CA4 Flashcards
State:
Purpose of Health and Safety at Work Act
Provide guidance to employers and employees when working with computer systems and define actions employers should take to protect employees
Fill The Blank:
Almost everyone has a …………. under the Health and Safety Act at Work to work and act safely
Duty
Fill The Blank:
Employees must take reasonable ……….. of their own and ……….. safety under the Health and Safety at Work Act.
Care, Others
State:
What the Health and Safety at Work act makes illegal
Act recklessly or intentionally act in such a way to endanger yourself or others
State:
What the DSE regulations requires business/schools/colleges to do (four things)
Display Screen Regulations
- Analyse Workstations and assess and reduce risks
- Plan work so that there are breaks or changes of activity
- Arrange and pay for eye tests and glasses (if needed)
- Provide health and safety information and training
Fill The Blank:
Employers need to check that the computer equipment and ………. is ……… and any risks that are found have actions taken to fix them.
DSE - Analyse workstations and assess and reduce risks
Area, Safe
State:
What do employers and employees working from home have to complete
DSE - Analyse workstations and assess and reduce risks
DSE workstation assessment
State:
3 examples of correct and safe arrangment of a workstation (related to posture/equipment positioning etc.)
DSE - Analyse workstations and assess and reduce risks
3 of:
* Forearms are close to horizontal and hands in a straight line
* Space in front of keyboard, keyboard titlts, mouse in suitable position
* Chair is adjustable inlcuding the height and backrest
* Thighs are horizontal
* Five point chair base for stability
* Screen can be moved into position, at or slightly below eye level
* Screen is placed where there is no glare or reflection
* Clearance under the desk for legs to not touch desk
* Space under desk
* Feet flat on the floor, or on footrest
State:
3 minimum requirements for employers to ensure workstations comply to
DSE - Analyse workstations and assess and reduce risks
- Adjustable chairs and suitable lighting
- Tilt and swivel monitors
- Ensuring that the workstation has sufficient space for keyboard, monitor and any paperwork
Fill The Blank:
Employees should not be expected to work at a DSE ….. …….. and regular ……………. or change in activity should be provided by an employer
DSE - Analyse workstations and assess and reduce risks
All day, Breaks
State:
3 examples of what staring at working with DSE (Dispaly Screen Equipment) can lead to over a long period of time
DSE - Arrange and pay for eye tests and glasses (if special ones are nee
3 of:
* Tired eyes
* Discomfort
* Temporary short-sightedness
* Headaches
State:
2 examples of responsibilities that lie with an employee
DSE
2 of:
* Check screen is well positioned and properly adjusted
* Make sure lighting conditions are suitable
* Take regular breaks from screen work
Fill The Blank:
Employees of a business who work with DSE can ask for an employer to pay for …… appointments and to ……………. them
DSE
Eye, Arrange
Fill The Blank
Employers must provide …………. to make sure that employees know how to use ………………… correctly
DSE - Provide Health and Safety Training Information
Training, Equipment
State:
3 things that every general working environment should have/be
General Working Environment
- Have appropriate facilities (toilets, washbasins, drinking water, place to rest/eat)
- Healthy working environment
- Be a safe workplace
State:
3 examples of making a healthy working environment from HSE
General Working Environment
3 of:
* Good ventilation
* Reasonable working temperature
* Lighting suitable for the work being carried out
* Enough room space, suitable for the work being carried out
* Enough room space for suitable workspaces and seating
* Appropriate waste containers
State:
2 examples of making a safe workplace from HSE
General Working Environment
2 of:
* Maintained buildings and work equipment
* Floors and traffic routes kept free of obstructions
* Windows that can be opened and cleaned safely
* Any glass or transparent doors or walls protected or made of safety material
Define:
HSE
General Working Environment
Health and Safety Executive
State:
2 examples of areas a health and safety policy must cover
General Working Environment
2 of:
* Statement of intent
* Responsibilities for health and safety
* Arrangements for health and safety
Fill The Blank:
