A security analyst discovers her supervisor has been directing staff members to falsify compliance documentation to meet quarterly deadlines. As a certified information security professional, what action should the analyst take in this situation?
Resign from the position to avoid being associated with the improper practices
Talk to the supervisor first and try to resolve the issue internally
Submit a formal report to the certifying body
Document the incidents but take no action unless directly questioned
The correct answer is to submit a formal report to the certifying body. This aligns with the ISC2 Code of Ethics, specifically Canon IV (Advance and protect the profession), which requires certified professionals to report violations of the Code to appropriate parties. When a CISSP observes another credential holder engaging in unethical behavior that violates the Code, they have an obligation to report this misconduct.
Talking to the supervisor first might seem like a reasonable approach to resolve the issue internally, but the Code explicitly requires reporting violations. While documenting the incidents is important, it's not sufficient without taking action. Ignoring the situation completely violates the professional responsibility entrusted to CISSP holders. Resigning without reporting fails to uphold the integrity of the profession and allows the unethical behavior to continue, potentially causing harm to the organization and undermining security practices.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is the ISC2 Code of Ethics?
Open an interactive chat with Bash
What does Canon IV specifically entail regarding reporting violations?
Open an interactive chat with Bash
What are the potential consequences of ignoring unethical behavior in compliance documentation?
Open an interactive chat with Bash
ISC2 CISSP
Security and Risk Management
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
IT & Cybersecurity Package Join Premium for Full Access