Answer

Personal Code of Conduct

Operating to the highest ethical values ensures that information security and information technology professionals engender trust in all persons they encounter within their professional capacities (Reynolds, 2014). Having a personal code of conduct grants information security professional a competitive advantage when it comes to behaving ethically and ethical execution his or her operations (Whitman & Mattord, 2011; Tahat et al., 2014). As a future information security or information technology professional, my personal ethical code of conduct is founded on three values applying to all circumstances in which I participate and exercise my judgment.

The values on which my code of ethics is founded are integrity, objectivity, and professional competence, as well as due care. Based on these values, I have established seven guiding principles that constitute my code of ethics. My first guiding principle is to behave at all times in line with the prevailing laws and my association values, and exercise the highest moral principles. My second guiding principle is to safeguard and uphold appropriate level of integrity, confidentiality, and existence of sensitive information within any course of my professional activities. Conducting the service with good faith, fairness, and courtesy towards clients, giving credit where it deserves, and accepting and giving fair and honest professional comments is my third guiding principle. The fourth guiding principle in my code of ethics concerns not engaging in any improper practices or crime. Performing all my professional duties and activities in line with the highest ethical principles is my fifth guiding principle. My sixth guiding principle is avoiding professional involvement with parties whose reputation and practices might demean the profession. The seventh guiding principle in my code of ethics is the provision of service with forthrightness, competence, and honesty about limitations, education, and experience.

In the era of technological advancement and electronic access, information technology and information security professionals are vulnerable to making mistakes, behaving incorrectly, and having their unethical acts go viral (Burmeister, 2017; Gugley, 2017; Reynolds, 2014). In relation to this, increasing events of unethical behaviours among information security professionals and the dire consequences arising from such incidences compelled me to develop my personal code of conduct. My personal experience and the events involving employees from Google and Apple largely influenced my establishment of a personal code of conduct. In these incidences, some professionals’ reputations were adversely impacted and had to be fired from their jobs by their organizations, whereas other faced jail terms. For instance, in 2016, an employee of Google was fired after sharing the firm’s internal posts censuring an executive (Bloomberg, 2019). In 2017, Apple Inc. identified 29 individual, who leaked the firm’s software roadmap, out of which 12 workers were arrested (Bloomberg, 2019). These individuals comprised contractors, Apple’s employees, and Apple’s partners within the supply chain. Besides, I remember meeting a former chief information security officer in a local information technology company, who confessed that he regretted sharing clients’ information with other interested parties for money, as this led to him loosing job.

In conclusion, having a personal code of ethics is essential for the realization of ethical practice among information security or information technology professionals. I robustly believe that my code of ethics described in this paper will greatly enhance my service provision and execution of other responsibilities and duties within the practice in an ethical manner.