Ethics in the workplace–making them work

Our actions affect not only ourselves, but also those around us. Many of our professional decisions
involve ethics. If we tell a lie, we can lose someone’s trust and undermine our own integrity. If we
use shoddy materials or workmanship on the job, we can jeopardize the safety of others.

Questions of morality and ethics can be found at all levels of society. Ethical behaviour is equally
important in the workplace as it is in our personal lives. Everywhere business is conducted, ethics
matters.

article continues below

Ethics and Making a Business Successful

A successful business depends on the trust of various parties—employees, managers, executives,

customers, suppliers, and even competitors. Six ethical terms form the foundation of trust upon
which ethical business practice is built:

 Ethics

 Values

 Morals

 Integrity

 Character

 Laws

Ethics

Ethics refers to a set of rules that describes acceptable conduct in society. Ethics serve as a guide to
moral daily living and helps us judge whether our behaviour can be justified.

Ethics refers to society’s sense of the right way of living our daily lives. It does this by establishing
rules, principles, and values on which we can base our conduct. The concepts most directly
associated with ethics are truth, honesty, fairness, and equity.

While ethics is a societal concern, it is of critical importance to the professions that serve society.
Because professionals such as physicians, attorneys, engineers, and property and facility managers
provide services that affect our welfare, they develop professional codes of ethics that establish
professional standards for behaviour.

Examples of the types of standards found in professional codes of ethics include:

 An attorney or physician maintaining client-patient confidentiality

 An accountant not using client information for personal gain

Values

Values are defined as the acts, customs, and institutions that a group of people regard in a
favourable way. Statements of value typically contain words of approval, disapproval, and obligation.
Some of these words might be good, bad, should, and should not. However, value judgments do not
have to contain specific value words. “That is a lie” does not contain a particular word of
disapproval, but the implication that a lie is wrong is understood.
Values are what really matter to us most—what we care about. For instance, family devotion,
respect for the environment, and working hard for a day’s pay are three values that can evoke a
response in many people.

Morals

Morals are a set of rules or mode of conduct on which society is based. Certain moral elements are
universal, such as the laws forbidding homicide and the basic duties of doing good and furthering the
well-being of others. With morals serving as the underpinning of society, there are four points we
should remember, says philosopher Robert C. Solomon.

 Moral rules are important: In general, moral rules are rules that help society function in a
civilized way.

 Morality consists of universal rules: They apply to everyone, everywhere, and are recognized
by everyone as being necessary.

 Morals are objective: They do not consider personal preferences. Right is right and wrong is
wrong.

 Morality affects other people: Morality involves considering the well-being of others as
reflected by the Golden Rule: Do unto others as you would have them do unto you.

Integrity

To have integrity is to be honest and sincere. Integrity is defined as adhering to a moral code in daily
decision making. When people and businesses possess integrity, it means they can be trusted. On
the other hand, companies that lack this quality and mislead customers with inferior products or
false advertising will suffer the consequences.

Character

Ethics is not just how we think and act. It is also about character. Character drives what we do when
no one is looking. Each person has the ability to build, change, or even destroy his or her own
character. We can build our character through the way we live—by thinking good thoughts and
performing good acts. Similarly, bad thoughts and behaviour can destroy our character.

A person with character has high morals and will act morally in all situations by choice, not force. A
person with character will honour his or her commitments. Character pertains to organizations, as
well. A company with high character is worthy of trust and respect, acts honestly, and stands by its
promises.

Laws

The law is a series of rules and regulations designed to express the needs of the people. Laws protect
people from the most blatant and despicable affront to morality, such as murder, rape, and theft.

Laws frequently provide us with a sense of right and wrong and guide our behaviour, but not always.
While murder is against the law, the law does not always stop someone from killing another out of
hatred, anger, or in defence of a personal philosophy.

Laws are instituted as notions of justice and tend to be specific, yet diverse within different societies.
Laws have always had a strong connection to morality, ethics, and values. But, not all laws are
ethical.
Laws have legalized slavery, segregation, sexism, and apartheid. Although these laws might have
reflected society’s values at the time they were enacted, they could not nor will they ever justify
immoral behaviour. Likewise in business, it is not unlawful to lie to a co-worker or on a job
application, but both are ethically wrong.

These six concepts—ethics, values, morals, integrity, character, and laws—form the foundation of
trust upon which ethical business practice is built.

Professional Codes of Ethics

Many professions and corporations have developed codes of ethics to address their unique business
situations. In fact, 90 percent of Fortune 500 companies and nearly half of all corporations have
codes of ethics that can be applied to all employees. By developing a code of ethics, an organization
makes it clear that employees and members cannot claim ignorance as a defence for unethical
conduct.

