Recent Question/Assignment

Details of Assessment
Term and Year Time allowed -
Assessment No 1 of 1 Assessment Weighting 100%
Assessment Type Written Response
Due Date Week No. 8 Room
Details of Subject
Qualification ICT40115 Certificate IV in Information Technology
Subject Name Copyright, Ethics and privacy in IT
Details of Unit(s) of competency
Unit Code (s) and Names ICTICT418 Contribute to copyright, ethics and privacy in an ICT environment

Details of Student
Student Name
College Student ID
Student Declaration: I declare that the work submitted is my own, and has not been copied or plagiarised from any person or source. Signature: ___________________________
Date: _______/________/_______________
Details of Assessor
Assessor’s Name
Assessment Outcome
Results
0 Competent 0 Not Yet Competent
Marks /100
FEEDBACK TO STUDENT
Progressive feedback to students, identifying gaps in competency and comments on positive improvements:
________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________________
Student Declaration: I declare that I have been assessed in this unit, and I have been advised of my result. I am also aware of my right to appeal and the reassessment procedure.
Signature: ____________________________
Date: ____/_____/_____ Assessor Declaration: I declare that I have conducted a fair, valid, reliable and flexible assessment with this student, and I have provided appropriate feedback
0 Student did not attend the feedback session.
Feedback provided on assessment.
Signature: ____________________________
Date: ____/_____/_____

Purpose of the assessment
The purpose of this assessment is to assess the student in the following outcomes: Competent
(C) Not yet Competent
(NYC)
Performance Criteria: ICTICT418 Contribute to copyright, ethics and privacy in an ICT environment
1. Protect intellectual property
1.1 Identify current legislation and standards relating to intellectual property and copyright
1.2 Investigate current organisational copyright policy
1.3 Adhere to organisational policy and current legislation in work practices
2. Contribute to copyright policy
2.1 Contribute to the creation or updating of the organisation’s copyright policy and procedures to align with legislation and industry standards
2.2 Distribute new or revised policy and procedures to stakeholders
3. Protect rights of stakeholders
3.1 Identify and document the relevance of legislation and standards to organisational outcomes
3.2 Investigate and review organisational privacy policy and procedures
3.3 Investigate and review organisational code of ethics
3.4 Determine the integrity, confidentiality, security and availability of information as required by organisational policy
3.5 Maintain confidentiality and proprietary rights of stakeholder interests
4. Contribute to privacy policy
4.1 Contribute to the creation or updating of the organisational privacy policy and procedures to align with privacy legislation
4.2 Distribute new or revised policy and procedures to stakeholders
4.3 Implement new work procedures and collect feedback from stakeholders
4.4 Ensure the integrity, confidentiality, security and availability of information as required by organisational policy
5. Maintain privacy policy
5.1 Review work practices to ensure application of privacy policy and procedures
5.2 Maintain the integrity, confidentiality, and availability of information as required by organisational privacy policy
5.3 Review work practices to ensure system security according to organisational privacy policy
6. Contribute to creation of ethics code
6.1 Assist in developing or updating a code of ethics to align with legislation and standards for the organisation
6.2 Distribute the new ethics code to stakeholders and collect feedback
6.3 Implement new ethical work procedures and collect feedback
6.4 Review ethical work practices and feedback to ensure application of the code
7. Maintain ethics code
7.1 Perform regular checks to ensure stakeholders understand and are continuing to apply the code of ethics in the workplace
7.2 Establish a review and grievance procedure to enable confidential reporting of any ethical issues
7.3 Interview and regularly follow up with stakeholders to ensure they are receiving consistent and appropriate service in dealing with the code of ethics
Assessment/evidence gathering conditions
Each assessment component is recorded as either Competent (C) or Not Yet Competent (NYC). A student can only achieve competence when all assessment components listed under “Purpose of the assessment” section are recorded as competent. Your trainer will give you feedback after the completion of each assessment. A student who is assessed as NYC (Not Yet Competent) is eligible for re-assessment.
