Code of Ethics and Professional Practices

Introduction

A code of ethics also named as a code of ethical conduct is designed to those aspects of the business which encourage trust in professional behavior. These aspects include but not limited to the code of conduct of employees at an organization, the professional practice adopted by professionals at their workplace and the ethical principle adopted by individuals in day to day operations of the business. These codes are embedded in the organization’s mission statement and corporate values of the culture of the organization.

Walmart and every professional organization follows the guidelines of the International Professional Practices Framework. These guidelines are prescribed in the framework in the shape of mandatory and strongly recommended guidance. Therefore on 01-July-2017, the Institute of Management Accounts, USA has a prepared practice which is needed to be adopted by Management accounts govern under their leadership through ethical professional behavior.

The Walmart follows the mandatory Guidance which consist of 4 pillars. The core principles of Walmart includes include objectivity, fairness, honesty and responsibility. Cost Management function is effective only if these Principles are applied affectively by accounts department of Walmart. These standards include Integrity, creditability, confidentiality and competency. These standards promote a broad range of value-added services of cost management functions.

The planning related to Resources of Enterprises adopts mechanisms under which different departments of the Walmart become integrated which each other. ERP refers to a single system under which a task partially performed by a single department will automatically forward to another department for their respective procedures. The level of integration depends upon the infrastructure of Network inside Walmart. This integration includes purchasing of assets, classification of items, sales, and costing, financing, risk management, human resources and administration departments of Walmart.

System of Information related to Accounting in Walmart is referring to the collection of data, its achieving, handling and analysis for the management team for commercial decisions. System based procedure is being adopted for theses accounting activities in collaboration with the IT systems department of Walmart.  As a result several MIS related to regulatory, sponsors, lenders, buyers and sellers can be extracted at the click of a button. This system may further be utilities for archival of data along with audit trail for review by Inspection officials.

Here we will be discussing the standard of ethical conduct applied in Wal-Mart. At Wal-Mart we will be considering the ASI-ERP environment and their controls implemented. Finally the results of control & prevent the cyber-attack and its risk.  

Statement of Ethical Professional Practice by IMA

Integrity Standard

According to the Institute of Management Accountants, members of IMA are strongly recommended to

1. Mitigate actual conflicts of interest. Regularly communicate with business associates to avoid apparent conflicts of interest. Advise all parties of any potential conflicts of interest.
2. Refrain from engaging in any conduct that would prejudice carrying out duties ethically.
3. Abstain from engaging in or supporting any activity that might discredit the profession.
4. Contribute to a positive ethical culture and place the integrity of the profession above personal interests. IV.

Integration has played vital for cyber security risk to the organization. Several controls have been applied at Wal-Mart to reduce them. Management Accounts including staff and other individuals using Network systems are always instructed to refrain from using external peripheral devices with their system. For this purpose Information System Department applies systematic restriction for the use of external devices at Network. Even in a case, such incidents have occurred through a network, immediate incident reporting perform has been generated and sent to the Chief Information Security officer for remedial action.  Further employees were asked to sign a code of conduct declaration under which they are restrained from any conflict of interest, predicate from unethical behavior with systems and its misuse. These types of an incident not cast security breach but can also become treating for AIS- ERP system to have unauthorized access

Creditability Standard

According to the Institute of Management Accountants, members of IMA are strongly recommended to

1. Communicate information fairly and objectively.
2. Provide all relevant information that could reasonably be expected to influence an intended user’s understanding of the reports, analyses, or recommendations.
3. Report any delays or deficiencies in information, timeliness, processing, or internal controls in conformance with organization policy and/or applicable law.
4. Communicate professional limitations or other constraints that would preclude responsible judgment or successful performance of an activity.

A commitment to the ethical standard of truthfulness is essential to enhance objectivity and diminish bias (Reiser.1993).

