Corporate Governance & Ethics

Questions and Answers

In a for-profit organization, who is primarily responsible for overseeing business activities and management for the benefit of stakeholders?

• Board of directors (correct)
• Corporate ethics officer
• Negotiator
• Corporate compliance officer

Which role provides an organization with vision and leadership specifically related to business ethics and conduct?

• Disseminator
• Spiritual leader
• Disturbance handler
• Corporate ethics officer (correct)

According to Section 404 of the Sarbanes-Oxley Act, what statement must be included in annual reports?

• Confirmation that the code of ethics is easily accessible to all stakeholders.
• Disclosure of the company's code of ethics and any waivers for senior management.
• Verification that the code of ethics is continually applied in company decision-making.
• A statement signed by the CEO and CFO attesting to the accuracy of information in SEC filings. (correct)

Which of the following aligns with an individual's personal beliefs about what is considered the correct course of action?

Moral (B)

Which of the following documents typically outlines an organization's formal statements about its purpose, values, and guiding principles for employee actions?

Codes of ethics (A)

Which concept focuses on developing and maintaining a supply chain that meets present needs without harming future generations?

Corporate social responsibility (CSR) (C)

The increasing use of the Internet and vast personal data storage elevates which risk concerning data usage?

Information technology will be used unethically. (A)

Which of the following roles ensures that a workplace’s practices comply with its stated ethics and beliefs, holding individuals accountable?

Corporate ethics officer (B)

The term 'morality' relates to:

Social conventions becoming the basis for established consensus. (C)

Which statement best describes the relationship between legality and morality?

An action can be legal even if it is considered immoral. (C)

Which of the following is an example of a virtue?

Fairness (B)

The fairness approach to ethical decision making emphasizes what?

Selecting the action or policy with the best overall consequences for all affected. (A)

Which of the following has been a topic of increased discussion regarding the importance of public understanding?

Ethical IT practices. (C)

According to Lawrence Kohlberg, what is the most crucial factor in stimulating a person's moral development?

Monetary reward (C)

Which country had one of the lowest software piracy rates in 2011?

New Zealand (A)

In the decision-making process, when should relevant laws, guidelines, and policies be considered?

Before choosing an alternative (D)

Which outcome is most likely to occur when there is a conflict between an employee's values and an organization's actions?

Poor performance (D)

Which Indian-based outsourcing firm's chairman admitted to overstating company assets, leading to a major corporate scandal?

Satyam Computer Services (D)

What term describes someone who is affected, positively or negatively, by the outcome of a situation?

Stakeholder (B)

Which approach to ethical decision making aligns well with the concept of value in economics and cost-benefit analysis?

Utilitarian (A)

Which approach to decision making focuses on social systems that benefit everyone?

Common Good (C)

What is essential for a code of ethics to achieve wide acceptance throughout a company?

Employee participation (C)

Whose endorsement is crucial for the acceptance of a code of ethics within a company?

Organization's leadership (C)

If the desired outcomes are not achieved after implementing a solution, which step should be revisited?

Evaluate results (B)

Has greater globalization increased or decreased the likelihood of unethical behavior?

Decreased (C)

In the case of United States v. New York Central & Hudson River Railroad Co., what did the U.S. Supreme Court establish?

An employer can be held responsible for the acts of employers even if the employee acts contrary to the employer's direction. (C)

What event typically triggers a rapid increase in the appointment of corporate ethics officers?

The revelation of a major business scandal. (D)

According to a 2009 National Business Ethics Survey, what happened to the percentage of employees reporting misconduct when they saw it, between 2007 and 2009?

Increased (A)

Must multinational and global organizations have same consistent value system worldwide?

False (D)

What makes it easier for corporations to conduct their business thanks to socially responsible activities?

Goodwill (A)

In the decision-making process, which step is MOST important?

Development of a problem statement (B)

Which statement BEST describes why organizations pursue corporate social responsibility (CSR) goals?

To gain the goodwill of the community (B)

During the problem definition process, what should one avoid making?

