• Shuffle
    Toggle On
    Toggle Off
  • Alphabetize
    Toggle On
    Toggle Off
  • Front First
    Toggle On
    Toggle Off
  • Both Sides
    Toggle On
    Toggle Off
  • Read
    Toggle On
    Toggle Off

Card Range To Study



Play button


Play button




Click to flip

Use LEFT and RIGHT arrow keys to navigate between flashcards;

Use UP and DOWN arrow keys to flip the card;

H to show hint;

A reads text to speech;

88 Cards in this Set

  • Front
  • Back

The moral corruption of people in power often facilitated by a tendency for people to look the other way when their leaders act inappropriately.

Bathsheba syndrome

A statement that highlights an organization’s key ethical issues and identifies the overarching values and principles that are important to the organization and its decision making.

Code of Ethics

An approach to ethical decision making based on a vision of society as a community whose members work together to achieve a common set of values and goals.

Common Good Approach

A senior-level manager who provides an organization with vision and leadership in the area of business conduct.

Corporate Ethics Officer

The concept that an organization should act ethically by taking responsibility for the impact of its actions on the environment, the community,and the welfare of its employees.

Corporate Social Responsibility

A set of beliefs about right and wrong behavior within a society


An approach to ethical decision making that focuses on how fairly actions andpolicies distribute benefits and burdens among people affected by the decision

Fairness Approach

Adherence to a personal code of principles


A system of rules that tells us what we can and cannot do. Laws are enforced by a set of institutions


A set of rules that establishes the boundaries of generally accepted behavior within a society.

Moral Code

Social conventions about right and wrong that are widely shared throughout a society.


A clear, concise description of the issue that needs to be addressed in a decision-making process.

Problem Statement

A bill whose goal was to renew investors’ trust in corporate executives and their firms’ financial reports; the act led to significant reforms in the content and preparation of disclosure documents by public companies.

Sarbanes-Oxley Act

A process whereby an organization reviews how well it is meeting its ethical and social responsibility goals, and communicates its new goals for the upcoming year

Social Audit

The act of illegally making copies of software or enabling others to access software to which they are not entitled.

Software Piracy

Someone who stands to gain or lose depending on how a situation is resolved


An approach to ethical decision making that states that you should choose the action or policy that has the best overall consequences for all people who are directly or indirectly affected.

utilitarian approach

A moral habit that inclines people to do what is generally unacceptable to society.


A moral habit that inclines people to do what is generally acceptable to society


An approach to ethical decision making that focuses on how you should behave and think about relationships if you are concerned with your daily life in a community.

virtue ethics approach

A subgroup of the board of directors that provides assistance to the board in fulfilling its responsibilities with respect to the oversight of the quality and integrity of the organization’s accounting and reporting practices and controls, including financial statements and reports; the organization’s compliance with legal and regulatory requirements; the qualifications,independence, and performance of the company’s independent auditor; and the performance of the company’s internal audit function

Audit Committee

An agreed-upon set of skills and abilities that all licensed professionals in a particular type of profession must possess

body of knowledge

The failure of one party to meet the terms of a contract

breach of contract

The act of providing money, property, or favors to someone in business or government to obtain a business advantage.


A trade group that represents the world’s largest software and hardware manufacturers; its mission is to stop the unauthorized copying of software produced by its members.

Business Software Alliance (BSA)

A recognition that a professional possesses a particular set of skills, knowledge, or abilities—in the opinion of the certifying organization.


To be in accordance with established policies, guidelines, specifications, or legislation


A conflict between a person’s (or firm’s) self-interest and the interests of a client.

Conflict of Ineterest

The obligation to protect people against any unreasonable harm or risk

Duty of Care

A hardware or software device that serves as a barrier between an organization’s network and the Internet; a firewall also limits access to the company’s network based on the organization’s Internet usage policy.


A federal law that makes it a crime to bribe a foreign official, a foreign political party official, or a candidate for foreign political office.

Foreign Corrupt Practices Act (FCPA)

The crime of obtaining goods, services, or property through deception or trickery.


A government-issued permission to engage in an activity or to operate a business; it is generally administered at the state level and often requires that the recipient pass a test of some kind.

Government License

A person for whom a hardware or software product is designed.

IT User

The failure of one party to perform certain express or implied obligations, which impairs or destroys the essence of the contract.

material breach of contract

The misstatement or incomplete statement of a material fact


The failure to do what a reasonable person would do, or doing something that a reasonable person would not do.


A calling that requires specialized knowledge and often long and intensive academic preparation.


A statement of the principles and core values that are essential to the work of a particular occupational group.

professional code of ethics

Breach of the duty of care by a professional.

Professional malpractice

A legal standard that defines how an objective, careful, and conscientious person would have acted in the same circumstances.

Reasonable person standard

A legal standard that defendants who have particular expertise or competence are measured against.

Reasonable professional standard

Falsely claiming competence in a skill, usually because that skill is in high demand.

