Development of A Code of Ethics: Information Technology (IT) Challenges

Abu Mohammed Fofana, Ph.D.

School of Business & Technology Management, Northcentral University. San Diego, California.

Defined as a set of moral guidance that controls the use of computers, codes of computer ethics tackle issues of privacy, copyright, and intellectual poverty concerns, and how the uses of computers affect society. Business organizations invest in enormous capital in information technology (IT). Global investment in information technology increased to $3.4 trillion in 2008 and $ 3.6 trillion in 2009. That trend continues to grow by leap and bound. IT has become the difference between businesses’ success and failure; It helps companies and individuals to do things faster, better, and smarter.

However, the ubiquities of information technology and the continuous rise in the number of those who use IT has raised the number of ethical issues that affect privacy and property rights; most computer users commit and invade personal and private property rights. Also, they steal intellectual property, copyright materials such as music and movies, and commit cybercrimes. Software and music thefts cost business firms in the US $100 billion per year. Pirated software constitutes more than 80 percent of commercial software.

 Business organizations respond to these potential and real ethical issues differently. Some firms develop codes of ethics or standards of professional conduct that are ambiguous and nebulous; the boundaries between ethical standards and the overarching objective of corporate goals are not clear. For the moral codes of conduct to be a useful tool in protecting corporate IT security investment, the code must strike a balance between the interests of stakeholders or social responsibility, and IT managers must make ethics a center of the corporate culture. Information technology should clearly define corporate expectations, ethical issues, values, and behaviors that the firms find acceptable or unacceptable, promote high standards of practices and teach employees what to do to decrease or eliminate improper or illegal use of company equipment or data.

This article critically analyzes ethical standards and the challenges they pose to information technology stakeholders. It will also explore ethical standards prevalent in the academic setting, especially regarding academic integrity, plagiarism, and the code of conduct.

Ethical Changes caused by Information Technology

The effect of the unethical behaviors of corporate leaders such as Dennis Kozlowski (Tyco International), Kenneth Lay (Enron), Bernard Ebbers (WorldCom), Richard Scrushy (HealthSouth Corporation), et al., has dramatically intensified the necessity for ethics in business. The Sarbanes Oxley Act of 2002 and the Dodd-Frank Wall Street and Consumer Protection Act, to name a few, have been enacted to thwart corporate greed and unethical behaviors.

When computer usage became somewhat popular between 1980 and 1990, there was nothing like ethical standards of conduct that governed the use of information technology. Computer users then were few, and so there were not egregious ethical breaches. Today, the number of computer users has risen to 2 billion. The social network on Facebook has surpassed 1.19 billion users. Everyone with a computer can connect to the information superhighway. The net is neutral, and there are no restrictions or limits to its use. With the unfettered access to the World Wide Web and the ease with which people communicate and do business online has raised the level of unethical behavior of computer users across the globe. This makes it difficult, if not, impossible to track down computer criminals and those who are bent on invading other people’s privacy and stealing their property. In December 2013, Target retail store, for instance, was hacked. The breach in the store’s security impacted 40 million credit card and debit card numbers. The ability of IT departments and professionals to protect information technology property through ethical standards of conduct internally and avert external breaches such as industrial espionage is an acid test to their leadership. Many companies have developed standard codes of ethics that continue to make headway in achieving the goal of protecting IT corporate property from internal, as well as external assault. They do so by crafting a full IT code of ethics, engaging financial and moral support of top managers, and collectively modeling those standard codes of ethics.

The Ethical Use of Information Technology

Information Technology helps companies and individuals to work faster, better, and smarter. Computers have become the fulcrum-the alpha and omega of business. Business firms and individuals use computers to communicate via email, make online purchases, secure transactions, and interact with relatives and friends via groupware. Anything that firms do in physical edifices can be done online with speed, ease, and efficiency. Online, business hold meetings, make presentations, store data using cloud technology, exchange data live, attend seminars, attend online classes, access data, and information and execute procurement, to name a few. Despite these positive usages of computers, the use of technology and computer-related business activities such as automation, outsourcing, and cyber-crime can adversely affect employment, privacy, working condition, and individual wellbeing.

