First published 2020

RTO Works
www.rtoworks.com.au
hello@rtoworks.com.au 0452
157 557

© 2020 RTO Works

This resource is copyright. Apart from any fair dealing for the purposes of private study, research, criticism or review as
permitted under the Copyright Act 1968, no part may be reproduced by any process without written permission as
expressed in the RTO Works License Agreement.

The information contained in this resource is, to the best of the project team’s and publisher’s knowledge true and correct.
Every effort has been made to ensure its accuracy, but the project team and publisher do not accept responsibility for any
loss, injury or damage arising from such information.

While every effort has been made to achieve strict accuracy in this resource, the publisher would welcome notification of
any errors and any suggestions for improvement. Readers are invited to write to us at hello@rtoworks.com.au. IT
Works is a series of training and assessment resources developed for qualifications within the Information and
Communications Technology Training Package.

CONTENTS
Section 1: Action Plan ................................................................................................................................. 5
Section 2: Research and review ................................................................................................................. 8
Section 3: Feedback and changes to make ............................................................................................... 11
Section 4: Policy update ............................................................................................................................ 15
Student name: Rupesh Chaulagain

Assessor: Anil Adhikari

Date: 12-03-2024

Case study

Business this assessment is

based on:

IT BIZ solution

Documentation reviewed as
preparation:
Section 1: Action Plan
Include actions in order of priority.

What Comments When Completed

Time frames/ deadlines

Include any comments you need to Check each activity as

What activities will you be completing note you complete it.

Preparation Before Activity yes

Review background information

and policies.
Planning Develop an action plan. Before Activity yes

Research and Review Before Activity yes

Research industry standards and

legislation.

Round Table Discussion Before Activity yes

Coordinate with group for

discussion.

Update Policies and Procedures Incorporate research findings. After Activity 4 yes
Distribute Policies and Procedures After Activity 6 yes

Share updated documents with

stakeholders.

Include more rows as required

Section 2: Research and review
Intellectual property and
copyright standard/legislation
Research and identify ICT
industry standards for
intellectual property, as well as
copyright legislation.
Describe at least one standard
for intellectual property and the
main legislation for copyright.
Describe how you know the
source of this information is
reliable thereby ensuring the
integrity of information.
Privacy legislation
Research and identify existing
legislation relevant to privacy. way. This law sets out rules for how organizations can collect, use,
Identify the name of the Act and
describe the key purpose of
this legislation.
Describe how you know the
source of this information is
reliable thereby ensuring the
integrity of information.
Ethics
Research and identify ICT
industry standards relevant to
code of ethics, including
typical procedures for review
and grievance procedures
relevant to ethics breaches.
List at least one code of ethics
and describe its key purpose.
Describe typical review and
grievance procedures for
ethical breaches.
Describe how you know the
source of this information is
One standard for intellectual property is:
ISO/IEC 27001: It is like a rulebook for keeping information
safe in a business. It helps companies make sure they're
doing everything they can to protect information like customer
details or important data from being stolen or misused.
A copyright legislation is:
Copyright Act 1968 (Australia): It is a law in Australia that
says who owns creative stuff like books, music, or videos
once they're made. It means that if someone creates
something, like a song or a story, they own the rights to it.
Other people can't copy or use it without permission.
Information is obtained from reputable sources such as government
websites (e.g., IP Australia) and industry associations (e.g.,
International Organization for Standardization).
One legislation is Privacy Act 1988 (Australia): Its main purpose is to
make sure that organizations, like companies or government
agencies, handle your personal details in a responsible and secure
and share your information. It also gives you rights, like the right to
know what information is being collected about you and the right to
access or correct that information if it's wrong.
Information sourced from official government websites (e.g., Office of
the Australian Information Commissioner).
One code of ethics is a ACS Code of Professional Conduct, it guide
individuals in the technology field on how to behave ethically and
responsibly in their work. It aims to uphold standards of honesty,
competence, and integrity among tech professionals. By outlining
expectations for behaviour, the code ensures that professionals in the
field maintain high standards of professionalism, respect privacy,
follow the law, and continually improve their skills. Ultimately, it
promotes trust and confidence in the technology industry.
Review and grievance procedures are steps a company takes to
handle complaints or conflicts that arise within the organization. This
usually involves:
1. Internal Investigation: The company looks into the complaint to
understand what happened and gather information from
everyone involved.
ICTICT532 Apply IP, ethics and privacy in ICT environments |
8
reliable thereby ensuring the
integrity of information.
Questions
and ethics and appropriate
work practices.
Incorporate questions that
include specific issues, for
example, what would you do
if….? Develop at least 10
questions that assess
understanding of intellectual
property/copyright, privacy
Make sure you prepare your
questions in a suitable format,
for example, you might choose
to use a PowerPoint
Presentation or a Handout. You
must also make sure you use a
suitable tone and content for
your audience.
Attach this format below.
2. Disciplinary Action: If someone is found to have done
something wrong, they may face consequences, like
warnings or even losing their job, depending on the
seriousness of the issue.
3. Resolution Meetings: The company brings together the
people involved to discuss the problem and find a solution.
This could include mediation or other ways to resolve the
conflict.
ACS (Australian Computer Society) is a reputable professional body
in the ICT industry, ensuring the reliability of the information.
Here is the following questions that assess understanding Intellectual
Property, Copyright, Privacy, and Ethics:
• How does our organization handle copyright permissions for
external content?
• What steps are taken to ensure data privacy compliance with
the Privacy Act?
• Describe a scenario where ethical conduct was challenged in
our workplace.
• How are conflicts of interest managed within our
organization?
• What measures are in place to protect intellectual property
within our projects?
• When should personal information be anonymized according
to privacy laws?
• How are ethical breaches investigated and resolved at IT Biz
Solutions?
• What are the consequences of copyright infringement in our
organization?
• How does our code of conduct promote diversity and
inclusion?
• What steps are taken to ensure compliance with industry
ethics standards?
9
 Questions ready for roundtable discussion ☐