Any employee is responsible for reporting ……………….. as soon as possible to rectify the issue. If an issue is identified an employer may use a ……………. ……….. to tell other employees of the issue
Possible risks and prevention
Accidents, Warning sign
State:
What DPA and GDPR aim to do
Control how personal data and information is used by organisations, businesses and the UK Government as well as empower individuals to take control over their personal data
Explain:
What DPA means in comparison to GDPR
DPA is the UK’s implementation of the EU’s General Data Protection Regulation after the UK left the EU
State:
4 purposes of the DPA 2018
The principles of the act
4 of:
* Used fairly, lawfully and transparently
* Used for specified, explicit purposes
* Used in a way that is adequate, relevant and limited to only what is necessary
* Accurate and, where necessary, kept up to date
* Kept for no longer than necessary
* Kept appropriately secure
State:
4 purposes of the GDPR
The principles of the act
4 of:
* Lawfullness, fairness, trainsparency
* Purpose limitation
* Data minimisation
* Accuracy
* Storage limitation
* Integrity and confidentiality
State:
3 examples of characteristics DPA provides legal protection of
The principles of the act
3 of:
* Race
* Ethnic background
* Political opinions
* Religious beliefs
* Trade union membership
* Genetics
* Biometrics
* Health
* Sex life or orientation
Fill The Blank:
Under DPA a data subject (User) has ……… such as beign able to find out what ……….. is being held about them
Data subject rights
Rights, Data
State:
4 rights a data subject (user) has under DPA
3 of:
* Be informed about how the data is being used
* Access personal data
* Have incorrect data updated
* Have data erased
* Stop or restrict the processing of the data
* Data portability
* Object to how the data is processed in certain circumstances
* Automated decision making processes
* Profiling
Fill The Blank:
DPA and GDPR both require …………… for a marketing ……………… to be sent
Marketing Consent
Consent, Message
Fill The Blank:
Consent must be ………… and …………. given, clear and specific.
Marketing Consent
Knowingly, Freely
Fill The Blank:
Giving consent for marketing material must be …………. and therefore must be an …….-…. method and not in ……… and ………………. because these are hard to understand and rarely read
Marketing Consent
Clear, Opt-in, Terms and Conditions
Fill The Blank:
It must be made easy to opt-out of marketing material such as ‘……………’ at the bottom of an email because consent can be ……………. at any time
Marketing Consent
Unsubscribe, Withdrawn
Fill The Blank:
GDPR makes it clear that pre-………….. boxes are not valid ……………
Marketing Consent
Ticked, Consent
Explain:
Higher Maximum penalty that can be issued by ICO
Enforcement
Failure to comply with core data protection principles or individuals rights as in DPA
£17.5m or 4% of total annual worldwide turnover in preceding financial year (whichever is higher)
Explain:
Standard penalty that can be issued by ICO
Enforcement
All other infringements other than what is covered in Higher max. penalty (breaching core data protection principles)
£8.7m or 2% of totalannual worldwide turnover in preceding financial year (whichever is higher)
Fill The Blank:
The original focus of the CMA was to …………………. the act of accessing or ……………….. data stored on a computer system without appropriate consent or ……………….
Criminalise, Modifying, Permission
FIll The Blank:
Over time where the use of computers and ways to access ……../systems has increased there has been many ………………… to the CMA
Data, Amendments
State:
Why it is good that the CMA does not provide a definition of ‘computers’
Because a definition could quickly become outdated because of constant evolution
State:
3 original sections of the CMA
- Unauthorised access to computer material
- Unaurhtorised access to computer materials with intent to commit a further crime
- Unauthorised modification of data
State:
What 2 sections were added to the CMA later in 2006 and 2015
- Making supplying and obtaining any articles for use in a malicious act using a computer
- Unauthorised acts causing or creating risk of serious damage
Define:
Hacking
Examples of Offences
Finding weaknesses in an established system and exploiting them - a computer hacker finds weaknesses in a computer system
State:
3 examples of motivation for hackers
Examples of Offences
- Profit
- Protest
- Challenge
Define:
White hat hackers
Examples of Offences
Where hacker is given permission to hack into systems to identify any loopholes or vulnerabilities and tell the system owner. Because this is done with permission, it is legal.
