Cyber Security Auditor Code of Ethics. National and International Regulations
"Ethics and Deontology" Journal,
Vol. 2 No. 01 (2022): "Ethics and Deontology" Journal
Abstract
The expansion of the implementation of information systems has led to the emergence of a new type of audit, cyber audit, and a new liberal profession, the cybersecurity auditor. Newly created professional associations, international organizations and states have adopted the rules governing, on the one hand, the conduct of cyber audit and, on the other hand, the Codes of Ethics as a set of norms, principles and values that govern the work of cybersecurity auditors.
Keywords
- Ciobanu, R. (2022a), Tendințe actuale în activitatea de audit. Auditul sistemelor informatice, în Revista Universul Juridic nr. 2/2022.
- Ciobanu, R. (2022b), Rolul organizațiilor internaționale în elaborarea standardelor de audit al securității cibernetice, în Revista Universul Juridic nr. 3/2022.
- Cooke, I. (2020), IS Audit Basics: Ethics in Information Technology: ISACA Journal, Volume 6, 2020, https://www.isaca.org/resources/isaca-journal/issues/2020/volume-6/ethics-in-information-technology
- Dhillon, G. (2000), Interpreting key issues in IS/IT benefits management, Proceedings of the 33rd Hawaii Intenational Conference on System Sciences 2000, https://www.researchgate.net/ publication/221180043_Interpreting_Key_Issues_in_ISIT_Benefits_Management
- IIA, Code of Ethics, https://www.theiia.org/en/standards/what-are-the-standards/mandatory-guidance/code-of-ethics/
- IFAC, Interntional Ethics Standards Board for Accountants (2009), Code of Ethics for Professional Accountants, https://www.ifac.org/system/files/publications/files/Code-of-Ethics_July_ 2009_FINAL_02_23_10.pdf
- INTOSAI (2019), ISSAI 130 Code of Ethics, https://www.issai.org/wp-content/uploads/2019/ 08/ISSAI-130-Code-of-Ethics.pdf
- ISACA, Code of Professional Ethics, https://www.isaca.org/credentialing/code-of-professional-ethics
- Ivan, I., Felician, A., Capisizu, S., (2005) Auditul informatic, în Economistul 1887/2005, 18, http://alecu.ase.ro/articles/economistul_2005.pdf
- Kassa, S.G. (2016), Information Systems Security Audit. An Ontological Framework: ISACA Journal, Volume 5, 2016, https://www.isaca.org/resources/isaca-journal/issues/2016/ volume-5/information-systems-security-audit-an-ontological-framework
- Legea nr. 362/2018 privind asigurarea unui nivel comun ridicat de securitate a rețelelor și sistemelor informatice (Legea NIS).
- Năstase, P. (coordinator), ș.a. (2007), Auditul și controlul sistemelor informaționale, București, Editura Economică, București, 2007, 14, 16-18.
- Ordinul nr. 559/2021 al Secretarului General al Guvernului privind aprobarea Regulamentului din 22 martie 2021 privind atestarea și verificarea auditorilor de securitate cibernetică.
- Raval, V. (2015), Monitoring Morality. Is Assurance of Information Etics Feasible?: ISACA Journal, Volume 5, 2015, https://www.isaca.org/resources/isaca-journal/issues/2015/volume-5/information-ethics-monitoring-moralityis-assurance-of-information-ethics-feasible
- SAIs, Contact Committee (2020), Audit Compendium, Cybersecurity in the EU and its Member States. Auditing the rezilience of critical information systems and digital infrastructures to cyber attacks. upreme audit institution reports relating to cybersecurity 2014 and 2020, https://www.eca.europa.eu/sites/cc/Lists/CCDocuments/Compendium_ Cybersecurity/CC_Compendium_Cybersecurity_EN.pdf
References
Ciobanu, R. (2022a), Tendințe actuale în activitatea de audit. Auditul sistemelor informatice, în Revista Universul Juridic nr. 2/2022.
Ciobanu, R. (2022b), Rolul organizațiilor internaționale în elaborarea standardelor de audit al securității cibernetice, în Revista Universul Juridic nr. 3/2022.
Cooke, I. (2020), IS Audit Basics: Ethics in Information Technology: ISACA Journal, Volume 6, 2020, https://www.isaca.org/resources/isaca-journal/issues/2020/volume-6/ethics-in-information-technology
Dhillon, G. (2000), Interpreting key issues in IS/IT benefits management, Proceedings of the 33rd Hawaii Intenational Conference on System Sciences 2000, https://www.researchgate.net/ publication/221180043_Interpreting_Key_Issues_in_ISIT_Benefits_Management
IIA, Code of Ethics, https://www.theiia.org/en/standards/what-are-the-standards/mandatory-guidance/code-of-ethics/
IFAC, Interntional Ethics Standards Board for Accountants (2009), Code of Ethics for Professional Accountants, https://www.ifac.org/system/files/publications/files/Code-of-Ethics_July_ 2009_FINAL_02_23_10.pdf
INTOSAI (2019), ISSAI 130 Code of Ethics, https://www.issai.org/wp-content/uploads/2019/ 08/ISSAI-130-Code-of-Ethics.pdf
ISACA, Code of Professional Ethics, https://www.isaca.org/credentialing/code-of-professional-ethics
Ivan, I., Felician, A., Capisizu, S., (2005) Auditul informatic, în Economistul 1887/2005, 18, http://alecu.ase.ro/articles/economistul_2005.pdf
Kassa, S.G. (2016), Information Systems Security Audit. An Ontological Framework: ISACA Journal, Volume 5, 2016, https://www.isaca.org/resources/isaca-journal/issues/2016/ volume-5/information-systems-security-audit-an-ontological-framework
Legea nr. 362/2018 privind asigurarea unui nivel comun ridicat de securitate a rețelelor și sistemelor informatice (Legea NIS).
Năstase, P. (coordinator), ș.a. (2007), Auditul și controlul sistemelor informaționale, București, Editura Economică, București, 2007, 14, 16-18.
Ordinul nr. 559/2021 al Secretarului General al Guvernului privind aprobarea Regulamentului din 22 martie 2021 privind atestarea și verificarea auditorilor de securitate cibernetică.
Raval, V. (2015), Monitoring Morality. Is Assurance of Information Etics Feasible?: ISACA Journal, Volume 5, 2015, https://www.isaca.org/resources/isaca-journal/issues/2015/volume-5/information-ethics-monitoring-moralityis-assurance-of-information-ethics-feasible
SAIs, Contact Committee (2020), Audit Compendium, Cybersecurity in the EU and its Member States. Auditing the rezilience of critical information systems and digital infrastructures to cyber attacks. upreme audit institution reports relating to cybersecurity 2014 and 2020, https://www.eca.europa.eu/sites/cc/Lists/CCDocuments/Compendium_ Cybersecurity/CC_Compendium_Cybersecurity_EN.pdf