Company Policies

CSR

OBJECTIVES CONCERNING SENSITIVITY OF CORPORATE ACTIVITIES ON ENVIRONMENTAL IMPACT

  • Recycling Initiatives
    • Identification of recyclable waste
      • Plastic bottles & Containers
      • Tangling Items such as computer wires
      • Food & Beverage cans
      • Medical & first aid waste
      • Paper & flattened Cardboards
      • Glass
      • Metal, wax and polystyrene
      • Other
    • Good recycle solutions using 3Rs approach i.e reduce, reuse recycle.
      • Bins
      • Recycling Pickups
  • Waste Management
    • Waste identification
    • Salvage dumping and disposal
  • Energy Conservation

    Energy Consumption-Renewable (rooftop solar panels) and Non-Renewable sources (Energy efficient lightening)

    • Green Office
      • Energy savings through sustainable sites
      • Water efficiency
      • Energy & atmosphere-CO2 emissions reduction
      • Material & Resources-Utilization of postindustrial material where possible such as installation of low-flow valves, utilizing recycled flooring tiles, using paints with low VOC.

STEPS / MEASURES TAKEN TO ENSURE THAT ALL OBJECTIVES OF HAVING CSR ARE BEING FULFILLED.

  • WASTE MANAGEMENT PROGRAMS

    Waste Management primarily focuses on waste generation, categorization, reduction, collection, separation, treatment and disposal, as well as procedures that address waste management policy, education, and economic and environmental assessments.

    CODING PRO strongly believes in proper waste management techniques of handling electronic waste. Any personnel within the company is prohibited to dismantle any electronic equipment including laptops batteries monitors mouse and keyboards etc. All the electronic waste is dumped according to the guidelines and instructions provided by the govt authorities to the respective waste collection agencies.

    The following are some of the major areas in respect of which below mentioned policies are in place:

    • Material properties
    • Reduction, recycling and reuse
    • Storage, collection, transport, and transfer
    • Waste Treatment (mechanical, electronic, other)
    • Environmental assessments
    • Economic analysis
    • Policy and regulations
    • Education and training
    • Planning


    • INVOLVE EMPLOYEES IN CORPORATE FUNDRAISING EXERCISES

      CODING PRO adheres to the policy of 1% cut off in annual salaries is done in order to ensure and implement focused programs relating to CSR.

    • CONTINUAL MANAGEMENT-EMPLOYEES MEETUPS AND WORKSHOPS

      INTERACTIVE SESSIONS, REGULAR REMINDERS, MEETUPS, QUARTER, SEMI ANNUAL AND ANNAUL GATHERINGS on importance of recycling and waste reduction initiatives as well as on maintaining an attitude of CSR compliant culture in the company, are one of the most important goal of CODING PRO.

      We believe in the best start possible in their new role with an interactive onboarding workshop. Here you can go through everything from company history and values as well as how day to day life works within the organization.

    • CAUSE ANALYSIS EXERCISES

      Goals, such as nature preservation, or investing in a community project, comes up with causes that resonate with your business culture, research the kind of support they need, then pick one and stick with it. CODING PRO is very much focused on managing such activities to ensure the prosperity of environmental and social well-being.

    • INVOLVE YOUR CUSTOMERS

      Discount schemes to customers fulfilling and promoting CSR compliant environment overall and corporate culture in particular.

    • EMPLOYEE SCORECARDS

      CODING PRO ensures make sure it features achievable and measurable goals and keep it visible on your site, tracking your progress. Scorecards are also weighed in considering promotions and increments of employees.

    • USE SOCIAL MEDIA
      • Social Media Platforms
      • Website Donations

      Website visitors and Facebook fans to vote on which one they would like to see you support. Or actively seek their assistance, such as bringing old but usable technology into your store so that you can donate them to students in underfunded schools. Make sure you offer a potential reward, such as holding a raffle for all participants.