Define:
Grey hat hackers
Examples of Offences
Where the hacker hacks into computer systems for fun or to troll but does not have malicious intent towards the computer systems - if they find a weakness, they may offer to fix the vulnerability for a fee
Define:
Black hat hackers
Examples of Offences
Where the hacker hacks into a computer system with malicious intent - stealing, exploiting stolen or seen data or selling the data
Fill The Blank:
British …………… suffered a hacking attack between ………………… and ……………………. in 20…. which led to a data breach with …… million customers affected - limited to the people who booked flights between these dates. This worked by redirected users to a ……….. site to enter the card details which were stolen by the attacker
Examples of Offences
Airways, August, September, [20]18, Fake
State:
The three categories which threats can be divided into
Threats
- DDoS
- Malware (including viruses)
- Social engineering
Explain:
DDoS attack
Threats
Attempt to make a computer or network system unavailable to users by flooding it with network traffic. A DDoS is usually focused on preventing internet website or service from either functioning efficiently, or at all. This may temporarily or indefinitely.
Explain:
Why adware is used and how it works
Threats - Malware
- Generates revenue for its author
- Any software package which automatically shows adverts, such as a pop-up, or may also be in the UI of a software package
Explain:
Why bot/botnets are used and how they work
Threats - Malware
- Bots take control of a computer system
- Type of malware that allows a cyber-security attacker to take control of a computer system that has been infected without the user’s knowledge and can result in a botnet which is an interconnected network of infected computer systems
Explain:
Why bugs are used and how they work
Threats - Malware
- Bugs areconnected to software and are the flaws that produce an unwanted outcome
- Usually result of human error during coding and can be fixed by the software creator issuing fixes or patches; security patches are the most severe and can result in attackers bypassing security
Explain:
Why ransomware is used and how it works
Threats - Malware
- Holds a system captive and demands a ransom to release it
- Restrict user access to the system by encrypting files or locking down the computer system; message usaully displayed to force user to give ransom
- Can be spread by a worm and can be started by downloading an infected file or by a vulnerability in the computer system
Explain:
Why rootkits are used and how it works
Threats - Malware
- Designed to remotely access or control a computer system without being detected by the security software or the users
- When a rootkit has been installed, it can enable an attacker to remotely access files, access/steal data and information, modify software configs, control the computer system as part of a botnet
Explain:
Why spyware is used and how it works
Threats - Malware
- Collect data from an infected computer (inc. personal info from websites)
- Usually hidden from user, and can be difficult to detect, and could be keyloggers or install additional software or redirect web browsers to different websites
Explain:
Why trojan horses are used and how they work
Threats - Malware
- Standalone malicious program designed to give full control of an infected PC to another (attacker) PC
- Often appear to be something which is wanted or needed by a user and can be hidden in valid programs and software; make copies of themselves, steal information or harm host computer
Explain:
Why viruses are used and how they work
Threats - Malware
- Virus attempts to make a computer system unreliable
- Computer program that replicates iteself and spreads from computer to computer; increase chances of spreading to other computers by infecting files on a network file system or file system that is accessed by other computers
Explain:
Why worms are used and how they work
Threats - Malware
- Standalone computer program that replicates itself so it can spread to other computers
- Worm can use a computer network to spread, unlike a computer virus it does not need to attach iself to an existing program - almost always cause some harm to a network
Explain:
Briefly, how to mitigate adware
Threats - Malware
- Install, run and keep updaed a security software package
- Do not open an files from an unkown source
- Do not click any links in an email
Explain:
Briefly, how to mitigate bot/botnet
Threats - Malware
- Install run and keep updated a security softwae package
- Do not open any files from an unkown source
- Do not click any links in an email
Explain:
Briefly, how to mitigate bugs
Threats - Malware
Check for and install any patches that are released from software vendors
Explain:
Briefly, how to mitigate ransomware
Threats - Malware
- Do not open any files from an unkown source
- Do not click any links in an email
- Install, run and update security software
Explain:
Briefly, how to mitigate rootkit
Threats - Malware
- Rootkits are difficult to detect as they are not usually detected by security software
- Software updates, keeping security software up to date and not downloading suspicious files are the only ways of trying to avoid a rootkit from being installed
Explain:
Briefly, how to mitigate spyware
Threats - Malware
- Do not open any files form an unkown source
- Do not click any links in an email
- Install, run and update security software
Explain:
Briefly, how to mitigate trojan horses
Threats - Malware
- Do not open any files from an unkown source
- Do not click any links in an email
- Install, run and update security software
Explain:
Briefly, how to mitigate viruses
Threats - Malware
- Do not open any files from an unkown source
- Do not click any links in an email
- Install, run and update security software
Explain:
Briefly, how to mitigate worms
Threats - Malware
- Do not open any files from an unkown source
- Do not click any links in an email
- Install, run and update security software
Explain:
Why baiting is used and how it works
Threats - Social Engineering
- Triesto trick the victims to give the cyber criminals the information they need
- Very similar to phishing; Criminal will make a promise of an item or goods to get the information they need
Explain:
Why phishing is used and how it works
Threats - Social Engineering
- Tries to get users to input their security details (e.g: credit card numbers) or log-in details to a fake website
- Uses a fake website which looks identical to the real one; most common targets for phishing are banks, insurance websites etc.
