extortion. As an ethical issue, security will house all elements that pertain to the safety of information. These elements include administrative structures, physical systems and technical components. In this case, the administrative structures are compromised due to the actions of the administrator who uses his technical skills to conduct the heinous act. (Patrignani 2009). The Stakeholders First on the list is John, the perpetrator of the incidence and the focus of the case study. His deliberate actions to leak confidential information exposes not only the people involved but also the entire organisation as a whole as it falls within legal liabilities. Moreover, John breaches all ethical standards that an IT professional should have by allowing his emotions get better of him. Furthermore, even though the direct consequences may fail to affect him, he loses credibility in the field as an ICT expert which may affect his career options in the future. In addition to this, if verified, he is also liable to legal prosecution based on his actions (Mason 1986). Secondly, we have the employees whose data is leaked by John as a retaliation to the actions conducted by the company. As a consequence to these actions, the employees may be subject to extortion schemes by malicious individuals who may access the information. Moreover, their psychological state may be affected when they discover that their confidential data including files such as pictures were leaked to the masses. Finally, the organisation is also another stakeholder in the case study. Company X can also be liable to legal suits as it failed to protect the data entrusted to it by the employees. Furthermore, it risks losing business if the customers become aware of the proceedings. In essence, the customers, as well as other business partners, may lose trust in the organisation, therefore, choose to go elsewhere to conduct business (Schreiner 2017). Breach in standards/behaviours and the consequences While borrowing from the ACS code of ethics, there is a serious breach of the ethical standards outlined. For one, the interests of the public are completely ignored where the expert does not consider the consequences of his actions. In fact, when critically analysed the public represented by the employees stand to lose the most as compared to other stakeholders, this because they fall victim to a situation they had no control over. Secondly, the competence of the expert falls short in two incidences; one, when he loses the position he desires (IT managers) and two when he fails to conduct his duties diligently despite the prevailing conditions (ACS 2017). Furthermore, there is a lack of professionalism where the perpetrator fails to uphold his integrity more so to the society by exposing the data owned by his fellow colleagues. Therefore, he breaches his professionalism standards which are also attributed to his failed professional development standards, another ethical code of conduct (Caramela 2016). In light of these actions, he risks losing his career and exposes the company to serious security and privacy problems. Moreover, he aggravates the growing concerns on technological systems supported by IT experts such as system admins. Conclusion As a company, the first and most important action, when faced with a data breach, is to manage the communication response. In essence, Company X should establish a strategic plan on the method it will use to communicate the incidence to the affected parties. This cause of action is particularly crucial today where social media and other communication mediums can be used to panic the parties involved. Secondly, the company should accept full responsibility for the situation and execute steps that will contain the breach. For instance, if the existing systems are compromised and still leaking information, they should be disabled while a new structure is formulated. After managing the events i.e. stopping the breach, a thorough analysis of the situation should be conducted to establish a baseline for the lost data. This baseline is then used to retrieve and compensate the affected parties. Finally, the organisation should highlight the mistakes made before and outline solutions that will prevent the same incidences from occurring in the future. Therefore, preventing similar incidences in the future should be the last step taken after a data breach. For instance, Company X could lower the privileges owned by a system admin by sharing the authority with another member of the organisation such as the IT manager. This outlook would share the responsibilities of the IT infrastructure between several competent individuals which would promote accountability. In the end, the actions conducted by John would act a valuable lesson for the organisation and its system security. References ACS, 2017, ACS code of ethics. Available at: https://www.acs.org.au/content/dam/acs/acs-documents/Code-of-Ethics.pdf [Accessed 11 May, 2017] Aynsley. B, 2015, Ethics essential for ICT professionals. Business review. Available at: https://www.theaustralian.com.au/business/technology/opinion/ethics-essential-for-ict-professionals/news-story/78307af0586683a61e7a0d537c5f6cf8 [Accessed 11 May, 2017] Caramela. S, 2016, Have You Been Hacked? How to Recover from a Data Breach. Business news daily. Available at: https://www.businessnewsdaily.com/8001-have-you-been-hacked-how-to-recover-from-a-data-breach.html [Accessed 11 May, 2017] Mason. R, 1986, Four Ethical Issues of the Information Age. Management Information Systems Quarterly. Available at: https://www.gdrc.org/info-design/4-ethics.html [Accessed 11 May, 2017] Patrignani. N, 2009, Teaching Computer Ethics: Challenges and Methodologies. The case of Italian Universities. Available at: https://www.it.uu.se/edu/course/homepage/itetikorg/vt09/Norberto-Patrignani-Uppsala050509.pdf [Accessed 11 May, 2017] PTR, 2017, TCPS 2 - Chapter 5: Privacy and Confidentiality. Government of Canada. Available at: https://www.pre.ethics.gc.ca/eng/policy-politique/initiatives/tcps2-eptc2/chapter5-chapitre5/ Schreiner. E, 2017, How Is Trust Lost in a Business Relationship? Chron. Available at: https://smallbusiness.chron.com/trust-lost-business-relationship-19338.html [Accessed 11 May, 2017] Shinder. D, 2015, Ethical issues for IT security professionals. Computer world. Available at: https://www.computerworld.com/article/2557944/security0/ethical-issues-for-it-security-professionals.html [Accessed 11 May, 2017]