In order to impart proper computing behavior, ethics should be woven into an organizational policy and further refined into an organizational ethical computing policy. Many organizations have contended with the issue of ethical computing and have generated guidelines for ethical behavior.
The (ISC)2 Code of Ethics mandates that a Certified Information Systems Security Professionals (CISSPs) shall:
- Conduct themselves in accordance with the highest standards of moral, ethical, and legal behavior.
- Not commit or be a party to any unlawful or unethical act that may negatively affect their professional reputation or the reputation of their profession.
- Appropriately report activity related to the profession that they believe to be unlawful and shall cooperate with resulting investigations.
- Support efforts to promote understanding and acceptance of prudent information security measures throughout the public, private, and academic sectors of our global information society.
- Provide competent service to their employers and clients, and shall avoid any conflicts of interest.
- Execute responsibilities in a manner consistent with the highest standards of their profession.
- Not misuse the information with which they come into contact during the course of their duties, and they shall maintain the confidentiality of all information in their possession that is so identified.