- Attackers send out emals or text messages which pretend to be from a reputable company (eg: bank) and the link in the email takes you to a fakewebsite
Explain:
Why pharming is used and how it works
Threats - Social Engineering
- Tries to redirect users from a genuine website to a fake one - without the knowledge of the user
- Very similar to phishing in that both use fraudulent websites; difference is that a phishing attack will use fake or hoax emails while pharming attacks very rarely use this type of tactic
Explain:
Why pretexting is used and how it works
Threats - Social Engineering
- When a cyber criminal lies to get data or information
- Usually involves a scam where the criminal pretends to need the information to confirm the identity of the person they are talking to
Explain:
Why quid pro quo is used and how it works
Threats - Social Engineering
- Tries to disable the anti-virus software so that software updates, usually malware, can be installed to gain access to a computer system
- Similar to baiting, but promise is that of a service rather than goods, common method of quid pro quo is a telephone call from a fake IT service provider who offer to fix problems that do not exist
Explain:
Why scareware is used and how it works
Threats - Social Engineering
- Malicious computer program
- Designed to trick a user into buying and downloading unnecessary and potentially dangerous software, such as fake anti-virus protection
Explain:
Why shoulder surfing is used and how it works
- Aims to steal data and information
- When a person’s private and confidential information is seen - likely by standing close to someone while they enter their pin at a cash machine particularly in busy environments
Explain:
Why smishing is used and how it works
Threats - Social Engineering
Form of phishing and is fraudulent practice of sending text messages
Explain:
Why tailgating/piggybacking is used and how it works
Threats - Social Engineering
- Used to try and gain access to a secure building or room
- Takes form of someone who does not have authority to enter a building or room, following someone who does through the doors - most common type is acting as a delivery driver
Explain:
Why vishing is used and how it works
Threats - Social Engineering
- Making phone calls or leaving voice messages to try and trick the recipient
- Calls and messages pretend to be from reputable companies to try and trick people into revealing personal information, such as bank details and credit card numbers
State:
What year the equality act became law in
2010
State:
The aim of the equality act
The act provides a legal framework to protect the rights of individuals and advance equality of opportunity for all
State:
what the act protects people from
Any form of discrimination in society and the workplace
State:
3 things that the equality act protects people against
- Discrimination
- Harassment
- Victimisation
State:
The 9 protected characteristics
- Age
- Disability
- Gender Reassignment
- Marriage and civil partnership
- Pregnancy and maternity
- Race
- Religion or belief
- Sex
- Sexual Orientation
Define:
Direct Discrimination in the equality act
Treating one person worse than another person because of a protected characteristic
Define:
Indirect Discrimination in the equality act
When an organisation/someone puts a rule or policy in place that which has a worse impact on someone with a protected characteristic than without one
Define:
Harassment in the equality act
People cannot treat you in a way that violates your dignity, or creates a hostile, degrading, humiliating or offensive environment
Define:
Victimisation
People cannot treat you unfairly if you are compliant of discrimination under the equality act or if you are supporting someone else who is doing so
Fill The Blank:
There is some situations where it is acceptable to ………….. against certain people if they …………. certain characteristics for a job role for example
Discriminate, Require
Fill The Blank:
An individual should take action if they feel they have been ……………….. against
When to take action against discrimination
Discriminated
State:
2 examples of actions that can be taken when reporting discrimination
When to take action against discrimination
2 of:
* Complain to your employer either informally or using a formal grievance process
* Ask for help and support - from a trade union or equality organisation etc.
