(ISC)² Code Of Ethics VS Ethical Theory

The International Information Systems Security Certification Consortium creates the certifications most known in the hacking world. More details can be found at https://www.isc2.org/uploadedFiles/(ISC)2_Public_Content/(ISC)2-Company-Overview.pdf

In particular, they develop the CISSP (for Leadership & Operations), CSSLP (Software Security), CCFP (Cyber Forensics), and many more.

In order to receive certification from (ISC)², you must agree to their code of ethics. To read their official code of ethics, please visit https://www.isc2.org/ethics/.

Due to legal issues (the copyright at the bottom of the page), I cannot copy the code of ethics bellow. Please visit the site and view the rest of the article side by side to the (ISC)² Code Of Ethics.

*Note: This article was written on Monday November 14.

The question I want to solve is a descriptive one. Rather than challenging the correctness of the code of ethics, I want to make an educated guess as to which ethical theory that the (ISC)² Code of Ethics is modeled after.

1. Due to the nature of the first bullet point, we may assume that the ISC organization believes in morality. Thus, we can assume that the (ISC)² Code Of Ethics is neither non-cognivism or an error theory.
2. There is no mention of a community or individual point of view when addressing ethical concerns. I therefore draw the conclusion that the (ISC)² Code Of Ethics is morally objective, as opposed to subjective or relative.
3. There are no mention of consequences in the (ISC)² Code Of Ethics. Therefore, we can rule out all forms of consequentialism such as Utilitarianism, Ethical Egotism, and Stoicism.
4. There is no mention of virtues. Although this is debatable, I would say that the second bullet point points towards a more deontological theory. Thus, for the sake of simplicity, I will rule out any theory of virtue. (Aristotle, Hume, etc.)
5. Given the list in the second bullet (notice the finite nature of it), we can rule out particularism.
6. Notice that legality, protection of the industry, and the continuation of society are central to the code of ethics. All of these beliefs can contradict most widely held theories of deontological ethics. For example, Legal Theory and Kantian Ethics can contradict each other (think promise keeping vs legal obligation).
7. Any hybrid theory will succumb to the same problems we see in number 6. That is, there can be situations where the law conflicts all of deontology, consequentialism, and virtue theory, but the (ISC)² Code Of Ethics says to follow the law. Thus, we eliminate our last Generalist Theory
8. Therefore, I claim that the (ISC)² Code Of Ethics is a pluralist theory. Take a look at the second bullet point. Note that the (ISC)² Code Of Ethics does not simplify these into a single reason. I do not believe that they have an underlying cause especially given the legal and protective nature of the other points.

Disclaimer: I was not involved in creating the (ISC)² Code Of Ethics, nor have I done any certification from the organization. Knowing how the (ISC)² Code Of Ethics is based, one can build an argument of whether something is ethical or not by appealing to all of the parts of the (ISC)² Code Of Ethics.

I hope you really enjoyed this article. If you want to read something more practicle, check on my article on password security with paper! I got the idea from the video game Papers Please https://www.cybrary.it/0p3n/creating-secure-passwords-two-pieces-paper/

Have a great day!

Regards,

ProgrammerE