Moreover, some use computers to cause harm to others by, among other things, stealing personal and private data, spreading viruses, committing cybercrimes, cybersquatting, committing industrial espionage, spamming, flaming, and spreading false information. Security threats against IT departments pose ethical and legal challenges on two fronts: internal and external. Studies show that 35 percent of IT professionals have had illegal access to corporate data. Another poll conducted by Cyber-Ark in 2009 found that 60% of information technology employees have hacked another person’s computer. Businesses and individuals are faced with evidence of insurmountable threats that outsiders pose to privacy and property, both public and private. The combination of internal and external threats to corporate security has continued to pose a stiff challenge to IT departments and professionals. Since many IT managers are without any ethical backgrounds or modeling behaviors that can positively impact subordinates, finding sustainable solutions is often elusive. Modeling moral and ethical behavior can trickle down to subordinates positively. Merely being concerned about ethics and morality is not, however, enough. The executives must set the right corporate culture and corporate social responsibility environment by crafting procedures, policies, and standards of conduct, making it easier to protect whistleblowers or people who report ethical breaches, punishing violators, and rewarding those who do the right things. Responding swiftly to problems when they occur, correcting ethical issues expeditiously, and launching continuous training in ethics can improve moral behaviors and enhance ethical decision-making. It also helps the organization upgrade the code should new challenges emerge. Training formats may include lectures, mass-e-mails, PowerPoint presentations, videos, transcripts, and hard copies.

The development of a code of ethics associated with these ethical issues

The importance of written codes can help the company manage ethical computer-related problems, ensure the accuracy, integrity, and safety of business operations, fraud, and IT security breaches.. Unfortunately, only about 55% of companies distribute written ethical codes to employees, and only 11% of companies provide ethical training to employees. A British study also found that only 42% of companies surveyed had coded. It is good business to have ethical standards of conduct that define its expectations; punish unethical behavior, and encourage employees to put the goal of the company ahead of personal gain. This can also have a significant impact on decision-making. The success of the ethical code is also dependent on the quality of training and respect for diversity.

Enforcement issues related to a code of ethics for information technology

IT management performs two functions: Internal and external. Internally, IT professionals protect physical property –software and hardware-from abuse and deter and track criminal activities. They also have the responsibility of protecting the network, personal information, and company property rights. Externally, they ensure that the company data and rights are protected from hackers and industrial espionage activities. Between 50-90% of the United States sustain big dollar losses due to abuse of IT nodes. The enforcement of codes of ethics for IT depends on four factors: leadership commitment, corporate culture, continuous training, and ethical enforcement framework. Leadership engagement and buy-in are paramount to enforcing the code of conduct; the better their collaboration and total commitment, the more likely for employees to comply and, therefore, the better to execute the code. A study shows that when corporate leaders model ethical as well as corporate social responsibility, it profoundly impacts employees’ behaviors.

That is why a corporate culture that rewards excellent performance behaviors and punishes the noncompliant is pivotal to the code of ethics enforcement mechanism. Training people about what is at stake and setting up milieus conducive to reporting violators. A study in legal and ethical issues shows that fewer employees know IT policies and procedures. Educating and informing employees about the importance of a code of conduct and why everyone, without exception, must help reduce resistance and noncompliance. Education also comes in the form of software and hardware user training modules. Most IT ethical policy breaches result from users’ inability to use the network, software, or programs. In other words, by making sure that everyone is well trained and skilled to interact and perform in conformity with the code of conduct, several violators can be reduced or eliminated. The ethical enforcement committee oversees the design and development of ethical codes of conduct. It must communicate ethical policies and procedures to employees and monitor and measure outcomes. One of the essential elements of an impartial, ethical framework is that it integrates all activities of employees in terms of how they follow or attend ethical training and gather data on those who do not comply with ethical procedures. It also recommends punishment for those who violate ethical procedures. As far as physical property is concerned, the ethical enforcement group can recommend actions as to what to do in case of theft as well. The recommendation can include collaboration with local as well as national law enforcement agencies aimed at bringing ethical violators to justice. The framework should also provide employees more than one channel for reporting unethical behaviors, eliminate fears of retribution for whistleblowers, and those who ask questions and investigate and resolve issues as swiftly as possible.

