Analyzing Ethical Issues: Case Study on IT Professional Practice
VerifiedAdded on 2023/06/03
|9
|2198
|83
Case Study
AI Summary
This case study examines the ethical dilemmas faced by Faisal, an IT professional at Company Z, who discovers a security vulnerability in Company Y's database system while developing software for data access between Company X and Company Y. Despite informing his manager, Faisal is instructed to ignore the issue, creating an ethical conflict. The analysis identifies key stakeholders, including Companies X and Y, their clients, Company Z, and Faisal himself. It explores the potential consequences of inaction, such as privacy breaches and reputational damage, and proposes solutions that prioritize ethical conduct, stakeholder satisfaction, and respect for privacy. The study concludes that the best course of action involves escalating the issue to higher authorities and rectifying the vulnerability to safeguard client data and maintain professional integrity. Desklib provides access to similar case studies and solved assignments for students.
RUNNING HEAD: Professional IT Practice and Ethics
Professional IT Practice and Ethics
[Type the document subtitle]
Laptop04011
[Pick the date]
Professional IT Practice and Ethics
[Type the document subtitle]
Laptop04011
[Pick the date]
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Professional IT Practice and Ethics 1
Contents
Introduction......................................................................................................................................1
Case Analysis...................................................................................................................................1
Main Stakeholders...........................................................................................................................1
Ideals Playing Role in Decision.......................................................................................................2
Criteria to be emphasized................................................................................................................2
Obligation of Cause.........................................................................................................................2
Consequences..................................................................................................................................2
Actions that will Harm Stakeholders...............................................................................................3
Actions that will Benefit Stakeholders............................................................................................3
Acts that Stakeholders Wants to Occur...........................................................................................4
Solutions that Satisfies Stakeholders...............................................................................................4
Actions that Show Respect..............................................................................................................4
Best Action......................................................................................................................................5
Conclusion.......................................................................................................................................5
References........................................................................................................................................6
Contents
Introduction......................................................................................................................................1
Case Analysis...................................................................................................................................1
Main Stakeholders...........................................................................................................................1
Ideals Playing Role in Decision.......................................................................................................2
Criteria to be emphasized................................................................................................................2
Obligation of Cause.........................................................................................................................2
Consequences..................................................................................................................................2
Actions that will Harm Stakeholders...............................................................................................3
Actions that will Benefit Stakeholders............................................................................................3
Acts that Stakeholders Wants to Occur...........................................................................................4
Solutions that Satisfies Stakeholders...............................................................................................4
Actions that Show Respect..............................................................................................................4
Best Action......................................................................................................................................5
Conclusion.......................................................................................................................................5
References........................................................................................................................................6
Professional IT Practice and Ethics 2
Introduction
The purpose of this report is to enlighten the reader about the case issue and the impact of the
case on the stakeholder associated with the organization. Ethics is considered as the most
important part in business as it helps the management in swiftly moving in the direction of
success without initiating wrongful actions (Hair , et. Al., 2015). The below mentioned report
evaluates the issue and best actions for the stakeholders in the society. Further, more details
about the report are discussed below:
Case Analysis
The business deal between the Company X and Y made them to access their clients records.
Faisal from Company Z is hired to develop the software program for the company to handle the
access and retrieval of records from the database of both the companies. Faisal finds out that the
software is working properly according to the requirements but there is some serious security
threat in the database system of Company Y. This threat can make the privacy of both the
companies into danger. On confronting the situation with the manager, he was being told that it
was not their business and he should just focus on his software. Faisal is in big dilemma.
Main Stakeholders
The main stakeholders of the case are:
Company X
Company Y
IT team of Company Y
Clients of Company X
Clients of Company Y
Company Z and Faisal (Simon 2015)
Introduction
The purpose of this report is to enlighten the reader about the case issue and the impact of the
case on the stakeholder associated with the organization. Ethics is considered as the most
important part in business as it helps the management in swiftly moving in the direction of
success without initiating wrongful actions (Hair , et. Al., 2015). The below mentioned report
evaluates the issue and best actions for the stakeholders in the society. Further, more details
about the report are discussed below:
Case Analysis
The business deal between the Company X and Y made them to access their clients records.
