work

Student 1996
profassin.docx
Home>Business & Finance homework help>Operations Management homework help>work

Name : owino shadrack

Unit: professional

Task : assignment

Discuss the core principles of the UK's Data Protection Act (1998) _ 10 Marks

19 Jun, 2018

Everything you need to know about the UK’s data protection law

The EU's General Data Protection Regulation caused mass panic for digital operations and filled enough email inboxes with spam to see why it was needed in the first place, but the UK already had a form of it the whole time.

1998's Data Protection Act (DPA) is the UK's data regulation law, which has sort of been partially replaced by the GDPR. Companies have had to adhere to DPA when collecting, storing and managing data within the UK for the past twenty years.

Since the 25 May, the GDPR deadline, a new UK-centric Data Protection Act has come into effect that will work alongside the European Union's legislation after Brexit.

See related 

What is GDPR? Everything you need to know post-compliance deadline

GDPR news: Just 20% of UK companies are now compliant with GDPR

Under the new rules, businesses will face strong fines if they fail to comply with GDPR or Data Protection Act 2018. These fines are no laughing matter as some could fetch up to €20 million, or 4% of the annual turnover of the said offender, whichever one is higher, the new legislation is going to be cold!

We are in new territory with data regulations and it's going to be worth your while to make sure you and your business know everything about GDPR and the Data Protection Act 2018. Check out our brief history of the Data Protection Act of 1998.

Data Protection Act 1998 – definition

The Data Protection Act 1998 is the current UK law governing the how the personal data of the country's citizens is looked after by any organisation, be it public or private, including charities.

Any data breaches in the UK are investigated by the Information Commissioner's Office (ICO) and the Act also provides guidelines for the type of penalty that can be applied if someone is found to have been in contravention of the rules.

Data Protection Act 1998 – summary

The Data Protection Act 1998, also known as the DPA, regulates the use and protection of personal data. It supersedes the Data Protection Act 1984 and Access to Personal Files Act 1987.

It was amended in 2003 to give individuals more control over digital marketing communications they receive, meaning they must opt-in to receive emails, SMS text messages etc from an organisation if they've never had contact with it before.

What is personal data?

The Act defines personal data as information relating to a living individual who could be identified from that data or a combination of that data and other information already in possession of the data controller , or which is likely to come into that entity’s possession.

This also includes expressions of opinion about that person and any intention the data controller or another individual may have in regards to them.

The DPA also provides protection for sensitive personal data, which is defined as information relating to a person’s racial or ethnic origin, political and religious or similar beliefs, membership of a trade union, physical and mental health, sex life, any criminal charges or allegations against them, and any proceedings against them (such as a court case or a prison sentence).

What data formats are covered?

The DPA defines possession of data when that data resides in a machine or on paper in a readable, accessible way. Regarding paper forms of information, the Information Commissioner's Office classifies paper filing systems as individuals' records being held in a "systematic, structured way" that provides easy access to those individuals' information.

Data is also classified as "accessible records" - covering health or education. While this information isn't necessarily held in a structured, easily accessible way, it's important enough that the DPA stipulates it should still be protected.

Data controllers' "data processing" activities are also subject to the DPA's rules. Processing is a very broad term covering plenty of things, but can be thought of as relating to every interaction had with personal data. As the ICO notes, almost any activity concerning data will constitute processing.

What are the penalties for a data breach under the DPA?

There are a number of penalties and processes available to the Information Commissioner's Office (ICO) when it comes to taking action on data protection.

The most material impact is perhaps the possibility of a fine. As of April 2010, the ICO can issue penalties of up to £500,000 for offences taking place on or after that date, although the maximum fine has never been imposed.

It can also lay out processes an organisation must undertake in order to improve its data protection posture and conduct audits to ensure compliance (these can be consensual or, if necessary, compulsory).

If a breach occurs, in addition to the £500,000 fine, the ICO can prosecute anyone it believes has committed a criminal offence under the act.