      Don’t just tell your customers what you’re doing; solicit their ideas, experiences, and concerns to get them invested in your projects. Make sure you use multiple digital platforms – such as blogs, Facebook, Twitter, and a YouTube channel – to reach people with different media preferences.


  • OUR MOTIVATION

    In capacity of being a software house, and in the light of PEST analysis conducted on our behalf in relation to our responsibility regarding CSR, we believe that due to the fact that we do not carry any specific production activity, logistics, supply chain, waste management, recycling etc. we are not that open to expose a threat on environment as production agents do, but being an economic agency we also recognize our responsibility to fulfil our share of burden instead of just pleading exit from certain area of activity. We do agree that merely being a software house not carrying any kind of production activity is just one aspect of economic ecosystem but being vigilant and proactive is that responsibility which we all have and must be fulfilled.

    In this regard Coding Pro, feels appreciated and pleased to be cognizant of the fact that it enjoys two feathers in a single cap

    • CODING PRO does not contribute in pollutants exposing threats to environment;
    • CODING PRO contributes in being active in ENERGY CONSERVATION & GREEN OFFICE


    ENERGY CONSERVATION & GREEN OFFICE
    CODING PRO> ensures to make a mix of renewable and non-renewable sources of electricity consumption. Following relevant information is worth consider here:

    • Summer-Renewable-55-Non-Renewable-45
    • Winter-Renewable-35-Non-Renewable-65

    Solar power plants 4kW enough for 20 people office. We have installed solar power plants which are as good as for 25 people.

    • Green office is a recent step to ensure reducing carbon footprints and electronic waste disposal besides being focused on paper reduction.

EH&S

Objectives for all policy matters affecting Health, Safety and the Environment include:

  • Adhering all statutory obligations concerning the environment and to review the application of the Policy in the light of changing legislation.
  • Use processes that do not adversely affect the environment including developing and improving operations and processes to minimize waste, prevent air, water and other pollution, minimize health and safety risks and dispose of waste safely and responsibly.
  • Seek to minimize or eliminate waste at the source and recycle or reuse materials when possible. Promote the more efficient use of energy within the Company.
  • Ensure that all new products, developments, and processes are designed to minimize their impact on the environment.
  • Require that all contractors working on our behalf understand this policy and comply to the best of their ability.
  • Enhance awareness by including environmental issues in training programs and encouraging all employees and customers to participate in implementing good environmental practices.
  • Maintain an effective system of auditing activities to ensure compliance with these objectives and develop targets for improved environmental performance.

Annual objectives and targets are set to control and manage the environmental impact on all operational activities – in particular energy consumption, water use and waste generation. Monitoring and reporting systems are in place along with initiatives to save energy and minimize waste volumes.

A - SMOKING POLICY

CODING PRO supports a non-smoking environment; no member of CODING PRO community should be subject to the secondary smoke of another who chooses to smoke.

  • Smoking is permissible outdoors i.e. outside of all main entrances to buildings and facilities.
  • Smoking is prohibited inside any office premises, without exception. These include:
    • Hallways, elevators, stairwells, restrooms, lobbies, reception areas, and entryways
    • Administrative and departmental service areas
    • Food preparation and all dining areas
    • Storerooms, and garages or designated no smoking areas
    • Conference rooms, computer rooms, study areas, offices
  • Consequences: Any person who violates the smoking policy shall be subject to the followings:
    • Employees will be referred to disciplinary issues
    • Staff will be referred to the personnel director
    • Others (such as visitors) will be referred to public safety