Resources required for this assessment
• Computer with relevant software applications and access to internet
• Weekly eLearning notes relevant to the tasks/questions
Instructions for Students
Please read the following instructions carefully
• This assessment has to be completed 0 In class 1 At home
• The assessment is to be completed according to the instructions given by your assessor.
• Feedback on each task will be provided to enable you to determine how your work could be improved. You will be provided with feedback on your work within two weeks of the assessment due date. All other feedback will be provided by the end of the term.
• Should you not answer the questions correctly, you will be given feedback on the results and your gaps in knowledge. You will be given another opportunity to demonstrate your knowledge and skills to be deemed competent for this unit of competency.
• If you are not sure about any aspect of this assessment, please ask for clarification from your assessor.
• Please refer to the College re-assessment for more information (Student handbook).

Assessment - Written
Part A - Case Study Scenario - Intellectual Property and Copyright Law [20 marks]
Scenario
A company has a licence for one copy of a database programme. The Team Leader wants you to prepare a feasibility study on setting up a 20-user network. He believes he will achieve great savings by networking his one licence of the database.
Write a report to Project Manager explaining that it is not possible to do this for intellectual property, copyright and ethical reasons. Explain the Australian intellectual property, copyright law the company would break if such program was implemented.
You will find below the company copyright and code of conduct policy, refer them when writing the report.
Copyright Policy
A. Statement of Corporate Values
We at [Company Name] recognize and respect intellectual property rights and are committed to fulfilling our moral and legal obligations with respect to our use of copyright-protected works.
B. Statement of Corporate Obligations Regarding Copyright
As a matter of moral integrity and adherence to copyright law, [Company Name] sets forth these policies for all employees:
1. No employee of [Company Name] may reproduce any copyrighted work in print, video or digital form in violation of the law.
2. Copyrighted works include, but are not limited to: printed articles from publications, electronic articles in online publications, online videos, movies, TV and radio programs, recorded music performances, images, training materials, manuals, documentation, software programs, databases, websites and blogs. In general, the laws that apply to printed materials also apply to visual and digital formats such as websites, streaming media, music downloads, mobile apps, CDs and DVDs.
3. To obtain permission to reproduce copyrighted works outside of [Company Name] and/or to use such works in ways that are not covered by our license or other prior agreements, employees should request permissions online at www.copyright.com or contact the Rights and Licensing Department of the copyright holder. Questions on specific procedures should be directed to the [Title], who serves as our copyright officer.
4. [Company Name] designates [Title] as the copyright officer to administer our company’s copyright policy. [Title] at [Company Name] can help you determine whether a work is covered by our Copyright Compliance Department and how to handle any special copyright issues. Questions concerning copyright procedures, including fair use, should be addressed to [Title].
C. Instructions for Handling Copyright Infringement
[Company Name] expects its employees to be responsible consumers of copyrighted materials. We also encourage employees to educate their peers on copyright compliance. If any employee witnesses a potential copyright infringement, please bring the matter to the attention of the individual as well as to our [Title], who serves as our copyright compliance officer. Employees who illegally duplicate copyrighted works may be subject to disciplinary action up to and including termination.
Employee Code of Conduct
Introduction
This code of conduct applies to all employees and directors (“Employees”) of the Company and its subsidiaries (the “Group”). The object of the code is to provide a framework of principles for conducting business and dealing with shareholders, customers, colleagues, suppliers, creditors and other stakeholders which are:
• to act with the utmost integrity and professionalism and be scrupulous in the proper use of company information, funds, equipment and facilities;
• to exercise objectivity, fairness, equality, proper courtesy, consideration and sensitivity in dealing with customers, Employees and other stakeholders;
• to avoid conflicts of interest; and
• to comply with the letter and the spirit of the law.
Responsibilities
Employees are required to;
• promote the interests of the Group;
• respect their co-workers, customers, suppliers and other service providers;
• comply with laws regarding equal opportunity;
• perform their duties with skill, honesty, care and diligence, using authority in a fair and equitable manner;
• abide by policies and procedures, instructions and lawful directions that relate to their employment and duties;
• comply with the spirit as well as the letter of the codes of conduct applying to the professions of individual Employees; and
• act within the laws of the countries in which they operate.
