Module 2: Ethics for IT Workers and IT Users Flashcards
A document that stipulates restrictions and practices that a user must agree in order to use organizational computing and network resources.
acceptable use policy (AUP)
A group that provides assistance to the board of directors in fulfilling its responsibilities with respect to the oversight of the quality and integrity of the organization’s accounting and reporting practices and controls, including financial statements and reports; the organization’s compliance with legal and regulatory requirements; the qualifications, independence, and performance of the company’s independent auditor; and the performance of the company’s internal audit team.
audit committee
An agreed-upon sets of skills and abilities that all licensed professionals must possess.
body of knowledge
The failure of one party to meet the terms of a contract.
breach of contract
The failure to act as a reasonable person would act.
breach of the duty of care
The act of providing money, property, or favors to someone in business or government in order to obtain a business advantage.
bribery
A trade group that represents the world’s largest software and hardware manufacturers.
BSA | The Software Alliance
Indicates that a professional possesses a particular set of skills, knowledge, or abilities, in the opinion of the certifying organization. Certification can also apply to products (e.g., the Wi-Fi CERTIFIED logo assures that the product has met rigorous interoperability testing to ensure that it will work with other Wi-Fi-certified products) and is generally voluntary.
certification
To be in accordance with established policies, guidelines, specifications, or legislation.
compliance
A conflict between a person’s (or firm’s) self-interest and the interests of a client.
conflict of interest
The obligation to protect people against any unreasonable harm or risk.
duty of care
Hardware or software (or a combination of both) that serves as the first line of defense between an organization’s network and the Internet; a firewall also limits access to the company’s network based on the organization’s Internet-usage policy.
firewall
An act that makes it a crime to bribe a foreign official, a foreign political party official, or a candidate for foreign political office.
Foreign Corrupt Practices Act (FCPA)
The crime of obtaining goods, services, or property through deception or trickery.
fraud
A government-issued permission to engage in an activity or to operate a business.
government license
A group within an organization managing the processes, tools, and policies necessary to prevent, detect, document, and counter threats to digital and nondigital information, whether it is in transit, being processed, or at rest in storage.
information security (infosec) group
The process established by an organization’s board of directors, managers, and IT systems people to provide reasonable assurance for the effectiveness and efficiency of operations, the reliability of financial reporting, and compliance with applicable laws and regulations.
internal control
A person who uses a hardware or software product; the term distinguishes end users from the IT workers who develop, install, service, and support the product. IT users need the product to deliver organizational benefits or to increase their productivity.
IT user
The failure of one party to perform certain expressed or implied obligations, which impairs or destroys the essence of the contract.
material breach of contract
The misstatement or incomplete statement of a material fact
misrepresentation
Not doing something that a reasonable person would do or doing something that a reasonable person would not do.
negligence
The guidelines and standards by which the organization must abide
policy
Defines the exact instructions for completing each task in a process.
procedure
A collection of tasks designed to accomplish a stated objective.
process
The principles and core values that are essential to the work of a particular occupational group.
professional code of ethics
Breach of the duty of care by a professional.
professional malpractice
A legal standard that defines how an objective, careful, and conscientious person would have acted in the same circumstances.
reasonable person standard
A legal standard that defendants who have particular expertise or competence are measured against.
reasonable professional standard
Falsely claiming competence in a skill, usually because that skill is in high demand.
résumé inflation
The concept of having different aspects of a process handled by different people to prevent fraud.
separation of duties
A trade group that represents the world’s largest software and hardware manufacturers.
Software & Information Industry Association (SIIA)
One who applies engineering principles and practices to the design, development, implementation, testing, and maintenance of software.
software engineer
Information, generally unknown to the public, that a company has taken strong measures to keep confidential.
trade secret
An effort by an employee to attract attention to a negligent, illegal, unethical, abusive, or dangerous act by a company that threatens the public interest.
Whistle-blowing
An IT worker cannot be sued for professional malpractice unless he or she is licensed. True or False.
True
The mission of the Software & Information Industry Association and the Business Software Alliance is to?
stop the unauthorized copying of software produced by its members
__________ is an effort by an employee to attract attention to a negligent, illegal,?unethical, abusive, or dangerous act by a company that threatens the public interest.
Whistle-blowing
____________ occurs when a party fails to perform certain express or implied obligations, which impairs or destroys the very essence of a contract.
Material breach of contract
Under the Foreign Corrupt Practices Act (FCPA), it is permissible to pay an official to perform some official function faster (for example, to speed customs clearance). True or False.
True
A(An)____________ states the principles and core values that are essential to the work of a particular occupational group.
professional code of ethics or code of ethics
Unlike certification, which applies only to people and is required by law, licensing can also apply to products. True or False.
False
To become licensed as a software engineer in the United States, one must pass the Fundamental of Engineering exam and a software engineering _______ exam.
Principles and Practices
The core________ for any profession outlines agreed-upon sets of skills and abilities that all licensed professionals must possess.
body of knowledge
Professionals who breach the duty of care are liable for injuries that their negligence causes. This liability is commonly referred to as
professional malpractice
Senior management (including members of the audit committee) must always follow the recommendations of the internal audit committee. True or False.
True
__________________ is the process established by an organization’s board of directors, managers, and IT systems people to provide reasonable assurance for the effectiveness and efficiency of operations, the reliability of financial reporting, and compliance with applicable laws and regulations.
Internal control
The software piracy rates in Albania, Kazakhstan, Libya, Panama, and Zimbabwe exceed?
70 percent
A ______ is hardware or software (or a combination of both) that serves as the first line of defense between an organization’s network and the Internet; it also limits access to the company’s network based on the organization’s Internet-usage policy.
Firewall
