Module 2: Ethics for IT Workers and IT Users

Question 1

A document that stipulates restrictions and practices that a user must agree in order to use organizational computing and network resources.

Answer 1

acceptable use policy (AUP)

Question 2

A group that provides assistance to the board of directors in fulfilling its responsibilities with respect to the oversight of the quality and integrity of the organization’s accounting and reporting practices and controls, including financial statements and reports; the organization’s compliance with legal and regulatory requirements; the qualifications, independence, and performance of the company’s independent auditor; and the performance of the company’s internal audit team.

Answer 2

audit committee

Question 3

An agreed-upon sets of skills and abilities that all licensed professionals must possess.

Answer 3

body of knowledge

Question 4

The failure of one party to meet the terms of a contract.

Answer 4

breach of contract

Question 5

The failure to act as a reasonable person would act.

Answer 5

breach of the duty of care

Question 6

The act of providing money, property, or favors to someone in business or government in order to obtain a business advantage.

Answer 6

bribery

Question 7

A trade group that represents the world’s largest software and hardware manufacturers.

Answer 7

BSA | The Software Alliance

Question 8

Indicates that a professional possesses a particular set of skills, knowledge, or abilities, in the opinion of the certifying organization. Certification can also apply to products (e.g., the Wi-Fi CERTIFIED logo assures that the product has met rigorous interoperability testing to ensure that it will work with other Wi-Fi-certified products) and is generally voluntary.

Answer 8

certification

Question 9

To be in accordance with established policies, guidelines, specifications, or legislation.

Answer 9

compliance

Question 10

A conflict between a person’s (or firm’s) self-interest and the interests of a client.

Answer 10

conflict of interest

Question 11

The obligation to protect people against any unreasonable harm or risk.

Answer 11

duty of care

Question 12

Hardware or software (or a combination of both) that serves as the first line of defense between an organization’s network and the Internet; a firewall also limits access to the company’s network based on the organization’s Internet-usage policy.

Answer 12

firewall

Question 13

An act that makes it a crime to bribe a foreign official, a foreign political party official, or a candidate for foreign political office.

Answer 13

Foreign Corrupt Practices Act (FCPA)

Question 14

The crime of obtaining goods, services, or property through deception or trickery.

Answer 14

fraud

Question 15

A government-issued permission to engage in an activity or to operate a business.

Answer 15

government license

Question 16

A group within an organization managing the processes, tools, and policies necessary to prevent, detect, document, and counter threats to digital and nondigital information, whether it is in transit, being processed, or at rest in storage.

Answer 16

information security (infosec) group

Question 17

The process established by an organization’s board of directors, managers, and IT systems people to provide reasonable assurance for the effectiveness and efficiency of operations, the reliability of financial reporting, and compliance with applicable laws and regulations.

Answer 17

internal control

Question 18

A person who uses a hardware or software product; the term distinguishes end users from the IT workers who develop, install, service, and support the product. IT users need the product to deliver organizational benefits or to increase their productivity.

Answer 18

IT user

Question 19

The failure of one party to perform certain expressed or implied obligations, which impairs or destroys the essence of the contract.

Answer 19

material breach of contract

Question 20

The misstatement or incomplete statement of a material fact

Answer 20

misrepresentation

Question 21

Not doing something that a reasonable person would do or doing something that a reasonable person would not do.

Answer 21

negligence

Question 22

The guidelines and standards by which the organization must abide

Answer 22

policy

Question 23

Defines the exact instructions for completing each task in a process.

Answer 23

procedure

Question 24

A collection of tasks designed to accomplish a stated objective.

Answer 24

process

Question 25

The principles and core values that are essential to the work of a particular occupational group.

Answer 25

professional code of ethics

Question 26

Breach of the duty of care by a professional.

Answer 26

professional malpractice

Question 27

A legal standard that defines how an objective, careful, and conscientious person would have acted in the same circumstances.

Answer 27

reasonable person standard

Question 28

A legal standard that defendants who have particular expertise or competence are measured against.

Answer 28

reasonable professional standard

Question 29

Falsely claiming competence in a skill, usually because that skill is in high demand.

Answer 29

résumé inflation

Question 30

The concept of having different aspects of a process handled by different people to prevent fraud.

Answer 30

separation of duties

Question 31

A trade group that represents the world’s largest software and hardware manufacturers.

Answer 31

Software & Information Industry Association (SIIA)

Question 32

One who applies engineering principles and practices to the design, development, implementation, testing, and maintenance of software.

Answer 32

software engineer

Question 33

Information, generally unknown to the public, that a company has taken strong measures to keep confidential.

Answer 33

trade secret

Question 34

An effort by an employee to attract attention to a negligent, illegal, unethical, abusive, or dangerous act by a company that threatens the public interest.

Answer 34

Whistle-blowing

Question 35

An IT worker cannot be sued for professional malpractice unless he or she is licensed. True or False.

Answer 35

True

Question 36

The mission of the Software & Information Industry Association and the Business Software Alliance is to?

Answer 36

stop the unauthorized copying of software produced by its members

Question 37

__________ is an effort by an employee to attract attention to a negligent, illegal,?unethical, abusive, or dangerous act by a company that threatens the public interest.

Answer 37

Whistle-blowing

Question 38

____________ occurs when a party fails to perform certain express or implied obligations, which impairs or destroys the very essence of a contract.

Answer 38

Material breach of contract

Question 39

Under the Foreign Corrupt Practices Act (FCPA), it is permissible to pay an official to perform some official function faster (for example, to speed customs clearance). True or False.

Answer 39

True

Question 40

A(An)____________ states the principles and core values that are essential to the work of a particular occupational group.

Answer 40

professional code of ethics or code of ethics

Question 41

Unlike certification, which applies only to people and is required by law, licensing can also apply to products. True or False.

Answer 41

False

Question 42

To become licensed as a software engineer in the United States, one must pass the Fundamental of Engineering exam and a software engineering _______ exam.

Answer 42

Principles and Practices

Question 43

The core________ for any profession outlines agreed-upon sets of skills and abilities that all licensed professionals must possess.

Answer 43

body of knowledge

Question 44

Professionals who breach the duty of care are liable for injuries that their negligence causes. This liability is commonly referred to as

Answer 44

professional malpractice

Question 45

Senior management (including members of the audit committee) must always follow the recommendations of the internal audit committee. True or False.

Answer 45

True

Question 46

__________________ is the process established by an organization’s board of directors, managers, and IT systems people to provide reasonable assurance for the effectiveness and efficiency of operations, the reliability of financial reporting, and compliance with applicable laws and regulations.

Answer 46

Internal control

Question 47

The software piracy rates in Albania, Kazakhstan, Libya, Panama, and Zimbabwe exceed?

Answer 47

70 percent

Question 48

A ______ is hardware or software (or a combination of both) that serves as the first line of defense between an organization’s network and the Internet; it also limits access to the company’s network based on the organization’s Internet-usage policy.

Answer 48

Firewall