British computer society (BSC) is a learned society and professional society that is used to represent those working in the field of information technology both in internationally and UK, established in the year of 1957.British computer society is also known as the chartered institute for information technology and BCS which is used to make and established the rules, regulations and professional standards of conduct, ethical practices and competence for computing in UK (1981 British Computer Society Conference). The British code of good practices in the workplace describes the set of the standards of practices in the field of information technology. In UK British computer society is the professional bodies that have an ability to provide the permission to the chartered status to the informational technology professionals (British Computer Society Conference, 1958). There are the four main areas in which British computer society is conducted.
In the contemporary ethical environmental in information technology; normative ethics is used to examine and identify the wrongness and rightness actions. Basically normative ethics is separated from the meta-ethics and descriptive ethics. In traditional ways it is said that the normative ethics is used to determine whether action is wrong and right. Universal decoration of human Right (UDHR) and charter of fundamental right of European Union (EFREU) are the two fundamental normative incumbents and tools (British Computer Society (BCS) Business Books, 2008). Right of the humans or individuals, freedom and educations right, environment rights, justice and non-discriminations are eh fundamental normative ethics. Normative instruments provides to ensure the requisite depth and breadth of ethical context and concerned can be addressed.
[Source: www. Gsb.stanford.com]
For business perspective ethics plays critical role and the important aspect in IS. The main objective of using the ethics within the organization is to remain long time and achieve better revenue. Codes of ethics contain the professional accountable and professional used the ethics to restrict the unethical activity in the organization. Codes of ethical rules and regulations help the professional to control their operations and memberships. Code of ethics helps the professional to identify the integrity, objectivity, professional competence, confidentially and professional’s behaviors in an effective and efficient manner. In integrity members will be honest and straightforward (Jeffrey, 2007). Conflicts can be easily solved within the organization with the help of ethic codes. It provides the conceptual framework that must be applied by the members to identify and evaluate the treats. Members maintain the objective and obtain the result in effective manner through the ethics code.
In the field of information technology several ethical dilemmas are raised but form that ‘PAPA’ i.e. privacy, accuracy, protections and accessibility are the four issues. Apart from that software theft, computer crime, copy right are another dilemmas in the field of computer or information technology. Due to advancement and development of the information technology, larger numbers of data and information are available, thus privacy is most important from organization perspective and this is obtained with the help of ethical codes or ethical rules and regulations. Thus with the help of ethical laws computing professionals understand what is right or wrong, understand their own responsibility in the workplace and do the work with honest and loyalty.
The security in the field of information technology must contemplate not in technical aspect but also consider in operational and social aspects that is related to the process and the environment aspects (Deming, 1987). Information technology provides the ways to the users to transmit the data and information from source to destination end or from one individual to other individuals. They provide the efficiency, speed, quality, accuracy, dependability and help the business to achieve their objective in efficient manners. In the digital market environment information technology work as a vehicle that store the data and information carried it; these resources are most important resources for organization perspective. Thus protection of the data and information is most important.
In the field of information technology abstraction is used to abstract the data and information i.e. it showing only functionality without display their process and internal part. Like for example how data and information are sending from source to destination end it does not display, it only shows the data in source computer and destination computer; that means processing of the data are not displayed.
Data and information is stored in the database, thus it is necessary for the organization to secure the database. This is done with the help of data hiding techniques. the main principle of this techniques is to hide the locations of the physical data i.e. location of the data and information are not displayed to any users. Thus uses only see the logical data not physical data.
In the field of information technology main objective of the encryption is to change the meaning of the data before sending it from one place to another place.
In multilayered technology security are designed in all layers and it allow executing the process in a linear ways that helps to control the accessing of the data.
The regulations include the norms, procedures and politics that provides and make the standard behavior. If the members of the organization are not flows these rules and regulations within the organization then it would break the organization existence rules.
Organization cultures also considered into the information security process; because all security within the organization must be follow effective manner if the organization culture is good.
Information security implantation process helps the organization to create better work environment. Lack of the environment increase the conflicts, unfriendly people and decrease the productivity.
In order to provide the better security organization needs to give continuous training to their staffs because proper tanning create a positive environment and improving the knowledge of the workers.
ITIL (information technology infrastructure library) is a technique that helps the organization to manage the IT infrastructure, operations and developments. Thus management needs to provide better security polices in their process because better process leads the organization in the better positions (Pathak, 2005).
