The information security profession is based on trust, as the professional may be handling sensitive or confidential information. Ethically sound and consistently applied code of professional ethics need to be adhered to by the professional.
These are based on the safety of the commonwealth, duty to principals, such as employers, contractors, people whom a professional works for, and to each other. It requires that professionals adhere, and be seen to adhere, to the highest ethical standards of behavior.
International Information System Security Certification Consortium (ISC)2 has a published code of professional ethics for its members provided as follows: