The power of an organization’s ethics, culture and individual behaviors to contribute to successful governance and management practices is often underestimated. Effective IT auditors must understand the ethical implications of the information systems they audit, and to do so, they can utilize tools such as the Ethical Operating System (Ethical OS). The Ethical OS “has been designed to facilitate better product development, faster deployment and more impactful innovation, all while striving to minimize technical and reputational risk,” writes ISACA® Journal columnist Ian Cooke in his ISACA Journal vol. 6, 2020 article “Ethics in Information Systems.” According to the Ethical OS, there are 8 risk zones that IT auditors should be aware of in order to perform their duties ethically:
- Truth, Disinformation and Propaganda
- Addiction and the Dopamine Economy
- Economic and Asset Inequalities
- Machine Ethics and Algorithmic Biases
- Surveillance State
- Data Control and Monetization
- Implicit Trust and User Understanding
- Hateful and Criminal Actors
Cooke expands on the 8 risk zones in the ISACA Podcast episode “Assessing the Ethical Implications of Information Technology.” “More diverse teams will lead to more points of view within the team, more checks and balances in our work, in algorithms and, for auditors, audit programs,” Cooke explains, in reference to the 4th zone, Machine Ethics and Algorithmic Biases.
The podcast also addresses why it is important for enterprises to consider ethical context when planning for the future. “Not considering how your software can be used and how it can go wrong can lead to reputational damage and perhaps even bankruptcy,” Cooke says.
To listen to “Assessing the Ethical Implications of Information Technology” on the ISACA Podcast, visit the ISACA website or stream it on Apple Podcasts, Google Play, Podbean, Spotify or Stitcher.