Assumptions (D)

What happens with companies that develop and maintain strong employee relations?

Enjoy lower turnover rates. (B)

Gathering facts and identifying stakeholders occurs in which step of the decision-making process?

Developing problem statement (B)

What is the concept where people in power that act inappropriately are looked at favorable?

Bathsheba syndrome (C)

What is a key factor to individuals ethical behavior?

Manager (B)

Flashcards

Board of Directors

Oversees the organization's business activities and management for shareholders, employees, customers, and suppliers.

Corporate Ethics Officer

Provides an organization with vision and leadership in business conduct.

Sarbanes-Oxley Act Section 404

Annual reports must contain statements signed by CEO and CFO attesting accurate SEC filings.

Moral Acts

Conform to what an individual believes to be the right thing to do.

Codes of ethics

Includes formal, written statements about the purpose, values, and principles of an organization.

Supply Chain Sustainability

Develops and maintains a supply chain that meets present needs without compromising future generations.

Corporate Social Responsibility (CSR)

Focuses on developing and maintaining a supply chain that meets the needs of the present without compromising the ability of future generations to mee their needs.

Information Technology Risk

Increased risk that personal data will be used unethically due to the growth of the internet.

Corporate Ethics Officer

Aligns workplace practices with stated ethics and beliefs, holding people accountable.

Morality

Social conventions about right and wrong that form the basis for consensus.

Laws vs Morality

Laws can permit actions deemed immoral.

Examples of Virtues

Fairness and generosity exemplify virtues.

Evaluate and choose alternative

The step to consider laws, guidelines, policies, and principles that might apply to the decision

Values and Organizational Actions

A discrepancy between employee's own values and an organization's actions fosters poor performance

Stakeholder

Someone who stands to gain or lose, depending on how a situation is resolved

Utilitarian Approach

Ethical decision making fits easily with cost-benefit analysis.

Common Good approach

Attempting to implement social systems, institutions, and environments that benefits all

Well accepted Code of Ethics

Gain acceptance through employee participation.

Ethics Code Endorsement

Organization's leadership must fully endorse the code of ethics.

Decision Rework Stage

Returning to 'identify alternatives' after implementation is not acheived.

Greater Globalization

There is a decreased likelihood of unethical behavior.

Employer Responsibility

An employer can be held responsible for the acts of their employees.

Rapid Increase Factors

Revealed major business scandal

Multinational Value Consistency

Consistent corporate values across countries.

Socially Responsible Value

Socially responsible activities creates goodwill for companies.

Critical Decision Step

Develop a clear problem statement.

Reasons for Promoting Ethics

Gain community goodwill

Problem Definition Process

Avoid making assumptions about the situation.

Maintain Strong Employee Relations

Enjoy lower turnover rates develop and maintain strong employee relations

Decision Step

Gathering/Analyzing facts and identifying impacted stakeholders.

Bathsheba Syndrome

The moral corruption of people in power by people looking the other way.

Study Notes

Board of Directors

• In a for-profit organization, the board of directors oversees business activities and management.
• This oversight benefits shareholders, employees, customers, suppliers, and the community.

Corporate Ethics Officer

• A corporate ethics officer provides an organization with vision and leadership.
• This vision and leadership is specifically in the area of business conduct.

Sarbanes-Oxley Act, Section 404

• Annual reports must contain a statement signed by the CEO and CFO.
• The signed statement attests to the accuracy of information in the firm's SEC filings.
• Public companies must disclose their code of ethics and any waivers for senior management.
• A code of ethics must be accessible to employees, shareholders, business partners, and the public.
• The code of ethics must be continually applied to decision-making and emphasized as a company culture component.

Morality and Actions

• Moral acts conform to an individual's beliefs about what is right.

Codes of Ethics

• Codes of ethics include formal, written statements.
• These statements outline the purpose, values, and guiding principles for employees' actions.

Supply Chain Sustainability

• Supply chain sustainability is part of corporate social responsibility(CSR).
• It focuses on developing and maintaining a supply chain which meets present needs.
• Development and maintenance must not compromise future generations' ability to meet their needs.