Faisal from Company Z is hired to develop the software program for the company to handle the
access and retrieval of records from the database of both the companies. Faisal finds out that the
software is working properly according to the requirements but there is some serious security
threat in the database system of Company Y. This threat can make the privacy of both the
companies into danger. On confronting the situation with the manager, he was being told that it
was not their business and he should just focus on his software. Faisal is in big dilemma.
Main Stakeholders
The main stakeholders of the case are:
Company X
Company Y
IT team of Company Y
Clients of Company X
Clients of Company Y
Company Z and Faisal (Simon 2015)
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
Professional IT Practice and Ethics 3
Ideals Playing Role in Decision
The major ideal that play a role in the decision making process is the ethics, code of conduct and
integrity of an employee towards work and fair deed. Another major ideal is the concept of
security threat and privacy breach on which the company should lay stress on.
Criteria to be emphasized
The criteria of professional ethics should be emphasized in the given case. It is important for
each and every organization to concentrate of the aspects of privacy breach because it affects the
stakeholders of the organization as well. Along with this integrity and trust in the business
environment is another criteria on which every person should focus, it does not matter that
integrity and trust is maintain in an organization or between two organization but they should
follow this activity. This, it can be said that professional ethics activities should be initiated in
the environment using integrity and truthfulness (Eason 2014).
Obligation of Cause
The obligation in the given case is one the Company Z and Faisal. This organization is hired by
the Company X and Y to create a software with the help of which they can easily handle the
retrieval and access of client’s information of both the organizations. However, it cannot be said
that the complete obligation belong to the company Z because clearly they were not hired to find
out the loopholes in the database systems of both the companies. One share of the obligation lies
in the hand of the IT team of company Y to look into the matter and find out issues and solutions
as well. The obligation of rectifying the software to secure the privacy breach is owed to the
Information Technology team of Company Y and to the Company Z manager along with Faisal
(Laudon, and Laudon 2016).
Consequences
The likely consequences for the stakeholders mentioned above are discussed below:
Company X: This company will have to suffer the security risk threat without even acting
initiating wrong actions in the environment.
Ideals Playing Role in Decision
The major ideal that play a role in the decision making process is the ethics, code of conduct and
integrity of an employee towards work and fair deed. Another major ideal is the concept of
security threat and privacy breach on which the company should lay stress on.
Criteria to be emphasized
The criteria of professional ethics should be emphasized in the given case. It is important for
each and every organization to concentrate of the aspects of privacy breach because it affects the
stakeholders of the organization as well. Along with this integrity and trust in the business
environment is another criteria on which every person should focus, it does not matter that
integrity and trust is maintain in an organization or between two organization but they should
follow this activity. This, it can be said that professional ethics activities should be initiated in
the environment using integrity and truthfulness (Eason 2014).
Obligation of Cause
The obligation in the given case is one the Company Z and Faisal. This organization is hired by
the Company X and Y to create a software with the help of which they can easily handle the
retrieval and access of client’s information of both the organizations. However, it cannot be said
that the complete obligation belong to the company Z because clearly they were not hired to find
out the loopholes in the database systems of both the companies. One share of the obligation lies
in the hand of the IT team of company Y to look into the matter and find out issues and solutions
as well. The obligation of rectifying the software to secure the privacy breach is owed to the
Information Technology team of Company Y and to the Company Z manager along with Faisal
(Laudon, and Laudon 2016).
Consequences
The likely consequences for the stakeholders mentioned above are discussed below:
Company X: This company will have to suffer the security risk threat without even acting
initiating wrong actions in the environment.
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Professional IT Practice and Ethics 4
Company Y: This company had to pay the major consequences of the occurrence of the
event. As the database of Company Y is ineffective, so it has to compensate with the
Company X as well in case any issue occur.
IT team of Company Y: This department of the organization is at fault because of which
the whole issue arouse in the organization. The management had to suffer with penalties
and various other concerns according to the norms of the company.