Attach:
ICTICT532 Apply IP, ethics and privacy in ICT environments |

10

Section 3: Feedback and changes to make
Roundtable discussion notes
Document the responses you
received relating to your
questions.
Summarise what it tells you
about current level of
understanding of
organisational policies and
procedures and current
practices.
ICTICT532 Apply IP, ethics and privacy in ICT environments |
Following are the responses and summary:
1. Handling Copyright Permissions:
o Response: Employees generally understand the
importance of obtaining proper permissions for
external content.
o Insights: There is awareness, but some confusion
exists regarding the specific steps and
documentation required.
2. Data Privacy Compliance (Privacy Act):
o Response: There is a good understanding of the
basic principles outlined in the Privacy Act.
o Insights: Staff recognize the importance of data
privacy but require more clarity on operational
procedures and specific compliance measures.
3. Ethical Conduct Challenges:
o Response: Several scenarios were discussed where
ethical conduct was challenged, highlighting varying
responses and outcomes.
o Insights: While the code of conduct is understood,
there's a need for clearer guidelines on handling
specific ethical dilemmas and consistent application
across different departments.
4. Conflict of Interest Management:
o Response: Mixed understanding on how conflicts of
interest should be managed, with some uncertainty
on reporting procedures.
o Insights: There's a need for more structured training
and guidelines to ensure consistent practices across
the organization.
5. Protection of Intellectual Property:
o Response: Good awareness of the importance of
intellectual property protection, with emphasis on
documenting ownership and usage rights.
o Insights: Clear policies are in place, but
reinforcement and regular updates are necessary to
address emerging challenges in digital content and
technology advancements.
6. Anonymization of Personal Information:
o Response: Varied understanding on when and how
personal information should be anonymized
according to privacy laws.
o Insights: Additional training is needed to ensure all
staff understand the legal requirements and
operational procedures for anonymization.
7. Ethical Breaches Investigation:
11
 o Response: Discussions highlighted existing
procedures for investigating ethical breaches,
involving senior management and HR.
o Insights: There is a structured approach, but there's
room for improvement in transparency and
communication throughout the investigation
process.
8. Consequences of Copyright Infringement:
o Response: Awareness of potential legal and financial
consequences of copyright infringement.
o Insights: Clearer communication on organizational
repercussions and preventive measures is needed to
reinforce compliance.
9. Promotion of Diversity and Inclusion:
o Response: Positive feedback on the organization's
efforts to promote diversity and inclusion through
its code of conduct.
o Insights: Continued emphasis on training and
awareness programs to ensure these principles are
integrated into daily operations effectively.
10. Compliance with Industry Ethics Standards:
o Response: Mixed understanding on how to
consistently apply and monitor compliance with
industry ethics standards.
o Insights: Regular training and updates on evolving
standards are essential to maintain high ethical
standards across all departments.
Summary Insights
• Strengths:
o Awareness: Generally, there's a good level of
awareness regarding copyright, privacy, and ethical
standards.
o Commitment to Ethics: Employees value ethical
conduct and recognize its importance in maintaining
organizational integrity.
• Areas for Improvement:
o Clarity in Procedures: More detailed guidelines and
training are needed to ensure consistent application
of policies.
o Operational Consistency: Ensuring all departments
and staff members adhere uniformly to policies and
procedures.
o Enhanced Communication: Clearer communication
on the consequences of non-compliance and the
importance of adherence to policies.