Internet Growth Risks

• Increased risk of unethical use of personal data is caused by internet growth.
• Unethical use of personal data is also caused by expanded data capture and storage capabilities.

Workplace Ethics Alignment

• A corporate ethics officer aligns workplace practices with stated ethics and beliefs.
• This alignment holds employees accountable to ethical standards.

Morality Definition

• Morality refers to social conventions about right and wrong.
• This shared understanding becomes the basis for societal consensus.

Laws vs. Morality

• Laws can declare an act legal, even if many consider it immoral.

Virtues

• Fairness and generosity exemplify virtues.

Ethical Decision-Making: Fairness Approach

• The fairness approach to ethical decision making involves choosing actions/policies.
• Selected actions/policies should yield the best overall consequences for affected people, directly or indirectly.

Ethics and IT

• The general public may not understand the critical importance of applying ethics to IT.
• There is too much focus on technical issues.

Lawrence Kohlberg's Findings

• Monetary reward for good behavior is not the most crucial factor stimulating a person’s moral development.

Software Piracy Rates

• New Zealand had one of the lowest software piracy rates in 2011.

Decision-Making Process

• Decision-makers consider relevant laws, guidelines, policies, and principles.
• This consideration happens during the step of identifying alternatives.

Employee Values vs. Organization Actions

• A discrepancy between employee values and company actions can foster poor performance.

Satyam Computer Services Scandal

• The chairman of Satyam, an Indian outsourcing firm, admitted overstating assets.
• The overstatement was by more than $1 billion, in India's largest corporate scandal.

Stakeholders

• A stakeholder is someone who can gain or lose, depending on how a situation is resolved.

Ethical Decision-Making: Utilitarian Approach

• The utilitarian approach fits the concept of value in economics.
• The utilitarian approach utilizes cost-benefit analysis.

Decision-Making: Common Good Approach

• Decisions and policies using the common good approach aim to:
• Implement social systems
• Implement institutions
• Implement environments
• Decisions and policies must benefit everyone.

Code of Ethics Acceptance

• Employee participation is required for a code of ethics to gain wide company acceptance.

Code of Ethics Endorsement

• An organization's leadership must fully endorse its code of ethics for company acceptance.

Ineffective Solutions

• If desired results are not achieved, do not return to the "identify alternatives" step.

Unethical Behavior

• Greater globalization has not decreased the likelihood of unethical behavior.

United States v. New York Central & Hudson River Railroad Co.

• An employer can be liable for employee's acts, even if against employer directions.

Corporate Ethics Officer Appointments

• A rapid increase in corporate ethics officer appointments often follows a major business scandal revelation.

Business Ethics Survey (2009)

• Between 2007 and 2009, the percentage of employees increased .
• They admitted reporting misconduct in the workplace when they saw it.

Multinational Organizations & Values

• Multinational and global organizations must not present a consistent face to their stakeholders.
• A consistent face must instead operate with a different value system in each country they do business in.

Socially Responsible Activities

• Socially responsible activities create goodwill and make businesses easier to conduct.

Decision-Making Critical Step

• Developing a problem statement is the most critical step in the decision-making process.

Corporate Social Responsibility (CSR)

• CSR goals encourage creating work environments where employees act ethically.
• Organizations pursue CSR goals to gain community goodwill.

Problem Definition Process

• Avoid making assumptions during the problem definition process.

Strong Employee Relations

• Companies with strong employee relations see lower turnover rates.

Decision-Making Steps

• Gathering and analyzing facts occurs during problem statement development.
• Stakeholder identification also occurs during problem statement development.

Moral Corruption of Power

• The Bathsheba syndrome describes moral corruption in people of power.
• This corruption is facilitated by overlooking leaders' inappropriate actions.

Ethical Behavior Influence

• A manager has a big impact on ethical behavior.

Integrity

• Integrity means acting in accordance with a personal code of principles.

