You can download the sample Information Technology essay on Ethics Professionalism and Governance File with the following question for free at the end of this page. For further assistance in Information Technology Assignment help, please check our offerings in Information Technology assignment solutions. Our subject-matter experts provide online assignment help to Information Technology students from across the world and deliver plagiarism free solution with a free Turnitin report with every solution.
(AssignmentEssayHelp does not recommend anyone to use this sample as their own work.)
Information Technology Assignment Question
Case Study 1 – Diane the Consultant
Three years ago Diane started her own consulting business. She has been so successful that she now has several people working for her and many clients. Their consulting work includes advising on how to set up corporate intranets, designing database management systems, and advising about security.
She is currently designing a database management system for the personnel office of a medium- sized company. Diane has involved the client in the design process, informing the CEO, the director of computing, and the director of personnel about the progress of the system. It is now time to make decisions about the kind and degree of security to build into the system. Diane has described several options to the client. Because the system is going to cost more than previously planned, the client decides to opt for a less secure system. Diane believes that the information they will be storing is extremely sensitive. It will include performance evaluations, medical records for filing insurance claims, salaries and so forth.
With weak security, employees working on client machines may be able to figure out ways to gain access to this data, not to mention the possibility of online access from hackers. Diane feels strongly that the system should be more secure. She has tried to explain the risks, but the CEO, director of computing and director of personnel all agree that less security will do.
What should she do? Should she refuse to build the system as they request? Briefly discuss the ethical issues in this case study. You should be able to make some recommendations as to how this ethical problem may be resolved. Be sure to support any recommendations with reasons informed by your research and analysis of the ethical issues identified in your discussion.
Information Technology Solution on Ethics Professionalism and Governance File
THE SITUATION AT HAND
This short case study is an example where there is a clear clash of interests between an organization and its employees, with a third party, Diane, caught up in the middle. The organization represented by the CEO, director of computing and the director of personnel, all favors a database solution which can seriously compromise the security and confidentiality of the data of the employees, at the supposed benefit of incurring a lesser cost. Diane, the designer of the database system, foresees security problems, but is unable to convince the bosses about the same.
ACS CODE OF ETHICS & PROFESSIONAL CONDUCT
Let us first look at what codes of ethics, as set by the ACS (Australian Computer Society, 2014), are in direct confrontation with the attitudes of the CEO and the directors:
1.2.1 THE PRIMACY OF THE PUBLIC INTEREST–
For this code, the following three clauses are being violated:
b) Raise with stakeholders any potential conflicts between your professional activity and legal or other accepted public requirements;
e) Endeavor to preserve the integrity, security, continuity and utility of ICT;
g) Endeavor to preserve the confidentiality and privacy of the information of others.
This is clearly not followed by the CEO and the directors who seems to be more bothered by the profits of the business instead of the data losses and unauthorized accesses that might negatively affect the employees in the future…
Read more in the complete solution PDF document at the end of this page.
1.2.2. THE ENHANCEMENT OF QUALITY OF LIFE–
For this code the following clause is being violated:
c) Understand, and give due regard to, the perceptions of those affected by your work;
Again, we see in the case we see that the CEO and the directors cared neither about the potential concerns and perceptions of the employees who can get victimized later, nor paid any heed to the risks voiced by Diane…
In the case, we see that the Directors and the CEO, even when understanding that their decisions may have negative consequences for the employees later, agrees to go ahead with the lesser security setup, without feeling the need to inform the employees.
The Privacy Act of 1988 regulates how the personal data of individuals can be handled by an organization (Australian Government, n.d.). The term 'handling' includes – 'Collection, use, storage and disclosure of personal information, and access to and correction of that information.'
This law mandates that any organization cannot disclose or allow the modification of an employees' data without his or her consent (except that which is required under exceptional medical circumstances). Though in this case, the CEO and the Directors, who represent the organization, are not directly mishandling the employees' data, through their decisions, they are opening up a provision for the same in the future. Thus, at a later stage, the organization (and even the CEO and the Directors) may face implications when any hacker secures unauthorized access to the employees' data.
WHITE'S 3-STEP METHOD FOR CONFLICT RESOLUTION
STEP 1: ANALYSE THE CONSEQUENCES:
The decision of going for a lesser quality of database management system has varying consequences for different stakeholders.
• For the organization, saving, spending less on the software meant more savings and thus a slightly better Balance Sheet at the end of the year. However, it might come under flak or even face lawsuits from various groups if employee data is breached
• For the CEO and the Directors having their way with their decisions is satisfaction at a personal level, knowing that their wishes have been listened to
• For Diane, it is a question of reputation. People might not listen to her side of the story if and when the database system gets hacked in the future
• For the employees, it means unwanted risks in future. Hackers with malicious intentions can use the personal data of the employees in so many wrong ways…
Read more in the complete solution PDF document at the end of this page.
STEP 3: MAKE A DECISION
It's possible that the Directors and the CEO have some background motive for opting for cost saving measures. However, the same is not mentioned in the case. Hence the premise for recommendations is that there's no background reason for taking the cost cutting decisions.
First, if opting for the less secure software is a must, then the software can be implemented in phases. The first phase can have, the less secure version of the software that the directors and the CEO want. Subsequent phases, and with more influx of money, can add on the security modules to the base version of the software.
Secondly, the negative aspects should be conveyed to all stakeholders. Everyone should be aware of what they are getting into. This will avoid or lessen the repercussions of a security violation in the future. The directors and the CEO should also be made aware of the possible legal implications and its associated costs in the future.
Third, if Diane is unable to go around the obstinacy of the CEO and the directors, she should ensure that she has it in writing for the CEO that they specifically opted for the less secure version of the software, in spite of having options to go for more security and that Diane is in no way responsible for any security breach in future. This will absolve her of reputational (for future clients) or legal implications in future.
(Some parts of the solution has been blurred due to privacy protection policy)