With the help of better monitoring polices organization achieve better security. Monitoring polices helps the organization to identify the unethical uses.
Risk management is the process used to identify and assessing the risk, making and applying the steps in order to reduce the risks and maintain the risk level in efficient manner. in the field of information technology, information risk management helps the organization to manage the risk in an effective and efficient manner (Crouhy, Galai and Mark, 2000). Risk management contains Risk assessments, risk migrations and uncertainty analysis to analyze and manage the risk. Identification, estimation and evolutions are three major steps to determine and mange the risks. Risks identification helps the organization to determine the cause of the risks, cause of the potential failure. The main objective of the identification of risk is to identify the threats, security measure and risk managed. Risk estimation helps the organization to estimate the risks and this is done by the quantitative and qualitative risks assessments process. Risk evaluation is the final steps in which risk is determined in the process level i.e. both input and output level. In this level risk assessment is compare with the risks level and here it is determined that risk is acceptable or not.
The organization is considering the following things when they assess the risk;
Risk assessment process helps the organization to analyze and evaluate the risk in an effective and efficient manner. Determinations, collection and evolutions are the basic steps used in the process of risk assessment. Determination process is used to identify the risk and it is analyzed with the help of available data and information. Analyze process contains the three steps including asset valuation; consequence and identification i.e. threat identification. After identification analyzing process is done with the help of safeguard analyzing, likelihood analyzing and vulnerability analyzing process. Finally risk assessment includes the final result and output (Hester and Harrison, 1998).
Risk migration helps the organization to involve the implementation and selection of the security in order to reduce the risk and achieve the better productivity. Identification of the appropriate risks control function is done in select safeguard process. Acceptance of the risk are done in the process of accept residual risk methods. Acceptances of the risks in the field of computer are closely related to the information system known as the accreditation (Daveri and Faini, 1995). Monitoring and implementation process helps the organization to continue to efficient.
Uncertainty analysis is used to perform and documentation of the risk management result that helps the organization in future. There are two source of uncertainty risk analysis management process. First is the methodology or lack of confidence and another is the risk model, consequences or safeguard effectiveness (Ronen, 1988).
British Computer Society (BCS) Business Books. (2008). Kybernetes, 37(3/4).
British computer society conference. (1981). Computer Networks (1976), 5(6), pp.459-462.
British Computer Society Conference: June 1959. (1958). The Computer Journal, 1(2), pp.70-70.
Crouhy, M., Galai, D. and Mark, R. (2000). Risk management. New York: McGraw Hill.
Daveri, F. and Faini, R. (1995). Risk and migration. Oxford, U.K.: Queen Elizabeth House.
Davies, D. (1987). The consumer protection act British computer society, 24 September 1987. Computer Law & Security Review, 3(4), pp.38-40.
Deming, R. (1987). Advances in security technology. Boston: Butterworths.
First British Computer Society Conference. (1958). The Computer Journal, 1(3), pp.141-141.
Hester, R. and Harrison, R. (1998). Risk assessment and risk management. Cambridge, UK: Royal Society of Chemistry.
Jeffrey, C. (2007). Research on professional responsibility and ethics in accounting. Amsterdam, the Netherlands: Elsevier JAI.
Pathak, J. (2005). Information Technology Auditing. Berlin, Heidelberg: Springer-Verlag Berlin Heidelberg.
Ronen, Y. (1988). Uncertainty analysis. Boca Raton, Fla.: CRC Press.
MyAssignmenthelp.com has become one of the leading assignment help provider in New York City and Boston. We provide top class auditing assignment help. Not only auditing, but we also cover more than 100 subjects and our writers deal with all types of assignments with utmost expertise. To make writing process faster and accurate, we have segmented our assignment experts' teams as per their expertise on writing different types of assignments. We guaranteed that students who buy our assignment online get solutions worth their investment.
You are required to write a researched argument essay that convinces persuades the reader of your position / stance. This is an academic, researched and referenced do...Read More
Executive Summary The purpose of this report is to elaborate the factors which are considered by individuals before selecting an occupation. Choosing an occupati...Read More
Introduction With the increase enhancement in the field of technology, it has been considered essential by the businesses to implement such technology in their b...Read More
Executive Summary In a merger & acquisition, role of an HR has emerged as a very critical function. At each stage of merger and acquisition process, HR plays a s...Read More
Introduction In this competitive business environment where every business organization is trying to attract the customers of each other, it becomes essential for ...Read More