I will strive to know myself and be honest
about my capability.
- I will strive for technical excellence in the IT profession by
maintaining and enhancing my own knowledge and skills. I acknowledge that
there are many free resources available on the Internet and affordable
books and that the lack of my employer's training budget is not an excuse
nor limits my ability to stay current in IT.
- When possible I will demonstrate my performance capability with my
skills via projects, leadership, and/or accredited educational programs
and will encourage others to do so as well.
- I will not hesitate to seek assistance or guidance when faced with a
task beyond my abilities or experience. I will embrace other
professionals' advice and learn from their experiences and mistakes. I
will treat this as an opportunity to learn new techniques and approaches.
When the situation arises that my assistance is called upon, I will
respond willingly to share my knowledge with others.
- I will strive to convey any knowledge (specialist or otherwise) that I
have gained to others so everyone gains the benefit of each other's
knowledge.
- I will teach the willing and empower others with Industry Best
Practices (IBP). I will offer my knowledge to show others how to become
security professionals in their own right. I will strive to be perceived
as and be an honest and trustworthy employee.
- I will not advance private interests at the expense of end users,
colleagues, or my employer.
- I will not abuse my power. I will use my technical knowledge, user
rights, and permissions only to fulfill my responsibilities to my
employer.
- I will avoid and be alert to any circumstances or actions that might
lead to conflicts of interest or the perception of conflicts of interest.
If such circumstance occurs, I will notify my employer or business
partners.
- I will not steal property, time or resources.
- I will reject bribery or kickbacks and will report such illegal
activity.
- I will report on the illegal activities of myself and others without
respect to the punishments involved. I will not tolerate those who lie,
steal, or cheat as a means of success in IT.
I will conduct my business in a manner that assures the IT profession is
considered one of integrity and professionalism.
- I will not injure others, their property, reputation, or employment by
false or malicious action.
- I will not use availability and access to information for personal
gains through corporate espionage.
- I distinguish between advocacy and engineering. I will not present
analysis and opinion as fact.
- I will adhere to Industry Best Practices (IBP) for system design,
rollout, hardening and testing.
- I am obligated to report all system vulnerabilities that might result
in significant damage.
- I respect intellectual property and will be careful to give credit for
other's work. I will never steal or misuse copyrighted, patented material,
trade secrets or any other intangible asset.
- I will accurately document my setup procedures and any modifications I
have done to equipment. This will ensure that others will be informed of
procedures and changes I've made.
I respect privacy and confidentiality.
- I respect the privacy of my co-workers' information. I will not peruse
or examine their information including data, files, records, or network
traffic except as defined by the appointed roles, the organization's
acceptable use policy, as approved by Human Resources, and without the
permission of the end user.
- I will obtain permission before probing systems on a network for
vulnerabilities.
- I respect the right to confidentiality with my employers, clients, and
users except as dictated by applicable law. I respect human dignity.
- I treasure and will defend equality, justice and respect for others.
- I will not participate in any form of discrimination, whether due to
race, color, national origin, ancestry, sex, sexual orientation,
gender/sexual identity or expression, marital status, creed, religion,
age, disability, veteran's status, or political ideology.
|
