Introduction  Acquire and maintain professional competence.

 Law:  Know and respect existing laws pertaining to professional work.

Rules that mandate or prohibit certain behavior in society.  Accept and provide appropriate professional review.
 Moral Values:  Honor contracts, agreements, and assigned responsibilities.
The fixed moral attitudes or customs of a particular group  Improve public understanding of computing and its
 Ethics: consequences.
Define socially acceptable behaviors.  Access computing and communication resources only when
Code of Ethics authorized to do so.
 Established by various professional organizations Compliance with the Code: “As an ACM member, I will:”
 Produce a positive effect on judgment.  Uphold and promote the principles of this Code.
 Establishes responsibility of professionals to act  Treat violations of this code as inconsistent with membership in
ethically according to the policies and procedures of the ACM.
their employers, professional organizations, and laws Ethical decision making: Case 1
of society.  Ali is a database programmer
 Organizations assume responsibility to develop, Large statistical program needed by his company.
disseminate, and enforce policies. Company programmers are encouraged to publicize their work
Code of Ethics’ Goals  Ali has found himself stuck on a problem
Provides an aid to individual decision making, He has persisted at this for several months.
presentation addresses nine different cases (with some overlap). His manager does not recognize complexity of problem. She insists job be
 Intellectual property completed in the few days.
 Privacy  Ali remembers:
 Confidentiality Co-worker had given him source listings of their current work.
 Professional quality He also has an early version of commercial software developed at another
 Fairness or discrimination company
 Liability  Ali studies these programs
 Software risks Sees two areas of code which could be directly incorporated into his own
 Conflicts of interest program
 Unauthorized access to computer system He uses segments of code both from his coworker and from the commercial
IEEE Code of Ethics software
 IEEE Code of Ethics: Actions  He does not tell anyone or mention it in the documentation.
1. PUBLIC - Software engineers shall act consistently with the public  He completes the project and turns it in a day ahead of time.
interest.  How does the Code of Ethics help us understand this case?
2. CLIENT AND EMPLOYER - Software engineers shall act in a Applying the code: Case 1
manner that is in the best interests of their client and employer  This case highlights issues involving intellectual property
consistent with the public interest.  Ali violated professional ethics in two areas:
 IEEE Code of Ethics: Products 1. Failure to give credit for another’s work.
3. PRODUCT - Software engineers shall ensure that their products and 2. Using code from a commercial package that was
related modifications meet the highest professPioangeal6 copyrighted
 IEEE Code of Ethics: Hierarchy  If Ali only “looked” at co-worker’ssource code:
4. JUDGMENT - Software engineers shall maintain integrity and Could he then write his own program and still have an obligation to give
independence in their professional judgment. credit?
5. MANAGEMENT - Software engineering managers and leaders  Yes: He should have acknowledged credit in documentation.
shall subscribe to and promote an ethical approach to the  Use of commercial software code was also not appropriate:
management of software development and maintenance. Ali should have checked to determine whether or not company was
 IEEE Code of Ethics: Peers authorized to use source code before using it.
6.
PROFESSION - Software engineers shall advance the integrity  In general:
and reputation of the profession consistent with the. Desirable to share and exchange intellectual materials But using software is
7. COLLEAGUES - Software engineers shall be fair to and definitely a violation of code.
supportive of their colleagues. Ethical decision making: Case 2
IEEE Code of Ethics: Self  Aisha’s company has been hired by a client to build a security
8. SELF - Software engineers shall participate in lifelong learning system. Because of cost overruns, client has decided to opt for a
regarding the practice of their profession and shall promote an less secure system.
ethical approach to the practice of the profession.  Aisha believes information they will store is extremely sensitive.
Principles of IEEE Code of Ethics  With weak security:
 Act in public interest
Employees on workstations could figure out how to access this data. Online
 Act in interest of clients and employers intruders would also have access
 Produce quality products  Aisha feels strongly that system should be much more secure.
 Maintain independent judgment  She has tried to explain the risk.
 Manage ethically  What should Aisha so? Should she refuse to build the system as
 Protect integrity of profession they request.
 Support colleagues Applying the Code: Case 2
 Pursue lifelong learning  This case highlights issues involving privacy.
ACM Code of Ethics  Company officials:
General moral imperatives: “As an ACM member I will…” Have an obligation to protect privacy of their employees. Therefore they
 Contribute to society and human well-being. should not accept inadequate security.
 Avoid harm to others.  Aisha’s first obligation:
 Be honest and trustworthy. Attempt to educate company officials
 Be fair and take action not to discriminate. If that fails, she needs to consider her contractual obligations in honoring
 Honor property rights including copyrights and patents. assigned responsibilities.