B - SUSPICIOUS PERSONS / VEHICLES

  • Suspicious Person or Activities
    • If you see a person on or near the premises acting in a suspicious manner, contact at [email protected] or +92 300 0022 541 | +92 331 4809 434
    • Give a description as accurately as possible, including age, hair color, eyes, clothing, tattoos, if known, or other identifying marks and include the location of the person currently and where they may be heading
    • Stay on the line with the dispatcher until they tell you to hang up
    • Do not attempt to detain or physically restrain or hold a person; stay back and be observant
  • Suspicious Vehicle On or Off Premises
    • If you see a vehicle on or near premises acting in a suspicious manner, contact [email protected] or +92 300 0022 541 | +92 331 4809 434
    • Give a description of: License plate number and state e.g. color, make, number of occupants in the vehicle and model of the vehicle, and the year if it can be determined
    • Do not attempt to stop the vehicle
    • If a vehicle is following you, drive to public safety or to a well-lit and populated area

C - SUSPICIOUS PACKAGE / LETTER

  • Suspicious Package / Letter / Object:
    • If you receive or discover a suspicious package, letter or object, DO NOT TOUCH IT, TAMPER WITH IT OR MOVE IT
    • Report it immediately to the office staff
  • Characteristics of Suspicious Letters and Packages:
    • ORIGIN — postmark doesn’t match the city of the return address, name of sender is unusual or unknown, or no return address is given
    • POSTAGE — excessive or inadequate postage
    • BALANCE — the letter is lopsided or of unusually thick weight, the letter or package seems heavy for its size
    • CONTENTS — stiffness or springiness of contents, protruding wires or components, oily outer wrapping or envelop, feels like contains powdery substance
    • SMELL — particularly almond or other suspicious odors
    • WRITING — handwriting of sender is not familiar or indicates a foreign style not normally received by recipient, or cut-and paste or rub-on-block letters are used. Common words, names, titles, are misspelled, or special instructions like ‘fragile,’ ‘confidential,’ or ‘do not delay’ are present
  • If the letter or package is a mail bomb, the letter or package may also have:
    • Protruding wires, strange odors or stains
    • An unusual amount of tape
    • Buzzing, ticking, or a sloshing sound
    • Irregular shape, or spots or bulges
    • Excessive weight for its size
    • Letter bombs may feel rigid or appear uneven or lopsided

D - BATTERY AND ELECTRONIC WASTE RECYCLING

Coding Pro has implemented an electronic waste and battery recycling program. If you have computer equipment that is no longer in use in your office, contact the Help desk and request to have it picked up. Computer and other electronic components contain trace chemicals that are not healthy for our environment, and we strive to reduce and remove those chemicals from our daily garbage by recycling the items.
If you use batteries in your workplace for different appliances, when you have spent batteries, DO NOT throw them away. There are battery recycling bins located at the office. If there are a considerable number of batteries generated in your workplace, contact the environmental health & safety officer, a disposal bucket can be supplied for your work area.

E - EMERGENCY RESPONSE TEAM

The emergency procedures are over seen and directed by the Emergency Response Team, which is composed of:
Mr. Ali Hassan
Mr. Taimoor Haider
This team will add members with responsibilities and expertise that are appropriate to the situation. EMERGENCY CONTACT INFORMATION Whenever possible, information or emergency assistance should be sought through the appropriate office.

F - SHELTER IN PLACE

Sheltering in place in your work place is similar to sheltering in place at home, but there are some significant differences. Shelter in place is used if an intruder comes on to premises, or if there is an airborne issue that could adversely affect you.

Basic steps to sheltering in place that every employee should know:

  • Shut and lock all windows and doors and turn off the lights;
  • If you have access to air handling equipment controls (e.g. air conditioning, heating);
  • If you are not in your office or regular building find the nearest room to take shelter in;
  • If you are in a room on the first floor with windows close the windows and stay out of sight; and
  • If you have access to a TV or radio, turn it on and listen for further instruction or information

If you take medication and commute to the premises from a long distance away, it is beneficial for you to keep extra medication on premises in case of emergency. It is also recommended to have a couple of power bars or other snack foods to keep at your desk or office.

G - FIRE EXTINGUISHERS

CODING PRO uses fire extinguishers, which are able to suppress most types of fires. You should become familiar with where the nearest fire extinguisher is located in your workplace.
It is easy to remember how to use a fire extinguisher if you can remember the acronym PASS which stands for Pull, Aim, Squeeze, and Sweep.

