chap 007
DESCRIPTION
Business plug in and ethicsTRANSCRIPT
![Page 1: Chap 007](https://reader035.vdocuments.net/reader035/viewer/2022062515/563db857550346aa9a92ccbe/html5/thumbnails/1.jpg)
McGraw-Hill/Irwin © The McGraw-Hill Companies, All Rights Reserved
BUSINESS PLUG-IN B7
Ethics
![Page 2: Chap 007](https://reader035.vdocuments.net/reader035/viewer/2022062515/563db857550346aa9a92ccbe/html5/thumbnails/2.jpg)
B7-2
LEARNING OUTCOMES
1. Summarize the guidelines for creating an information privacy policy
2. Identify the differences between an ethical computer use policy and an acceptable computer use policy
3. Describe the relationship between an email privacy policy and an Internet use policy
![Page 3: Chap 007](https://reader035.vdocuments.net/reader035/viewer/2022062515/563db857550346aa9a92ccbe/html5/thumbnails/3.jpg)
B7-3
LEARNING OUTCOMES
4. Explain the effects of spam on an organization
5. Summarize the different monitoring technologies and explain the importance of an employee monitoring policy
![Page 4: Chap 007](https://reader035.vdocuments.net/reader035/viewer/2022062515/563db857550346aa9a92ccbe/html5/thumbnails/4.jpg)
B7-4
INTRODUCTION
• Ethics – the principles and standards that guide our behavior toward other people
• Important ethical concepts stemming from IT– Intellectual property– Copyright– Fair use doctrine – Pirated software– Counterfeit software
![Page 5: Chap 007](https://reader035.vdocuments.net/reader035/viewer/2022062515/563db857550346aa9a92ccbe/html5/thumbnails/5.jpg)
B7-5
INTRODUCTION
• ePolicies address information privacy and confidentiality issues– ePolicies – policies and procedures that address the
ethical use of computers and Internet usage– Privacy – the right to be left alone when you want to
be, to have control over your own personal possessions, and not to be observed without your consent
– Confidentiality – the assurance that messages and information are available only to those who are authorized to view them
![Page 6: Chap 007](https://reader035.vdocuments.net/reader035/viewer/2022062515/563db857550346aa9a92ccbe/html5/thumbnails/6.jpg)
B7-6
Ethics
• Individuals form the only ethical component of an IT systems
![Page 7: Chap 007](https://reader035.vdocuments.net/reader035/viewer/2022062515/563db857550346aa9a92ccbe/html5/thumbnails/7.jpg)
B7-7
Ethics
• Acting ethically and legally are not always the same
![Page 8: Chap 007](https://reader035.vdocuments.net/reader035/viewer/2022062515/563db857550346aa9a92ccbe/html5/thumbnails/8.jpg)
B7-8
INFORMATION HAS NO ETHICS
• Information does not care how it is used
• Information will not stop itself from sending spam, viruses, or highly-sensitive information
• Information cannot delete or preserve itself
![Page 9: Chap 007](https://reader035.vdocuments.net/reader035/viewer/2022062515/563db857550346aa9a92ccbe/html5/thumbnails/9.jpg)
B7-9
Developing Information Management Policies
• Organizations strive to build a corporate culture based on ethical principles that employees can understand and implement
• ePolicies typically include:– Ethical computer use policy– Information privacy policy– Acceptable use policy– Email privacy policy– Internet use policy– Anti-spam policy
![Page 10: Chap 007](https://reader035.vdocuments.net/reader035/viewer/2022062515/563db857550346aa9a92ccbe/html5/thumbnails/10.jpg)
B7-10
ETHICAL COMPUTER USE POLICY
• Ethical computer use policy – contains general principles to guide computer user behavior
• The ethical computer user policy ensures all users are informed of the rules and, by agreeing to use the system on that basis, consent to abide by the rules
![Page 11: Chap 007](https://reader035.vdocuments.net/reader035/viewer/2022062515/563db857550346aa9a92ccbe/html5/thumbnails/11.jpg)
B7-11
ETHICAL COMPUTER USE POLICY
![Page 12: Chap 007](https://reader035.vdocuments.net/reader035/viewer/2022062515/563db857550346aa9a92ccbe/html5/thumbnails/12.jpg)
B7-12
INFORMATION PRIVACY POLICY
• The unethical use of information typically occurs “unintentionally” when it is used for new purposes– For example, social security numbers started as a
way to identify government retirement benefits and are now used as a sort of universal personal ID
• Information privacy policy - contains general principles regarding information privacy
![Page 13: Chap 007](https://reader035.vdocuments.net/reader035/viewer/2022062515/563db857550346aa9a92ccbe/html5/thumbnails/13.jpg)
B7-13
INFORMATION PRIVACY POLICY
• Information privacy policy guidelines1. Adoption and implementation of a privacy
policy
2. Notice and disclosure
3. Choice and consent
4. Information security
5. Information quality and access
![Page 14: Chap 007](https://reader035.vdocuments.net/reader035/viewer/2022062515/563db857550346aa9a92ccbe/html5/thumbnails/14.jpg)
B7-14
ACCEPTABLE USE POLICY
• Acceptable use policy (AUP) – a policy that a user must agree to follow in order to be provided access to a network or to the Internet
• An AUP usually contains a nonrepudiation clause– Nonrepudiation – a contractual stipulation to ensure
that ebusiness participants do not deny (repudiate) their online actions
![Page 15: Chap 007](https://reader035.vdocuments.net/reader035/viewer/2022062515/563db857550346aa9a92ccbe/html5/thumbnails/15.jpg)