Discuss the BCS and ACM codes of Ethics and Professional Conduct - (20 Marks)

ACM Code of Ethics and Professional Conduct

Preamble

Computing professionals' actions change the world. To act responsibly, they should reflect upon the wider impacts of their work, consistently supporting the public good. The ACM Code of Ethics and Professional Conduct ("the Code") expresses the conscience of the profession.

The Code is designed to inspire and guide the ethical conduct of all computing professionals, including current and aspiring practitioners, instructors, students, influencers, and anyone who uses computing technology in an impactful way. Additionally, the Code serves as a basis for remediation when violations occur. The Code includes principles formulated as statements of responsibility, based on the understanding that the public good is always the primary consideration. Each principle is supplemented by guidelines, which provide explanations to assist computing professionals in understanding and applying the principle.

Section 1 outlines fundamental ethical principles that form the basis for the remainder of the Code. Section 2 addresses additional, more specific considerations of professional responsibility. Section 3 guides individuals who have a leadership role, whether in the workplace or in a volunteer professional capacity. Commitment to ethical conduct is required of every ACM member, and principles involving compliance with the Code are given in Section 4.

The Code as a whole is concerned with how fundamental ethical principles apply to a computing professional's conduct. The Code is not an algorithm for solving ethical problems; rather it serves as a basis for ethical decision-making. When thinking through a particular issue, a computing professional may find that multiple principles should be taken into account, and that different principles will have different relevance to the issue. Questions related to these kinds of issues can best be answered by thoughtful consideration of the fundamental ethical principles, understanding that the public good is the paramount consideration. The entire computing profession benefits when the ethical decision-making process is accountable to and transparent to all stakeholders. Open discussions about ethical issues promote this accountability and transparency.

1. GENERAL ETHICAL PRINCIPLES.

A computing professional should...

1.1 Contribute to society and to human well-being, acknowledging that all people are stakeholders in computing.

This principle, which concerns the quality of life of all people, affirms an obligation of computing professionals, both individually and collectively, to use their skills for the benefit of society, its members, and the environment surrounding them. This obligation includes promoting fundamental human rights and protecting each individual's right to autonomy. An essential aim of computing professionals is to minimize negative consequences of computing, including threats to health, safety, personal security, and privacy. When the interests of multiple groups conflict, the needs of those less advantaged should be given increased attention and priority.

Computing professionals should consider whether the results of their efforts will respect diversity, will be used in socially responsible ways, will meet social needs, and will be broadly accessible. They are encouraged to actively contribute to society by engaging in pro bono or volunteer work that benefits the public good.

In addition to a safe social environment, human well-being requires a safe natural environment. Therefore, computing professionals should promote environmental sustainability both locally and globally.

1.2 Avoid harm.

In this document, "harm" means negative consequences, especially when those consequences are significant and unjust. Examples of harm include unjustified physical or mental injury, unjustified destruction or disclosure of information, and unjustified damage to property, reputation, and the environment. This list is not exhaustive.

Well-intended actions, including those that accomplish assigned duties, may lead to harm. When that harm is unintended, those responsible are obliged to undo or mitigate the harm as much as possible. Avoiding harm begins with careful consideration of potential impacts on all those affected by decisions. When harm is an intentional part of the system, those responsible are obligated to ensure that the harm is ethically justified. In either case, ensure that all harm is minimized.

To minimize the possibility of indirectly or unintentionally harming others, computing professionals should follow generally accepted best practices unless there is a compelling ethical reason to do otherwise. Additionally, the consequences of data aggregation and emergent properties of systems should be carefully analyzed. Those involved with pervasive or infrastructure systems should also consider Principle 3.7.

A computing professional has an additional obligation to report any signs of system risks that might result in harm. If leaders do not act to curtail or mitigate such risks, it may be necessary to "blow the whistle" to reduce potential harm. However, capricious or misguided reporting of risks can itself be harmful. Before reporting risks, a computing professional should carefully assess relevant aspects of the situation.