Employee Performance Appraisals

• Increasingly, managers include ethical conduct as part of performance appraisals.

Ethics and Compliance Programs

• Well-implemented programs/strong ethical cultures can reduce pressure to misbehave.

Board of Directors: Audit Committee

• The audit committee helps the board oversee accounting, reporting practices, and controls.
• The audit committee helps the board oversee financial statements and reports.

Organizational Departments: Internal Audit

• Internal audit is responsible for determining internal systems and control effectiveness.

Business Transactions

• Business transactions must be recorded according to Generally Accepted Accounting Principles (GAAP).

Securities and Exchange Commission (SEC)

• The Securities and Exchange Commission (SEC) recommended in 1972 that publicly held organizations establish audit committees.

Foreign Corrupt Practices Act (FCPA)

• The Foreign Corrupt Practices Act (FCPA) goal is prevent companies from;
• Using slush funds or other means to disguise payments to officials.

Fawcett Society Survey

• A survey by the Fawcett Society found that 20% of men admit to viewing pornography at work.

Professional Employee Definition

• The United States has labor laws and regulations to require further defining;
• Professional employer

Business Software Alliance (BSA)

• The Business Software Alliance (BSA) can assess heavy monetary penalties.
• This occurs when the Business Software Alliance (BSA) finds cases of software piracy.
• The Business Software Alliance (BSA) does not have a few dozen lawyers and investigators who prosecute only the 100 or so most egregious cases of software piracy each year.

Career Definition

• A calling that requires specialized knowledge and often long and intensive academic preparation is called “Career”.

Material Fact

• A misstatement or an incomplete statement of a material fact is;
• Misrepresentation

Trade Group Funding

• A trade group that is funded through dues based on member companies' software revenues and through settlements from companies that commit software piracy is called;
• Business Software Alliance (BSA)

Internal Audit Team

• Members of the internal audit team should not be experts in detecting and investigating financial statement fraud.

Professional Requirements

• Professionals require advanced training and experience.
• Professionals must exercise discretion and judgment.
• Professional work cannot be standardized.

Laws as Guides

• Laws do not provide a complete guide to ethical behavior.

Proving Fraud

• To prove fraud, prosecutors must demonstrate that the wrongdoer made a false representation of a material fact.

Professional Code of Ethics

• A professional code of ethics states the principles and core values that are essential to the work of a particular occupational group.

Negligence Definition

• Negligence is defined as not doing something that a reasonable person would do, or doing something that a reasonable person would not do.

IT Workers and Ethics

• Accepting bribes or gifts from suppliers in exchange for business advantages is a key ethical challenge for IT workers.

Value of Certifications

• Certifications from industry associations generally require a certain level of experience and a broader perspective than vendor certifications.

Defendants Expertise Measurement

• Defendants are measured against a reasonable professional standard when the have expertise or competence

Sets of Skills & Abilities

• The core body of knowledge for any profession outlines agreed-upon sets of skills and abilities that all licensed professionals must possess.

Duty of Care (Legal Perspective)

• From a legal perspective, there is both a reasonable person standard and a reasonable professional standard to decide whether parties owe a duty of care.

Duty of Care Breach

A breach of duty of care is not conforming to the code of ethics of a professional organization.

Policy and Boundaries

• Policies cannot stop wrongdoers.
• Policies establish boundaries for acceptable and unacceptable behavior.
• Policies enable management to punish violators.

Compliance

• Compliance does not mean being in conformance with a profession's core body of knowledge.

Internal Audit Department & Board of Directors

• The internal audit department does not include members of the board of directors.

Fraud Definition

• Fraud is the crime of obtaining goods, services, or property through deception or trickery.

Penalties for FCPA Violations

• Corporations can face penalties up to $2 million per violation for violating the Foreign Corrupt Practices Act (FCPA).

Computing Society

• The Association for Computing Machinery is a computing society founded in 1947.
• It has more than 97,000 members.
• It has student and professional members in over 100 countries.
• The Association for Computing Machinery publishes over 50 journals and 30 newsletters.

