Western Governors University C841 Legal Issues in Information Security Task 2

 A1: Discussion of Ethical Guidelines or Standards: In regards to the TechFite case study, there are a number of relevant information security moral principles. First, all sensitive or proprietary information encountered on the job should be treated with respect and kept private. Second, professional responsibilities are to be discharged with integrity and diligence in accordance with all applicable laws. In addition, the professional reputations of coworkers, employers, and customers should not be intentionally slandered or brought into question. Moreover, all work should be conducted in a manner consistent with information security best practices. Finally, employees should not engage in any activities that may constitute a conflict of interest.  A1a: Justification of Standards or Guidelines: All of these tenets can be found in the ethics policies of prominent organizations throughout the IT community. For example, the Information Systems Security Association International (ISSA) Code of Ethics echoes the sentiment that data privacy must be maintained (ISSA Code of Ethics, 2016). It also emphasizes the importance of industry best practices and prohibits relationships that could be construed as a conflict of interest (ISSA Code of Ethics, 2016). The International Information Systems Security Certification Consortium (ISC)² addresses professional responsibilities, stating that individuals should “act honorably, honestly, justly, responsibly, and legally” ((ISC)² Code of Ethics, 1996). The American Society for Industrial Security (ASIS) speaks to the issue of professional reputations, declaring that personnel must not “maliciously injure the professional reputation or practice o