CODE OF ETHICS
THE ORGANISATION OF ISLAMIC COOPERATION – COMPUTER EMERGENCY RESPONSE TEAM (OIC-CERT)
Members of the OIC-CERT shall maintain their memberships by adhering to the OIC-CERT Membership Code of Ethics. Members who intentionally or knowingly violate any terms of the Code will be subjected to action by a panel appointed by the Steering Committee, which may result in the revocation of the membership.
There are four fundamental elements in the code, and additional descriptions provided for each of the element are guidelines that may be considered by the OIC-CERT Committees in judging the behaviors of the members. It is intended to help members to identify and resolve the inevitable ethical dilemmas that they will confront during their tenure in the OIC-CERT. Therefore, strict adherence to this Code is important as a condition of the membership.
The Code of Ethics for OIC-CERT members are set to achieve the following objectives:
- Providing guidance for resolving good and bad behavior and practices.
- Encouraging the right way of personal conducts by members.
- Ensuring the right practices in all aspects of the OIC-CERT activities.
- Encouraging members to adopt the right behavior that may create confidence and trust towards the OIC-CERT.
- Discouraging behavior that may raise unnecessary doubt among members.
- Preventing members from giving unwarranted comfort or reassurance.
- Preventing members from exercising bad practices.
- Preventing members from associating or appearing to associate with criminals or criminal behavior.
- Preventing members from practicing bad behaviors that may give bad impressions towards the OIC-CERT.
- Safeguarding the image of the OIC-CERT.
3.0 FUNDAMENTAL ELEMENTS
- There are four fundamental elements under the Code of Ethics namely:
- Protect the society, the organisations, and the infrastructure.
- Act honorably, honestly, justly, responsibly, and legally.
- Provide diligent and competent service.
- Advance and protect the profession.
Compliance with the four fundamental elements is mandatory. Conflicts between the fundamentals should be resolved in the order of the fundamentals. The fundamentals are not equal and conflicts between them are not intended to create ethical binds.
3.1 PROTECT SOCIETY, ORGANISATION, AND INFRASTRUCTURE.
- Promote and preserve public trust and confidence in the information and systems
- Promote the understanding and acceptance of prudent information security measures
- Preserve and strengthen the integrity of the public infrastructure
- Discourage unsafe practice
- Restrict internal communication should not be disclosed
3.2 ACT HONORABLY, HONESTLY, JUSTLY, RESPONSIBLY, AND LEGALLY
- Tell the truth; make all stakeholders aware of actions taken on a timely basis.
- Observe all contracts and agreements, express or implied.
- Treat all members fairly. In resolving conflicts, consider public safety and duties to principals, individuals, and the profession in that order.
- Give prudent advice; avoid raising unnecessary alarm or giving unwarranted comfort. Take care to be truthful, objective, cautious, and within your competence.
- When resolving differing laws in different jurisdictions, give preference to the laws of the jurisdiction in which you render your service.
3.3 PROVIDE DILIGENT AND COMPETENT SERVICE TO OTHERS
- Preserve the value of the systems, applications, and information.
- Respect the trust and the privileges that are granted.
- Avoid conflicts of interest or the appearance thereof.
- Render only those services for which you are fully competent and qualified.
3.4 ADVANCE AND PROTECT THE PROFESSION
- Sponsor for professional advancement to those best qualified. All other things equal, prefer those who are certified and who adhere to these canons. Avoid professional association with those whose practices or reputation might diminish the profession.
- Take care not to injure the reputation of other professionals through malice or indifference.
- Maintain your competence; keep your skills and knowledge current. Give generously of your time and knowledge in training others.