Ethics Flashcards
What is fraud?
Any intentional act or omission designed to DECEIVE others, resulting in a loss for the victim or a gain for the perpetrator
What are the 4 types of fraud?
- Financial reporting fraud
- Non-financial reporting fraud
- Misappropriation of assets
- Other illegal or corrupt acts
What is the fraud triangle?
Outlines the 3 conditions that lead to fraud:
RATIONALISATION - justifying dishonest actions - how do you sleep at night after committing a crime?
PRESSURE - motivation or incentive to commit fraud - why do you want to commit fraud?
OPPORTUNITY - the knowledge and ability to carry out fraud - what power or resources do you have access to?
What is an ethical theory?
A framework used to analyse an issue and determine if it is right or wrong
What are the two ethical theories?
Consequence based (Utilitarianism) - consider the consequence and do what brings about the greatest happiness/outcome for the greatest number
Duty based (Deontological) - disregard the consequences and only follow the principles of right and wrong/legal or not legal —> the world would be worse off if everyone did it
What is the fairness approach (subset of consequence based)?
Treats all people equally, or if unequally, then fairly, based on some defensible standard
Eg if you work harder you should get paid more
What is the rights approach (subset of action-based)?
Where an ethical action is one that best protects and respects the moral rights of the affected parties
What is the common good approach (sub-set of consequence based)?
Something is ethical when common conditions
What is the ethical decision making framework?
- Recognise an ethical issue
- Gather information
- Evaluate alternative information
- Make a decision and test it
- Act and reflect on outcomes
What are four ethical issues in IT?
1.
What is the PAPA model of privacy for IT?
Assesses the severity of a privacy violation case
Privacy - collect, store and disseminate information about individuals
Accuracy - who is responsible for the authenticity, fidelity, and correctness of information
Property
Accessibility
What are the limitations of utilitarianism?
Tends to favour quantifiable variables over non-quantifiable variables
Measuring consequences is a subjective process
How do you evaluate alternatives in ethical decision making?
Determine action or consequence as your underpinning theory
Which produces most good (utilitarianism)?
Which respects rights?
Which one treats people fairly (fair)?
What is cyber crime and privacy?
PAPA Model - Privacy
Key questions to ask
What information about oneself should an individual be required to reveal to others?
What types of personal information can people keep to themselves and not be forced to reveal to others?
What information about individuals should be kept in databases, and how secure is the information there?
What kind of surveillance can an employer use on its employees?
PAPA Model - Accuracy
Key questions to ask
Who is responsible for the authenticity, fidelity, and accuracy of the information collected?
How can we ensure that the information will be processed properly and presented accurately to users?
How can we ensure that errors in databases, data transmissions, and data processing are accidental and not intentional?
Who is to be held accountable for errors in information, and how should the injured parties be compensated?
PAPA Property
Key questions to ask
Who owns the information?
What are the just and fair prices for its exchange?
How should we handle software piracy?
Under what circumstances can one use proprietary databases?
Can corporate computers be used for private purposes?
How should experts who contribute their knowledge to create expert systems be compensated?
How should access to information channels be allocated?
PAPA Accessibility
Key questions to ask
Who is allowed to access information?
How much should companies charge for permitting access to information?
How can access to computers be provided for employees with disabilities?
Who will be provided with equipment needed for accessing information?
What information does a person or organisation have a right to access, under what conditions, and with what safeguards?
What controls can be put in place to protect private information?
Encryption - transforming normal text in to gibberish (unreadable) - changing the format of the information
Virtual - private communication channels (ie tunnels) which are only accessible to parties possessing appropriate encryption and decryption keys - changing the way information is transferred
What are the 3 types of encryption
Symmetric
- one key used to both encrypt and description
Asymmetric
- one key to encrypt
- one key to decrypt
Hybrid
- mix of both
Encryption examples
- digital signature
Do individuals have the right to edit, review, access, correct, or delete information held by an organisation?
Yes they do have the right by law