* Begin employment tribunal proceedings
State:
2 examples of companies that can help if an action against discrimination is being considered
When to take action against discrimination
2 of:
* Professional bodies
* Trade Unions
* Citizens advice
* Dedicated equality advisory support services (EASS)
State:
The aim of the Intellectual Propery Act 2014
Streamline, simplify and strengthen design protection and patents
Fill The Blank:
The level of protection from an ………………… design is lower than of a ………………… design
Unregistered and registered designs
Unregistered, Registered
Fill The Blank:
If a person commisions a design then the law states that unless otherwise stated in a contract the ………….. owns the design - individuals only and not employees as the company will own any designs done while at work
Unregistered and registered designs
Designer
Fill The Blank:
The act cannot be retroactively applied to designs created ………….. the act
Unregistered and registered designs
Before
FIll The Blank:
It is …………. to copy a UK or EU registered design if the design owner is not in …………….. and the offender does not ………. the design is registered
Unregistered and registered designs
Illegal, Agreement, Know
Define:
Patent
Patents
Granted to give the owner of a design the legal right to stop others from making, using or selling it for a specified number of years
Fill The Blank:
Patents can be applied to all areas of technology as long as they are …….., involve an …………… step and can be applied to ……………….
Patents
New, Inventive, Industry
Fill The Blank:
Patents can be applied to most designs including ……………… processes and ……………….
Patents
Software, Hardware
Fill The Blank:
Workplace monitoring enables an …………….. to track employee ……………. and then monitor employee ………………… with work-related tasks.
Employer, Activities, Engagement
State:
3 things an employer can measure about an employee
3 of:
* Productivity
* Track attendance
* Ensure security
* Collect proof of hours worked
State:
2 ways employees can be monitored using electronic communcations
2 of:
* Computer screens
* Email
* Internet and app use
* Phone use
Explain:
Telecommunications Regulations 2000 - what power does it give to employers
Allows employers to monitor employees without the employees having to give their consent first
Fill The Blank:
Employers must clearly explain the amount of …………….. in the staff handbook or ……………. and possibly the AUP
Monitoring, Contract
State:
3 details that must be explained to an employee about how they are being monitored/what they can do
- If/how they are being monitored
- If personal emails and calls are not allowed
- The acceptable number of personal of personal emails and phone calls
State:
3 reasons that an employer may want to monitor electronic communications
3 of:
* identify criminal activity
* Check that employees are working to necessary standards
* Check that employees are following the correct procedures
* Investigate allegations of misconduct
* See if there has been any mishandling of confidential information
* See that employees are not abusing work systems
Fill The Blank:
An employer may want to monitor what ……………….. employees access during work hours, which can be done using ………………. monitors.