 Give proper credit for intellectual property.  We don’t have Aisha’s contract, but she may have to choose
 Respect the privacy of others. between her contract and her obligation to honor privacy and
 Honor confidentiality. security.
Specific professional responsibilities: “As an ACM computing professional I Anatomy of Software House
will”:
  Introduction 1. Technical or Revenue earning staff and
 The Company (Software House) 2. Nonrevenue earning staff
 Structure of Company  Both require different capital to work.
 Management of Staff Monitoring Financial Performance
 Producing the budget  Monitoring Syniad’s performance against the budget should, in
 Monitoring Financial Performance principle, be straightforward.
 Long term Planning  Each month, the income and expenditure under the various
 Conclusions heads are compared and, if significant deviations are observed,
Introduction (The Company) corrective action is taken.
 A Hypothetical company  In practice, this simple procedure presents many difficulties.
 Syniad Software Ltd was founded some ten years ago by four  To monitor financial performance, company focuses on;
friends. 1. Cost & Revenue
 All four are members of the Board of Directors, along with two 2. Project Costing
others who were recruited later. 3. Sales
 The company specializes in the production of bespoke software 1: Costs and revenue
for clients who demand work of high quality.  A major problem is caused by random fluctuations, themselves
 Syniad’s head office is in London. Other offices are in Manchester, the product of many individual factors, for example:
Delft, Netherland. 1. Annual Budget n Staff hiring
2. Large projects cause deviation in Budget
3. Fixed Price Project Estimation
2: Project costing
 Because of these difficulties in monitoring the overall
performance of the company, Syniad also tries to monitor the
Operations Director financial performance of individual projects, through a project
 The Operations Director is responsible for all the revenue earning costing system.
operations of the company.  The costs and revenue of each project are calculated each month
 It is his job to ensure that all projects are completed satisfactorily and the cumulative gross margin (i.e. the difference between
 And resources are available to carry out the projects that the total costs and total revenue to date on the project) calculated as
company wins; a percentage of the total revenue.
 The personnel reports to him.  In practice, this system does not work well.
Technical Director 3:Sales
The Technical Director is responsible for:  The budgeted increase in revenue derives partly from increased
 Quality management; charge rates, partly from better staff utilization and partly from
 Research and development; an increased number of staff.
 Marketing at a technical level (e.g. arranging for staff to give  All these factors are influenced by the forward sales position, that
papers at conferences) is by the staff required and the rates earned on the work to which
 Technical training (as opposed to training in, say, project the company is committed in the coming months.
management or presentational skills, which are the responsibility  Two reports are used for assessing and monitoring the sales
of the personnel function). position.
Syniad’s Organizational Structure Type  1. The confirmed sales report shows, for each grade, the number
 shows elements of all three of the types of organizational of staff in that grade who are committed to contracts in each of
structure. the following twelve months and the total expected revenue
1. Functional division of responsibilities from that grade in each month.
2. Geographical element (represented by the director responsible  2. The sales prospects report shows for each sales, prospect, the
for overseas operations) potential value of the sale, its likelihood and the likely start date.
3. Centralization and decentralization has little meaning (Centralized Long Term Planning
policies and procedures are widely used but they have usually  Strategic Planning for future
been developed within one part of the company and have been  The ability to plan strategically and to achieve strategic objectives
adopted by general consent. is the hallmark of well run, successful companies.
Centralized vs. Decentralized  Strategic planning in Syniad has two related aspects.
 In theory, staff have a sense of belonging to a group and regard 1. The first is to identify appropriate long-term goals
their group manager as the manager who is permanently 2. Second is to identify and formulate plans to overcome
responsible for their career in the company. those problems which are inhibiting it from attaining
 In practice, because projects often require expertise from more these goals.
than one group, staff often find themselves working on projects Long Term Planning involves
for groups other than the one to which they belong.  Expansion Plans
 In a company of the size of Syniad, the distinction between  Company Image
centralization and decentralization has little meaning. Centralized  Product mix (Fee based revenue vs. Package Software)
policies and procedures are widely used but they have usually  Finance (under-capitalization)
been developed within one part of the company and have been Computer Contracts
adopted by general consent. Introduction
Management of staff  An agreement between two or more parties for the doing or not
 New employees vs. Old employees…. OUTSIDER doing of something specified
Staff Appraisals:  Contracts serve the following purpose:
 Employees’ achievements and contributions to the company were properly  recorded;
Set out the agreement between the parties
 Staff knew what was expected of them and what they needed to  Set out the aims of the parties
achieve in order to gain promotion;  Provide for matter arising while the contract is running
 Proper plans for training and career development were made and  Ways of terminating the contract and the
regularly reviewed; consequences
 Employees were aware of the company’s opinion of their  If the contracts are too harsh or unfair causing any issue between
performance. parties to be unresolved, it is the responsibility of contract laws
Producing the Budget to contemplate according to the rules
 Staff in the company are broadly divided into
  There are almost never disputes over contracts which run  Consultants are typically used to assess some aspect of an
perfectly. Example marriage. organization and to make proposals for improvements.