Resume Inflation

Information, generally unknown to the public, that a company has taken strong measures to keep confidential. It represents something of economic value that has required effort or cost to develop and that has some degree of uniqueness or novelty

Trade Secret

An effort to attract public attention to a negligent, illegal, unethical, abusive,or dangerous act by a company or some other organization.


Software that regularly scans a computer’s memory and disk drives for viruses.

Antivirus software

A large group of computers controlled from one or more remote locations by hackers, without the knowledge or consent of their owners.


A business policy that permits and encourages employees to use their own mobile devices (smartphones, tablets, or laptops) to access company computing resources and applications.

bring your own device (BYOD)

Software that generates and grades tests that humans can pass but all but the most sophisticated computer programs cannot.

CAPTCHA (Completely Automated Public Turing Testto Tell Computers and Humans Apart)

An environment in which software and data storage are services provided via the Internet (the cloud); the services are run on another organization’s computer hardware and are accessed by a Web browser.

Cloud Computing

Cooperation between two or more people, often an employee and a company outsider, to commit fraud.


Legally obtained information gathered using sources available to the public; used to help a company gain an advantage over its rivals.

Competitive Intelligence

A discipline that combines elements of law and computer science to identify, collect, examine, and preserve data from computer systems, networks, and storage devices in a manner that preserves the integrity of the data gathered so it is admissible as evidence in a court of law

Computer forensics

A 2004 law that specifies requirements that commercial emailers must follow when sending out messages that advertise or promote a commercial product or service.

Controlling the Assault of Non-SolicitedPornography and Marketing (CAN-SPAM) Act

An individual, motivated by the potential for monetary gain, who hacks into computers to steal, often by transferring money from one account to another to another.


An individual who launches computer-based attacks against other computers or networks in an attempt to intimidate or coerce a government in order to advance certain political or social objectives.


The unintended release of sensitive data or the access of sensitive data by unauthorized individuals

Data Breach

An attack on an information system that takes advantage of aparticular system vulnerability.


Someone who tests the limitations of information systems out of intellectual curiosity—to see if he or she can gain access


Hacking to achieve a political or social goal.


The use of illegal means to obtain business information not available to the general public.

Industrial espionage

Someone who uses illegal means to obtain trade secrets from competitors

Industrial Spy

Software and/or hardware that monitors system and network resources and activities, and notifies network security personnel when it identifies possible intrusions from outside the organization or misuse from within the organization.

Intrusion detection system (IDS)

A technically inept hacker. See also script kiddie.


A type of Trojan horse that executes when it is triggered by a specific event.

Logic Bomb

A poorly trained and inadequately managed employee who means well but who has the potential to cause much damage.

Negligent Insider

The act of fraudulently using email to try to get the recipient to reveal personal data.


Malware that disables a computer or smartphone until the victim pays a fee or ransom.


A concept in computer security that recognizes that managers must use their judgment to ensure that the cost of control does not exceed the system’s benefits or the risks involved.

Reasonable assurance

The process of assessing security-related risks from both internal and external threats to an organization’s computers and networks.

Risk Assessment

A set of programs that enables its user to gain administrator-level access to a computer without the end user’s consent or knowledge.


A technically inept hacker. See also lamer

Script Kiddie

A process that evaluates whether an organization has a well considered security policy in place and if it is being followed.

Security Audit

A written statement that defines an organization’s security requirements, as well as the controls and sanctions needed to meet those requirements

Security Policy

A form of debit or credit card that contains a memory chip that is updated with encrypted data every time the card is used.

Smart Card

A variation of phishing in which victims receive a legitimate-looking SMS text message on their phone telling them to call a specific phone number or to log on to a Web site.


A variation of phishing in which the phisher sends fraudulent emails to a certain organization’s employees. The phony emails are designed to look like they came from high-level executives within the organization.


A program in which malicious code is hidden inside a seemingly harmless program

Trojan horse

A method of computing that delivers secure, private, and reliable computing experiences based on sound business practices.

Trustworthy computing

A server with virtualization software is able to create several virtual machines each with their own operating system that run on that single server.

Virtual Machine

A technology that uses the Internet to relay communications, maintaining privacy through security procedures and tunneling protocols, which encrypt data at the sending end and decrypt it at the receiving end.

Virtual private network (VPN)

A software program that emulates computer hardware by enabling multiple operating systems to run on one computer host.

Virtualization software

A piece of programming code, usually disguised as something else, that causes a computer to behave in an unexpected and usually undesirable manner.


A specific sequence of bytes that indicates to antivirus software that a specific virus is present.

Virus Signature

A variation of phishing in which victims receive a voice mail telling them to call a specific phone number or log on to access a specific Web site.


A harmful program that resides in the active memory of a computer and duplicates itself.


An attack that takes place before the security community or software developer knows about the vulnerability or has been able to repair it.

Zero-day Attack

A computer that is part of a botnet and that is controlled by a hacker without the knowledge or consent of its owner.