Every organization, whether big or small, financial or service, franchise or
joint venture... "expects" the employees to follow professional
ethics. Professional ethics are related to the morals of employee towards his
office and colleagues. These are inter personal rules of discipline with an
inclination towards humanity and gratitude towards the organization.
1. GENERAL MORAL IMPERATIVES
1.1 Contribute to society and human well-being.
This principle concerning the quality of life of all people affirms an
obligation to protect fundamental human rights and to respect the diversity of
all cultures. An essential aim of computing professionals is to minimize
negative consequences of computing systems, including threats to health and
safety. When designing or implementing systems, computing professionals must
attempt to ensure that the products of their efforts will be used in socially
responsible ways, will meet social needs, and will avoid harmful effects to
health and welfare.
In addition to a safe social environment, human well-being includes a safe
natural environment. Therefore, computing professionals who design and develop
systems must be alert to, and make others aware of, any potential damage to the
local or global environment.
1.2 Avoid harm to others.
"Harm" means injury or negative consequences, such as undesirable
loss of information, loss of property, property damage, or unwanted
environmental impacts. This principle prohibits use of computing technology in
ways that result in harm to any of the following: users, the general public,
employees, employers. Harmful actions include intentional destruction or
modification of files and programs leading to serious loss of resources or
unnecessary expenditure of human resources such as the time and effort required
to purge systems of "computer viruses."
Well-intended actions, including those that accomplish assigned duties, may
lead to harm unexpectedly. In such an event the responsible person or persons
are obligated to undo or mitigate the negative consequences as much as possible.
One way to avoid unintentional harm is to carefully consider potential impacts
on all those affected by decisions made during design and implementation.
To minimize the possibility of indirectly harming others, computing
professionals must minimize malfunctions by following generally accepted
standards for system design and testing. Furthermore, it is often necessary to
assess the social consequences of systems to project the likelihood of any
serious harm to others. If system features are misrepresented to users,
coworkers, or supervisors, the individual computing professional is responsible
for any resulting injury.
In the work environment the computing professional has the additional
obligation to report any signs of system dangers that might result in serious
personal or social damage. If one's superiors do not act to curtail or mitigate
such dangers, it may be necessary to "blow the whistle" to help
correct the problem or reduce the risk. However, capricious or misguided
reporting of violations can, itself, be harmful. Before reporting violations,
all relevant aspects of the incident must be thoroughly assessed. In particular,
the assessment of risk and responsibility must be credible. It is suggested that
advice be sought from other computing professionals. See principle 2.5 regarding
1.3 Be honest and trustworthy.
Honesty is an essential component of trust. Without trust an organization
cannot function effectively. The honest computing professional will not make
deliberately false or deceptive claims about a system or system design, but will
instead provide full disclosure of all pertinent system limitations and
A computer professional has a duty to be honest about his or her own
qualifications, and about any circumstances that might lead to conflicts of
1.4 Be fair and take action not to discriminate.
The values of equality, tolerance, respect for others, and the principles of
equal justice govern this imperative. Discrimination on the basis of race, sex,
religion, age, disability, national origin, or other such factors is an explicit
violation of any policy and will not be tolerated.
Inequities between different groups of people may result from the use or
misuse of information and technology. In a fair society, all individuals would
have equal opportunity to participate in, or benefit from, the use of computer
resources regardless of race, sex, religion, age, disability, national origin or
other such similar factors. However, these ideals do not justify unauthorized
use of computer resources nor do they provide an adequate basis for violation of
any other ethical imperatives of this code.
1.5 Honor property rights including copyrights and patent.
Violation of copyrights, patents, trade secrets and the terms of license
agreements is prohibited by law in most circumstances. Even when software is not
so protected, such violations are contrary to professional behavior. Copies of
software should be made only with proper authorization. Unauthorized duplication
of materials must not be condoned.
1.6 Give proper credit for intellectual property.
Computing professionals are obligated to protect the integrity of
intellectual property. Specifically, one must not take credit for other's ideas
or work, even in cases where the work has not been explicitly protected by
copyright, patent, etc.
1.7 Respect the privacy of others.
Computing and communication technology enables the collection and exchange of
personal information on a scale unprecedented in the history of civilization.