Conflicts of Interest
• Employees must avoid any personal, financial or other interest which may be in conflict with their duties and responsibilities to the Group.
• Any interest which may constitute a conflict of interest must be promptly disclosed to an appropriate senior manager
• Accepting any external appointment, such as a board appointment, working for another organisation, or conducting a business that detracts from an Employee’s ability to fulfill their specified role for the Group is not permitted without the permission of the Managing Director.
Confidentiality
• Employees must ensure that all transactions in company securities comply with the law (particularly the insider trading provisions) and the Group’s Securities Trading Policy
Protection and Use of Company Property
• All Employees of the Company are responsible for protecting and taking reasonable steps to prevent the theft or misuse of, or damage to Company's assets, including all kinds of physical assets, movable, immovable and tangible property, corporate information and intellectual property such as inventions, copyrights, patents, trademarks and technology and intellectual property used in carrying out their responsibilities.
• All Employees must use all equipments, tools, materials, supplies, and Employee time only for Company's legitimate business interests. Company's property must not be borrowed, loaned, or disposed of, except in accordance with appropriate Company's policies.
• All Employees must use and maintain Company's property and resources efficiently and with due care and diligence.
Gifts and Entertainment
• Employees, from time to time, entertain or are entertained, and give or receive
gifts in the course of their duties.
• Gifts should never be offered or accepted in circumstances where the outcome of a transaction may be influenced by the gift, or give rise to the perception that the transaction may be influenced by the gift.
• Employees involved in a tendering process must refrain from actions which may give rise to an expectation of some favoured treatment from or by any tendering party.
• Under no circumstances must Employees offer or accept money.
Compliance
• Employees must be aware of, and adhere to, company policies, especially those relating to health and safety, equal opportunity, privacy, trade practices and continuous disclosure.
• In the course of their duties, Employees must comply with relevant laws and regulations of the country in which they work.
Privacy
• Employees and the Group must comply strictly with the privacy principles of the Privacy Act.
• Private information about a co-worker, supplier, customer or any other person dealing with the Group must not be discussed without prior written consent.
Breaches of the Code
• Employees have a duty to observe the code and ensure that no breaches occur. Breaches require immediate attention and Employees have a duty to report known or suspected breaches of the code.
• A complaint or disclosure about an alleged breach of the code should be in writing and contain details about the date, time and nature of the alleged breach and include any available support material. All reports are treated as confidential.
• The Company will protect any “whistleblower” who reports a violation in good faith and on reasonable grounds and will comply with laws relating to “whistleblower protection”.
• The allegation should be made to the Employee’s immediate supervisor, or if the Employee believes the immediate supervisor may be implicated, to a senior executive or to the Managing Director.
• The Employee will be informed of the outcome of the investigation. If unsatisfied with the outcome of the investigation, the Employee may refer the matter to a senior executive or the Managing Director.
• Employees may at any time discuss a matter, or seek advice on how to proceed with a matter from the Company Secretary or any other senior executive.
Submit a report (minimum of 500 words) that addresses the following questions:
1. Explain the intellectual property law [5 marks]
2. Explain the copyright law [5 marks]
3. Explain the consequences of breaking the law and code of ethics by the business if such a program was implemented [5 marks]
4. Create organizational intellectual and copyright policy to be submitted to the Project Manager [5 marks]
Part B - Questions – Privacy Legislation [30 marks]
Submit a word document with answers to the following:
1. A list with brief explanations of 5 industry standards and/or legislations relevant to a specific work area in information technology (e.g. software development, network administration). The explanations may be up to a maximum 60 words each. [5 marks]
2. Read the Australian Privacy Principles. Outline, in your own words, what you think that APP 5 and 6 mean for an organisation. Include an example for each of APP 5 and 6 where you have experienced the principle in action. [5 marks]
3. Name one networking protocol or technology (may include use of a network protocol) that can be used to provide security when transferring data over the internet. Briefly (maximum 60 words) provide an overview of how the chosen protocol/technology provides for secure data transfer. [5 marks]
4. List and discuss briefly three elements (i.e. specific parts or sections of the document, often headings within the document) that should be included in any Copyright Policy prepared for an IT company. The discussions may be up to a maximum 60 words each. [5 marks]
5. Describe two positive examples of how IT professionals are able to protect their copyright. The examples may be up to a maximum 60 words each. [5 marks]
6. Describe two methods that are able to be used, at least one of which must involve the use of features of a server operating system, to maintain integrity, confidentiality, and availability of information as required by organisational privacy policy. The methods described may be up to a maximum 60 words each. [5 marks]
Part C- Case Study – Privacy Policy [25 marks]
Scenario
IT Contractors is a small business (with an annual turnover of under $1million) which supplies services associated with the installation and support of networks for corporate clients.
