Re: CISSP Ethics Education

["Hudson, Edward" <ehudson () CALSTATE EDU>]

Thanks Bradley, found this piece but was hoping for something more specific. I am not a CISSP so I have only the high 
level knowledge.
Ed Hudson
Director, Information Security
[cid:88737032-E0C7-4EB9-BC6C-7444B8DD4E4B]
401 Golden Shore
Long Beach, CA 90802
562-951-8431
ehudson () calstate edu

From: <Bradley>, Stephen <bradlesw () MIAMIOH EDU<mailto:bradlesw () MIAMIOH EDU>>
Reply-To: The EDUCAUSE Security Constituent Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () 
LISTSERV EDUCAUSE EDU>>
Date: Tuesday, March 10, 2015 at 9:54 AM
To: "SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV EDUCAUSE EDU>" <SECURITY () LISTSERV EDUCAUSE 
EDU<mailto:SECURITY () LISTSERV EDUCAUSE EDU>>
Subject: Re: [SECURITY] CISSP Ethics Education

Like their website?  Legally should cover it.

Code

All information security professionals who are certified by (ISC)² recognize that such certification is a privilege 
that must be both earned and maintained. In support of this principle, all (ISC)² members are required to commit to 
fully support this Code of Ethics (the "Code"). (ISC)² members who intentionally or knowingly violate any provision of 
the Code will be subject to action by a peer review panel, which may result in the revocation of certification. (ISC)² 
members are obligated to follow the ethics complaint procedure upon observing any action by an (ISC)² member that 
breach the Code. Failure to do so may be considered a breach of the Code pursuant to Canon IV.

There are only four mandatory canons in the Code. By necessity, such high-level guidance is not intended to be a 
substitute for the ethical judgment of the professional.

Code of Ethics Preamble:

  *   The safety and welfare of society and the common good, duty to our principals, and to each other, requires that 
we adhere, and be seen to adhere, to the highest ethical standards of behavior.
  *   Therefore, strict adherence to this Code is a condition of certification.

Code of Ethics Canons:

  *   Protect society, the common good, necessary public trust and confidence, and the infrastructure.
  *   Act honorably, honestly, justly, responsibly, and legally.
  *   Provide diligent and competent service to principals.
  *   Advance and protect the profession.



On Tue, Mar 10, 2015 at 12:41 PM, Hudson, Edward <ehudson () calstate edu<mailto:ehudson () calstate edu>> wrote:
All,
Is there a specific section of training for the CISSP regarding ethics? Specifically, does it state the obvious 
somewhere that its not ok to compromise/hack or encourage others to hack organizational systems.
I am trying to determine what training/education a CISSP holder would have had in this area as part of an internal 
investigation.
Feel free to DM me.
TIA


Ed Hudson
Director, Information Security
[cid:36D9AD96-E1F6-4913-A643-CA1848A49B26]
401 Golden Shore
Long Beach, CA 90802
562-951-8431<tel:562-951-8431>
ehudson () calstate edu<mailto:ehudson () calstate edu>



--
Stephen W. Bradley CISSP GCFA GCIH GWAPT SSCP
Senior Security Engineer
Miami University
IT Services
bradlesw () miamioh edu<mailto:bradlesw () miamioh edu>
513-529-1809