Thus there is increased potential for violating the privacy of individuals and
groups. It is the responsibility of professionals to maintain the privacy and
integrity of data describing individuals. This includes taking precautions to
ensure the accuracy of data, as well as protecting it from unauthorized access
or accidental disclosure to inappropriate individuals. Furthermore, procedures
must be established to allow individuals to review their records and correct
This imperative implies that only the necessary amount of personal
information be collected in a system, that retention and disposal periods for
that information be clearly defined and enforced, and that personal information
gathered for a specific purpose not be used for other purposes without consent
of the individual(s). These principles apply to electronic communications,
including electronic mail, and prohibit procedures that capture or monitor
electronic user data, including messages,without the permission of users or bona
fide authorization related to system operation and maintenance. User data
observed during the normal duties of system operation and maintenance must be
treated with strictest confidentiality, except in cases where it is evidence for
the violation of law, organizational regulations, or this Code. In these cases,
the nature or contents of that information must be disclosed only to proper
1.8 Honor confidentiality.
The principle of honesty extends to issues of confidentiality of information
whenever one has made an explicit promise to honor confidentiality or,
implicitly, when private information not directly related to the performance of
one's duties becomes available. The ethical concern is to respect all
obligations of confidentiality to employers, clients, and users unless
discharged from such obligations by requirements of the law or other principles
of this Code.
2. MORE SPECIFIC PROFESSIONAL RESPONSIBILITIES.
2.1 Strive to achieve the highest quality, effectiveness and dignity in both
the process and products of professional work.
Excellence is perhaps the most important obligation of a professional. The
computing professional must strive to achieve quality and to be cognizant of the
serious negative consequences that may result from poor quality in a system.
2.2 Acquire and maintain professional competence.
Excellence depends on individuals who take responsibility for acquiring and
maintaining professional competence. A professional must participate in setting
standards for appropriate levels of competence, and strive to achieve those
standards. Upgrading technical knowledge and competence can be achieved in
several ways: doing independent study; attending seminars, conferences, or
courses; and being involved in professional organizations.
2.3 Know and respect existing laws pertaining to professional work.
One must obey existing local, state, province, national, and
international laws unless there is a compelling ethical basis not to do so.
Policies and procedures of the organizations in which one participates must also
be obeyed. But compliance must be balanced with the recognition that sometimes
existing laws and rules may be immoral or inappropriate and, therefore, must be
challenged. Violation of a law or regulation may be ethical when that law or
rule has inadequate moral basis or when it conflicts with another law judged to
be more important. If one decides to violate a law or rule because it is viewed
as unethical, or for any other reason, one must fully accept responsibility for
one's actions and for the consequences.
2.4 Accept and provide appropriate professional review.
Quality professional work, especially in the computing profession, depends on
professional reviewing and critiquing. Whenever appropriate, individual members
should seek and utilize peer review as well as provide critical review of the
work of others.
2.5 Give comprehensive and thorough evaluations of computer systems and their
impacts, including analysis of possible risks.
Computer professionals must strive to be perceptive, thorough, and objective
when evaluating, recommending, and presenting system descriptions and
alternatives. Computer professionals are in a position of special trust, and
therefore have a special responsibility to provide objective, credible
evaluations to employers, clients, users, and the public. When providing
evaluations the professional must also identify any relevant conflicts of
interest, as stated in imperative 1.3.
As noted in the discussion of principle 1.2 on avoiding harm, any signs of
danger from systems must be reported to those who have opportunity and/or
responsibility to resolve them. See the guidelines for imperative 1.2 for more
details concerning harm, including the reporting of professional violations.
2.6 Honor contracts, agreements, and assigned responsibilities.
Honoring one's commitments is a matter of integrity and honesty. For the
computer professional this includes ensuring that system elements perform as
intended. Also, when one contracts for work with another party, one has an
obligation to keep that party properly informed about progress toward completing
A computing professional has a responsibility to request a change in any
assignment that he or she feels cannot be completed as defined. Only after
serious consideration and with full disclosure of risks and concerns to the
employer or client, should one accept the assignment. The major underlying
principle here is the obligation to accept personal accountability for
professional work. On some occasions other ethical principles may take greater
A judgment that a specific assignment should not be performed may not be
accepted. Having clearly identified one's concerns and reasons for that
judgment, but failing to procure a change in that assignment, one may yet be
obligated, by contract or by law, to proceed as directed. The computing
professional's ethical judgment should be the final guide in deciding whether or
not to proceed. Regardless of the decision, one must accept the responsibility
for the consequences.
