A computing professional is responsible for evaluating potential work assignments. This includes evaluating the work’s feasibility and advisability, and making a judgment about whether the work assignment is within the professional’s areas of competence. If at any time before or during the work assignment the professional identifies a lack of a necessary expertise, they must disclose this to the employer or client. The client or employer may decide to pursue the assignment with the professional after additional time to acquire the necessary competencies, to pursue the assignment with someone else who has the required expertise, or to forgo the assignment. A computing professional’s ethical judgment should be the final guide in deciding whether to work on the assignment.
As appropriate to the context and one’s abilities, computing professionals should share technical knowledge with the public, foster awareness of computing, and encourage understanding of computing. These communications with the public should be clear, respectful, and welcoming. Important issues include the impacts of computer systems, their limitations, their vulnerabilities, and the opportunities that they present. Additionally, a computing professional should respectfully address inaccurate or misleading information related to computing.
2.8 Access computing and communication resources only when authorized or when compelled by the public good.
Individuals and organizations have the right to restrict access to their systems and data so long as the restrictions are consistent with other principles in the Code. Consequently, computing professionals should not access another’s computer system, software, or data without a reasonable belief that such an action would be authorized or a compelling belief that it is consistent with the public good. A system being publicly accessible is not sufficient grounds on its own to imply authorization. Under exceptional circumstances a computing professional may use unauthorized access to disrupt or inhibit the functioning of malicious systems; extraordinary precautions must be taken in these instances to avoid harm to others.
2.9 Design and implement systems that are robustly and usably secure.
Breaches of computer security cause harm. Robust security should be a primary consideration when designing and implementing systemsputing professionals should perform due diligence to ensure the system functions as intended, and take appropriate action to secure resources against accidental and intentional misuse, modification, and denial of service. As threats can arise and change after a system is deployed, computing professionals should integrate mitigation techniques and policies, such as monitoring, patching, and vulnerability reportingputing professionals should also take steps to ensure parties affected by data breaches are notified in a timely and clear manner, providing appropriate guidance and remediation.
To ensure the system achieves its intended purpose, security features should be designed to be as intuitive and easy to use as possibleputing professionals should discourage security precautions that are too confusing, are situationally inappropriate, or otherwise inhibit legitimate use.
In cases where misuse or harm are predictable or unavoidable, the best option may be to not implement the system.
3. PROFESSIONAL LEADERSHIP PRINCIPLES.
Leadership may either be a formal designation or arise informally from influence over others. In this section, „leader” means any member of an organization or group who has influence, educational responsibilities, or managerial responsibilities. While these principles apply to all computing professionals, leaders bear a heightened responsibility to uphold and promote them, both within and through their organizations.
3.1 Ensure that the public good is the central concern during all professional computing work.
People-including users, customers, colleagues, and others affected directly or indirectly-should always be the central concern in computing. The public good should always be an explicit consideration when evaluating tasks associated with research, requirements analysis, design, implementation, testing, validation, deployment, maintenance, retirement, and disposalputing professionals should uberhorny profile tips keep this focus no matter which methodologies or techniques they use in their practice.