  • Pull the pin This will allow you to discharge the extinguisher
  • Aim at the base of the fire nearest you with your back to an exit door
  • Squeeze top handle or lever Depressing the button will release the pressurized extinguishing agent
  • Sweep from side to side Sweep until the fire is completely out. Keep a safe distance away and make sure it does not re-ignite

DO NOT use fire extinguishers on people to control flames use a fire blanket or clothing to prevent or extinguish the fire. Chemicals from the extinguishers can be dangerous to human health.
ADDITIONAL NOTES:

  • After extinguishing a fire, back away. Watch for re-ignition
  • Use fire extinguishers on small fires only — trashcans or smaller. To receive training on proper use of fire extinguishers
  • Use the appropriate extinguisher for the type of fire

If trapped in room:

  • Place a cloth material around or under door to prevent smoke from entering. Retreat and close as many doors as possible between you and the fire
  • be prepared to signal from window but do not break glass unless absolutely necessary

If caught in smoke:

  • Drop to hands and knees and crawl to exit
  • Hold breath as much as possible
  • Breathe shallowly through nose and use cloth (shirt or jacket) as filter

If forced to advance through flames:

  • Hold your breath
  • Move quickly
  • Cover head and hair
  • Keep head down and eyes closed as much as possible

If clothing catches fire:

  • STOP, DROP, ROLL FIRES, EARTHQUAKES, EXPLOSIONS Learn where fire alarms, extinguishers and safety exit of buildings are located
  • Learn the safest way to exit the buildings in the event of an emergency


In the event of an explosion or earthquake, take shelter near inner building structural elements (such as columns, beams, doorways, or against solid walls). STAY AWAY FROM WINDOWS.
In the event of a fire or explosion, immediately activate a fire alarm if one is in your vicinity and exit the building if it is safe to do so.
If a small fire occurs, use a fire extinguisher if you know how, until help arrives. Always keep yourself between the fire and the exit. If there is a gas leak, DO NOT turn on or OFF any electrical appliance.
If a fire is out of control, evacuate the building immediately. If possible, close all gas lines. DO NOT use elevators. Follow instruction of a safety officer, if present, and leave in orderly fashion.
Go to an outside assembly area as directed by a safety officer, and stay away from the building. DO NOT reenter the building until you are instructed to do so.
Bomb Threat: If you receive a bomb threat, keep the person talking to obtain the maximum information about the details of the threat (where, when, why?), voice, and background noise.

FIRE INSPECTIONS
The Department of Public Safety does random fire inspections at work places and buildings in an effort to comply with all local, state and federal regulations. Continuous offenders will be disciplined accordingly.
FIRE PREVENTION

  • No extension cords (for permanent fixtures)
  • No daisy chains (cords plugged into cords)
  • Do not prop open fire doors with wedges
  • Do not block hallways or exit routes
  • No multiplug adaptors

H - EMERGENCY EVACUATION

When an alarm is sounded in a building, immediately exit the building through the nearest possible exit. Assemble at your building’s evacuation assembly area, as shown on page
Locate your building safety manager and make sure they mark you off as having exited the building.
Building Safety Manager or Building Floor Safety Manager Every building is asked to assign or elect a building safety manager or building floor safety manager (depending on the building).
Responsibilities
The responsibilities of a building safety manager are:

  • To ensure their department/floor/building is evacuated in the event of fire, earthquake, or other emergency, to the assigned evacuation assembly area
  • Ahead count list is taken of all persons evacuated from the building and given to a public safety officer on the scene;
  • Keep all persons out of the building until told it’s safe to re-enter a building by a public safety officer;
  • In actual emergencies, staff is to be directed back to their premises, desk, office, workplace