Wal-Mart’s technology hoof marks are impressive. With more than half-million devices for networking, several servers, three backup worldwide centers for collection and archiving of data and 0.5 million customer transactions in month quarter required Cyber safety measures team to look after two hundred billion security breach incidents per annum supported by extremely flexible protection technologists.  These professional designs control according to job description wise options for individual staff to work according to his requirements in the system. Employees and authorized must kept their password in the safe customer. In case of any UN authorized access notices at their system immediately report the same to CISO for future assessment. Information and views the rights of data to employees are restricted to their relevant work only. In case of requirements raised by concern staff for more options in their system, dual approval from CISO and line of business is required. These controls will restrict the usage of staff and vendors to explore details of their relevant portion. Further from the Information security point of view. Employee’s logs of excess and his footprints are achieved for audit trial. These footprints become pieces of evidence against employees or external vendors who got unauthorized access to the system for malfunction. The unauthorized access to AIS –ERP environmental system becomes the risk for an organization in case of breach of security.

Confidentiality Standard

 According to the Institute of Management Accountants, members of IMA are strongly recommended to

1. Keep information confidential except when disclosure is authorized or legally required.
2. Inform all relevant parties regarding the appropriate use of confidential information. Monitor to ensure compliance.
3. Refrain from using confidential information for unethical or illegal advantage.

The resulting ethical-legal confusion is exacerbated by legally based confidentiality training that treats legal exceptions as if they were the rule and fosters the impression that attorneys are now the only real experts about this aspect of the practice (Fisher, M.A., 2008).

All staff members at Wal-Mart including senior management, accountants, etc. are required to work under strict compliance of confidentiality standards. They have to sign the employees of code conduct to keep the organizational information confidential unless they were asked by any regulatory body subject to the specific condition. For these purposes, their system must be password protect with backup sources for data archival. For these purposes, the information security department applies security measures over data archival sites. These sites are strong security with strong antivirus software and Secure Configurations for Hardware and Software which grants access to these sites. Under these conditions a particular system allowed to get access and unauthorized were disallowed. Further management accountants must have standardized operation procedures to deal with staff involved in granting unethical or illegal access of the system to none relevant staff. 

Competency Standard

According to the Institute of Management Accountants, members of IMA are strongly recommended to

1. Maintain an appropriate level of professional leadership and expertise by enhancing knowledge and skills.
2. Perform professional duties under relevant laws, regulations, and technical standards.
3. Provide decision-support information and recommendations that are accurate, clear, concise, and timely. Recognize and help manage risk

Professional standards frameworks are informed by several different approaches to competence, although an external or activity-based approach (Lester, 2014).

Management accountants are responsible for maintaining the standard for professional knowledge and skill to deal with the cyber-attack. They should behave know-how of laws related to cyber-attacks and consequences. Further, these reasons proper training to end-users must be provided for fair usage policy. These training must include proper risk mitigation techniques by employees themselves. The chief information security officer conducts regular audits and tests. They prefer by using skilled security penetration testers that simulate a cyber-attack. Security penetration testers are trained to use the same kind of mindset, methodology and tools as cybercriminals, but in a controlled and non-destructive manner. Further staff deployed at the accounting system must be aware of such threats. They shall remain vigilant and careful for working day to day tasks

Conclusion

A study in the field of Information security has proved that control weakness at the entrepreneur level cast significant risk threats to the Walmart core system. The threat may include viruses, malware, loss of worthy data, and phishing risk. Electronic data leakage, incidents affecting 3^rd part clouding services and vitalized networks with careless or uninformed staff being the second most likely cause of a serious security breach, and Walmart is searching for a way to mitigate risk. Under the umbrella of code of ethics if the standards of integrity, confidentiality, competency & creditability are properly followed and backed by sufficient control at higher hierarchy of Walmart then, there are chances to reduce risk of cyber-attack or fraud to lowest level however information security risk cannot be zero.

Reference

• Lester, S., 2014. Professional standards, competence and capability. Higher Education, Skills and Work-based Learning.
• Fisher, M.A., 2008. Protecting confidentiality rights: The need for an ethical practice model. American Psychologist, 63(1), p.1.
• Reiser, S.J., 1993. Overlooking ethics in the search for objectivity and misconduct in science. Academic Medicine.