1.3 Be honest and trustworthy.

Honesty is an essential component of trustworthiness. A computing professional should be transparent and provide full disclosure of all pertinent system capabilities, limitations, and potential problems to the appropriate parties. Making deliberately false or misleading claims, fabricating or falsifying data, offering or accepting bribes, and other dishonest conduct are violations of the Code.

Computing professionals should be honest about their qualifications, and about any limitations in their competence to complete a task. Computing professionals should be forthright about any circumstances that might lead to either real or perceived conflicts of interest or otherwise tend to undermine the independence of their judgment. Furthermore, commitments should be honored.

Computing professionals should not misrepresent an organization's policies or procedures, and should not speak on behalf of an organization unless authorized to do so.

1.4 Be fair and take action not to discriminate.

The values of equality, tolerance, respect for others, and justice govern this principle. Fairness requires that even careful decision processes provide some avenue for redress of grievances.

Computing professionals should foster fair participation of all people, including those of underrepresented groups. Prejudicial discrimination on the basis of age, color, disability, ethnicity, family status, gender identity, labor union membership, military status, nationality, race, religion or belief, sex, sexual orientation, or any other inappropriate factor is an explicit violation of the Code. Harassment, including sexual harassment, bullying, and other abuses of power and authority, is a form of discrimination that, amongst other harms, limits fair access to the virtual and physical spaces where such harassment takes place.

The use of information and technology may cause new, or enhance existing, inequities. Technologies and practices should be as inclusive and accessible as possible and computing professionals should take action to avoid creating systems or technologies that disenfranchise or oppress people. Failure to design for inclusiveness and accessibility may constitute unfair discrimination.

1.5 Respect the work required to produce new ideas, inventions, creative works, and computing artifacts.

Developing new ideas, inventions, creative works, and computing artifacts creates value for society, and those who expend this effort should expect to gain value from their work. Computing professionals should therefore credit the creators of ideas, inventions, work, and artifacts, and respect copyrights, patents, trade secrets, license agreements, and other methods of protecting authors' works.

Both custom and the law recognize that some exceptions to a creator's control of a work are necessary for the public good. Computing professionals should not unduly oppose reasonable uses of their intellectual works. Efforts to help others by contributing time and energy to projects that help society illustrate a positive aspect of this principle. Such efforts include free and open source software and work put into the public domain. Computing professionals should not claim private ownership of work that they or others have shared as public resources.

1.6 Respect privacy.

The responsibility of respecting privacy applies to computing professionals in a particularly profound way. Technology enables the collection, monitoring, and exchange of personal information quickly, inexpensively, and often without the knowledge of the people affected. Therefore, a computing professional should become conversant in the various definitions and forms of privacy and should understand the rights and responsibilities associated with the collection and use of personal information.

Computing professionals should only use personal information for legitimate ends and without violating the rights of individuals and groups. This requires taking precautions to prevent re-identification of anonymized data or unauthorized data collection, ensuring the accuracy of data, understanding the provenance of the data, and protecting it from unauthorized access and accidental disclosure. Computing professionals should establish transparent policies and procedures that allow individuals to understand what data is being collected and how it is being used, to give informed consent for automatic data collection, and to review, obtain, correct inaccuracies in, and delete their personal data.

Only the minimum amount of personal information necessary should be collected in a system. The retention and disposal periods for that information should be clearly defined, enforced, and communicated to data subjects. Personal information gathered for a specific purpose should not be used for other purposes without the person's consent. Merged data collections can compromise privacy features present in the original collections. Therefore, computing professionals should take special care for privacy when merging data collections.

1.7 Honor confidentiality.

Computing professionals are often entrusted with confidential information such as trade secrets, client data, nonpublic business strategies, financial information, research data, pre-publication scholarly articles, and patent applications. Computing professionals should protect confidentiality except in cases where it is evidence of the violation of law, of organizational regulations, or of the Code. In these cases, the nature or contents of that information should not be disclosed except to appropriate authorities. A computing professional should consider thoughtfully whether such disclosures are consistent with the Code.

