(ISC)² Ethical Practices
Members of (ISC)² are expected to behave in an ethical manner. This requires an understanding of both the Code of Ethics and the enforcement processes. Individuals are routinely held to account for their ethical choices through this process.
The (ISC)² Code of Ethics
(ISC)² has established a Code of Ethics for its members. Located at https://www.isc2.org/ethics, the code consists of a preamble that introduces four canons, or general principles, for information security:
Code of Ethics Preamble:
- The safety and welfare of society and the common good, duty to our principles, and to each other, requires that we adhere, and be seen to adhere, to the highest ethical standards of behavior.
- Therefore, strict adherence to this Code is a condition of certification.
Code of Ethics Canons:
- Protect society, the common good, necessary public trust and confidence, and the infrastructure.
- Act honorably, honestly, justly, responsibly, and legally.
- Provide diligent and competent service to principles.
- Advance and protect the profession.
In enforcing the code, (ISC)² recognizes that implementing the high-level expectations will require interpretation and professional judgment.
All information security professionals who are certified by (ISC)² recognize that such certification is a privilege that must be both earned and maintained. In support of this principle, all (ISC)² members are required to commit to fully support this Code of Ethics (the “Code”).
Related Product : ISO 27001 Lead Auditor Training And Certification ISMS
Ethics Complaints
The full text of the current complaint procedure is maintained on the (ISC)² website(https://www.isc2.org/ethics). This summary is to provide members (and potential members) of (ISC)² with a working understanding of the complaint process, the expectations on the complainant, the protections for the members involved, and the potential outcomes from a complaint.
Complaint Process
(ISC)² members who intentionally or knowingly violate any provision of the code are subject to action by a peer review panel, which may result in the revocation of certification. (ISC)² members are obligated to follow the ethics complaint procedure upon observing any action by an (ISC)² member that breaches the code. Failure to do so may be considered a breach of the code pursuant to canon IV.
While the board recognizes its obligation to provide the certificate holder with guidance on making ethical decisions, it does not expect to supervise or judge professionals in making difficult decisions. The board does, however, recognize its responsibility to maintain the integrity of the certification. It accepts that, from time to time, the good of the profession may require it to disassociate the profession from egregious behavior on the part of a particular certificate holder. The use of the ethics complaint process is for the sole purpose of protecting the reputation of the profession. The ethics complaint process is not intended to be used to coerce or punish certificate holders.
The board will take actions to keep the identity of the complainant and respondent in any complaint confidential. While disclosure of the identity of the complainant will be avoided where possible, upon filing a complaint, the general rules of due process require that the board may disclose his or her identity to the respondent. Similarly, due process holds the board to address complaints in a timely manner.
We live in a world where we are faced with difficult choices every day. Doing “the right thing” is often the same as “doing the hard thing.” (ISC)² expects professionals holding the CISSP to be able to identify when ethical decisions need to be made and to have a frame of reference that allows them to act consistently and with justification.
Follow Us
https://www.facebook.com/INF0SAVVY
https://www.linkedin.com/company/14639279/admin/
