C954 - Section 6: Global Information Systems and Information Ethics

geoeconomics

The effects of geography on the economic realities of international business activities

employee monitoring policy

stating explicitly how, when, and where the company monitors its employees

e-discovery

refers to the ability of a company to identify, search, gather, seize, or export digital information in responding to a litigation, audit, investigation, or information inquiry

digital rights management

a technological solution that allows publishers to control their digital media to discourage, limit, or prevent illegal copying and distribution

counterfeit software

software that is manufactured to look like the real thing and sold as such

pirated software

the unauthorized use, duplication, distribution, or sale of copyrighted software

information ethics

Govern the ethical and moral issues arising from the development and use of information technologies, as well as the creation of practices that govern employee conduct

confidentiality

Confidentiality is one of the components of the CIA Triad, which also includes integrity and availability

Child Online Protection Act (COPA)

A law that protects minors from accessing inappropriate material on the Internet.

e-policies

policies and procedures that address the ethical use of computers and the internet in the business environment

cyberbullying

Threats, negative remarks, or defamatory comments transmitted via the Internet or posted on a website.

threat

an act or object that poses a danger to assets

click fraud

the abuse of pay-per-click, pay-per-call, and pay-per-conversion revenue models by repeatedly clicking a link to increase charges or costs for the advertiser

competitive click fraud

a computer crime where a competitor or disgruntled employee increases a company's search advertising costs by repeatedly clicking on the advertiser's link

ethical computer-use policy

contains general principles to guide computer user behavior

bring your own device (BYOD)

policy allows employees to use their personal mobile devices and computers to access enterprise data and applications within policy guidelines

information privacy policy

contains general principles regarding information privacy

fair information practices

a general term for a set of standards governing the collection and use of personal data and addressing issues of privacy and accuracy

acceptable use policy (AUP)

A policy that a user must agree to follow in order to be provided access to a network or to the internet

nonrepudiation

A contractual stipulation to ensure that ebusiness participants do not deny their online actions

internet use policy

contains general principles to guide the proper use of the internet

cybervandalism

a problem that occurs when someone registers purposely misspelled variations of well-known domain names

website name stealing

the theft of a website's name that occurs when someone, posing as a site's administrator, changes the ownership of the domain name assigned to the website to another website owner

internet censorship

government attempts to control internet traffic, thus preventing some material from being viewed by a country's citizens

email privacy policy

Identifies the personal data your organization collects (i.e., email addresses, first names, last names), how the data can be used, and if the information can be shared with third parties

mail bomb

sends a massive amount of email to a specific person or system that can cause that user's server to stop functioning

spam

unsolicited email

social media policy

Outlines the corporate guidelines or principles governing employee online communications

social media

The means of people interacting online, where they can create, share, and exchange information and ideas in virtual communities and networks

anti-spam policy

Simply states that email users will not send unsolicited emails (or spam)

opt out

choosing to deny permissions to incoming emails

opt in

Choosing to allow permissions to receive incoming emails

teergrubing

an anti-spamming approach by which the receiving computer launches a return attack against the spammer, sending email messages back to the computer that originated the suspected spam

physical security

tangible protection such as alarms, guards, fireproof doors, fences, and vaults

information technology infrastructure library (ITIL)

ITIL is a set of best practice, processes, dating back to the United Kingdom in 1989, for delivering IT services to an organization's customers. ITIL has its foundations in IT, but its principles are easily used within facilities or HR departments

ITIL Service Strategy

Service Strategy is the first volume in the IT infrastructure library; it aligns both business and information technology (IT) goals and customer needs. In addition to relating to the other four core volumes, it focuses each element of the service life cycle on the customer outcome.

privacy

The right to be left alone when you want to be, to have control over your own personal possessions, and not to be observed without your consent

patent

an exclusive right to use, sell, and license the use of an invention granted by a government to the inventor

copyright

legal protection for material such as a song, book, or video game

intellectual property

intangible creative work that is embodied in physical form and includes copyrights, trademarks, and patents

governance

a method or system for controlling or managing resources

Information System Audit and Control Association (IASACA)

An organization that sets guidelines and supports tools for IT governance that are accepted worldwide. These same tools are generally used by auditors and companies as a way to integrate technology to implement controls and meet specific business objectives

Committee of Sponsoring Organizations (COSO)

Key for evaluating internal controls such as human resources, logistics, information technology, risk, legal, marketing and sales, operations, financial functions, procurement, and reporting.

Capability Maturity Model Integration (CMMI) method

A process improvement approach that contains 22 process areas

enterprise architecture

includes the plans for how an organization will build, deploy, use, and share its data, processes, and IT assets

de-parameterization

This occurs when an organization moves employees outside its firewall. It is a growing movement that changes the way corporations address technology security.

corporate social responsibility to society

Companies acknowledging their responsibility to society