[Cisspstudy] CISSP Ethics Question

Scott Bryan bryansmb at yahoo.com
Thu Jun 11 16:37:12 EDT 2009 

It is not unethical to comment about a student's interest in the material, aptitude for learning, level of participation, knowledge and experience brought to classroom discussions, etc.

It would be unethical to answer questions for which the instructor did not have immediate first hand knowledge simply to "make a name" as someone with credentials who will help a candidate get a security job.

Depending on the nature of the reference questions, it could be necessary for the instructor to clarify the limit to his/her familiarity with the candidate.  In fact, I would strongly recommend a statement such as, "My relationship with the candidate is based on his/her participation in a course that I teach.  I will be happy to respond to questions with that in mind."

I agree with Brandon and Meena that the question of ethical/unethical depends on what types of reference questions were asked and how the instructor responded.  




________________________________
From: "Holland, Brandon" <hollandb at frmaint.com>
To: The CISSP Study Mailing list <cisspstudy at cccure.org>
Sent: Thursday, June 11, 2009 1:50:36 PM
Subject: Re: [Cisspstudy] CISSP Ethics Question

I don't think you can just say "no" an instructor can't give a good reference for a student or yes he can absolutely without knowing more.  It has to do with misrepresenting the reference/relationship.  

If the student misrepresents the reference to get the job and if you misrepresent your relationship to get him the job, then him and you were both being unethical.

So the questions are:
Was it that the questions asked just happened to be questions you could authoritatively answer in a positive way?  You did nothing wrong there.  (And the student probably listed you correctly on his resume so that the employer would know which questions to, and not to, ask)

Or did you answer questions you couldn't have known to avoid hurting your reputation?  I don't know what you mean exactly by "lose my reputation" since it shouldn't hurt your rep to answer that you don't know, when in fact you don't know - even if that impacts whether or not the student gets the job.

On the contrary, it SHOULD hurt your rep if you DID in fact lie or misrepresent the depth/degree/etc of your relationship with the student (even if that means the student gets the job).  Maybe it'd affect your "karma" if you believe that kind of thing. :)

Brandon Holland

-----Original Message-----
From: cisspstudy-bounces at cccure.org [mailto:cisspstudy-bounces at cccure.org] On Behalf Of Mike Archuleta
Sent: Thursday, June 11, 2009 10:42 AM
To: The CISSP Study Mailing list
Subject: [Cisspstudy] CISSP Ethics Question

Now this is interesting!!  As the instructor long have you known this person?  

As the instructor did the student show\exhibit extensive knowledge in the security areas?

Last question when the employeer called asking about the student did you feel you had to walk a fine line because some of the questions asked where outside your relationship? 

Sent from my iPhone

On Jun 11, 2009, at 9:32 AM, Nimal Gunarathna <ng949 at yahoo.com> wrote:



Hello Everyone,

This is a Legal/Ethics domain question:

If I am a CISSP instructor and say I have a bunch of students in my class. If a person in my class add my name as a reference for a security job application. The related employee is calling me to get reference. I give great reference for him. (In my part this could be due the person is really good or it could be that I don't want lose my reputation..) In this scenario, is the instructor (me) acted ethically?

Thanks.

    _______________________________________________
    cisspstudy mailing list
    cisspstudy at cccure.org
    http://cccure.org/mailman/listinfo/cisspstudy_cccure.org
    

_______________________________________________
cisspstudy mailing list
cisspstudy at cccure.org
http://cccure.org/mailman/listinfo/cisspstudy_cccure.org



      
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://cccure.org/pipermail/cisspstudy_cccure.org/attachments/20090611/00380425/attachment.html>

More information about the cisspstudy mailing list