Employees and companies can engage in unethical behavior in many different ways and for many different reasons. As future information security technology professionals, it is increasingly important that we have a deep understanding in our organizations legal and ethical responsibilities. AS we play an important role in managing any ability for privacy and security processes. Simply put an ethical employee’s behavior equals liability for an organization and can cost organizations millions of dollars. Key study reveal that the education is the key to determine unethical behavior. Employees must be informed, trained, and kept aware of expected ethical behaviors especially in IT security. As many employees may not have a formal technical training understanding the difference between what constitutes ethical or unethical …show more content…
This depends on many factors including the size of its company, the sensitivity in the business information, and the types of information in computing systems they use. There are several necessary requirements that must be met at each stage when developing an IT policy. For example, when we determine the requirements for the policy, we must also be in alliance requirements with the business goals. When creating the policy, make sure that the right people in the room ensure that all are going to be taking into account. We don’t want to write the policy in the vacuum for sure that we could be missing some major feedback from important players. When you validate the policy, make sure you get by from the management, as implementation will likely be top-down that require help. When you enforce the policy, do so in a way that calls for consequences when someone breaks the rules. Otherwise, people will begin to recognize that nothing really happened if they don’t apply better policy which ultimately notify the document. Finally make sure to review and maintain the policy to keep it relevant to current technology and employee