Class Notes (1,100,000)
CA (620,000)
Ryerson (30,000)
ITM (1,000)
ITM 102 (300)
Lecture 9

ITM 102 Lecture Notes - Lecture 9: Phishing, Absenteeism, Information SecurityPremium


Department
Information Technology Management
Course Code
ITM 102
Professor
Franklyn Prescod
Lecture
9

This preview shows half of the first page. to view the full 2 pages of the document.
ITM102 - Business Driven Information Systems - Lecture 8: Organizational Information
Information ethics
Ethics - principles and standards that guide our behavior towards other people.
Privacy - the right to have control of your own observations without consent.
Confidentiality - assurance that your messages are secure and available to those
of your choice.
Individuals form the only ethical component of management information systems.
Individuals copy, use and distribute software; search organizational databases for
sensitive and personal information; and individuals create and spread viruses.
Individuals create and spread viruses to steal information and destroy company
integrity.
Employee absenteeism - taking care of personal business; when you monitor employees
they feel like their privacy.
This leads to lower job satisfaction particularly because employees will begin to
believe the quantity of work is more important than quality
Information privacy - concerns the legal right or general expectation of individuals,
groups or institutions to determine for themselves when, and to what extent, information
about them is communicated to others.
Ethical policies
e-policies - when organizations strive to build corporate culture based on ethical
principles.
Ethical computer use policy - contains general principles to guide computer user
behaviour.
Information privacy policy - contains general principles and standards about privacy.
1. Adoption and implementation of a policy.
2. Notice and disclosure.
3. Choice and consent.
4. Information security.
5. Information quality and access.
Acceptable use policy - when a user agrees to follow provided access to a network or
internet.
Nonrepudiation clause - a contractual stipulation to ensure that e-business participants
do not deny their online actions.
Information security - protection of information from accidental or intentional misuse by
persons inside or outside an organization.
Information must be protected to maintain a company’s competitive advantage.
The greatest threat to a business information systems are insiders - or employees and
authorized of information systems that can exploit the company.
Negligence, mistakes and ignorance of the consequence of risky behavior.
Victims of social engineering, the use, by hackers, or social skills to acquire
passwords and personal data.
Security
You're Reading a Preview

Unlock to view full version

Subscribers Only