COE

Code of Ethics and Professional Conduct

  • PRINCIPLES GOVERNING ETHICS
    • SOCIETAL AND HUMANISTIC APPROACH
      • Social Justice i.e. follow benefit of society, members and environment (attention and Priority)
      • Promote fundamental human protection rights in workplace
      • Social threats in workplace and diversity
      • Subordination of personal interest over collective interest
      • Adhere result-oriented society Goal congruence approach
      • Achieve Regio centric Environmental sustainability
    • Inert and harmless

      Meaning of being inert & harmless
      Actions & Behaviors resulting in disciplinary consequences
      Avoiding harm (Direct & Indirect harm)
      In this document, "harm" means negative consequences, especially when those consequences are significant and unjust. Examples of harm include unjustified physical or mental injury, unjustified destruction or disclosure of information, and unjustified damage to property, reputation, and the environment. This list is not exhaustive.

      Well-intended actions, including those that accomplish assigned duties, may lead to harm. When that harm is unintended, those responsible are obliged to undo or mitigate the harm as much as possible. Avoiding harm begins with careful consideration of potential impacts on all those affected by decisions. When harm is an intentional part of the system, those responsible are obligated to ensure that the harm is ethically justified. In either case, ensure that all harm is minimized.

      To minimize the possibility of indirectly or unintentionally harming others, computing professionals should follow generally accepted best practices unless there is a compelling ethical reason to do otherwise. Additionally, the consequences of data aggregation and emergent properties of systems should be carefully analyzed. Those involved with pervasive or infrastructure systems should also consider Principle 3.7.

      A computing professional has an additional obligation to report any signs of system risks that might result in harm. If leaders do not act to curtail or mitigate such risks, it may be necessary to "blow the whistle" to reduce potential harm. However, capricious or misguided reporting of risks can itself be harmful. Before reporting risks, a computing professional should carefully assess relevant aspects of the situation.

    • Integrity & Competence
      • Meaning of Integrity (Honesty & Trustworthiness) & acts of dishonesty
      • Meaning of Competence

      Honesty is an essential component of trustworthiness. A computing professional should be transparent and provide full disclosure of all pertinent system capabilities, limitations, and potential problems to the appropriate parties. Making deliberately false or misleading claims, fabricating or falsifying data, offering or accepting bribes, and other dishonest conduct are violations of the Code.

      Computing professionals should be honest about their qualifications, and about any limitations in their competence to complete a task. Computing professionals should be forthright about any circumstances that might lead to either real or perceived conflicts of interest or otherwise tend to undermine the independence of their judgment. Furthermore, commitments should be honored.

      Computing professionals should not misrepresent an organization's policies or procedures, and should not speak on behalf of an organization unless authorized to do so.

    • Analytical Objectivity
      • Values in Objectivity
      • Equality in participation vs. Discrimination

      The values of equality, tolerance, respect for others, and justice govern this principle. Fairness requires that even careful decision processes provide some avenue for redress of grievances.

      Computing professionals should foster fair participation of all people, including those of underrepresented groups. Prejudicial discrimination on the basis of age, color, disability, ethnicity, family status, gender identity, labor union membership, military status, nationality, race, religion or belief, sex, sexual orientation, or any other inappropriate factor is an explicit violation of the Code. Harassment, including sexual harassment, bullying, and other abuses of power and authority, is a form of discrimination that, amongst other harms, limits fair access to the virtual and physical spaces where such harassment takes place.

      The use of information and technology may cause new, or enhance existing, inequities. Technologies and practices should be as inclusive and accessible as possible and computing professionals should take action to avoid creating systems or technologies that disenfranchise or oppress people. Failure to design for inclusiveness and accessibility may constitute unfair discrimination.

    • Insider Information
      • What is Insider Information
      • Breach of Insider Information agreement
      • Legal compulsions

      Developing new ideas, inventions, creative works, and computing artifacts creates value for society, and those who expend this effort should expect to gain value from their work. Computing professionals should therefore credit the creators of ideas, inventions, work, and artifacts, and respect copyrights, patents, trade secrets, license agreements, and other methods of protecting authors' works.

