1. The document provides information about the MIS curriculum at Amity School of Business including courses on organizations, management, information technology infrastructure, and managing information systems.
2. It discusses several ethical issues related to information systems including impacts on society, responsibilities of IT professionals, categories of ethical issues, and challenges related to employment, working conditions, and individuality.
3. Information security goals and computer crimes are outlined along with tools for security management such as encryption, firewalls, and backups. Controls for information system security and auditing are also summarized.
PFE3.4 Ethical Considerations - Working with Minors
Management Information System 5
1. Amity School of Business
Jitendra Tomar
Amity School of Business,
Amity University, UP
09911331317
0120 4392875
jtomar@amity.edu
MIS - Orator
2. Amity School of Business
• Organizations, Management & Information.
• Information Technology Infrastructure.
• Managing and Organizing Support Systems for the Firm.
• Building Information Systems in the Digital Firm.
• Managing Information Systems in the Digital Firm.
MIS - Curriculum
3. Amity School of Business
Issues with Society.
• One should realize
Privacy
that IT has had
beneficial results as
Epye
mm
lo n well as detrimental
t
effects on society and
Win
okg
r people in many areas.
Ethics & Society
• The use of IT has major
impacts on society,
Cdios
oitn
n and thus raises issues
in the areas of crime,
privacy, individuality,
irC employment, health &
em
Individuality working conditions.
Issues with Information System
4. Amity School of Business
Is the person a responsible Professional?
As a business professional
• Managers have the responsibility to promote ethical uses of IT.
• They should accept the ethical responsibilities that come with
their work activities.
• They should abide by the Ethical Foundations in business and
IT.
– Business Ethics – It is concerned with the numerous ethical
questions that managers must confront as part of their
daily business decision making.
– Technology Ethics – These principles can serve as basic
ethical requirements that companies should meet to help
ensure the ethical implementation of IT and IS in business.
Issues with Information System
5. Amity School of Business
Basic Categories of Ethical Issues:
• Equity
– Executive Salaries, comparable Worth, Product Pricing,
Intellectual Property Rights, Noncompetitive Agreements,
Etc.
• Rights
– Corporate Due Process, Employee Health Screening,
Consumer Privacy, Employee Privacy, Sexual Harassment,
Affirmative Action, Equal Employment Opportunity,
Shareholder Interests, Employment at Will, Etc.
Issues with Information System
6. Amity School of Business
Basic Categories of Ethical Issues:
• Honesty.
– Employee Conflicts of Interest, Security of Company
Information, Inappropriate Gifts, Advertising Content,
Government Contract Issues, Financial and Cash
Management Procedures, Questionable Business Practices
in Foreign Countries, etc.
• Exercise of Corporate Power
– Product Safety, Environmental Issues, Disinvestment,
Corporate Contributions, Social Issues Raised by Religious
Organizations, Plant/Facility closures and Downsizing,
Political Action Committees, Workplace Safety.
Issues with Information System
7. Amity School of Business
Principles of Technology Ethics.
• Proportionality.
– The good achieved by the technology must outweigh the harm
or risk. Moreover there must be no alternative that achieves the
same or comparable benefits with less harm or risk.
• Informed Consent
– Those affected by the technology should understand and
accept the risks.
• Justice
– The benefits and burdens of the technology should be distributed
fairly. Those who benefit should bear their fair share of the risks,
and those who do not benefit should not suffer a significant
increase in risk.
• Minimized Risk
– Even if judged acceptable by the other three guidelines, the
technology must be implemented so as to avoid all unnecessary
risk.
Issues with Information System
8. Amity School of Business
Ethical Challenges – Few More
• Employment Challenges.
– IT is directly related to the use of computers to achieve
automation of work activities. Use of IT has created new
jobs and increased productivity, while also causing a
significant reduction in some types of job opportunities.
• Challenges in working conditions.
– It has eliminated monotonous or obnoxious tasks that
formerly had to be performed by people.
– This allows people to concentrate on more challenging
and interesting assignments, upgrade the skill level, which
upgrades the quality of work and working conditions and
the content of work activities.
Issues with Information System
9. Amity School of Business
Ethical Challenges – Few More
• Challenges to individuality.
– Computer-based systems are criticized as impersonal
systems that dehumanize and depersonalize activities
eliminating human relationship.
• Ergonomics & Health Issues.
– Use of IT raises a variety of health problems like job stress,
damaged arm and neck muscles, eye strain, radiation
exposure, etc.
– Ergonomics, some times called as human factor
engineering, is to design healthy work environments that
are safe, comfortable, and pleasant for people to work in,
thus increasing employee morale and productivity.
Issues with Information System
10. Amity School of Business
Goals of Information Security.
• The development, implementation, and maintenance of ISs
constitute a large and growing part of the cost of doing
business.
• The protection of these resources is a primary concern.
• The increasing reliance on ISs, combined with their
connection to the outside world in the form of the internet,
makes securing corporate ISs increasingly challenging.
• The major goals of information security are:
– To reduce the risk of systems & organization ceasing operations.
– To maintain information confidentiality.
– To ensure the integrity and reliability of data resources.
– To ensure the uninterrupted availability of data resources.
– To ensure compliance with national security law and policies.
Information System Security
11. Amity School of Business
Computer Crime.
As per Association of Information Technology Professionals (AITP),
computer crime is defined as
• The unauthorized use, access, modification and destruction of
H/W, S/W, data or network resource.
• The unauthorized release of information.
• The unauthorized copying of S/W.
• Denying an end user access to his or her own H/W , S/W, data
or network resource.
• Using or conspiring to use computer or network resources to
illegally obtain information.
This definition was promoted by the AITP in a Model Computer
Crime Act and is reflected in many computer crime Laws.
Information System Security
12. Amity School of Business
Tools for Computer Crime.
• Hacking.
– Denial of Service, Scanning, Sniffing, Spoofing & Phishing, Trojan
Horse, Back Doors, War Dialing, Logic Bombs, Password Crackers,
Social Engineering, Dumpster Diving.
• Unauthorized Use at Work.
– Moonlighting.
• Software Piracy.
• Piracy of Intellectual Property.
• Computer Virus and Worms.
• Computer Censorships.
Information System Security
13. Amity School of Business
Tools for Security Management.
• Encryption.
– Cipher (Public & Private Keys).
– Digital Certificate.
– Virtual Private Network.
– Secured Socket Layer (SSL).
• Firewall.
• Email Message Monitoring.
• Security Codes.
• Biometric Security.
• Backup Files.
• Virus Defense.
• Operating System Controls.
• Fault Tolerant Systems.
Information System Security
14. Amity School of Business
IS Security Management Control.
1. IS Control – They are designed to monitor and maintain the
quality and security of the input, output, processing, and
storage activities of IS.
S/W Control
H/W Control
Firewall
Input Checkpoints Output
Security Codes Security Codes
Encryption Encryption
Data Entry Screens Control Listings
Error Signals End User Feedback
Storage Control
Security Codes
Encryption
Backups
DB Administration
Information System Security
15. Amity School of Business
Tools for Security Management.
2. Auditing IT Security
• Manual.
– System is periodically examined manually to see the fault if
any.
– Such audit review evaluate whether proper & adequate
security measures & management policies have been
developed & implemented.
• Audit Trails.
– It is presence of documentation that allows a transactions
to be traced through all stages of its processing.
– It takes the form of control logs that automatically record
all computer network activity on disk.
Information System Security