Benefits of a Corporate Code of Ethics

Codes of ethics help employees strike a balance between the ends and the means used to obtain
them. This balance may be one of the most challenging aspects of being an ethical organization.

The Federal Sentencing Guidelines for Organizations provide an additional incentive for having
corporate codes of ethics and ethics training. Companies that have made a bona fide effort to
prevent unethical and illegal behaviour are likely to receive less severe punishment should an
employee be found guilty of breaking the law. The unethical conduct of just a few employees can
affect an entire corporation.

Benefits of a Professional Code of Ethics

A professional code of ethics sets a standard for which each member of the profession can be
expected to meet. It is a promise to act in a manner that protects the public’s well-being. A
professional code of ethics informs the public what to expect of one’s doctor, lawyer, accountant, or
property manager. As long as professionals adhere to these standards, the public is willing to have
their professional associations create and enforce their ethical codes.

In cases where these codes are repeatedly and grossly violated, the public’s likely response is to
demand protective legislation. The Sarbanes-Oxley Act of 2002 was enacted in response to such
violations and the ensuing public outcry. Most professionals would prefer to police themselves,
rather than have an externally imposed set of regulations. That is a major reason why they create
codes of ethics in the first place.

Successful Implementation of a Code of Ethics

Within a corporation, top-down support is critical. If senior management does not act ethically and
support others who do, an organization’s ethical code will have little meaning. It is critical for
managers and executives to:

 act consistently with the company’s ethical standards

 apply those standards in dealing with employees

Acknowledging and rewarding those whose behaviours are consistent with a company’s code of
ethics proclaims to all that ethical behaviour is truly valued. On the other hand, promoting and
providing bonuses to employees whose successes are due in part to unethical behaviour sends an
unwanted message.

Remaining ethical is not a static issue. It requires review and evaluation. Companies need to
periodically review their priorities and make necessary adjustments. Otherwise, their standards and
training become outdated.

Office Security: Best Practices and Procedures

When we hear about workplace safety, we usually think of places like construction sites and
factories. Places where accidents can easily occur. However, 2018 and 2019 saw several high-profile
incidents of workplace violence unfold in office spaces. It highlighted an important need: workplace
and office security.

In order to ensure employee safety and well-being, as well as maximize productivity, a company
must make its workplace feel as safe and secure as its employees’ homes.

Additionally, a safe and secure office not only protects the employees, but it also protects its data,
documents, and other physical assets from theft and damage. Office security helps keep a business
up and running, on top of reducing its liabilities, insurance, and other related expenses.

In other words, a secure company is a more profitable company.

What kind of threats exist towards office security? And what should a company do to keep its
physical assets and employees safe from these threats?

Threats to Office Security

Every company has items of value it needs to protect, such as its inventory, data, documents,
computers, communications, and employees from theft and attack. Putting any of these essential
assets at undue risk is an unconscionable breach of responsibility.

The assets of a typical business face a number of identifiable risks. These risks include:

 Burglary and theft. Both physical and virtual assets can be stolen. Intruders can physically
break into an office and steal money, inventory, confidential documents, computers, and
other documents. Virtual thieves can break into a company’s network and steal digital
documents, business secrets, and other confidential data. Thieves don’t have to be external
actors; the incidence of employee theft is on the rise and can be even more destructive. All
of a company’s assets need to be protected against theft of any type.

 Vandalism. Vandals can damage both physical and virtual assets. The result is the same –
documents, data, and devices defaced, destroyed, and otherwise rendered unusable.

 Unauthorized access. Criminals don’t have to physically steal something to do irreparable

harm. By accessing a company’s physical or digital files a malicious intruder can steal
company and trade secrets, disrupt company communications, and even lock employees out
of key systems.

 Extortion. Malicious actors can render systems, data, and other assets unusable unless a
ransom is paid. This form of extortion is often done digitally via the use of ransomware that
locks companies out of their own systems.
Any of these malicious actions will, at the very least, cause a disruption in a company’s operations.
At worst, these security breaches can significantly impact a company’s bottom line and even, in the
worst of circumstances, force a company out of business.

Develop an Office Security Plan

How does a company create a safe and secure office environment? No company has to reinvent the
wheel; there are established office security best practices and procedures that, when implemented,
help to create a safe workplace for all employees.

After knowing the potential threats to company assets and employees, the first step a company
should take is to develop a detailed security plan. This plan should spell out potential risks, necessary
steps to mitigate those risks, and instructions for recovering from any security incidents

Most companies approach an office security plan by following these steps:

1. Assess the security risks to the company, its physical offices, and employees.

2. Determine where the company is most vulnerable to theft, vandalism, and other forms of
attack. Identify the company’s most vulnerable – and valuable – assets.