Interpret how a code of ethics would be established within an academic setting, especially with the advancement of the online educational environment

Online education is equal to or even better than face-to-face or traditional learning. It is growing at a surprising rate (Carrol & Burke, 2010). Educational institutions must be the forerunner of perpetuating standards of ethics and social responsibility. Educational leaders must focus on molding the minds of students to think and reflect on bigger things, strive towards long term perspectives, and engage in civic duties and community development. They make them understand that the alternative to ethics is anarchy and chaos. Therefore, the ultimate success and failure of our world depend on the way we consider and apply ethics in our lives, work, and interact with others, both internally and externally. The fact that computer use has become the stock and trade of learning, both in pursuit of online as well face-to-face learning, the ability for educational institutions to stand up to the danger of ethical breaches is an acid test to the acumen of educational administrators. The first place to start is preparing policies and set standards of Academic misconduct that cover discussion on ethics as well as ethical behaviors and social responsibility. Universities should also help students to “recognize ethical issues, develop critical thinking and self –confrontation skills, encourage tolerance, elicit a sense of moral obligation, and develop a personal code of ethics.” Educational institutions must also be able to engage students at the deeper level, to undertake deep learning of the abstract principles of philosophy that underpin ethics.


The universality of information technology and the ever-increasing number of its users will continue to pose threats to individual and corporate rights and property. These threats come from within as well as outside. Inside risks include computer abuse, theft, fire hazards, snooping into other peoples’ data, and misuse of corporate information technology property. External threats include hacking, system intrusion, computer crime, cyber-attack, social engineering, and industrial espionage. The fact that the net is neutral and anyone –good or bad-with a computer can connect has made it troublesome to make comprehensive standards of conduct that can protect the individual as well as business transactions online. Regarding the conduct of the internal use of IT, corporate leaders can enforce the management and control of the ethical standard of behavior. How to achieve this depends, however, on the implementation of various factors, including top management support, putting in place transparent corporate culture that has a corporate social responsibility, and infrastructural framework capable of monitoring, and continuous training on ethical as well as legal issues.


Alfredo, D. (2014). The history of computers in business. Retrieved from http://www.ehow/about_5299598_history-computers-business.html

Bridgeman, T. (2010). Beyond the manager’s moral dilemma: rethinking the ’ideal-type’ business ethics case. Journal of Business Ethics, 312-321

Brooks, R. (2010). The development of code ethics: an online classroom approach to making connections between ethical foundations and the challenges presented by information technology. American Journal of Business Education, 3(10), 1-11

Carrol, N., & Burke, M. (2010). Learning effectiveness using different teaching modalities []. American Journal of Business Education, 3(12), 65-76

Computers sold this year worldwide. (2012). Retrieved from

Edition, C. (2010). Sks7000-executive concepts in business strategy. Upper Saddle River, NJ: Prentice-Hall.

Facebook passes 1.19 billion monthly active users. (2013). Retrieved from

Grebert, P. G., Cragnolini, C. J., Worsfold, K., & Webb, F. (2004, April 4). Griffith graduate attributes ethical behavior and social responsibility toolkit []. Ethical Behavior and Social Responsibility, 2-47. Retrieved from

Maginnis, J., & Charles, J. P. (2009). Building a strong ethical culture. Pennsylvania CPA Journal.

Osowski, B. (2012). Health care industry codes of conduct-a must have? Journal of Health Care Compliance, 64

Pierce, M. A., & Henry, J. W. (1996). Computer ethics: the role of personal, informal, and formal codes. Journal of Business Ethics, 425-437

Quarshie, H. O. (2012). Ethical challenges in a computer society. Journal of engineering trends in computing and information sciences, 3, 1495. Retrieved from

Reynolds, G. W. (2010). Information technology for managers. Boston, MA: Cengage learning.

Rottig, D., & Heischmidt, K. A. (2007). The importance of ethical training for the improvement of ethical decision-making: evidence from Germany and the United States. Journal of Teaching in International Business, 14(4), 5-35,

Stephens, W., Vance, C. A., & Pettegrew, L. S. (2012). Embracing Ethics and Morality. The CPA Journal, 16-21.

Warren, E. (). Legal, ethical, and professional issues in information security. In Legal, ethical, and professional issues in information security (pp. 89-116) Retrieved from

Wolff, J. (). Why the cyberinsurance industry is a mess. Retrieved from