Professional ethics
The information security profession is based on trust, as the professional may be handling sensitive or confidential information. Ethically sound and consistently applied code of professional ethics need to be adhered to by the professional.
Codes of ethics
These are based on the safety of the commonwealth, duty to principals, such as employers, contractors, people whom a professional works for, and to each other. It requires that professionals adhere, and be seen to adhere, to the highest ethical standards of behavior.
(ISC)2 code of professional ethics
International Information System Security Certification Consortium (ISC)2 has a published code of professional ethics for its members provided as follows:
- Protect society, the commonwealth, and the infrastructure
- Act honorably, honestly, justly, responsibly, and legally
- Provide diligent and competent service to principals
- Advance and protect the profession