IT Contractors has developed a Privacy Policy (attached) to reassure their clients that the data they collect from them will be used responsibly, and that the behaviour of their company, employees and sub-contractors will comply with the Australian Privacy Act of 1988. IT Contractors have their Privacy Policy on their website.
You are required to review this policy and answer the following questions which relate to how the IT Contractors Privacy Policy complies with the current privacy legislation.
Submit a report (minimum of 500 words) that addresses the following questions:
1. Does IT Contractors have a legal responsibility to have a Privacy Policy? Include in your response why you believe this is the case (maximum 60 words). [5 marks]
2. Does the IT Contractors Privacy Policy currently cover all of the minimum requirements set out in APP 1.4?
For each of the items (a-g) at APP 1.4 provide (i.e. copy and paste) a sentence or paragraph from the current Privacy Policy that addresses the minimum requirement into the table provided in the attached Report. [5 marks]
3. Management have asked each member of staff to consider a single APP and propose how it might be covered in the new Privacy Policy, you have been allocated APP 11.
a. Provide a brief overview (maximum 200 words) of how the current IT Contractors Privacy Policy addresses this requirement, if at all
b. You need to recommend in plain English what should be included in the Privacy Policy regarding Storage and security of personal information. [5 marks]
4. Assume that a new Privacy Policy for IT Consultants is implemented and that the changes result in some changes to work practices. Provide 2 recommendations for how the staff of IT Consultants might effectively be informed of the changes and how it affects undertaking their work [5 marks]
5. Describe two methods that the organisation might use to ensure their policies and procedures are being effectively implemented (i.e. once staff have been informed of the changes how will the business be sure the changes are actually being put into practice), one of which must relate specifically to the implementation of system security. [5 marks]
Part D – Case Study Scenario – Develop and interpret procedures [25 marks]
Pretend you own a software development business that is growing in size and you need to employ more programmers. Most of the work in on-site and your developers are sometimes working on their own computers, sometimes on the clients systems. As we are simulating an I.T environment you can make assumptions.
1. Draft a Grievance procedure (work procedure) to enable confidential reporting of complaints or conflicts arising for staff or clients. Draft this for your software development business. [10 marks]
2. Locate the Australian Computer Society (ACS) Code of Ethics and present a discussion on one of the practices listed in the code. Give examples of situations in which the ethical practice would apply. [10 marks]
3. Imagine you have a website for your software development company, you state clearly on your website that you comply with the ACS Code of Ethics.