B7-15
ACCEPTABLE USE POLICY
![Page 16: Chap 007](https://reader035.vdocuments.net/reader035/viewer/2022062515/563db857550346aa9a92ccbe/html5/thumbnails/16.jpg)
B7-16
EMAIL PRIVACY POLICY
• Organizations can mitigate the risks of email and instant messaging communication tools by implementing and adhering to an email privacy policy
• Email privacy policy – details the extent to which email messages may be read by others
![Page 17: Chap 007](https://reader035.vdocuments.net/reader035/viewer/2022062515/563db857550346aa9a92ccbe/html5/thumbnails/17.jpg)
B7-17
EMAIL PRIVACY POLICY
![Page 18: Chap 007](https://reader035.vdocuments.net/reader035/viewer/2022062515/563db857550346aa9a92ccbe/html5/thumbnails/18.jpg)
B7-18
EMAIL PRIVACY POLICY
![Page 19: Chap 007](https://reader035.vdocuments.net/reader035/viewer/2022062515/563db857550346aa9a92ccbe/html5/thumbnails/19.jpg)
B7-19
INTERNET USE POLICY
• Internet use policy – contains general principles to guide the proper use of the Internet
![Page 20: Chap 007](https://reader035.vdocuments.net/reader035/viewer/2022062515/563db857550346aa9a92ccbe/html5/thumbnails/20.jpg)
B7-20
ANTI-SPAM POLICY
• Spam – unsolicited email
• Spam accounts for 40% to 60% of most organizations’ email and cost U.S. businesses over $14 billion in 2005
• Anti-spam policy – simply states that email users will not send unsolicited emails (or spam)
![Page 21: Chap 007](https://reader035.vdocuments.net/reader035/viewer/2022062515/563db857550346aa9a92ccbe/html5/thumbnails/21.jpg)
B7-21
Ethics in the Workplace
• Workplace monitoring is a concern for many employees
• Organizations can be held financially responsible for their employees’ actions
• The dilemma surrounding employee monitoring in the workplace is that an organization is placing itself at risk if it fails to monitor its employees, however, some people feel that monitoring employees is unethical
![Page 22: Chap 007](https://reader035.vdocuments.net/reader035/viewer/2022062515/563db857550346aa9a92ccbe/html5/thumbnails/22.jpg)
B7-22
MONITORING TECHNOLOGIES
![Page 23: Chap 007](https://reader035.vdocuments.net/reader035/viewer/2022062515/563db857550346aa9a92ccbe/html5/thumbnails/23.jpg)
B7-23
MONITORING TECHNOLOGIES
• Monitoring – tracking people’s activities by such measures as number of keystrokes, error rate, and number of transactions processed– Key logger or key trapper software– Hardware key logger– Cookie– Adware– Spyware– Web log– Clickstream
![Page 24: Chap 007](https://reader035.vdocuments.net/reader035/viewer/2022062515/563db857550346aa9a92ccbe/html5/thumbnails/24.jpg)
B7-24
EMPLOYEE MONITORING POLICIES
• Employee monitoring policies – explicitly state how, when, and where the company monitors its employees
![Page 25: Chap 007](https://reader035.vdocuments.net/reader035/viewer/2022062515/563db857550346aa9a92ccbe/html5/thumbnails/25.jpg)
B7-25
CLOSING CASE ONE Sarbanes-Oxley
• The Sarbanes-Oxley Act (SOX) of 2002 is legislation enacted in response to the high-profile Enron and WorldCom financial scandals to protect shareholders and the general public from accounting errors and fraudulent practices by organizations
• Sarbanes-Oxley is where information technology, finance, and ethics meet
![Page 26: Chap 007](https://reader035.vdocuments.net/reader035/viewer/2022062515/563db857550346aa9a92ccbe/html5/thumbnails/26.jpg)
B7-26
CLOSING CASE ONE QUESTIONS
1. Define the relationship between ethics and the Sarbanes-Oxley Act
2. Why is records management an area of concern for the entire organization?
3. What are two policies an organization can implement to achieve Sarbanes-Oxley compliance? Be sure to elaborate on how these policies can achieve compliance
4. Identify the biggest roadblock for organizations that are attempting to achieve Sarbanes-Oxley compliance
![Page 27: Chap 007](https://reader035.vdocuments.net/reader035/viewer/2022062515/563db857550346aa9a92ccbe/html5/thumbnails/27.jpg)
B7-27
CLOSING CASE ONE QUESTIONS
5. What types of information systems might facilitate SOX compliance?
6. How will electronic monitoring affect the morale and performance of employees in the workplace?
7. What do you think an unethical accountant or manager at Enron thought were the rewards and responsibilities associated with their job?
![Page 28: Chap 007](https://reader035.vdocuments.net/reader035/viewer/2022062515/563db857550346aa9a92ccbe/html5/thumbnails/28.jpg)
B7-28
CLOSING CASE TWOInvading Your Privacy
• Can your employer invade your privacy through monitoring technologies?
– Smyth verses Pillsbury Company– Bourke verses Nissan Motor Corporation– McLaren verses Microsoft Corporation
![Page 29: Chap 007](https://reader035.vdocuments.net/reader035/viewer/2022062515/563db857550346aa9a92ccbe/html5/thumbnails/29.jpg)
B7-29
CLOSING CASE TWO QUESTIONS
1. Pick one of the cases above and create an argument on behalf of the employee
2. Pick one of the cases above and create an argument against the employee
3. Pick one of the cases above and create an argument on behalf of the employer’s use of monitoring technologies
4. Pick one of the cases above and create an argument against the employer’s use of monitoring technologies