      Both custom and the law recognize that some exceptions to a creator's control of a work are necessary for the public good. Computing professionals should not unduly oppose reasonable uses of their intellectual works. Efforts to help others by contributing time and energy to projects that help society illustrate a positive aspect of this principle. Such efforts include free and open source software and work put into the public domain. Computing professionals should not claim private ownership of work that they or others have shared as public resources.

    • Privacy & Confidentiality
      • Meaning of Privacy & Confidentiality
      • Private & Confidential Information
      • Legal Compulsions

      The responsibility of respecting privacy applies to computing professionals in a particularly profound way. Technology enables the collection, monitoring, and exchange of personal information quickly, inexpensively, and often without the knowledge of the people affected. Therefore, a computing professional should become conversant in the various definitions and forms of privacy and should understand the rights and responsibilities associated with the collection and use of personal information.

      Computing professionals should only use personal information for legitimate ends and without violating the rights of individuals and groups. This requires taking precautions to prevent re-identification of anonymized data or unauthorized data collection, ensuring the accuracy of data, understanding the provenance of the data, and protecting it from unauthorized access and accidental disclosure. Computing professionals should establish transparent policies and procedures that allow individuals to understand what data is being collected and how it is being used, to give informed consent for automatic data collection, and to review, obtain, correct inaccuracies in, and delete their personal data.

      Only the minimum amount of personal information necessary should be collected in a system. The retention and disposal periods for that information should be clearly defined, enforced, and communicated to data subjects. Personal information gathered for a specific purpose should not be used for other purposes without the person's consent. Merged data collections can compromise privacy features present in the original collections. Therefore, computing professionals should take special care for privacy when merging data collection

      Computing professionals are often entrusted with confidential information such as trade secrets, client data, nonpublic business strategies, financial information, research data, pre-publication scholarly articles, and patent applications. Computing professionals should protect confidentiality except in cases where it is evidence of the violation of law, of organizational regulations, or of the Code. In these cases, the nature or contents of that information should not be disclosed except to appropriate authorities. A computing professional should consider thoughtfully whether such disclosures are consistent with the Code.

  • PROFESSIONAL RESPONSIBILITIES
    • Strive to achieve high quality in both the processes and products of professional work

      Computing professionals should insist on and support high quality work from themselves and from colleagues. The dignity of employers, employees, colleagues, clients, users, and anyone else affected either directly or indirectly by the work should be respected throughout the process. Computing professionals should respect the right of those involved to transparent communication about the project. Professionals should be cognizant of any serious negative consequences affecting any stakeholder that may result from poor quality work and should resist inducements to neglect this responsibility.

    • Maintain high standards of professional competence, conduct, and ethical practice

      High quality computing depends on individuals and teams who take personal and group responsibility for acquiring and maintaining professional competence. Professional competence starts with technical knowledge and with awareness of the social context in which their work may be deployed. Professional competence also requires skill in communication, in reflective analysis, and in recognizing and navigating ethical challenges. Upgrading skills should be an ongoing process and might include independent study, attending conferences or seminars, and other informal or formal education. Professional organizations and employers should encourage and facilitate these activities.

    • Know and respect existing rules pertaining to professional work

      "Rules" here include local, regional, national, and international laws and regulations, as well as any policies and procedures of the organizations to which the professional belongs. Computing professionals must abide by these rules unless there is a compelling ethical justification to do otherwise. Rules that are judged unethical should be challenged. A rule may be unethical when it has an inadequate moral basis or causes recognizable harm. A computing professional should consider challenging the rule through existing channels before violating the rule. A computing professional who decides to violate a rule because it is unethical, or for any other reason, must consider potential consequences and accept responsibility for that action.

    • Accept and provide appropriate professional review

      High quality professional work in computing depends on professional review at all stages. Whenever appropriate, computing professionals should seek and utilize peer and stakeholder review. Computing professionals should also provide constructive, critical reviews of others' work.