Websites, Internet
Fill The Blank:
Employers may ……… certain websites that are innapropriate or not for work, with exceptions when employees need these sites, such as ………… media, to carry out their job role - some websites like these may also instead be ………. limited
Block, Social, Time
Fill The Blank:
…………… ……. can be ……………… - when a business number is called it is common to hear an automated message stating that the call may be recorded for training or monitoring purposes
Phone Calls, Monitored
Fill The Blank:
Recording phone calls can cause a moral ……………… if employees are allowed to make ……………….. calls because these will also be recorded
Dilemna, Personal
Fill The Blank:
Recording phone calls can be beneficial for understanding why an employee is receiving positive or negative feedback because you can listen back and then also ……….. new employees from these recordings
Train
Explain:
If a business is only concerned about them misuse of phones, what can they do instead of recording calls themselves
Recording the numbers dialled and how much time is spent on calls
State:
2 advantages to a business of using monitoring and monitoring software in the workplace
2 of:
* Employees can work flexible hours as monitoring can ensure all employees complete required tasks
* Most productive employees can be identified and rewarded
* Delivery drivers can be tracked to ensure safety of them and the vehicle and its contents
State:
2 disadvantages to a business of using monitoring and monitoring software in the workplace
2 of:
* Employees can feel that they are not trusted and that the monitoring is an invasion of privacy
* Employee mroale may reduce due to continual monitoring and lack of trust
* Employee stress levels may increase which could lead to an increase in number of employees off sick
Fill The Blank:
Although rarely legal in the UK, an employer may use …………… monitoring to (monitoring employees without telling them) using devices such as hidden ……………….. or …………… devices - Data protection laws make it legally rare unless when there is high suspicion of …………. activity
Secret, Cameras, Audio, Illegal
Fill The Blank:
Employers’s monitoring …………….. will include details about the workplace monitoring that is carried out in the …………… of employment or the AUP - including the monitoring details in these documents it can be gauranteed that employees have full and working knowledge of the policy
Policies, Contracts
Explain:
Key logging
Monitoring Systems
Software that runs in the background of a digital system and reocrds every key press and may also record every mouseclick - can record most information including screenshots and programs or apps open at any time, record live chats
State:
4 monitoring systems that are used in the workplace
Monitoring Systems
- Key logging
- Video/audio surveillance
- Global Positioning System (GPS) vehicle tracking
- Location tracking by access badge
Fill The Blank:
Video and audio surveillance is usually done with …………. but should not be installed in areas where people expect …………..
Monitoring Systems
CCTV, Privacy
State:
3 requirements of signs for showing the use of CCTV
Monitoring Systems
- Clear, visible and readable
- Show details of the purpose of the CCTV surveillance and who to contact
- Include contact details (eg: web address, email etc.)
Fill The Blank:
If using CCTV, an employer must provide a copy of any footage if a ……………. access ………………. (SAR) is made and legislation means CCTV cannot record …………… unless in specific circumstances
Monitoring Systems
Subject Access Request (SAR), Audio
Fill The Blank:
A …….. tracking system allows an employer to see the exact location of any vehicles and the employee driving them and relies on transparency so that employees are aware of this and can be used for …………… of employees but is disadvantaged by a reliance on good line of ………… for the GPS to be reliable (like being in a tunnel or in trees)
Monitoring Systems
GPS, Monitoring, Sight
Explain:
Briefly, how GPS works
Monitoring Systems
- Uses network of satellites that continually transmit time and location messages
- Device will use signals of four satellites to calculate its location
- Accuracy within 5m with just satellite data - can be improved with other sources such as mobile phone signal (1m acc.)
Fill The Blank:
Employees often have access …………….. that contain personal identification and allow them in and out of the workplace. Employees can be tracked wherever they are in the workplace based off of their access badge use but can be beneficial in an emergency such as a ………
Badges, Fire
Explain:
How access badges can be misused and what this means for an employer
- Left at home, broken or lost requiring replacement
- if lost there could be a security breach if it is found and used to carry out criminal activity
- Badges cost the company money if they are lost/damaged or former employees do not return them
Fill The Blank:
Companies are starting to replace dedicated access badges with ……………….-based access apps. These provide the same access, but are more …………… - and provide better ………………… tracking services
Smartphone, Robust, Location
Fill The Blanks:
Co-operation across country ……………… must be maintained and there are many pieces of …………………… that cross country borders such as how some amendment of ….. laws have been made to bring them to UK legislation
Boundaries, Legislation, EU
Fill The Blank:
Design and development of digital systems is covered by the ………………… provided by organisations such as ……….. and …….. (and others) and these need to be considered at the ………… stage, even when they relate specifically to the use of digital systems
Organisations, WCAG/W3C/ISO/IETF, WCAG/W3C/ISO/IETF, Design
State:
3 examples of international legislation relating to the use of digital systems
- European Convention on Human Rights (ECHR) - Article 8
- Electronic Communicatiosn Privacy Act (ECPA)
- Controlling the Assault of Non-Solicited Pornography and Marketing (CAN-SPAM)
Fill The Blank:
When designing digital systems it is very important to consider the specific ……….. legislation of the country or area in which a product will be used - because they tend to differ
Local
Explain:
what ‘ECHR’ (Article 8) is
- Protects a person’s rights to respect for their correspondence, family life, home and private life
- Correspondence can be: emails, letters, phone calls
- Means a digital system cannot be used to ‘snoop’ on anyone
Fill The Blank:
There are …………………. to ECHR (Article …) if there is a threat to national security or serious criminal activity suspected
Exceptions, 8
Fill The Blank:
Although the internet is largely ……………… (a founding principle), its increased use has led to increased use of criminal activity which crosses country borders. Carrying out ………………….. can be seen as contravening the EHCR so: who decides what is an acceptable reason to carry out covert …………………..?