However, performing assignments "against one's own judgment" does
not relieve the professional of responsibility for any negative consequences.
2.7 Improve public understanding of computing and its consequences.
Computing professionals have a responsibility to share technical knowledge
with the public by encouraging understanding of computing, including the impacts
of computer systems and their limitations. This imperative implies an obligation
to counter any false views related to computing.
2.8 Access computing and communication resources only when authorized to do
Theft or destruction of tangible and electronic property is prohibited by
imperative 1.2 - "Avoid harm to others." Trespassing and unauthorized
use of a computer or communication system is addressed by this imperative.
Trespassing includes accessing communication networks and computer systems, or
accounts and/or files associated with those systems, without explicit
authorization to do so. Individuals and organizations have the right to restrict
access to their systems so long as they do not violate the discrimination
principle (see 1.4). No one should enter or use another's computer system,
software, or data files without permission. One must always have appropriate
approval before using system resources, including communication ports, file
space, other system peripherals, and computer time.
3. ORGANIZATIONAL LEADERSHIP IMPERATIVES.
The ethical obligations of organizations tend to be neglected in most
codes of professional conduct, perhaps because these codes are written from the
perspective of the individual member. This dilemma is addressed by stating these
imperatives from the perspective of the organizational leader. In this
context "leader" is viewed as any organizational member who has
leadership or educational responsibilities. These imperatives generally may
apply to organizations as well as their leaders. In this
context "organizations" are corporations, government agencies, and other
"employers," as well as volunteer professional organizations.
3.1 Articulate social responsibilities of members of an organizational unit
and encourage full acceptance of those responsibilities.
Because organizations of all kinds have impacts on the public, they must
accept responsibilities to society. Organizational procedures and attitudes
oriented toward quality and the welfare of society will reduce harm to members
of the public, thereby serving public interest and fulfilling social
responsibility. Therefore, organizational leaders must encourage full
participation in meeting social responsibilities as well as quality performance.
3.2 Manage personnel and resources to design and build information systems
that enhance the quality of working life.
Organizational leaders are responsible for ensuring that computer systems
enhance, not degrade, the quality of working life. When implementing a computer
system, organizations must consider the personal and professional development,
physical safety, and human dignity of all workers. Appropriate human-computer
ergonomic standards should be considered in system design and in the workplace.
3.3 Acknowledge and support proper and authorized uses of an organization's
computing and communication resources.
Because computer systems can become tools to harm as well as to benefit an
organization, the leadership has the responsibility to clearly define
appropriate and inappropriate uses of organizational computing resources. While
the number and scope of such rules should be minimal, they should be fully
enforced when established.
3.4 Ensure that users and those who will be affected by a system have their
needs clearly articulated during the assessment and design of requirements;
later the system must be validated to meet requirements.
Current system users, potential users and other persons whose lives may be
affected by a system must have their needs assessed and incorporated in the
statement of requirements. System validation should ensure compliance with those
3.5 Articulate and support policies that protect the dignity of users and
others affected by a computing system.
Designing or implementing systems that deliberately or inadvertently demean
individuals or groups is ethically unacceptable. Computer professionals who are
in decision making positions should verify that systems are designed and
implemented to protect personal privacy and enhance personal dignity.
3.6 Create opportunities for members of the organization to learn the
principles and limitations of computer systems.
This complements the imperative on public understanding (2.7). Educational
opportunities are essential to facilitate optimal participation of all
organizational members. Opportunities must be available to all members to help
them improve their knowledge and skills in computing, including courses that
familiarize them with the consequences and limitations of particular types of
systems. In particular, professionals must be made aware of the dangers of
building systems around oversimplified models, the improbability of anticipating
and designing for every possible operating condition, and other issues related
to the complexity of this profession.
4. COMPLIANCE WITH THE CODE.
4.1 Uphold and promote the principles of this Code.
The future of the computing profession depends on both technical and ethical
excellence. Not only is it important for professionals to adhere
to the principles expressed in this Code, each member should encourage and
support adherence by other members.
4.2 Treat violations of this code as violation of rules.
Adherence of professionals to a code of ethics is largely a voluntary matter.
However, if a member does not follow this code by engaging in gross misconduct. a disciplinary action may be taken resulting is waring, suspension from duties, removal from duties or even a criminal charge.