'Is IT Ethical? 2002 ETHICOMP Survey of Professional Practice'

&simon; &mary; 2003 Simon Rogerson, Mary Prior IMIS Journal Originally published as ETHIcol in the IMIS Journal Volume 13 No 6 (December 2003) 'Is IT Ethical? 2002 ETHICOMP Survey of Professional Practice' In September the third bi-annual study into the attitudes of Information Systems (IS) professionals, 'Is IT Ethical? 2002 ETHICOMP Survey of Professional Practice' was launched. Here are some of the key findings. Respondents Of the respondents to the 2002 survey just 35% are from the U.K. and 54% from African countries, most of these being from Zambia (28%) and Kenya (15%). The number of respondents aged under 25 has more than doubled to 30% from the previous survey while the proportion of those aged 41-50 has continued to drop with each survey. The vast majority of student members are following part-time study for IMIS qualification whilst in full-time employment within the IT sector. There is still a disappointing level of response from women members. Ethical considerations Three-quarters of respondents agree or strongly agree that they would refuse to work on a project that they considered to be unethical. A larger difference is found in the response to the statement, 'Providing a systems development project provides me with an interesting challenge, I do not care about its overall objectives or purpose'. In 2002 78% of respondents disagree or strongly disagree with this statement as compared to 91% in 2000 and 84% in 1998. As many as 11% are indifferent in the latest survey. Further analysis reveals that of the 14% of respondents who disagree or strongly disagree that they would refuse to work on a project that they considered to be unethical, and the 11% who are indifferent to the statement, 'Providing a systems development project provides me with an interesting challenge, I do not care about its overall objectives or purpose', three-quarters are under 40. This appears to support the suspicion raised by the first survey, that there is a relationship between age and the responses to these issues. This significant minority of this indifferent to ethical behaviour is concerning. Intellectual Property It would appear that more experienced employees and those working within the public and computer industry sectors are more likely to think that employees should not be allowed to recreate a product, program or design for another organisation on moving from one employer to another. Using employer's facilities The data suggests that geography is most likely to be having an effect on responses regarding using of employer's facilities, or being in a younger age group and/or being a student in certain countries has an effect on attitudes to use of employer's facilities, but further evidence is required to support this possibility. Use of the internet and use of email are the areas reported as most likely to be subject to a formal policy. There has been an increase in the proportion of respondents who say that their organisation has either a formal or informal policy for the use of software and of printers and peripherals. Privacy and security The vast majority of our respondents do appear to appreciate the boundaries of data access. However, there is a minority who may be prepared to use another's access code with their permission to access data they are not authorised to see. The implication for organisations is that they need to ensure that their privacy and security policies are clear, communicated to all employees, and that employees' awareness and deployment of them are continually reviewed. A higher proportion of respondents say that their organisation's computer- held data is more secure from external than from internal sources. In the survey 5 out of 7 Network Managers disagreed that data was safe from internal sources, 3 out of 7 disagreed that it was safe from external sources. Users and clients A majority of respondents consider the overall working environment to be part of the IS professional's responsibility, It is a cause for concern that there continues to be a group of respondents who endorse a business practice that lacks openness with the IT services customer. Equally worrying is the finding that there continues to be a minority of respondents who find it acceptable to cut down on testing effort if a project is significantly behind schedule or over budget: Globalisation In developed countries 69% are in favour of and 7% opposed to producing software more quickly compared with 17% and 45% respectively for other countries. For the 25-40 group 11% more are in favour of cheaper software than being in favour of software produced more quickly. The over 50 age group hold the most extreme view with 70% being in favour of cheaper software and 75% being in favour of software produced more quickly. Such views, as mentioned previously in the 2000 survey, may well exacerbate problems of wealth distribution unless there is a reinvestment of profit in the economically poor regions. Recommendations to organisations seriously consider adopting a Code of Conduct for all employees; promote awareness among all employees of:

ethical issues the organisation's Code of Conduct how the organisation's Code of Conduct may be applied to guide ethical decision-making;

establish 'whistle-blowing' procedures to encourage employees who become aware of unethical practices within the organisation to come forward; introduce a clear policy concerning the use of computing resources by employees for their own activities, and consider allowing the use for selected non-profit-making activities as a contribution to the local community or as a legitimate perk for employees; establish clear guidelines for the introduction and operation of any electronic surveillance process, including email and internet usage monitoring, ensuring that all employees are fully consulted and that their rights to privacy in the workplace are respected; review on a regular basis the security of computer-held data with attention to both technical aspects and management aspects affecting potential threats; consider and clarify their policy concerning the re-creation of intellectual property such as a product, program or design by employees when they move to another employer; ensure that all policies are clearly communicated to employees and are deployed throughout the organisation; promote an approach to systems development that encourages genuine stakeholder involvement in decision-making; promote a high level of data protection awareness among staff and review the means by which compliance with data privacy and data protection requirements are assured; provide a working environment that encourages ethical practices, supporting employees in resisting the temptation to allow commercial pressures to lead to ethically dubious practices - instead, promoting their ethical stance to their commercial advantage. For a copy of the survey report contact IMIS. &footer;