Clients of Company X and Company Y: Information breach and lack of secrecy of
personal information is the consequences of this event for the clients.
Company Z and Faisal: The companies might never come into contract with this
organization and also brand reputation and faith of clients can reduce (Miller, and Taddeo
2016).
Actions that will Harm Stakeholders
The manager of the company Y and Faisal can perform the actions in the given case because no
other person has the adequate information of the case. So, in this case actions that will harm or
will not harm can only be performed by the end of Company Z only. Faisal has already intimated
his manager about the security hole in database of the company Z (Parker 2017). So, ignorance
of the manager in the case even after attaining adequate information of security issue can
definitely harm the stakeholders of both the companies. As with this process, the database can
become prone to hacker which might cause problem for the organizations. Further, in the
scenario in which the manager of Company Z intimates such information to the Company Y and
the ignorance of management of company Y in the case can also lead to serious threat and
misconduct for the stakeholders of the case (Mason 2017).
Actions that will Benefit Stakeholders
The actions that will benefit the stakeholders are discussed below:
Faisal intimating the manager about the security hole in database of company Y and
manager understanding the serious threat.
If manager denies then Faisal convincing the manager regarding the case and asking him
to forward the information.
Company Y: This company had to pay the major consequences of the occurrence of the
event. As the database of Company Y is ineffective, so it has to compensate with the
Company X as well in case any issue occur.
IT team of Company Y: This department of the organization is at fault because of which
the whole issue arouse in the organization. The management had to suffer with penalties
and various other concerns according to the norms of the company.
Clients of Company X and Company Y: Information breach and lack of secrecy of
personal information is the consequences of this event for the clients.
Company Z and Faisal: The companies might never come into contract with this
organization and also brand reputation and faith of clients can reduce (Miller, and Taddeo
2016).
Actions that will Harm Stakeholders
The manager of the company Y and Faisal can perform the actions in the given case because no
other person has the adequate information of the case. So, in this case actions that will harm or
will not harm can only be performed by the end of Company Z only. Faisal has already intimated
his manager about the security hole in database of the company Z (Parker 2017). So, ignorance
of the manager in the case even after attaining adequate information of security issue can
definitely harm the stakeholders of both the companies. As with this process, the database can
become prone to hacker which might cause problem for the organizations. Further, in the
scenario in which the manager of Company Z intimates such information to the Company Y and
the ignorance of management of company Y in the case can also lead to serious threat and
misconduct for the stakeholders of the case (Mason 2017).
Actions that will Benefit Stakeholders
The actions that will benefit the stakeholders are discussed below:
Faisal intimating the manager about the security hole in database of company Y and
manager understanding the serious threat.
If manager denies then Faisal convincing the manager regarding the case and asking him
to forward the information.
Professional IT Practice and Ethics 5
Manager and agreeing of the terms of Faisal and forwarding the information to IT
department of Company Y (Schwalbe 2015).
Company Y taking strict actions regarding the case and rectifying the same.
Thus, it can be said that these actions will definite benefit all the stakeholders present in the
given case.
Acts that Stakeholders Wants to Occur
On the part of the Company Z, according to the give case the management do not want to
intimate such information to the Company Y because it is not a part of their duty. So, they are
not concerned with the case and the actions taken.
Further, the other stakeholders would definitely require to initiate such actions that can definitely
increase the privacy of clients and their information in the environment. It is important for every
organization to operate under the professional code of ethics so the management should initiate
actions that do not harm their reputation in the society and at the same time keep the client’s
information safe and far from the hands of unethical hackers (Stahl, et. Al., 2014).
Solutions that Satisfies Stakeholders
Yes, there are many ways to satisfy all the stakeholders present in the give case. However, the
clients of both the organizations X and Y should be given more consideration than others
because they the most important people whose information might leak in the environment
without their consent. The clients of both the organization have not initiated and falsified actions
or wrong deed but they would suffer anyhow if the hackers attain their personal information. So,
these are the most important stakeholders present in the given case (Lavin, Harper, and Barr
2015).