2. PROFESSIONAL RESPONSIBILITIES.

A computing professional should...

2.1 Strive to achieve high quality in both the processes and products of professional work.

Computing professionals should insist on and support high quality work from themselves and from colleagues. The dignity of employers, employees, colleagues, clients, users, and anyone else affected either directly or indirectly by the work should be respected throughout the process. Computing professionals should respect the right of those involved to transparent communication about the project. Professionals should be cognizant of any serious negative consequences affecting any stakeholder that may result from poor quality work and should resist inducements to neglect this responsibility.

2.2 Maintain high standards of professional competence, conduct, and ethical practice.

High quality computing depends on individuals and teams who take personal and group responsibility for acquiring and maintaining professional competence. Professional competence starts with technical knowledge and with awareness of the social context in which their work may be deployed. Professional competence also requires skill in communication, in reflective analysis, and in recognizing and navigating ethical challenges. Upgrading skills should be an ongoing process and might include independent study, attending conferences or seminars, and other informal or formal education. Professional organizations and employers should encourage and facilitate these activities.

2.3 Know and respect existing rules pertaining to professional work.

"Rules" here include local, regional, national, and international laws and regulations, as well as any policies and procedures of the organizations to which the professional belongs. Computing professionals must abide by these rules unless there is a compelling ethical justification to do otherwise. Rules that are judged unethical should be challenged. A rule may be unethical when it has an inadequate moral basis or causes recognizable harm. A computing professional should consider challenging the rule through existing channels before violating the rule. A computing professional who decides to violate a rule because it is unethical, or for any other reason, must consider potential consequences and accept responsibility for that action.

2.4 Accept and provide appropriate professional review.

High quality professional work in computing depends on professional review at all stages. Whenever appropriate, computing professionals should seek and utilize peer and stakeholder review. Computing professionals should also provide constructive, critical reviews of others' work.

2.5 Give comprehensive and thorough evaluations of computer systems and their impacts, including analysis of possible risks.

Computing professionals are in a position of trust, and therefore have a special responsibility to provide objective, credible evaluations and testimony to employers, employees, clients, users, and the public. Computing professionals should strive to be perceptive, thorough, and objective when evaluating, recommending, and presenting system descriptions and alternatives. Extraordinary care should be taken to identify and mitigate potential risks in machine learning systems. A system for which future risks cannot be reliably predicted requires frequent reassessment of risk as the system evolves in use, or it should not be deployed. Any issues that might result in major risk must be reported to appropriate parties.

2.6 Perform work only in areas of competence.

A computing professional is responsible for evaluating potential work assignments. This includes evaluating the work's feasibility and advisability, and making a judgment about whether the work assignment is within the professional's areas of competence. If at any time before or during the work assignment the professional identifies a lack of a necessary expertise, they must disclose this to the employer or client. The client or employer may decide to pursue the assignment with the professional after additional time to acquire the necessary competencies, to pursue the assignment with someone else who has the required expertise, or to forgo the assignment. A computing professional's ethical judgment should be the final guide in deciding whether to work on the assignment.

2.7 Foster public awareness and understanding of computing, related technologies, and their consequences.

As appropriate to the context and one's abilities, computing professionals should share technical knowledge with the public, foster awareness of computing, and encourage understanding of computing. These communications with the public should be clear, respectful, and welcoming. Important issues include the impacts of computer systems, their limitations, their vulnerabilities, and the opportunities that they present. Additionally, a computing professional should respectfully address inaccurate or misleading information related to computing.