3. Evaluate ways to protect against identified vulnerabilities.

4. Implement actions, systems, and technologies to secure the company’s office and assets.

This security plan should be a written document or series of documents, distributed to key
management, security staff, and appropriate employees. The plan needs to be embraced by all
players and adequately funded by management.

Of course, developing a security plan is just part of the solution. The plan must be fully implemented
and then monitored and updated on a regular basis. Situations change, threats evolve, and new
assets are acquired; the company’s security plan must adapt to all of these changes.

Best Practices: Physical Security

The most common and most effective security methods involve physically securing premises, people,
and other assets. This can be done via traditional means or using various types of security
technology.

Lock All Doors and Windows

This may sound like a blatantly obvious thing, but all building doors need to be closed at locked at
the end of normal business hours. For added security, keep doors locked during business hours and
require keycard entry for employees. Electronic locks are more effective than traditional mechanical
locks.

Install Physical Barriers

To guard against forced entry, consider installing swing gates or similar barriers at key entrance
points. To keep automobiles from ramming into exterior doors and windows, install physical barriers
along the building’s perimeter and in front of large doors.

Install Metal Detectors

To help guard against violence from guns, knives, and other weapons, consider installing metal
detectors at all key entrance points.
Identify Employees

Employees should be issued identification cards to be worn on a lanyard or clipped to their clothing.
Guests should be issued temporary ID cards. This way unauthorized visitors will be easily and visually
recognizable.

Employees and authorized visitors should also be issued electronic key cards. The use of key cards to
enter the building, office or specified areas can and should be tracked by a computerized security
system. This way the company can track who is in the building, where, and when.

Develop Access Control Policy

Not all areas of the company should be accessible by all employees. It is now commonplace to
restrict access to certain areas for designated employees only. This is done by installing electronic
key card readers on doors leading into restricted areas.

Management and security staff should develop an access control policy to determine which
employees have access to which areas. Only approved employees can enter these designated zones
by using their key card, and employees not previously approved are locked out of these areas.

Many companies employ a “nested” or zoned access policy. In this scheme, the facility is divided into
different areas or zones, with each zone having its own level of access. The least secure zone is
accessible by all employees and has the least amount of security. The next zone is restricted to a
smaller group of employees using a more sophisticated means of entry, such as a key card. The next
zone is even more restricted and secure.

This “nesting” of access continues to the office’s most secure areas, which are restricted to just a
handful of employees via multiple locking systems.

Secure Important Documents

Important company documents should not be left laying around on people’s desks. The more
important the document, the more critical it is to secure that document inside a locked safe with
limited access.

Secure All Cash

If a company deals in cash transactions, all cash received should be immediately secured inside a
safe. Employees should only have access to small amounts of working cash.

Monitor Packages

Larger corporations should be on the lookout for potentially dangerous packages delivered via the
mail or delivery services. Develop a policy for how deliveries are accepted and monitored. Be
cautious of packages with no return address.

In addition, security may want to check the bags, purses, and backpacks of all the company’s visitors,
both arriving and leaving the building. A post-visit bag check is especially important to guard against
theft of documents and other assets.

Require Strong Passwords on Computers

All of the company’s computers and devices need to be secured with strong passwords. If possible,
two-step authorization should be employed for stronger security. Make sure employees do not write
down their passwords – or, if they do, that they don’t place their passwords in easily found locations,
such as on top of their desks. In addition, all computers and other devices should be logged and
labeled to aid in recovery in case of theft.

Best Practices: Systems and Staff

One of the most effective ways to protect a workspace is by watching it. Companies can use
traditional human-based surveillance as well as state-of-the-art electronic surveillance.

Employ Appropriate Security Staff

All companies above a certain size should hire security personnel to monitor the workspace. This
staff should patrol the building both during and after work hours. Designated security personnel
should also check and log in all office employees and visitors, as well as discourage loitering on-
premises.

Obviously, a full-scale security staff might be overkill for a smaller organization. Security log in duties
may have to be assigned to another employee, such as the receptionist. Other security activities can
be outsourced to a third-party security firm.

Record All Visitors

Security or office staff should keep a record of all visitors, either electronically or on paper. This
record should list the visitor’s name, company, purpose, time in, and time out. Historical visitor
records should be easily accessible if necessary to track possible intrusion or theft. Install Video
Surveillance

All offices, big or small, should have appropriate surveillance systems installed. Cameras should be
installed both inside and outside the building. Live monitoring is recommended for sensitive areas or
assets in large organizations. All feeds should be recorded with either onsite or cloud-based storage
for future review. For stronger security, consider using a remote monitoring facility, staffed by an
external security firm.