Unpoliced, Surveillance, Surveillance
Explain:
ECPA and how it could affect a UK company
- Electronic Communications Privacy Act
- US legislaton which protects phone and electronic communications while those communications are being made, are in transit, and when they are stored on computers
- Exceptions like in ECHR if there is a threat to national security or criminal activity
- Not relevant in the UK but could affect a UK company if they have a US Presence - it is relevant to the international office
Explain:
CAN-SPAM
- Controlling the Assault of Non-Solicited Pornography and Marketing
- Bans incorrect, deceptive or misleading subject information and lines
- Requires that unsolicited commerical email is identified as an advertising email - like DPA and GDPR requires an opt-out option
- Not relevant in the UK but could affect a UK company if they have a US Presence - it is relevant to the international office
Fill The Blank:
CAN-SPAM directs the Federal Trade Commission (FTC) to issue rules about subject lines of emails containing ……………. explict contents
Sexually
State:
3 main professional bodies that are connected to digital professionals in the digital industry
- British Computer Society (BCS)
- Institute of Analysts and Programmers (IAP)
- Assocation for Computer Machinery (ACM)
Fill The Blank:
Professional bodies in digital have all made a ………….. of …………… for their members.
Code of Conduct
State:
Purpose and role of a code of conduct
Role: Provide a set of guidelines which members abide by
Purpose: Uphold the philosophy of the professional body
Fill The Blank:
Each of the professional bodies are ………………….. to different job ……… within the digital industry, but you can belong to more than one professional ………..
Relevant, Roles, Body
State:
Who the British Computer Society represents
People working in IT and computer science
State:
Who the Institute of Analysts and Programmers represents
Analysts and programmers
Fill The Blank:
The Association of Computer Machinery represents a broad ………… of professionals
Range
State:
3 things, other than communities, that these professional bodies do
- Training and qualifications to update member’s skills
- Updates in the advances in the digital industries
- Range of resources that can be used by members to enhance their own knowledge
Define:
Code of Conduct
A document which defines rules, values, ethical principles and vision
Fill The Blank:
All professional bodies include a statement that their members must act in the ……….. interest
Public
Define:
Code of Practice
A code of conduct and standards of practice - practice standards, employers’ policies and procedures that must be met by employees
Fill The Blank:
A code of conduct is a set of ……………………. that sets out actons members are advised to follow. A code of practice makes these guidelines ………………. and will usually cover ………………… too
Difference between a code of coduct and a code of product
Guidelines, Mandatory/Required, Legislation
State:
3 examples of areas covered by a code of practice
3 of:
* Professional Responsibilities; eg: quality of work, meeting deadlines, communication
* Contribution to society; how actions have an impact on society
* Safety; dependent on sector and job role
* Security and Privacy; eg: wehre data is stored, processes used to maintain security
* Innovation
Fill The Blank:
AN AUP is an ……………… between employers and employees which sets down rules that a user must ………… to for access to a network, email facilities or the internet. An AUP may also set down guidelines as to how a ……………. should be used.
Agreement, Agree, System
Fill The Blanks:
An AUP may be created to set down points that ……………., …………………., employees and employers can adhere to and the AUP can be used where the rules included in the AUP have been breached where these breaches may lead to …………….. action
Staff, Students, Disciplinary
State:
2 areas that may be covered in an AUP
- What monitoring may be carried out by the employer in the workplace
- Activities that are not allowed (eg: use of personal email)
- Non-acceptable use (eg: the internet, email)
- Procedures for the use of systems and removable storage devices
- Taking and using business digital devices off-site
Fill The Blank:
An AUP must be tailored to the …………. and ……………………. of the business which is creating it. ……………………… may be used but should be adapted to meet the business’ needs.
Needs, Requirements, Templates
