Home
Ethics in Practice : E-Learning Package for Professional Engineers | Graphic version
Why ethics concerns you | What you should watch out for | Where to draw the line |
How to guard against malpractice | Where to obtain help | Quiz game

Disclaimer | Site Map | Glossary | Quit

Exercise of discretion Site supervision Privileged information Conflicts of interest Tendering How to handle privileged information [ Friendly print ] Implement proper access control Classify information into different security groups based on their risk exposure and degree of sensitivity. Review this classification regularly. Approve access rights on the basis of a practical application of the need-to-know, need-to-do and need-to-use principles, i.e. only those staff with a genuine need to use classified information in the course of their duties are permitted access to it. Restrict access to information stored on computer by using passwords, and change these passwords regularly. Set up an audit trail system for computer systems to identify people who have gained access to information in order to facilitate future investigations and the monitoring of access control. Monitor the release of information Provide clear guidelines on how to handle requests for the release of classified information and how to ensure computer security. Monitor the release of information according to the need-to-know, need-to-do and need-to-use principles. Obtain authorization from the employer and the client before disclosing confidential information that relates to them. Ensure proper management controls Clearly communicate the company's policy on preservation of confidentiality to all levels of staff. Regularly review this policy to assess how effective it is in minimising risks. Alert staff of the serious consequences of leaking/abusing proprietary information. Require staff to sign agreements not to leak or misuse proprietary information during their employment and for a specific period after they have left the company, if necessary.   Back to top