PricingBlogAbout Us

Professional Practice: IT Governance, Ethics, and Compliance Report

Verified

Added on  2020/04/21

|6
|1126
|253
Report
AI Summary
This report delves into the critical aspects of professional practice in IT, focusing on IT governance, ethics, and compliance. It begins by defining IT governance and examining the ITIL framework used by XYZ Corporations, highlighting compliance issues and decision-making challenges. The report then compares this framework with COBIT and CMMI, noting differences in structure and compliance. Furthermore, it explores the importance of ethics in ICT, detailing the implementation of the Australian Computer Society (ACS) Code of Conduct to address insider threats and promote ethical practices. The report also discusses the impact of cybercrime and the use of the Cybercrime Convention, 2001, to protect information and ensure business continuity. References to relevant sources are included to support the analysis, providing a comprehensive overview of the subject matter.
Document Page
professional practice in it
tabler-icon-diamond-filled.svg

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.
Document Page
Professional Practice in IT
Table of Contents
IT Governance Framework....................................................................................................................2
Australian Standard in the Fulfilment of the ICT Task..........................................................................2
Compliance (Legislation) in the Fulfilment of the ICT Task.................................................................3
References.............................................................................................................................................4
1
Document Page
Professional Practice in IT
IT Governance Framework
IT Governance is defined as a framework that allows a particular organization to ensure that
the IT infrastructure of the organization is capable to achieve the business goals and
strategies. It provides a mechanism to align the IT strategy of the organization with its
business strategies.
The host company, XYZ Corporations, does have an IT Governance framework in place.
ITIL, Information Technology Infrastructure Library, is the framework that is followed in the
company. This framework makes sure that the IT services and methods support the core
business goals of the company. There are training sessions organized for the employees at
regular intervals. However, there are compliance issues that are observed at the lower and
middle levels. There are also issues with the decision making activities as the higher
authorities are provided with all such abilities (Itinfo, 2017).
When compared with the IT Governance framework with other classmates, there were
differences in the structure and compliance that were observed. In this first comparison, the
IT Governance Framework being followed came out to be COBIT. Risk management and
mitigation were the two prime focus areas in this case (Isaca, 2017). In the second
comparison, the framework being followed in the company came out to be Capability
Maturity Model Integration (CMMI). The basic aim of this framework implemented in the
company was to ensure performance improvement at each level. The compliance ratio was
found to be highest in the company following COBIT IT Governance framework followed by
the host company using ITIL and then came the company making use of CMMI method.
Australian Standard in the Fulfilment of the ICT Task
Ethics play an extremely important role in all the business tasks and activities. It goes valid
for all the ICT tasks as well. IT Ethics and professional code of conduct is required to be
followed and reflected in all the IT process being carried out in the organization.
In case of XYZ Corporations, there were a number of increased insider threats that were
observed. These threats led to the exposure of the confidential information of the organization
to the unauthorized entities. In most of such cases, the employees of the organization were
held responsible. In order to overcome such issues, it was decided to implement Australian
Computer Society (ACS) Code of Conduct in the organization. As per this standard, there are
six elements that must be followed by all the employees. These six elements include honest,
2
Document Page
Professional Practice in IT
competence, primacy of public interest, professional development, enhancement of quality of
life and professionalism (Acs, 2014).
The step was taken to make sure that the frequency of the insider threats was reduced and the
employees followed ethical and professional practices in their business activities. There were
ethical and professional trainings that were organized to explain the employees about the
ACS code of conduct. This initiative was done to achieve higher compliance rates to the
ethical and professional practices (Uwa, 2017).
There was a review that was carried out after a period of four months and the compliance
levels were found to be high. The frequency of the insider threats and other information
security attacks also came down as a result.
Compliance (Legislation) in the Fulfilment of the ICT Task
There were a large number of computer systems, networks and databases that were installed
and used in the previous organization, ABC Corporations. The company provided web
services and solutions to its clients.
With the increase in the use of computing tools and equipment along with enhanced use of
web-based applications, there were numerous security risks and attacks that began to take
place. Majority of such issues were a result of cybercrimes and cyber-attacks. The business
continuity and availability was also getting adversely impacted because of the same.
In order to efficiently execute the ICT tasks and activities, it became essential to put a check
on such cybercrimes. Cybercrime Convention, 2001, was used for this purpose so that the
information could be protected and safeguarded from the cyber criminals (Bcs, 2005). It
provided the legal permission to search the computer networks and systems of the third
parties as well. The procedure resulted in identification of the primary threat agents and
carriers. As a result, the frequency of such attacks could be reduced.
The compliance to this act was included in all of the third-party contracts and negotiations
thereafter. Due to this step, the third-party providers and suppliers also made sure that they
used secure IT practices in all of their IT-related tasks and activities. The properties of the
information and data sets that were being used by the organization could be protected and the
availability of the business was also ensured. It led to the enhancement of the market
reputation along with the customer satisfaction levels as well (Michalsons, 2017).
3
tabler-icon-diamond-filled.svg

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.
Document Page
Professional Practice in IT
4
Document Page
Professional Practice in IT
References
Acs (2014). ACS Code of Professional Conduct Professional Standards Board Australian
Computer Society. [online] Acs.org.au. Available at:
https://www.acs.org.au/content/dam/acs/rules-and-regulations/Code-of-Professional-
Conduct_v2.1.pdf [Accessed 9 Nov. 2017].
Bcs (2005). Legal Guidelines - IT Law for IT Professionals. [online] Bcs.org. Available at:
http://www.bcs.org/upload/pdf/compliance_ict.pdf [Accessed 9 Nov. 2017].
Isaca (2017). COBIT 5: A Business Framework for the Governance and Management of
Enterprise IT. [online] Isaca.org. Available at: http://www.isaca.org/cobit/pages/default.aspx
[Accessed 9 Nov. 2017].
Itinfo (2017). Information Technology Infrastructure Library (ITIL) Guide. [online]
Itinfo.am. Available at: http://www.itinfo.am/eng/information-technology-infrastructure-
library-guide/ [Accessed 9 Nov. 2017].
Michalsons (2017). IT Compliance – Practical and Effective. [online] Michalsons.
Available at: https://www.michalsons.com/focus-areas/information-technology-law/it-law-
practical-and-effective-compliance [Accessed 9 Nov. 2017].
Uwa (2017). ACS Code of Ethics. [online] Teaching.csse.uwa.edu.au. Available at:
http://teaching.csse.uwa.edu.au/units/CITS3200/ethics/acs-ethics.htm [Accessed 9 Nov.
2017].
5
chevron_up_icon
1 out of 6
circle_padding
hide_on_mobile
zoom_out_icon
logo.png

Your All-in-One AI-Powered Toolkit for Academic Success.

  +13062052269
info@desklib.com

Available 24*7 on WhatsApp / Email

[object Object]
Unlock your academic potential

© 2024   |   Zucol Services PVT LTD   |   All rights reserved.