12
Changes to policies and Following are the changes need to be made:
procedures
1.Copyright Policy and Procedures Update: In response to the
Summarise the changes you
evolving landscape of intellectual property management, IT Biz
consider need to be made
based on your research, Solutions has updated its Copyright Policy and Procedures to ensure
review and roundtable comprehensive coverage and compliance with current laws and
discussion. organizational needs. Key updates include:
• Enhanced Permission Processes: We have streamlined our
procedures for obtaining copyright permissions,
emphasizing clarity on when and how to seek approval for
using external content. This includes detailed guidelines on
documentation requirements and approval workflows to
facilitate quicker processing times and adherence to legal
standards.
• Training Initiatives: Recognizing the importance of
employee education, we have implemented a mandatory
training program on copyright laws and fair use practices.
This program aims to empower our staff with knowledge on
how to ethically use and attribute copyrighted materials,
thereby reducing the risk of inadvertent infringement.
• Monitoring and Compliance: To ensure ongoing adherence
to copyright regulations, we have instituted regular audits
and assessments. These audits are designed to evaluate our
compliance with copyright policies, identify areas for
improvement, and implement corrective actions as
necessary.
2.Privacy Policy and Procedures Update: Our Privacy Policy and
Procedures have been updated to strengthen protections for
personal information and align with current regulatory
requirements. Key updates include:
• Enhanced Data Handling Procedures: We have refined our
procedures for collecting, storing, and sharing personal data
to enhance transparency and accountability. This includes
clear guidelines on data anonymization practices to
safeguard individual privacy rights.
• Compliance Audits: In line with the Privacy Act 1988 (Cth),
we are conducting regular compliance audits to assess our
data protection measures. These audits ensure that our
practices meet legal standards and uphold the trust placed
in us by our stakeholders.
• Employee Awareness Programs: We have launched targeted
awareness campaigns and training sessions to educate
employees about their responsibilities under the updated
privacy policies. This initiative aims to foster a culture of
privacy awareness throughout the organization and
empower staff to handle personal data with diligence and
respect.
3.Ethics Policy and Procedures Update: Our Ethics Policy and
Procedures have been revised to reinforce ethical standards and

13
provide clear guidance on handling ethical issues. Key updates
include:
• Scenario-Based Training: We have introduced scenario-
based training modules to equip employees with practical
skills for ethical decision-making. These modules include
case studies that simulate real-world ethical dilemmas,
promoting a proactive approach to ethical behavior.
• Enhanced Reporting Mechanisms: To facilitate ethical
reporting, we have improved our reporting mechanisms to
ensure confidentiality and non-retaliation for
whistleblowers. Employees now have accessible channels to
raise concerns, fostering a transparent and accountable
organizational culture.
• Standardized Investigation Procedures: We have
standardized our procedures for investigating ethical
breaches to ensure thoroughness and fairness in resolving
reported issues. This includes clear steps for conducting
investigations, determining accountability, and
implementing corrective actions.
4.Code of Conduct Update: The Code of Conduct at IT Biz Solutions
has been updated to reflect our commitment to integrity, diversity,
and inclusion. Key updates include:
• Inclusion of Diversity Principles: We have incorporated
explicit principles of diversity, equity, and inclusion into our
Code of Conduct. These principles guide our interactions
and behaviors, promoting a workplace culture that values
and respects differences.
• Regular Review Process: Our Code of Conduct undergoes
regular reviews to align with evolving industry standards and
organizational values. This ensures that our policies remain
relevant and responsive to changes in the workplace
environment.

ICTICT532 Apply IP, ethics and privacy in ICT environments |

14
Section 4: Policy update
The title of policy and procedure is :

• Updated IT Biz Copyright Solution Policy and Procedure

Policy updates
• Updated Privacy Policy and Procedure
List the title of • Updated Staff Code of Conduct
the policy and
procedures you
have developed,
as well as the
review and
grievance
procedure for
ethical
breaches.
Then attach
them to your
portfolio as
below.

Policy
distribution
Take a
screenshot of
the folders you
have set up.
Describe how
the
information is
secure and
accessible to
staff.
Include logins
for this
information.
The document is secured as it is uploaded on google drive which is one of the secure
and trusted cloud platforms. It is accessible only to the person to whom the folders
is saved. The only the employees whose email are added are permitted to used.
Feedback
Summarise the The feedback received from the team on the review and grievance procedures
feedback that during the discussion was positive, with team members acknowledging the changes
you were in the policy and procedures. They recommended some changes and guidance’s to
provided with resolve some complaints. The policy and procedures were enhanced with detailed
on your review instructions, guidance, clarity on consequences of violating the policies and
and grievance procedures.
procedures

ICTICT532 Apply IP, ethics and privacy in ICT environments |

15
and how you
used it.

Updated policies and procedures ☐

Review and grievance procedures ☐

Attach:

16
ICTICT532 Apply IP, ethics and privacy in ICT environments |

17