    • Give comprehensive and thorough evaluations of computer systems and their impacts, including analysis of possible risks

      Computing professionals are in a position of trust, and therefore have a special responsibility to provide objective, credible evaluations and testimony to employers, employees, clients, users, and the public. Computing professionals should strive to be perceptive, thorough, and objective when evaluating, recommending, and presenting system descriptions and alternatives. Extraordinary care should be taken to identify and mitigate potential risks in machine learning systems. A system for which future risks cannot be reliably predicted requires frequent reassessment of risk as the system evolves in use, or it should not be deployed. Any issues that might result in major risk must be reported to appropriate parties.

    • Perform work only in areas of competence

      A computing professional is responsible for evaluating potential work assignments. This includes evaluating the work's feasibility and advisability, and making a judgment about whether the work assignment is within the professional's areas of competence. If at any time before or during the work assignment the professional identifies a lack of a necessary expertise, they must disclose this to the employer or client. The client or employer may decide to pursue the assignment with the professional after additional time to acquire the necessary competencies, to pursue the assignment with someone else who has the required expertise, or to forgo the assignment. A computing professional's ethical judgment should be the final guide in deciding whether to work on the assignment.

    • Foster public awareness and understanding of computing, related technologies, and their consequences

      As appropriate to the context and one's abilities, computing professionals should share technical knowledge with the public, foster awareness of computing, and encourage understanding of computing. These communications with the public should be clear, respectful, and welcoming. Important issues include the impacts of computer systems, their limitations, their vulnerabilities, and the opportunities that they present. Additionally, a computing professional should respectfully address inaccurate or misleading information related to computing.

    • Access computing and communication resources only when authorized or when compelled by the public good

      Individuals and organizations have the right to restrict access to their systems and data so long as the restrictions are consistent with other principles in the Code. Consequently, computing professionals should not access another's computer system, software, or data without a reasonable belief that such an action would be authorized or a compelling belief that it is consistent with the public good. A system being publicly accessible is not sufficient grounds on its own to imply authorization. Under exceptional circumstances a computing professional may use unauthorized access to disrupt or inhibit the functioning of malicious systems; extraordinary precautions must be taken in these instances to avoid harm to others.

    • Design and implement systems that are robustly and usably secure

      Breaches of computer security cause harm. Robust security should be a primary consideration when designing and implementing systems. Computing professionals should perform due diligence to ensure the system functions as intended, and take appropriate action to secure resources against accidental and intentional misuse, modification, and denial of service. As threats can arise and change after a system is deployed, computing professionals should integrate mitigation techniques and policies, such as monitoring, patching, and vulnerability reporting. Computing professionals should also take steps to ensure parties affected by data breaches are notified in a timely and clear manner, providing appropriate guidance and remediation.

      To ensure the system achieves its intended purpose, security features should be designed to be as intuitive and easy to use as possible. Computing professionals should discourage security precautions that are too confusing, are situationally inappropriate, or otherwise inhibit legitimate use.

      In cases where misuse or harm are predictable or unavoidable, the best option may be to not implement the system.

  • PROFESSIONAL LEADERSHIP PRINCIPLES

    Leadership may either be a formal designation or arise informally from influence over others. In this section, "leader" means any member of an organization or group who has influence, educational responsibilities, or managerial responsibilities. While these principles apply to all computing professionals, leaders bear a heightened responsibility to uphold and promote them, both within and through their organizations.

    A computing professional, especially one acting as a leader, should...


    • Ensure that the public good is the central concern during all professional computing work

      People — including users, customers, colleagues, and others affected directly or indirectly — should always be the central concern in computing. The public good should always be an explicit consideration when evaluating tasks associated with research, requirements analysis, design, implementation, testing, validation, deployment, maintenance, retirement, and disposal. Computing professionals should keep this focus no matter which methodologies or techniques they use in their practice.

