Max Werdin

1.     What does CISSP stand for? Use the internet to identify the ethical rules CISSP holders have agreed to follow. †CISSP stands for certified information systems security professional. One who holds the title of CISSP must follow the following ethical rules; First: Protect society, the common good, necessary public trust and confidence, and the infrastructure.

Second: Act honorably, honestly, justly, responsibly, and legally.

Third: Provide diligent and competent service to principles.

Fourth: Advance and protect the profession.

2.     For what kind of information security jobs does the NSA recruit? Use the Internet to visit its Web page and find out.

NSA (or National Security Agency) recruits for a wide variety of jobs, here are some of the jobs that they recruit for and that are currently open for applications. NSA Polygraph Examiner helps ensure that only trustworthy individuals receive access to classified information by using structured polygraph examinations (including interviews and interrogations) to obtain information from affiliates that will assist in making adjudicative decisions. They are very important to make sure that important information does not fall into the wrong hands. Security Analyst: Helps protect agency personnel, facilities, and missions by collecting, analyzing, synthetizing and collecting data associated with counterintelligence, counterespionage and counterterrorism as it affects agency equities worldwide. These people are important to make sure that the NSA is a place that will not be part of a scandal or a target for people with bad intentions.

Case Exercises:

Should Iris have approached Henry directly, or was the hotline the most effective way to take action? I believe that Iris should go the route of utilizing the hotline option. This not only brings in the correct people into the situation, but it also keeps her identity hidden. This allows her to do the ethical thing while not worrying about reproductions from her coworkers.

Should Gladys call the legal authorities? Which agency should she call? In this situation, after she called the hotline, I would suggest she call the NSA as well as the IRS being there is information that could be used to steal others identities. This would exhaust every effort one could take in this situation and protect the company as well as Iris and Gladys from legal responsibility.

Do you think this matter needs to be communicated elsewhere inside the company? Who should be informed and how? How about outside of the company? I feel this should be shared with HR and to whoever else they suggest. One cannot be too sure when it comes to something like this and the sooner it can be nipped in the bud, the safer everyone involved will be. In regards to outside the company, I believe the HR will be able to answer that question as well but with the IRS and NSA being made aware of it, I feel that would cover that base pretty well.

Ethical Decision Making:

I believe that Henry certainly didnít act in an ethical manner as he is sharing the confidential information about coworkers with someone else. Itís not his business anyways so the idea that this could somehow be ethical is absurd. I feel that Iris did the right and ethical thing in this situation for the most part. However, if I were to find a piece of hardware that I knew wasnít mine, I would bring it to HR and wave my hands of it instead of opening the device to learn who it belonged to. I feel this could be seen a breach of privacy. If she were to have just set it back down and forgot about the whole ordeal, I feel that it could be seen both ways really. She wouldnít have breached the privacy of someone else which is good, but she also would have then unknowingly enabled the sale of private information of the employees at the company. With that, I feel the ethical move would have been to bring it to HR or the internet security team or personnel within the company.