SUT - Qualified/ Certified Members
All qualified information security professionals who are qualified by SUT recognize that such qualification is a privilege that must be earned, validated and maintained. In support of this principle, all SUT members are required to commit to fully support this Code of Ethics (the "Code"). SUT qualified credential holders who intentionally or knowingly violate any provision of the Code will be subject to action by a peer review panel, which may result in the revocation of your qualification. You are obligated to follow the ethics complaint procedure upon observing any action by an SUT qualification holder that breach the Code. Failure to do so may be considered a breach of the Code.
There are 3 mandatory guidelines in the Code. By necessity, high-level guidance is not a substitute for the ethical judgment of the qualified information security or assurance professional.
Guidance is provided for each of the 3 guidelines. This guidance may be considered by the board of directors in judging behavior, it is not mandatory, only advisory. It is intended to help IS and IA professionals identify and resolve the any ethical dilemmas they confront during the normal course of their qualified information security or information assurance career.
13.1. Code of Ethics Preamble:
To each other requires that we adhere, and be seen to adhere, to the highest ethical standards of behavior. Strict adherence to this Code is a condition of qualification.
13.1.1Code of Ethics Guideline:
Protect society, the commonwealth, and the infrastructure.
Act honorably, justly, honestly, legally and responsibly.
Provide diligent and competent service to principals.
Advance and protect the profession.
Compliance with the preamble and guildeline is mandatory. If conflicts arise they should be resolved and are not intended to create ethical binds.
13.1.2 Guideline 1 Act honorably, responsibly, and legally
Tell the truth.
Observe all contracts and agreements, express or implied.
Treat all members fairly.
Take care to be truthful, objective, cautious, and within your competence. Give prudent advice; avoid raising unnecessary alarm or giving unwarranted comfort.
13.1.3 Guideline 2 Provide diligent and qualified services
Preserve the value of their systems, applications, and information.
Respect their trust and the privileges that they grant you.
Avoid conflicts of interest or the appearance thereof.
Work on systems for which you are fully qualified and validated.
13.1.4 Guideline 3 Advance and protect the profession
Sponsor for professional advancement those best qualified. All other things equal, prefer those who are qualified, validated and who adhere to these canons. Avoid professional association with those whose practices or reputation might diminish the profession.
Maintain your competence; keep your security skills and knowledge current. Give generously of your time and knowledge in training others.