A security professional discovers that another member of their security team is using company resources to run a personal side business during work hours. According to the ISC2 Code of Ethics, what is the BEST course of action for the security professional to take?
Report the activity directly to external authorities
Ignore the situation as it does not involve information security
Confront the colleague directly and demand they stop the unauthorized activity
Report the activity through appropriate channels within the organization
The correct answer is to report the activity through appropriate channels within the organization. This aligns with the ISC2 Code of Ethics Canon IV (Advance the Profession), which requires professionals to act with integrity and report violations of professional standards. The Code emphasizes handling potential ethical violations through proper channels rather than confronting individuals directly, which could escalate the situation or create workplace conflict. It also doesn't advocate ignoring the situation, as this would violate the principle of protecting society and acting honorably. Directly reporting to external authorities would be premature without first following internal reporting procedures, unless explicitly required by law or when internal channels have been exhausted.
The ISC2 Code of Ethics consists of four canons:
Protect society, the common good, necessary public trust and confidence, and the infrastructure.
Act honorably, honestly, justly, responsibly, and legally.
Provide diligent and competent service to principals.
Advance and protect the profession.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What does it mean to report through appropriate channels?
Open an interactive chat with Bash
What is the ISC2 Code of Ethics Canon IV?
Open an interactive chat with Bash
What are the consequences of ignoring unethical behavior in the workplace?
Open an interactive chat with Bash
ISC2 CISSP
Security and Risk Management
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
IT & Cybersecurity Package Join Premium for Full Access