The contemporary Legal landscape in the IT industry
• Key IT/IS UK/EU/International legislation – what are the most important parts of the law that an IT professional needs to know about. Rather than just a list of relevant laws try to organise the material thematically e.g. by activity – contracting, privacy, etc.
• Professional requirements for knowledge of the Law – what are the responsibilities of a professional with respect to the law – use the BCS code of practice as a guide. What a professional should do, what mustn’t they do how can they ensure they act professionally in meeting their responsibilities with respect to the law.
• Contemporary challenges for legislators – how are recent developments in IT creating challenges that the law needs to respond to if possible give some specific real-world examples taken from the guest speakers or your reading.
The contemporary ethical environment in the IT industry
• The main normative approaches to ethics – compare and contrast the main approaches that we have looked at virtue, consequentialist and deontological.
• Professional requirements for ethical behaviour – what must a professional do to ensure they are acting ethically? Use the BCS code of conduct as a guide – does this suggest a virtue, consequentialist, deontological or mixed approach?
• Contemporary ethical dilemmas – how are recent developments in IT creating challenges for ethical behaviour? Can IT be used to make people and or organisation behaviour more ethical? If possible give some specific real-world examples taken from the guest speakers or your reading.
Ensuring systemic systems security in the contemporary IT environment
• The technical, operational and social aspects of IT security – explain the technical aspects of security, the operational aspects of security and the social aspects of security.
• Managing the development process with security in mind – how should security issues be addressed in the development process in order to ensure that technical, operational and social aspects of security are all addressed?
• Contemporary security challenges – how are recent development in IT creating new security challenges? If possible give some specific real-world examples taken from the guest speakers or your reading.
Measuring and management contemporary IT related risk
• What is risk and how can it be measured – discuss the different aspects of risk that need to be considered. You should organise risks thematically e.g. by types of activity, projects, operations etc.
• How should risk be managed – what is the professional’s responsibility for managing risk and what is recommended good practice?
• Contemporary risk challenges to measuring and managing risk – how are recent developments in IT creating new risk management challenges? If possible give some specific real-world examples taken from the guest speakers or your reading.
British computer society (BSC) is a learned society and professional society that is used to represent those working in the field of information technology both in internationally and UK, established in the year of 1957.British computer society is also known as the chartered institute for information technology and BCS which is used to make and established the rules, regulations and professional standards of conduct, ethical practices and competence for computing in UK (1981 British Computer Society Conference). The British code of good practices in the workplace describes the set of the standards of practices in the field of information technology. In UK British computer society is the professional bodies that have an ability to provide the permission to the chartered status to the informational technology professionals (British Computer Society Conference, 1958). There are the four main areas in which British computer society is conducted.
Explain the main normative approaches to ethics
In the contemporary ethical environmental in information technology; normative ethics is used to examine and identify the wrongness and rightness actions. Basically normative ethics is separated from the meta-ethics and descriptive ethics. In traditional ways it is said that the normative ethics is used to determine whether action is wrong and right. Universal decoration of human Right (UDHR) and charter of fundamental right of European Union (EFREU) are the two fundamental normative incumbents and tools (British Computer Society (BCS) Business Books, 2008). Right of the humans or individuals, freedom and educations right, environment rights, justice and non-discriminations are eh fundamental normative ethics. Normative instruments provides to ensure the requisite depth and breadth of ethical context and concerned can be addressed.
[Source: www. Gsb.stanford.com]
For business perspective ethics plays critical role and the important aspect in IS. The main objective of using the ethics within the organization is to remain long time and achieve better revenue. Codes of ethics contain the professional accountable and professional used the ethics to restrict the unethical activity in the organization. Codes of ethical rules and regulations help the professional to control their operations and memberships. Code of ethics helps the professional to identify the integrity, objectivity, professional competence, confidentially and professional’s behaviors in an effective and efficient manner. In integrity members will be honest and straightforward (Jeffrey, 2007). Conflicts can be easily solved within the organization with the help of ethic codes. It provides the conceptual framework that must be applied by the members to identify and evaluate the treats. Members maintain the objective and obtain the result in effective manner through the ethics code.
In the field of information technology several ethical dilemmas are raised but form that ‘PAPA’ i.e. privacy, accuracy, protections and accessibility are the four issues. Apart from that software theft, computer crime, copy right are another dilemmas in the field of computer or information technology. Due to advancement and development of the information technology, larger numbers of data and information are available, thus privacy is most important from organization perspective and this is obtained with the help of ethical codes or ethical rules and regulations. Thus with the help of ethical laws computing professionals understand what is right or wrong, understand their own responsibility in the workplace and do the work with honest and loyalty.
To explain the operational, social and technical aspects of information technology security
The security in the field of information technology must contemplate not in technical aspect but also consider in operational and social aspects that is related to the process and the environment aspects (Deming, 1987). Information technology provides the ways to the users to transmit the data and information from source to destination end or from one individual to other individuals. They provide the efficiency, speed, quality, accuracy, dependability and help the business to achieve their objective in efficient manners. In the digital market environment information technology work as a vehicle that store the data and information carried it; these resources are most important resources for organization perspective. Thus protection of the data and information is most important.
In the field of information technology abstraction is used to abstract the data and information i.e. it showing only functionality without display their process and internal part. Like for example how data and information are sending from source to destination end it does not display, it only shows the data in source computer and destination computer; that means processing of the data are not displayed.
Data and information is stored in the database, thus it is necessary for the organization to secure the database. This is done with the help of data hiding techniques. the main principle of this techniques is to hide the locations of the physical data i.e. location of the data and information are not displayed to any users. Thus uses only see the logical data not physical data.
