8d ago in πββοΈ Practice Questions
ISC2 Code of Ethics
Question: You are an information security professional who discovers that your company is planning to implement a new system that you believe could violate customer privacy laws and compromise personal data. However, you are not directly responsible for this system, and your manager insists that the implementation is legal and business-critical. According to the ISC2 Code of Ethics, what is your best course of action in this scenario?
Follow your manager's instructions since you are not directly responsible for the implementation.
Report your concerns to your manager and stop there since you have fulfilled your duty
Escalate the issue to higher management or relevant authorities, even if it could put your job at risk.
Ignore the issue, as it is not within your direct area of responsibility
4
11 comments
ISC2 Code of Ethics
skool.com/cissp
Share resources, get advice, and connect with peers studying cybersecurity. Join our CISSP study group and connect with fellow professionals today!
Leaderboard (30-day)
1
+108
2
+82
3
+65
4
+65
5
+60
powered by