Develop a set of 5 questions that could be asked in an interview or a questionnaire in order to capture feedback from stakeholders (e.g. your customers, suppliers and/or staff) regarding whether or not they are receiving consistent and appropriate service, giving specific regard to ACS Code of Ethics. [5 marks]
Copyright, Ethics and privacy in IT Report
ICTICT418 Contribute to copyright, ethics and privacy in an ICT environment
Prepared for Project Manager:
Prepared by:
Student Name, Student Number, and Date

Table of Contents
Part A - Case Study Scenario - Intellectual Property and Copyright Law [20 marks] 16
Part B - Questions – Privacy Legislation [30 marks] 17
Part C- Case Study Scenario – Privacy Policy [25 marks] 18
Part D – Case Study Scenario – Develop and interpret procedures [25 marks] 20

Marking Guide
Tasks Marks Allocated Marks Obtained
Part A - Case Study Scenario - Intellectual Property and Copyright Law
1.Explain the intellectual property law 5
2.Explain the copyright law 5
3.Explain the consequences of breaking the law and code of ethics by the business if such a program was implemented 5
4.Create organizational intellectual and copyright policy to be submitted to the Project Manager 10
Part B - Questions – Privacy Legislation
1.List and explain 5 industry standards and/or legislations relevant to a specific work area in information technology 5
2.Australian Privacy Principles 5
3. Name and explain secure Networking protocol or technology 5
4.List and discuss three elements that should be included in any Copyright Policy 5
5. Describe two positive examples of how IT professionals are able to protect their copyright 5
6. Describe two methods to maintain integrity, confidentiality, and availability of information as required by organisational privacy policy. 5
Part C- Case Study – Privacy Policy
1.Legal responsibility to have a Privacy Policy 5
2.Minimum requirements set out in APP 1.4 5
3.New Privacy Policy based on Australian Privacy Principle 5
4.Communicating Privacy Policy changes 5
5.Implement privacy policy and procedure 5
Part D – Practical – Develop and interpret procedures
1.Draft a Grievance procedure 10
2.Australian Computer Society (ACS) Code of Ethics 10
3.Comply with the ACS Code of Ethics 5
TOTAL 100
Your assessor will be looking for:
Requirements and deliverables
What to submit
The assessment must be in a report format as outlined in the Table of Contents in this document.
When to submit
You will need to submit the assessment by week 8. Please review your work with your assessor each week.
Report Formatting
• Number all pages
• Include your name and Student Number
• Each page. Use 1.5 line spacing
• Use the Arial font at either 11pt or 12pt size
Part A - Case Study Scenario - Intellectual Property and Copyright Law [20 marks]
Read pages 4-8 of the assessment before beginning the report. Submit a report (minimum of 500 words) that addresses the following questions:
1. Explain the intellectual property law [5 marks]
2. Explain the copyright law [5 marks]
3. Explain the consequences of breaking the law and code of ethics by the business if such a program was implemented [5 marks]
4. Create organizational intellectual and copyright policy to be submitted to the Project Manager [5 marks]
Resource:
• University of Melbourne: Software Copyright: Roles and Responsibilities
https://copyright.unimelb.edu.au/information/what-is-copyright/software-copyright-roles-and-responsibilities
• Pilot Pen: Code of Ethics and Business Conduct
https://pilotpen.us/images/custom/CodeofEthics.pdf
• Starbucks: Code of Ethics and Business Conduct
http://globalassets.starbucks.com/assets/eecd184d6d2141d58966319744393d1f.pdf
Part B - Questions – Privacy Legislation [30 marks]
Submit a word document with answers to the following:
1. A list with brief explanations of 5 industry standards and/or legislations relevant to a specific work area in information technology (e.g. software development, network administration). The explanations may be up to a maximum 60 words each. [5 marks]
2. Read the Australian Privacy Principles. Outline, in your own words, what you think that APP 5 and 6 mean for an organisation. Include an example for each of APP 5 and 6 where you have experienced the principle in action. [5 marks]
3. Name one networking protocol or technology (may include use of a network protocol) that can be used to provide security when transferring data over the internet. Briefly (maximum 60 words) provide an overview of how the chosen protocol/technology provides for secure data transfer. [5 marks]
4. List and discuss briefly three elements (i.e. specific parts or sections of the document, often headings within the document) that should be included in any Copyright Policy prepared for an IT company. The discussions may be up to a maximum 60 words each. [5 marks]
5. Describe two positive examples of how IT professionals are able to protect their copyright. The examples may be up to a maximum 60 words each. [5 marks]
6. Describe two methods that are able to be used, at least one of which must involve the use of features of a server operating system, to maintain integrity, confidentiality, and availability of information as required by organisational privacy policy. The methods described may be up to a maximum 60 words each. [5 marks]
Resource:
• Privacy Act
https://www.oaic.gov.au/privacy-law/privacy-act/
• Australian Privacy Principles
https://www.oaic.gov.au/privacy-law/privacy-act/australian-privacy-principles
Part C- Case Study Scenario – Privacy Policy [25 marks]
Submit a report (minimum of 500 words) that addresses the following questions:
1. Does IT Contractors have a legal responsibility to have a Privacy Policy? Include in your response why you believe this is the case (maximum 60 words). [5 marks]