Install Intrusion Detection Systems

All companies should install physical security systems in their buildings. This typically consists of
traditional locks or electronic key card readers on all external doors and doors leading into defined
workspaces. Doors and windows should be protected by glass breakage, perimeter, passive infrared,
infrasound, ultrasonic, photoelectric, or motion sensors.

Any breach of the security system, especially after hours, should set off a loud alarm (to scare off
intruders), activate emergency lighting, and automatically notify local authorities and company
security and management. Ideally, the security system should be monitored by an independent
security firm. Rapid response to unauthorized entry is important to both catch and discourage
intruders.

Install Second Layer Security

For particularly sensitive areas or assets, a second layer of security should be employed. This may
include additional sensors and alarms, surveillance cameras, or perimeter protection. This is
particularly important for servers and data rooms, which should be protected with their own
electronic locks and alarm systems.
Secure the Building Itself

Most security plans focus on obvious entry points, such as doors and windows. Security experts
recommend that companies also consider the construction of the building and look for less-obvious
points an intruder could use for entry.

For example, a good security plan considers and defends against roof or ceiling entry. Drop ceilings
can be used to enter from less secure to more secure areas. Solid floor-to-ceiling barriers, including
through drop ceilings, should be installed around all restricted areas. These barriers should also be
equipped with intrusion detection systems.

Secure Public Areas

Areas of a building that are open to visitors, such as waiting rooms, should only have secure doors to
the rest of the building so visitors can’t inadvertently or purposefully enter private work areas. This
public area can have guest-level WiFi access but no direct connections, wired or wireless, to the
company’s main network.

Consider the Lighting

A building’s physical security can also be enhanced by installing proper lighting around the building’s
perimeter and at all entrances and exits. Strong lighting will deter burglaries and assaults and
generally make a building safer.

Install Other Detection Systems

It should go without saying that all public buildings should be protected by smoke, heat, and carbon
monoxide detectors. Proper authorities, including the local fire department, should be notified when
conditions activate these alarms.

Best Practices: Preparedness

In addition to the best practices discussed, companies need to prepare for security incidences. This
means establishing security guidelines, developing an emergency response plan, and training
employees on security procedures.

Establish Security Guidelines

Every company needs to create a set of security guidelines for the organization. These guidelines
should establish the procedures that employees must follow to enhance the organization’s physical
and virtual security.

Develop an Emergency Response Plan

Staff needs to know what to do in the case of a workplace emergency. It’s important to develop
detailed plans for responding to all kinds of incidents, for employees, management, security staff,
and first responders.

Test the Security

It’s important to verify that all security and surveillance systems are in working condition. Test all
systems when installed and on a regular basis. Record the results of each test and make necessary
adjustments and repairs based on results.
Stock Emergency Kits

It’s important to have emergency kits available for use when necessary. These kits should include
first aid supplies, one or more flashlights, bottled water, and similar items. Distribute multiple kits
throughout a large workplace or on individual floors of a large office building.

Conduct Security Training

Employees at all levels need to be trained on the importance of office security. This mandatory
training should present and reinforce the company’s security guidelines and stress how the security
of the company is dependent on the vigilance of individual employees.

Manage Employee Turnover

Every employee who leaves a company presents a new and unique security risk. When an employee
leaves, on good terms or bad, that person’s security privileges should be immediately revoked. All
security-related devices, such as keys and key cards, should be obtained from that individual and
that person’s access should be removed from the company’s system.

Security and front desk personnel should be alerted to that employee’s leaving, especially if the
employee was terminated or left on bad terms so that they can keep an eye out for any future
unauthorized access by that person. If the person was at a high enough security level, the company
may need to change passwords, access procedures, and such to prevent that person from further
accessing the system.

Keep Systems Updated

Installing security systems and implementing security plans is not a one-time operation. Security
technology is constantly improving and physical systems need to be periodically updated to keep
pace with similar developments from the criminal element.

Plans and procedures also need to evolve over time as new assets are required and as security
threats evolve. Keeping a company’s security up-to-date is a constant process that requires continual
attention and regular funding. Not updating a security system will eventually put a company at risk.

References

https://www.besafe.net/news/office-security-best-practices-and-procedures/

https://fmlink.com/articles/the-importance-of-ethics-in-the-workplace/

Remember, next class in Exam. It will be multiple choice exam that will be given during regular
class time.