In the field of information technology main objective of the encryption is to change the meaning of the data before sending it from one place to another place.
In multilayered technology security are designed in all layers and it allow executing the process in a linear ways that helps to control the accessing of the data.
The regulations include the norms, procedures and politics that provides and make the standard behavior. If the members of the organization are not flows these rules and regulations within the organization then it would break the organization existence rules.
Organization cultures also considered into the information security process; because all security within the organization must be follow effective manner if the organization culture is good.
Information security implantation process helps the organization to create better work environment. Lack of the environment increase the conflicts, unfriendly people and decrease the productivity.
In order to provide the better security organization needs to give continuous training to their staffs because proper tanning create a positive environment and improving the knowledge of the workers.
ITIL (information technology infrastructure library) is a technique that helps the organization to manage the IT infrastructure, operations and developments. Thus management needs to provide better security polices in their process because better process leads the organization in the better positions (Pathak, 2005).
With the help of better monitoring polices organization achieve better security. Monitoring polices helps the organization to identify the unethical uses.
To explain how to manage the risk
Risk management is the process used to identify and assessing the risk, making and applying the steps in order to reduce the risks and maintain the risk level in efficient manner. in the field of information technology, information risk management helps the organization to manage the risk in an effective and efficient manner (Crouhy, Galai and Mark, 2000). Risk management contains Risk assessments, risk migrations and uncertainty analysis to analyze and manage the risk. Identification, estimation and evolutions are three major steps to determine and mange the risks. Risks identification helps the organization to determine the cause of the risks, cause of the potential failure. The main objective of the identification of risk is to identify the threats, security measure and risk managed. Risk estimation helps the organization to estimate the risks and this is done by the quantitative and qualitative risks assessments process. Risk evaluation is the final steps in which risk is determined in the process level i.e. both input and output level. In this level risk assessment is compare with the risks level and here it is determined that risk is acceptable or not.
The organization is considering the following things when they assess the risk;
Risk assessment process helps the organization to analyze and evaluate the risk in an effective and efficient manner. Determinations, collection and evolutions are the basic steps used in the process of risk assessment. Determination process is used to identify the risk and it is analyzed with the help of available data and information. Analyze process contains the three steps including asset valuation; consequence and identification i.e. threat identification. After identification analyzing process is done with the help of safeguard analyzing, likelihood analyzing and vulnerability analyzing process. Finally risk assessment includes the final result and output (Hester and Harrison, 1998).
Risk migration helps the organization to involve the implementation and selection of the security in order to reduce the risk and achieve the better productivity. Identification of the appropriate risks control function is done in select safeguard process. Acceptance of the risk are done in the process of accept residual risk methods. Acceptances of the risks in the field of computer are closely related to the information system known as the accreditation (Daveri and Faini, 1995). Monitoring and implementation process helps the organization to continue to efficient.
Uncertainty analysis is used to perform and documentation of the risk management result that helps the organization in future. There are two source of uncertainty risk analysis management process. First is the methodology or lack of confidence and another is the risk model, consequences or safeguard effectiveness (Ronen, 1988).
References
British Computer Society (BCS) Business Books. (2008). Kybernetes, 37(3/4).
British computer society conference. (1981). Computer Networks (1976), 5(6), pp.459-462.
British Computer Society Conference: June 1959. (1958). The Computer Journal, 1(2), pp.70-70.
Crouhy, M., Galai, D. and Mark, R. (2000). Risk management. New York: McGraw Hill.
Daveri, F. and Faini, R. (1995). Risk and migration. Oxford, U.K.: Queen Elizabeth House.
Davies, D. (1987). The consumer protection act British computer society, 24 September 1987. Computer Law & Security Review, 3(4), pp.38-40.
Deming, R. (1987). Advances in security technology. Boston: Butterworths.
First British Computer Society Conference. (1958). The Computer Journal, 1(3), pp.141-141.
Hester, R. and Harrison, R. (1998). Risk assessment and risk management. Cambridge, UK: Royal Society of Chemistry.
Jeffrey, C. (2007). Research on professional responsibility and ethics in accounting. Amsterdam, the Netherlands: Elsevier JAI.
Pathak, J. (2005). Information Technology Auditing. Berlin, Heidelberg: Springer-Verlag Berlin Heidelberg.
Ronen, Y. (1988). Uncertainty analysis. Boca Raton, Fla.: CRC Press.
Essay Writing Service Features
Our Experience
No matter how complex your assignment is, we can find the right professional for your specific task. Contact Essay is an essay writing company that hires only the smartest minds to help you with your projects. Our expertise allows us to provide students with high-quality academic writing, editing & proofreading services.
Free Features
Free revision policy
$10Free bibliography & reference
$8Free title page
$8Free formatting
$8How Our Essay Writing Service Works
First, you will need to complete an order form. It's not difficult but, in case there is anything you find not to be clear, you may always call us so that we can guide you through it. On the order form, you will need to include some basic information concerning your order: subject, topic, number of pages, etc. We also encourage our clients to upload any relevant information or sources that will help.
Complete the order form
Once we have all the information and instructions that we need, we select the most suitable writer for your assignment. While everything seems to be clear, the writer, who has complete knowledge of the subject, may need clarification from you. It is at that point that you would receive a call or email from us.
Writer’s assignment
As soon as the writer has finished, it will be delivered both to the website and to your email address so that you will not miss it. If your deadline is close at hand, we will place a call to you to make sure that you receive the paper on time.
Completing the order and download