2. Does the IT Contractors Privacy Policy currently cover all of the minimum requirements set out in APP 1.4?
For each of the items (a-g) at APP 1.4 provide (i.e. copy and paste) a sentence or paragraph from the current Privacy Policy that addresses the minimum requirement into the table provided in the attached Report. [5 marks]
Tips:
• You need not provide all relevant parts of the policy that relate to the minimum
requirement, one is sufficient.
• If a minimum requirement is not addressed at all include a clear statement that this is the case. This will ensure your teacher knows you did not overlook the minimum requirement, but rather that it was not covered.
3. Management have asked each member of staff to consider a single APP and propose how it might be covered in the new Privacy Policy, you have been allocated APP 11.
a. Provide a brief overview (maximum 200 words) of how the current IT Contractors Privacy Policy addresses this requirement, if at all
b. You need to recommend in plain English what should be included in the Privacy Policy regarding Storage and security of personal information. [5 marks]
Tips:
• This is a recommendation for management to consider, other staff may also have been given APP 11 and management will consider all your input before redrafting the policy.
• This is not a presentation task, you need only provide text. You may though use bullets or numbering, as appropriate to format your text for ease of understanding.
• Use the details in the Scenario and the existing Privacy Policy or make reasonable
assumptions in developing this recommendation.
• While looking at other Privacy Policies in your workplace or online might be a source of ideas you must be sure to write your submission to management in your own words.
4. Assume that a new Privacy Policy for IT Consultants is implemented and that the changes result in some changes to work practices. Provide 2 recommendations for how the staff of IT Consultants might effectively be informed of the changes and how it affects undertaking their work [5 marks]
5. Describe two methods that the organisation might use to ensure their policies and procedures are being effectively implemented (i.e. once staff have been informed of the changes how will the business be sure the changes are actually being put into practice), one of which must relate specifically to the implementation of system security. [5 marks]
Resource:
• Guide to developing an APP privacy policy
https://www.oaic.gov.au/agencies-and-organisations/guides/guide-to-developing-an-app-privacy-policy
Part D – Case Study Scenario – Develop and interpret procedures [25 marks]
Pretend you own a software development business that is growing in size and you need to employ more programmers. Most of the work in on-site and your developers are sometimes working on their own computers, sometimes on the clients systems. As we are simulating an I.T environment you can make assumptions.
1. Draft a Grievance procedure (work procedure) to enable confidential reporting of complaints or conflicts arising for staff or clients. Draft this for your software development business. [10 marks]
2. Locate the Australian Computer Society (ACS) Code of Ethics and present a discussion on one of the practices listed in the code. Give examples of situations in which the ethical practice would apply. [10 marks]
3. Imagine you have a website for your software development company, you state clearly on your website that you comply with the ACS Code of Ethics.
Develop a set of 5 questions that could be asked in an interview or a questionnaire in order to capture feedback from stakeholders (e.g. your customers, suppliers and/or staff) regarding whether or not they are receiving consistent and appropriate service, giving specific regard to ACS Code of Ethics. [5 marks]
Resource:
• Staff Grievance Procedure
http://www.apicollege.edu.au/policies/Staff_Grievance_Procedure.pdf
• ACS Code of Ethics
https://www.acs.org.au/content/dam/acs/acs-documents/Code-of-Ethics.pdf
• ACS Code of Professional Conduct
https://www.acs.org.au/content/dam/acs/rules-and-regulations/Code-of-Professional-Conduct_v2.1.pdf