Certifications

• Certifications are true about certification.
• Certifications can be applied to products.

Firewalls

• A firewall Is a hardware or software device that serves as a barrier between a company and the outside world.
• A firewall limits access to the company's network based on the organization's internet usage policy.

IT Industry Association Certifications

• Industry association certifications exist in various IT-related subject areas.

WikiLeaks Web Site Example

• Posting State Department documents on WikiLeaks is an example of inappropriate sharing of information.

Bribery Definition

• Bribery is providing money, property, or favors to someone in business or government to obtain a business advantage.

Courts Apply Duty of Care

• Courts apply a reasonable person standard to determine duty of care .
• Reasonableness is measured by how an objective, careful, and conscientious person would act.

IT Malpractice Lawsuits

• Many courts have ruled that I.T. workers are not liable for malpractice, because they do not meet the legal definition of a professional.

Facilitating Payments

• The Foreign Corrupt Practices Act (FCPA) allows facilitating payments for 'routine government actions.'.
• This includes, but is not limited to obtaining permits or licenses.

Exams & Objectivity

• Vendor certifications usually contain multiple-choice questions.
• Testing format is used due to legal concerns about whether other types of exams can be graded objectively.

Vishing definition

• Vishing does not lead consumers to counterfeit Websites designed to trick them into a denial-of-service attack.

Hackers

• Smart and talented and technically inept hackers can be referred to by more skilled hacker as ;
• Lamers
• Script kiddies

Computer Viruses

• Computer Viruses do not propagate through worms rather they have to propagate via human intervention

Worm Damage

• The cost to repair the worldwide computer worm damage as exceeded $1 billion on numerous amount of times

System Security

• System securety is measured on the policy people are involved with all aspects in network and technology

Malware Incident

• Malware infection incidents have been the most common security incidents

Spear phishing attack

• Spear phishing does not employ automated requests that are sent by a stream

Rootkit access

• A rootkit is a program that allows users to gain administrator-level access

Trojan horse

• A trojan horse is not an umbrella for many types of malicious code

Campaign cost

• The cost to create an email campaign is typically more expensive than direct mail

Fraud and malicious insiders

• Fraud malicious insideres tend to involve a high rate of collusion and or communication to cause this attack

Spying

• Competitive intelligence analysts do not get the name that they have for spying on other companies

Insiders and Actions

• Malicious insiders do not mean well, but they have the capability fo considerble damage

Completed Risk Assessment

• Most common cyber threats happen when there is a risk assessment of those around a company or entity.

Automated systems following the same policies

• Make as secure as possible automated system rules must mirror the same written policies of the organization

Importance of education about security

• Educated workers understand so that they are aware of any polices and risks

Installation of a security system

• Instalation of a security protocol does not mean that the system secure and will have protection

Safeguard Against Attacks

• As a policy against attacks of malicious intent, it is in the best interstest of most organizations who are a company to define the rolse that an employee may have against inputs against purhcase orders.

Security Audit

• When performing a security audit of an organization it is not unusal to reveal to the auditor that there is those with too many rights, however over what access

Determined Attack From a Computer

• Even with preventative measurements in place, nothing can provide enough protection

Costs VS Potential

• Discussing a security attack through public relations , trials and associated publicity has and does have enormous potential

Monitor intruders in a security attack

• When there is a monitor breach or threat, there must be primary goal to gain control with limit the damage possible

Hacktivisim

• Hacktivism involves the actions to trade secrets from competitors

Intrusion System

• This is one where if there is any resources that is used to monitor the system and activities, any attempt to circumvent measures that are of computer inviorment

Competitive intellegence

• This one here has one single collection of aspects when the information that so will have to determine when the data will be in court

Developers creating and coding

• The use of programmers quickly create a patch when there have been vulnerabilities exposed

Dropper file

• Dropper files that are easily activated if you use a web link that directs too malicious link to an infected file

Cyberterrorism

• If there are any means to get a better cyber definition, you will need to see what the underpinnings will be to be tried an be a cyberterroists