2.8 Access computing and communication resources only when authorized or when compelled by the public good.

Individuals and organizations have the right to restrict access to their systems and data so long as the restrictions are consistent with other principles in the Code. Consequently, computing professionals should not access another's computer system, software, or data without a reasonable belief that such an action would be authorized or a compelling belief that it is consistent with the public good. A system being publicly accessible is not sufficient grounds on its own to imply authorization. Under exceptional circumstances a computing professional may use unauthorized access to disrupt or inhibit the functioning of malicious systems; extraordinary precautions must be taken in these instances to avoid harm to others.

2.9 Design and implement systems that are robustly and usably secure.

Breaches of computer security cause harm. Robust security should be a primary consideration when designing and implementing systems. Computing professionals should perform due diligence to ensure the system functions as intended, and take appropriate action to secure resources against accidental and intentional misuse, modification, and denial of service. As threats can arise and change after a system is deployed, computing professionals should integrate mitigation techniques and policies, such as monitoring, patching, and vulnerability reporting. Computing professionals should also take steps to ensure parties affected by data breaches are notified in a timely and clear manner, providing appropriate guidance and remediation.

To ensure the system achieves its intended purpose, security features should be designed to be as intuitive and easy to use as possible. Computing professionals should discourage security precautions that are too confusing, are situationally inappropriate, or otherwise inhibit legitimate use.

In cases where misuse or harm are predictable or unavoidable, the best option may be to not implement the system.

3. PROFESSIONAL LEADERSHIP PRINCIPLES.

Leadership may either be a formal designation or arise informally from influence over others. In this section, "leader" means any member of an organization or group who has influence, educational responsibilities, or managerial responsibilities. While these principles apply to all computing professionals, leaders bear a heightened responsibility to uphold and promote them, both within and through their organizations.

A computing professional, especially one acting as a leader, should...

3.1 Ensure that the public good is the central concern during all professional computing work.

People—including users, customers, colleagues, and others affected directly or indirectly—should always be the central concern in computing. The public good should always be an explicit consideration when evaluating tasks associated with research, requirements analysis, design, implementation, testing, validation, deployment, maintenance, retirement, and disposal. Computing professionals should keep this focus no matter which methodologies or techniques they use in their practice.

3.2 Articulate, encourage acceptance of, and evaluate fulfillment of social responsibilities by members of the organization or group.

Technical organizations and groups affect broader society, and their leaders should accept the associated responsibilities. Organizations—through procedures and attitudes oriented toward quality, transparency, and the welfare of society—reduce harm to the public and raise awareness of the influence of technology in our lives. Therefore, leaders should encourage full participation of computing professionals in meeting relevant social responsibilities and discourage tendencies to do otherwise.

3.3 Manage personnel and resources to enhance the quality of working life.

Leaders should ensure that they enhance, not degrade, the quality of working life. Leaders should consider the personal and professional development, accessibility requirements, physical safety, psychological well-being, and human dignity of all workers. Appropriate human-computer ergonomic standards should be used in the workplace.

3.4 Articulate, apply, and support policies and processes that reflect the principles of the Code.

Leaders should pursue clearly defined organizational policies that are consistent with the Code and effectively communicate them to relevant stakeholders. In addition, leaders should encourage and reward compliance with those policies, and take appropriate action when policies are violated. Designing or implementing processes that deliberately or negligently violate, or tend to enable the violation of, the Code's principles is ethically unacceptable.

3.5 Create opportunities for members of the organization or group to grow as professionals.

Educational opportunities are essential for all organization and group members. Leaders should ensure that opportunities are available to computing professionals to help them improve their knowledge and skills in professionalism, in the practice of ethics, and in their technical specialties. These opportunities should include experiences that familiarize computing professionals with the consequences and limitations of particular types of systems. Computing professionals should be fully aware of the dangers of oversimplified approaches, the improbability of anticipating every possible operating condition, the inevitability of software errors, the interactions of systems and their contexts, and other issues related to the complexity of their profession—and thus be confident in taking on responsibilities for the work that they do.