Actions that Show Respect
Faisal in the given case should intimate the information of security hole to the
management of the company Y and the manager on the other hand should provide such
information to their client.
Manager and agreeing of the terms of Faisal and forwarding the information to IT
department of Company Y (Schwalbe 2015).
Company Y taking strict actions regarding the case and rectifying the same.
Thus, it can be said that these actions will definite benefit all the stakeholders present in the
given case.
Acts that Stakeholders Wants to Occur
On the part of the Company Z, according to the give case the management do not want to
intimate such information to the Company Y because it is not a part of their duty. So, they are
not concerned with the case and the actions taken.
Further, the other stakeholders would definitely require to initiate such actions that can definitely
increase the privacy of clients and their information in the environment. It is important for every
organization to operate under the professional code of ethics so the management should initiate
actions that do not harm their reputation in the society and at the same time keep the client’s
information safe and far from the hands of unethical hackers (Stahl, et. Al., 2014).
Solutions that Satisfies Stakeholders
Yes, there are many ways to satisfy all the stakeholders present in the give case. However, the
clients of both the organizations X and Y should be given more consideration than others
because they the most important people whose information might leak in the environment
without their consent. The clients of both the organization have not initiated and falsified actions
or wrong deed but they would suffer anyhow if the hackers attain their personal information. So,
these are the most important stakeholders present in the given case (Lavin, Harper, and Barr
2015).
Actions that Show Respect
Faisal in the given case should intimate the information of security hole to the
management of the company Y and the manager on the other hand should provide such
information to their client.
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
Professional IT Practice and Ethics 6
The respected companies after intimation should initiate actions in such a way that their
personal information is not leaked in the market without the client’s consent (Berry, et.
Al., 2017).
Both the companies X and Y along with the management team should work to save the
data that they have and secure it from the hands of unethical hackers present in the
market.
The above mentioned actions will definitely bring balance in the society and care and respect
towards each other along with compliance with all the professional ethics as well.
Best Action
The best action would be when the manager would understand the concern of Faisal. Further, he
should have intimate Company Y and X as well regarding the issue and ask them to rectify the
same. The IT team of company Y should perform the same and the IT team of company X
should take care that all the action are performed effectively. Further, after completion of the
event, the company should state the news to their clients as well. Lastly, the companies should
create and long lasting and effective relationship with the company Z in future. They should also
reward Faisal and company Z for going out of their league in order to maintain save the image of
their clients (Floridi, and Taddeo 2016).
Lastly, it should be noted that even if the manager Company Z would not agree, he should have
escalated the cause to higher authority and asked them to intimate the same because it was a
concern of professional ethics.
Conclusion
Thus, in the limelight of above mentioned events, it should be noted that ethics is very important
for the business to run smoothly without facing any problem in the target market.
The respected companies after intimation should initiate actions in such a way that their
personal information is not leaked in the market without the client’s consent (Berry, et.
Al., 2017).
Both the companies X and Y along with the management team should work to save the
data that they have and secure it from the hands of unethical hackers present in the
market.
The above mentioned actions will definitely bring balance in the society and care and respect
towards each other along with compliance with all the professional ethics as well.
Best Action
The best action would be when the manager would understand the concern of Faisal. Further, he
should have intimate Company Y and X as well regarding the issue and ask them to rectify the
same. The IT team of company Y should perform the same and the IT team of company X
should take care that all the action are performed effectively. Further, after completion of the
event, the company should state the news to their clients as well. Lastly, the companies should
create and long lasting and effective relationship with the company Z in future. They should also
reward Faisal and company Z for going out of their league in order to maintain save the image of
their clients (Floridi, and Taddeo 2016).
Lastly, it should be noted that even if the manager Company Z would not agree, he should have
escalated the cause to higher authority and asked them to intimate the same because it was a
concern of professional ethics.
Conclusion
Thus, in the limelight of above mentioned events, it should be noted that ethics is very important
for the business to run smoothly without facing any problem in the target market.
