Review Questions Show
(Whitman & Mattord, 2011)
Law is legislated and enforced by government through punishments and penalties if the law is not abided by. On the other hand Ethics are self-regulatory mechanism that depends on one’s moral standards and choices to abide by.
Civil law is a branch of law that protects private and individual rights. This law helps in resolving issues between individuals or businesses concerning property, contracts and family matters.
Public law defines the relations between a state and the people living in it. A primary example is the tax laws of a state.
In 1996, an Act called National Information Infrastructure Protection amended the Computer Fraud and Abuse Act. The new act increased penalties for different crimes to computer security and fraud.
1999’s Security and Freedom Through Encryption is a specific law to deal with encryption policy in the US. According to this law, each individual can deal in products related to encryption.
Privacy is a form of individual or corporate right which call for a halt to unsanctioned interruption to personal interruption. If there is an issues of protecting the interests of the state, the government might put a check which could intrude privacy
The other name for Kennedy-Kassebaum Act (1996) is Health Insurance Portability Accountability Act of 1996 (HIPAA). It is important to organizations other than health organization because it also impacts insurance and health programs run by non-health organizations.
1999 law affects your use of customer data? What other affects does it have? The Financial Services Modernization Act 1999. This Act is also called Gramm-Leah-Billey Act of 1999. This act is important because it protects the rights of customers when they deal with an organization. The organization is liable to inform its customers about their privacy policy according to this Act.
The USA Patriot Act is related to terrorist activities. Its purpose is to deter and punish all acts of terrorism against American Interests.
The Security and Freedom through Encryption Act, 1997 provide guidance in the use of encryption.
Intellectual property is an intangible property which is the result of someone’s creativity. Different software and applications are example of intellectual property. It is not afforded the same protection in every country. The political and social systems of country play a decisive role in the implementation of laws specific to Intellectual Property. The US Copyrights Law insures the protection of Intellectual Property.
The top management will look for the reliability of the information that they acquire from technology managers while these manager will want the information security managers to verify that the information is confidential and its integrity is intact.
Due diligence is related to organizational efforts to protect others and continue on this practice while due care refers to the fact that the organization has maintained a surety that its employees are aware of ethical and unethical behavior during their works.
Policy is used to describe the set of behaviors inside an organization. These sets would contain ethical and unethical behaviors that the employees should know. This is a formalized document. When a person has done something against the policy, he/she can defend by arguing that there was an unawareness of the policy. In case of doing something against the law, the defense that there was an unawareness of the law is not acceptable.
Ignorance, Accident and intent are the three categories of unethical and illegal behavior.
The best method for preventing an illegal or unethical activity is by deterrence where it is understood that the unethical and illegal activity carries a penalty, a detection or apprehension and the application of the penalty if detected.
The Association of Computing Machinery or ACM is established for a long time. It was established in 1947.
Of the organizations listed that have codes of ethics, Information Systems Audit and Control Association is focused on auditing and control.
There are different ways to deter someone from committing a crime. For example strict laws can be introduced to create a sense of possible punishment after committing a crime. Different organizational policies can also help in minimizing crimes. What is due care why should an organization make sure to exercise due care in its usual course of operations?Why would an organization want to make sure it exercises due care in its usual course of operations? due care has been taken when an organisation makes sure that every employee knows what is acceptable or unacceptable behavior and knows the consequences of illegal or unethical actions.
What is another name for the Kennedy Kassebaum Act 1996 and why is it important to organizations that are not in the healthcare industry quizlet?Also called Health Insurance Portability and Accountability Act and HIPAA.
How does the Sarbanes Oxley Act of 2002 affect information security managers quizlet?How does the Sarbanes-Oxley Act of 2002 affect information securit managers? Top managment will look for reliability of the infromation that they acquire from technology managers while these managers will want the information security managers to verify that the information is confidential and its integrity is intact.
|