Yunze Wang

ITS 370

Chapter 3


1.       What does CISSP stand for? Use the Internet to identify the ethical rules CISSP holders have agreed to follow.

Ans: Certified Information Systems Security Professional (CISSP) is an independent information security certification governed by the International Information Systems Security Certification Consortium. Ethical rules followed by CISSP are: commitment to perform professional activities with the highest standards and moral values; Safeguard the social order, earn public trust and confidence, and protect the necessary infrastructure and so.

4.      Using a Web browser go to What are the current top concerns of this organization?

Ans: Top concerns: free speech, innovation, intellectual property, international, privacy and transparency


Case Exercise

1.      Why was Iris justified in determining who the owner of the CD was?

Ans: Iris is justified in determining who the owner of the CD was because she followed the norms of an ethical behavior and followed the protocol installed by her organization.

2.      Should Iris have approached Henry directly, or was the hotline the most effective way to take action? Why do you think so?

Ans: If Iris had approached Henry directly, it might had become a personal matter rather than professional matter. I think following the proper protocol will be the best way to report in any organization.

3.      Should Iris have placed the CD back at the coffee station and forgotten the whole thing? Explain why that action would have been ethical or unethical.

Ans: In my point of view, this should not be a good professional practice. In any other organization, every employee is expected of adopting to an ethical behavior. In the current circumstances, Iris made the correct ethical decision.

Ethical Decision Making

1.      It seems obvious that Henry is doing wrong. Do you think Henry acted in an ethical manner? Did Iris act in an ethical manner by determining the owner of the flash drive? Assuming that this incident took place in the United States, what law or laws has Henry violated? Suppose Iris had placed the flash drive back at the coffee station and forgotten the whole thing. Explain why her action would have been ethical or unethical.

ANS: What Henry was doing was not ethical as stealing. Using information from the flash drive without the notice or permission of the company is sheer unethical behavior whereas Iris was ethical and mentioned things ethically. Even if this would have been inside at a coffee station Iris should have reported this incident and the Security team should have taken cared.