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
Professional IT Practice and Ethics 7
References
Berry, D., Payton, F.C., Lakin, S. and White, E., 2017, June. Can we really show this?: ethics,
representation and social justice in sensitive digital space. In Proceedings of the 17th ACM/IEEE
Joint Conference on Digital Libraries (pp. 354-355). IEEE Press.
Eason, K.D., 2014. Information technology and organisational change. US: CRC Press.
Floridi, L. and Taddeo, M., (2016) What is data ethics? [online]. Retrieved from<
http://rsta.royalsocietypublishing.org/content/374/2083/20160360> [accessed on 9 October
2018].
Hair Jr, J.F., Wolfinbarger, M., Money, A.H., Samouel, P. and Page, M.J., 2015. Essentials of
business research methods. UK: Routledge.
Laudon, K.C. and Laudon, J.P., 2016. Management information system. Pearson Education
India.
Lavin, M.A., Harper, E. and Barr, N., 2015. Health information technology, patient safety, and
professional nursing care documentation in acute care settings. Online J Issues Nurs, 20(6).
Mason, R.O., 2017. Four ethical issues of the information age. In Computer Ethics (pp. 41-48).
UK: Routledge.
Miller, K.W. and Taddeo, M., 2016. The Ethics of Information Technologies (Volume 4). UK:
Routledge.
Parker, D.B., 2017. Rules of ethics in information processing. In Computer Ethics (pp. 17-20).
UK: Routledge.
Schwalbe, K., 2015. Information technology project management. Cengage Learning.
Simon, J., 2015. Distributed epistemic responsibility in a hyperconnected era. In The Onlife
Manifesto (pp. 145-159). Springer, Cham.
Stahl, B.C., Eden, G., Jirotka, M. and Coeckelbergh, M., 2014. From computer ethics to
responsible research and innovation in ICT: The transition of reference discourses informing
ethics-related research in information systems. Information & Management, 51(6), pp.810-818.
References
Berry, D., Payton, F.C., Lakin, S. and White, E., 2017, June. Can we really show this?: ethics,
representation and social justice in sensitive digital space. In Proceedings of the 17th ACM/IEEE
Joint Conference on Digital Libraries (pp. 354-355). IEEE Press.
Eason, K.D., 2014. Information technology and organisational change. US: CRC Press.
Floridi, L. and Taddeo, M., (2016) What is data ethics? [online]. Retrieved from<
http://rsta.royalsocietypublishing.org/content/374/2083/20160360> [accessed on 9 October
2018].
Hair Jr, J.F., Wolfinbarger, M., Money, A.H., Samouel, P. and Page, M.J., 2015. Essentials of
business research methods. UK: Routledge.
Laudon, K.C. and Laudon, J.P., 2016. Management information system. Pearson Education
India.
Lavin, M.A., Harper, E. and Barr, N., 2015. Health information technology, patient safety, and
professional nursing care documentation in acute care settings. Online J Issues Nurs, 20(6).
Mason, R.O., 2017. Four ethical issues of the information age. In Computer Ethics (pp. 41-48).
UK: Routledge.
Miller, K.W. and Taddeo, M., 2016. The Ethics of Information Technologies (Volume 4). UK:
Routledge.
Parker, D.B., 2017. Rules of ethics in information processing. In Computer Ethics (pp. 17-20).
UK: Routledge.
Schwalbe, K., 2015. Information technology project management. Cengage Learning.
Simon, J., 2015. Distributed epistemic responsibility in a hyperconnected era. In The Onlife
Manifesto (pp. 145-159). Springer, Cham.
Stahl, B.C., Eden, G., Jirotka, M. and Coeckelbergh, M., 2014. From computer ethics to
responsible research and innovation in ICT: The transition of reference discourses informing
ethics-related research in information systems. Information & Management, 51(6), pp.810-818.
Professional IT Practice and Ethics 8
⊘ This is a preview!⊘
Do you want full access?
Subscribe today to unlock all pages.
Trusted by 1+ million students worldwide
1 out of 9
Related Documents
Your All-in-One AI-Powered Toolkit for Academic Success.
+13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
Copyright © 2020–2025 A2Z Services. All Rights Reserved. Developed and managed by ZUCOL.