3.6 Use care when modifying or retiring systems.

Interface changes, the removal of features, and even software updates have an impact on the productivity of users and the quality of their work. Leaders should take care when changing or discontinuing support for system features on which people still depend. Leaders should thoroughly investigate viable alternatives to removing support for a legacy system. If these alternatives are unacceptably risky or impractical, the developer should assist stakeholders' graceful migration from the system to an alternative. Users should be notified of the risks of continued use of the unsupported system long before support ends. Computing professionals should assist system users in monitoring the operational viability of their computing systems, and help them understand that timely replacement of inappropriate or outdated features or entire systems may be needed.

3.7 Recognize and take special care of systems that become integrated into the infrastructure of society.

Even the simplest computer systems have the potential to impact all aspects of society when integrated with everyday activities such as commerce, travel, government, healthcare, and education. When organizations and groups develop systems that become an important part of the infrastructure of society, their leaders have an added responsibility to be good stewards of these systems. Part of that stewardship requires establishing policies for fair system access, including for those who may have been excluded. That stewardship also requires that computing professionals monitor the level of integration of their systems into the infrastructure of society. As the level of adoption changes, the ethical responsibilities of the organization or group are likely to change as well. Continual monitoring of how society is using a system will allow the organization or group to remain consistent with their ethical obligations outlined in the Code. When appropriate standards of care do not exist, computing professionals have a duty to ensure they are developed.

4. COMPLIANCE WITH THE CODE.

A computing professional should...

4.1 Uphold, promote, and respect the principles of the Code.

The future of computing depends on both technical and ethical excellence. Computing professionals should adhere to the principles of the Code and contribute to improving them. Computing professionals who recognize breaches of the Code should take actions to resolve the ethical issues they recognize, including, when reasonable, expressing their concern to the person or persons thought to be violating the Code.

4.2 Treat violations of the Code as inconsistent with membership in the ACM.

Each ACM member should encourage and support adherence by all computing professionals regardless of ACM membership. ACM members who recognize a breach of the Code should consider reporting the violation to the ACM, which may result in remedial action as specified in the ACM's Code of Ethics and Professional Conduct Enforcement Policy.

The Code and guidelines were developed by the ACM Code 2018 Task Force: Executive Committee Don Gotterbarn (Chair), Bo Brinkman, Catherine Flick, Michael S Kirkpatrick, Keith Miller, Kate Varansky, and Marty J Wolf. Members: Eve Anderson, Ron Anderson, Amy Bruckman, Karla Carter, Michael Davis, Penny Duquenoy, Jeremy Epstein, Kai Kimppa, Lorraine Kisselburgh, Shrawan Kumar, Andrew McGettrick, Natasa Milic-Frayling, Denise Oram, Simon Rogerson, David Shama, Janice Sipior, Eugene Spafford, and Les Waguespack. The Task Force was organized by the ACM Committee on Professional Ethics. Significant contributions to the Code were also made by the broader international ACM membership. This Code and its guidelines were adopted by the ACM Council on June 22nd, 2018.

This Code may be published without permission as long as it is not changed in any way and it carries the copyright notice. Copyright (c) 2018 by the Association for Computing Machinery.

BCS Codes of Conduct and Practice

The British Computer Society (BCS) sets the professional standards of competence, conduct and ethical practice for computing in the United Kingdom. The Royal Charter incorporated the Society in July 1984. This code of conduct is directed to all members of The British Computer Society. As an aid to understanding, these rules have been grouped into the principal duties, which all members should endeavour to discharge in pursuing their professional lives.

· The Public Interest

· Duty to Employers and Clients

· Duty to the Profession

· Professional Competence and Integrity

The BCS Code of Conduct

The Public Interest

1. Members shall in their professional practice safeguard public health and safety and have regard to protection of the environment.

2. Members shall have due regard to the legitimate rights of third parties.

3. Members shall ensure that within their chosen fields they have knowledge and understanding of relevant legislation, regulations and standards and that they comply with such requirements.

