Indd 909 1242009 113914 am all in 1 cissp all in one

Info iconThis preview shows page 1. Sign up to view the full content.

View Full Document Right Arrow Icon
This is the end of the preview. Sign up to access the rest of the document.

Unformatted text preview: hemselves are following their own rules. The main goal is to ensure that the motto “succeed by any means necessary” is not the spoken or unspoken culture of a work environment. Certain structures can be put into place that provide a breeding ground for unethical behavior. If the CEO gets more in salary based on stock prices, then he may find ways to artificially inflate stock prices, which can directly hurt the investors and shareholders of the company. If managers can only be promoted based on the amount of sales they bring in, these numbers may be fudged and not represent reality. If an employee can only get a bonus if a low budget is maintained, he might be willing to take shortcuts that could hurt company customer service or product development. Although ethics seem like things that float around in the ether and make us feel good to talk about, they have to be actually implemented in the real corporate world through proper business processes and management styles. The Federal Sentencing Guidelines for Organizations (FSGO) created an outline for ethical requirements, and in some cases will reduce the criminal sentencing and liabil- ch10.indd 909 12/4/2009 11:39:14 AM All-in-1 / CISSP All-in-One Exam Guide, 5th Ed. / Harris / 160217-8 CISSP All-in-One Exam Guide 910 ity if ethical programs are put in place. This was updated with requirements that made it much more important for the senior executives and board members of an organization to actively participate and be aware of the ethics program in an organization. The intent is to enforce and foster a sense of due diligence that will detect criminal activity as well as protect against it and deter it from happening. Aspects of the Sarbanes-Oxley Act of 2002 are intended to function in much the same manner but with regard to accounting and truthfulness in corporate reporting. Summary Law, ethics, and investigations are very important parts of computer and information security. They are elements that do not usually come to mind when one speaks of information security,...
View Full Document

{[ snackBarMessage ]}

Ask a homework question - tutors are online