Term
|
Definition
| a branch of philosophy that deals with what is considered to be right and wrong |
|
|
Term
|
Definition
| a collection of principles that are intended to guide members of an organization |
|
|
Term
| Fundamental Tenets of Ethics |
|
Definition
responsibility - you accept the consequences of your decisions and actions
accountability - a determination of who is responsible for actions that were taken
liability - individuals have the right to recover the damages done to them by other individuals, organizations, or systems |
|
|
Term
| Four Catagories of ethical issues |
|
Definition
privacy issues - involves collection, storing and dissemination information about individuals
accuracy issues - the authenticity, fidelity and accuracy of information that is collected and processed
property issues- the ownership and value of information
accessibility issues - revolves areound who should have access to information and whether they should have to pay for this access |
|
|
Term
| Protecting Privacy 2 rules |
|
Definition
the right of privacy is not absolute (one's privacy must be balaced against the needs of society)
the public's right to know is superior to the individual's right to privacy |
|
|
Term
| protecting privacy - data aggregators |
|
Definition
companies the collect public data or non-public data or integrate them to produce digital dossiers (an electronic description of you and your habits).
Profiling - the process of creating a digital dossier |
|
|
Term
| Factors increasing the threats to information security |
|
Definition
today's interconnected, interdependant, wirelessly-networked business environment
government legislation
smaller, faster, cheaper computers and storage devices
decreasing skills necessary to be a computer hacker
international organized crime taking over cybercrime
increased employee use of unmanaged devices (those outside the control of the IT department)
lack of manangement support - ex: insufficient funding, technological obsolescence and lack of attention |
|
|
Term
| threats to information security - downstream liability |
|
Definition
| occurs when company A's systems are attacked and taken over by a perpetrator. company a's systems are then used to attack company b. company a could be successfully sued by company b is |
|
|
Term
| key information security terms |
|
Definition
threat to an information resource - any danger to which a system may be exposed
exposure of an information resource - the harm, loss or damage that can result if a threat comprises that resource
vulnerability - the possibility that the system will suffer harm by a threat
risk - the liklihood that a threat will occur
information system controls - the procedures, devices, or software aimed at preventing a compromise to the system |
|
|
