Upload
prudence-eaton
View
212
Download
0
Embed Size (px)
Citation preview
Code of Conduct 344
Code of Conduct 344
Code of Conduct 344
Introduction; Do you agree with the following statements?
Employers need their employees to use computer facilities to achieve organisational goals.
Organisations do not mind employees generally surfing the Internet.
Sending personal e-mails is fine when in work.
Downloading software onto a company network is acceptable practice.
Making copies of organisational licensed software for home use is perfectly acceptable.
Browsing through an employees personal folder is not acceptable, and violates their privacy.
Code of Conduct 344
There needs to be some guidelines to clarify:-
What the organisation expects the employees to do.
What the employees are allowed to do.
Such guidelines are know as a Code of Conduct
Code of Conduct 344
Definition;
An ICT Code of Conduct is an agreement made by an employee to obey the rules of the organisation and work within the specified guidelines as regards to the use of ICT and the Internet.
This Code of Conduct will set out:-
What is expected of the employee
What is not acceptable
Disciplinary action which may be taken
Code of Conduct 344
The Code of Conduct serves to prevent potential problems which may:-
Damage or affect the organisations ICT system and data
Cause offence or groups or individuals
Allow the possibility of legal action against the organisation
Potential Problems
Code of Conduct 344
Potential Problems
Employees who work within the Code of Conduct will hopefully avoid problems which include:
Introduction of Virus; Indiscriminate downloading of illicit software or opening of e-mail attachments
Distribution of offensive material; Racial, sexual, other material likely to cause offence distributed using ICT, may lead to legal action against the organisation.
Misuse of Data; Data which is use for the purpose it is not registered for under the DPA will leave the organisation open to prosecution under this act.
Copying of Software; Software copied for personal/home use or sale, will break copyright laws and licensing agreement leaving prosecution a possibility
Code of Conduct 344
Contents of a Code of Conduct
The Code of Conduct will set out for employees:-
•Responsibilities
•Authorisation
•Security
•Penalties for misuse
Code of Conduct 344
Responsibilities
The Code will set out clearly the responsibility the employee has to the organisation through;
•Abiding by Legislation
•Protecting ICT systems and data from damage
•Respecting the rights of co-workers
Code of Conduct 344
Authorisation
The Code will clearly define the employees authority to access data; amend data structures through;
•Levels of Access (Data)
•Editing authority at each level (update, delete, amend data)
•Re-naming tables, deleting/creating tables, amending relationships (Structure)
Code of Conduct 344
Security
The Code will highlight the security practices which have to be observed by all employees, it will cover;
•Use of Passwords (disclosure/protection/renew)
•Use of Internet/e-mail facilities
•Log-on/Log-off procedures
•Data transfer
Code of Conduct 344
Penalties for Misuse
The Code will set out infringements to the Code of Conduct, and the penalties for each offence, including;
•Informal Warning
•Written Warning
•Dismissal
•Prosecution
Code of Conduct 344
Activity
1 Using the Internet locate a code of conduct for an organisation
3 Read the case study B.G. Computer Consultants and answer the questions which follow.
2 Employing the content headings of:-
•Responsibilities•Authorisation•Security•Penalties for Misuse
Design an ICT Code of Conduct for Teachers and Pupils using the school network.
Code of Conduct 344
BG Computer Consultants
Times are hard at B.G. Computer Consultants, with some employees been made redundant. Only last week, Tom was given 15 minutes to clear his desk before being escorted from the building; his User ID and password removed from the company network. Tom had downloaded an adventure game and installed it onto the network. Helen and Ian however, are fairly confident that their jobs as system analysts are secure, since they are both working on large contracts.
Ian is on the verge of taking out a very large mortgage on a new house, and spends a fair portion of the working day browsing the Internet, for the best mortgage deal; using the email facilities to confirm viewing appointments with estate agents. He has often told Helen that if the company “did the dirty on him”, he would get his own back in no uncertain terms. He has a friend who works in rival company who would love to gain access to the companies customer account details.
One weekend Helen is working on a presentation at home. She is using a copy of the software she borrowed from the technician, and installed on her home PC. On the Monday at work she realised that she does not have all the data for the presentation. The figures she needs are in a file on the boss’s computer, and he is out at a meeting. She happens to know his password (unknown to him), and decides to look for the file. Purely accidentally she finds racially offensive and sexually explicit content in his e-mail inbox and outbox. She also comes across a memo, stating that Ian is to be made redundant as soon as the contract he is working on is complete.
Code of Conduct 344
BG Computer Consultants questions
1 Compile a list of the characters in the case study and clearly state the possible infringement to an ICT Code of Conduct. Clarify the potential consequences of their actions
2 Which infringement would you consider the more serious?
3 Which posed the greatest risk to the organisation?
Should Helen warn Ian about this, before he take out the mortgage?Who benefits? Who is harmed?