4. Members shall in their professional practice have regard to basic human rights and shall avoid any actions that adversely affect such rights.

Duty to Employers and Clients

1. Members shall carry out work with due care and diligence in accordance with the requirements of the employer or client and shall, if their professional judgement is overruled, indicate the likely consequences.

1. Members shall endeavour to complete work undertaken on time and to budget and shall advise their employer or client as soon as practicable if any overrun is foreseen.

1. Members shall not offer or provide, or receive in return, inducement for the introduction of business from a client unless there is full prior disclosure of the facts to the client.

1. Members shall not disclose or authorise, to be disclosed, or use for personal gain or to benefit a third party, confidential information acquired in the course of professional practice, except with prior written permission of the employer or client, or at the direction of a court of law.

1. Members should seek to avoid being put in a position where they may become privy to or party to activities or information concerning activities which would conflict with their responsibilities in 1-4 above.

1. Members shall not misrepresent or withhold information on the capabilities of products, systems or services with which they are concerned or take advantage of the lack of knowledge or inexperience of others.

1. Members shall not, except where specifically so instructed, handle client's monies or place contracts or orders in connection with work on which they are engaged where acting as an independent consultant.

1. Members shall not purport to exercise independent judgement on behalf of a client on any product or service in which they knowingly have any interest, financial or otherwise.

Duty to the Profession

1. Members shall uphold the reputation of the Profession and shall seek to improve professional standard through participation in their development, use and enforcement, and shall avoid any action, which will adversely affect the good standing of the Profession.

1. Members shall in their professional practice seek to advance public knowledge and understanding of computing and information systems and technology and to counter false or misleading statements, which are detrimental to the Profession.

1. Members shall encourage and support fellow members in their professional development and, where possible, provide opportunities for the professional development of new entrants to the Profession.

1. Members shall act with integrity towards fellow members and to members of other professions with whom they are concerned in a professional capacity and shall avoid engaging in any activity, which is incompatible with professional status.

1. Members shall not make any public statements in their professional capacity unless properly qualified and, where appropriate, authorised to do so, and shall have due regard to the likely consequences of any statement on others.

Professional Competence and Integrity

1. Members shall seek to upgrade their professional knowledge and skill and shall maintain awareness of technological developments, procedures and standards which are relevant to their field, and shall encourage their subordinates to do likewise.

1. Members shall seek to conform to recognised good practice including quality standards, which are in their judgement relevant, and shall encourage their subordinates to do likewise.

1. Members shall only offer to do work or provide a service, which is within their professional competence and shall not claim to any level of competence, which they do not possess, and any professional opinion, which they are asked to give, shall be objective and reliable.

1. Members shall accept professional responsibility for their work and for the work of their subordinates and associates under their direction, and shall not terminate any assignment except for good reason and on reasonable notice.

1. Members shall avoid any situation that may give rise to a conflict of interest between themselves and their client and shall make full and immediate disclosure to the client if any conflict should occur.

The BCS Code of Practice

The British Computer Society Code of Practice is directed to all members of The British Computer Society. It consists, essentially, of a series of statements, which prescribe minimum standards of practice, to be observed by all members.

The Code of Practice is concerned with professional responsibility. All members have responsibilities: to clients, to users, to the State and society at large. Those members who are employees also have responsibilities to their employers and employers' customers and, often, to a Trade Union. In the event of apparent clash in responsibilities, obligations or prescribed practice the Society's Secretary-General should be consulted at the earliest opportunity.

The Code is to be viewed as a whole: individual parts are not intended to be used in isolation to justify errors or omissions or commission. The Code is intended to be observed in the spirit and not merely the word. The BCS membership covers all occupations relevant to the use of computers and it is not possible to define the Code in terms directly relevant to each individual member. For this reason the Code is set out in two levels to enable every member to reach appropriate interpretations.

The BCS Code of Practice can be found at the following Web site: http://www.bcs.org.uk/