 Example of a ship carrying a cargo.  The end product of a consultancy project is therefore usually a
 Contract should be clear, concise and consistent. There should be report or other document.
no ambiguity and the parties to the agreement should be left in  Consultancy projects are usually undertaken for a fixed price but
no doubt as to their rights and duties. Ambiguity and doubts can the form of contract is very much simpler
lead to performance which is viewed as unsatisfactory. This can Computer Misuse & Criminal Law
lead to disagreement and the expenditure of time, effort and Introduction:
therefore money, in resolving the matter. The media and popular computing press abound with tales of multi-million
Contracts for the supply of custom-built software at a fixed price pound computer frauds and of the dangers to commercial companies,
 Software suppliers try to use what are known as standard form governmental data banks, financial institutions and national security from
contracts, which are used or intended to be used many times the activities of computer hackers.
over. Computing and criminal activity
 Such a contract might consist of:  Modern business process is done through utilizing computer
 a short introductory section software and hardware, i.e. some form of computer system is
 a set of standard terms and conditions used in it.
 a set of appendices or annexes  There has been a sharp rise in the number of crimes involving
Introductory Section computing; and the Internet has undoubtedly created new
 It states that it is an agreement between the parties whose security risks
names and registered addresses are given. Categories of misuse
 It is dated and signed by authorized representatives of the Under the study of the English criminal law, the Law Commission highlighted
parties. a number of categories of misuse of computers
 It often begins with a set of definitions of terms used in the  Computer fraud
course of the agreement, set out either in alphabetical order, like  Unauthorized obtaining of information from a computer
a dictionary, or in the order in which they appear in the rest of  Computer hacking
the contract –The Company, The Client  Eavesdropping on a computer
Other parts  Making unauthorized use of computers for personal benefit
 Terms and conditions  Unauthorized alteration or destruction of information stored on a
 Annexes must include any document stated like SRS. This is to computer
avoid, for example, the situation in which statements made by an  Denying access to an authorized user
over-enthusiastic salesman while trying to win the business are  The unauthorized removal of information stored on a computer
claimed by the client to constitute part of the contract Computer Fraud
Issues dealt with Standard Terms & Conditions  The Law Commission defined computer fraud as conduct which
 What is to be produced? involves the manipulation of a computer or internet, by whatever
 What is to be delivered? method, in order dishonestly to obtain money, property, or some
 Ownership of rights other advantage of value, or to cause loss
 Payment terms  Computer fraud is further divided into three categories
 Calculating payments for delays and changes  Input frauds
 Penalty clauses e.g. intentionally entering false data or amending data into the computer
 Obligations of the client  Output frauds
 Standards and methods of working Output fraud involves stealing or misusing system output
 Progress meetings  Program frauds
 Project Managers Program fraud involves the dishonest alteration of a computer program
 Acceptance procedure Obtaining unauthorized access to a computer
Other types of software services contract  The second form of misuse identified by the Law Commission was
 There are four types of contractual arrangement which are unauthorized obtaining of information from a computer. It is sub-
widely used in connection with the provision of software services: divided as:
 fixed price  Computer hacking:
 contract hire Accessing a computer without the authorization of the owner. In this case
 time and materials the person accesses the computer secretly for stealing information, data or
 consultancy manipulation of data for diverse purposes.
Contract Hire  Eavesdropping
 The supplier agrees to provide the services of one or more staff Literal meaning listening or spying secretly
to work for the client  Unauthorized use of a computer for personal benefit
 The staff work under the direction of the client Using computer’s authorized information for personal benefits. In this case,
 Supplier’s responsibility is limited to provide suitable competent the person misusing the computer is usually employee or authorized user of
people and replacing them if they become unavailable or said the company
unsuitable by the client
 Payment is on the basis of a fixed rate for each man day worked
 Issues such as delay payments, acceptance tests and many others
simply do not arise
Time and Materials
 It is somewhere between a contract hire agreement and a fixed
price contract.
 The supplier agrees to undertake the development of the
software in much the same way as in a fixed price contract but
payment is made on the basis of the costs incurred, with labor
charged in the same way as for contract hire
 The supplier is not committed to completing the work for a fixed
price, although a maximum payment may be fixed beyond which
the project may be reviewed
Consultancy contracts