What I Know It’s About Experience

Examples of Ethics as an Employee

Hi and سلام to All

In this post, the use of the male ‘him/he‘ is used for easy reading and can be replaced by ‘her/she‘ depending on who is reading the post. For the ladies out there, I make a profuse apology.

I have been asked by reader to give examples of situations I have been in that have or may have impacted upon my ethics.

I must comment here that not all of you will have experienced all of them but I am sure you have experienced at least one.

The first example goes back to my time in the military where I was a corporal; I was in charge of a platoon and was responsible for their health and well being as well as their discipline. During an inspection by the commanding officer, he noted that the one toilet bowl was a bit 'grey'. I checked it and the bowl was stained but not dirty, so, the toilet bowl would never be 'white'. I informed him about this to which our Lieutenant took exception to. After the inspection was over, the commanding officer said that it was good and to continue. The Lieutenant on the other hand, must have thought it had cost him his name 'good' versus 'excellent'. He told me to punish the platoon by taking them for a forced march (20 Kms) and to drill them for at least 2 hours after the march. I disagreed with him and told him so, I even refused to do it and ended up in front of the commanding officer who stated; 'Ferreiro you are an un-commissioned officer who will take orders from officers and carry them out EVEN if you do not agree with them.' I again refused to do it and asked for a transfer to another unit (32 Battalion) which was approved. I left the unit 3 days later. I actually saw the Lieutenant a few years later to his surprise when I was a sergeant, he lost this time as we were working with mature soldiers aged 25 and up which you treat differently to soldiers who are 16 thru 18 years. He tried the same stunt, telling his platoon sergeant to punish the platoon, again the sergeant refused and took it to the Regimental Sergeant Major who agreed with him, the end result is that the officer ended up doing a lot of extra duties to teach him about leadership. I do not believe to this day that he did.

The second example skips a few years ahead when I worked for a supplier. I was responsible for a security tool called ESM from Axent Technologies (who were later bought by Symantec). We were tasked by the client to perform a comparison test between 3 products which measured baseline security compliance to a standard, these being; Axent, Computer Associates and Digital. In the review following a testing methodology, it was found that the CA product was not up to scratch and may meet 30% of the client’s requirement. The Axent and Digital products were very much the same mainly due them both being created by Raxco which developed tools for VAX VMS. Both products would meet at least 90% of the client’s requirement. The sales person who was responsible for the account, told me to bias the report to show that the Axent product was better. In doing so, he could make the sale. I disagreed and he went to the MD who also told me to do it. Again I refused and told them I would give them the report and that they could change it to suit their requirements. Needless to say, the client had actually expected me to bias the report and when they received the report were pleasantly surprised that it was not. The MD had chosen not to change the report as his name would have had to be put on the report. We got the sale as the opposition were tasked to do the same investigation and they biased their reports. We received other work from the client and the company made money. I resigned from the company and cited the experience as one of the reasons. The MD promised me that it would not occur again, but once bitten twice shy.

The third example skips a few years ahead to when I was a manager at a big company. The company made a great deal of money so I thought they would have a feeling of better responsibility for compliance. In this instance, I found that some people are motivated only by money and not what is ‘right’. ‘Right’ in this sense being the fact that you do not contravene laws such as Intellectual Property and Copyright or report back to management about instances that are cannot be proved. In this case, I was told not to answer a vendor’s request for licensing information on their product. Along the same lines, I was told not to tell management about a report that I compiled showing the serious lack of licence management and the associated cost to ensure licence compliance. I was also told by management that I was to do an investigation into an employee to prove that they had done ‘something’ wrong. After doing all the checks and verifying the balances, it actually identified that the manager’s ‘friend’ had planted the evidence against the employee. When I reported this with facts and figures, the manager told me that I must have been wrong and that his ‘friend’ would not do anything of the sort even thought the evidence showed differently. I was moved to another division so had nothing else to do with the manager again other than to audit his operations and raise comments and associated risks. I have since left the company after understanding that even in a large company ‘ethics’ is based on how much money ends up in your back pocket. I have since heard that the company is under investigation by the Business Software Alliance (BSA) and that they face legal litigation both civil and criminal.

The last comes from a project that I was involved in where the client was informed that the contractors knew what they required and to accept the deliverables. When prompted by the lead consultant and myself about best practices and frameworks such as 27001, eTOM, COBIT and TOGAF we were told to keep quiet and do the work which we were tasked to deliver. When asked to design a solution which following all practices requires the client’s input, we were told to ‘just deliver’ and not to trust the client. Again, this is against all principles of client engagements for each of the multi-nationals involved in the project with perhaps one not even having one. The lead consultant was removed from the project for I quote ‘bringing the consortium into disrepute’. In a later meeting, I was informed that the solution must meet the client’s requirements of a 360 degree Information Security view. When I prompted the consortium of what was required to deliver this, I was told by the multi-national that this could be discussed and that they would ‘HACK’ their product to deliver a 360 degree view even though it was not able to do it. I have since left the project.

There are many other examples that I could use but I believe that highlight what I have been saying in my posts.

Cheers and Wa Alaikum As-Salam until next time,

Enjoy the rest of the week and may you and yours travel safely.