    • Articulate, encourage acceptance of, and evaluate fulfillment of social responsibilities by members of the organization or group

      Technical organizations and groups affect broader society, and their leaders should accept the associated responsibilities. Organizations — through procedures and attitudes oriented toward quality, transparency, and the welfare of society — reduce harm to the public and raise awareness of the influence of technology in our lives. Therefore, leaders should encourage full participation of computing professionals in meeting relevant social responsibilities and discourage tendencies to do otherwise.

    • Manage personnel and resources to enhance the quality of working life

      Leaders should ensure that they enhance, not degrade, the quality of working life. Leaders should consider the personal and professional development, accessibility requirements, physical safety, psychological well-being, and human dignity of all workers. Appropriate human-computer ergonomic standards should be used in the workplace.

    • Articulate, apply, and support policies and processes that reflect the principles of the Code

      Leaders should pursue clearly defined organizational policies that are consistent with the Code and effectively communicate them to relevant stakeholders. In addition, leaders should encourage and reward compliance with those policies, and take appropriate action when policies are violated. Designing or implementing processes that deliberately or negligently violate, or tend to enable the violation of, the Code's principles is ethically unacceptable.

    • Create opportunities for members of the organization or group to grow as professionals

      Educational opportunities are essential for all organization and group members. Leaders should ensure that opportunities are available to computing professionals to help them improve their knowledge and skills in professionalism, in the practice of ethics, and in their technical specialties. These opportunities should include experiences that familiarize computing professionals with the consequences and limitations of particular types of systems. Computing professionals should be fully aware of the dangers of oversimplified approaches, the improbability of anticipating every possible operating condition, the inevitability of software errors, the interactions of systems and their contexts, and other issues related to the complexity of their profession—and thus be confident in taking on responsibilities for the work that they do.

    • Use care when modifying or retiring systems

      Interface changes, the removal of features, and even software updates have an impact on the productivity of users and the quality of their work. Leaders should take care when changing or discontinuing support for system features on which people still depend. Leaders should thoroughly investigate viable alternatives to removing support for a legacy system. If these alternatives are unacceptably risky or impractical, the developer should assist stakeholders' graceful migration from the system to an alternative. Users should be notified of the risks of continued use of the unsupported system long before support ends. Computing professionals should assist system users in monitoring the operational viability of their computing systems, and help them understand that timely replacement of inappropriate or outdated features or entire systems may be needed.

    • Recognize and take special care of systems that become integrated into the infrastructure of society

      Even the simplest computer systems have the potential to impact all aspects of society when integrated with everyday activities such as commerce, travel, government, healthcare, and education. When organizations and groups develop systems that become an important part of the infrastructure of society, their leaders have an added responsibility to be good stewards of these systems. Part of that stewardship requires establishing policies for fair system access, including for those who may have been excluded. That stewardship also requires that computing professionals monitor the level of integration of their systems into the infrastructure of society. As the level of adoption changes, the ethical responsibilities of the organization or group are likely to change as well. Continual monitoring of how society is using a system will allow the organization or group to remain consistent with their ethical obligations outlined in the Code. When appropriate standards of care do not exist, computing professionals have a duty to ensure they are developed.

  • COMPLIANCE WITH THE CODE

    A computing professional should...


    • Uphold, promote, and respect the principles of the Code

      The future of computing depends on both technical and ethical excellence. Computing professionals should adhere to the principles of the Code and contribute to improving them. Computing professionals who recognize breaches of the Code should take actions to resolve the ethical issues they recognize, including, when reasonable, expressing their concern to the person or persons thought to be violating the Code.

    • Treat violations of the Code as inconsistent with membership in the Association for Computing Machinery (ACM)

      Each ACM member should encourage and support adherence by all computing professionals regardless of ACM membership. ACM members who recognize a breach of the Code should consider reporting the violation to the ACM, which may result in remedial action as specified in the ACM's Code of Ethics and Professional Conduct Enforcement Policy.