IT5105: Professional Issues in IT: University of Colombo, Sri Lanka
IT5105: Professional Issues in IT: University of Colombo, Sri Lanka
IT5105: Professional Issues in IT: University of Colombo, Sri Lanka
(TWO HOURS)
Important Instructions:
• The duration of the paper is 2 (two) hours.
• Write your answers in English using the space provided in this question paper.
• Under no circumstances may this book, used or unused, be removed from the
Examination Hall by a candidate.
Questions Answered
Indicate by a cross (), (e.g.
1 ) the numbers of the questions answered.
Question numbers
To be completed by the candidate by
1 2 3 4
marking a cross ().
To be completed by the examiners:
1
Index No ………………………….
1)
(a) List six (6) legal implications of computer monitoring at the workplace relating to e-mail and Internet
surveillance that you are familiar with.
(06 Marks)
ANSWER IN THIS BOX
Employee’s privacy
Data Protection Act 1998 (UK)
Data Protection Directives 95/46/EU
The Regulation of Investigatory Powers Act 2000
The Telecommunications Regulations 2000
Human Rights Act 1998
(b) Collection of personalized information could be very important for an organization. However, that data
must be protected, and the collection has to be performed according to Data Protection policies. European
Union Data Protection Directive (1998) is one such policy.
List six (06) European data privacy principles and briefly explain any three (03) of them.
(12 Marks)
Lawfulness, fairness and transparency
For processing of personal data to be lawful, specific grounds for the processing (‘lawful basis’)
must be identified. There are six main options with additional conditions for processing some
especially sensitive types of data. If no lawful basis applies then the processing is unlawful and in
breach of this principle.
In general, fairness means that processing must be done in ways that people would reasonably
expect and not in ways that have unjustified adverse effects on them.
Transparency is fundamentally linked to fairness. Transparent processing means being clear, open
and honest with people from the start about who you are and how you process data. Informing
individuals in easily accessible and understandable language is the key, whether the controller has a
direct relationship with the individual or not.
Purpose limitation
To ensure that the reasons for processing are clear and open, and in line with the reasonable
expectations of the individuals concerned, EU data protection law requires that the purposes for the
processing be specified. This is fundamental to building public trust.
Data minimization
The data minimization principle requires entities to process only ‘adequate, relevant and limited’
personal data that is ‘necessary’. EU data protection law does not define what ‘adequate, relevant
and limited’ means but states that the assessment of what is ‘necessary’ must be done in relation to
the purposes for processing.
Accuracy
EU data protection law requires that data be ‘accurate’, ‘kept up to date’ and ‘erased or rectified’
when inaccurate. GDPR does not define the word ‘accurate’ but, Based on the meaning of the word,
it can be said that data is inaccurate when it is incorrect or misleading.
2
Index No ………………………….
Storage limitation
EU data protection law does not set specific time limits for different types of data but requires that
controllers and processors set limits based on the purposes of the processing.
Integrity and confidentiality
Controllers and processors must ensure that appropriate security measures are in place to prevent
data from being accidentally or deliberately compromised.
Accountability
Accountability
The accountability principle requires controllers and processors to take responsibility for their
processing activities and for how they comply with data protection principles. Having appropriate
measures and records in place to demonstrate your compliance is key.
(c) Select an appropriate word or set of words from the list given below the table to fill the blanks
in the column B.
(7 marks)
Column A Column B
1 A guide of principles designed to help Code of ethics
professionals conduct business honestly and
with integrity
2 This entity is responsible for building a strong Corporate Ethics Officer
ethical culture within the organization
3 This is a set of beliefs about right and wrong Ethics
behaviour within a society
4 Assesses an action in terms of its consequences Utilitarian Approach
or outcomes
5 A way of measuring, understanding, reporting Social Audit
and improving an organization's social and
ethical performance
6 Making decisions focusing on how fairly actions Fairness Approach
and policies distribute benefits and burdens
among people affected by the decision.
7 These are one’s personal beliefs about right and Morals
wrong
(Morality, Ethics, Vices, Code of Principles, Morals, Code of Ethics, Board of Directors,
Social Audit, Fairness Approach, Brainstorming, Corporate Ethics Officer, Utilitarian
Approach.)
25 marks
2) (a) a. The clauses given in Column A belong to the 4 sections of the British Computer Society
(BCS) Code of Conduct. Write the name of the correct section against each clause in Column B.
3
Index No ………………………….
(12 marks)
Column A Column B
Only undertake to do work or provide a Professional Competence and Integrity
service that is within your professional
competence
Have due regard for the legitimate (legal) Public Interest
rights of Third Parties.
Have due regard for public health, privacy, Public Interest
security and wellbeing of others and the
environment.
Avoid injuring others, their property, Professional Competence and Integrity
reputation or employment by false or
malicious or negligent action or inaction.
Accept professional responsibility for your Duty to Relevant Authority
work and for the work of colleagues who are
defined in a given context as working under
your supervision
Promote equal access to the benefits of IT and Public Interest
seek to promote the inclusion of all sectors in
society wherever opportunities arise.
Conduct your professional activities without Public Interest
discrimination on the grounds of sex, sexual
orientation, marital status, nationality, colour,
race, ethnic origin, religion, age or disability,
or of any other condition or requirement
NOT misrepresent or withhold information Duty to Relevant Authority
on the performance of products, systems or
services (unless lawfully bound by a duty of
confidentiality not to disclose such
information),or take advantage of the lack of
relevant knowledge or inexperience of others.
Explain the difference between Hackers and Crackers with reference to systems security.
(4 Marks)
(b)
ANSWER IN THIS BOX
Hackers
4
Index No ………………………….
•Crackers
(c) The terms in column A and sentences in column B are associated with security & privacy of
personal data.
Match the suitable contents of a cell in Column A with the contents of a cell in Column B.
(4 Marks)
Column A Column B
1 Identity Theft P is unwanted software that try to get into your
computing device, stealing your internet usage
data and sensitive information.
2 Spyware Q attempt to obtain sensitive information or data,
such as usernames, passwords and credit card
details, by disguising oneself as a trustworthy
entity in an electronic communication
3 phishing R was created primarily to modernize the flow of
healthcare information, specify how personally
identifiable information maintained by the
healthcare and healthcare insurance industries
should be protected from fraud and theft, and
address limitations on healthcare insurance
coverage.
4 HIPAA S the deliberate use of someone else's personal
information, usually as a method to gain a financial
advantage or obtain credit and other benefits in
the other person's name, and perhaps to the other
person's disadvantage or loss.
1-s
2-p
3-q
4-r
5
Index No ………………………….
Law: System of rules that tells us what we can and cannot do, Laws are enforced by a set of
institutions (the police, courts, law-making bodies) (2 marks)
Answer: (Morals) Ref 2 - Page 4, (ethics) Ref 2 - Page 3, (Law) Ref 2 - Page 5
25 marks
3) (a) Commander and Debater are two types of ‘Personalities’ belongs to the ‘Analysts’ category. List two
(02) strengths and two (02) weaknesses of each personality.
(06 marks)
Commander - Strengths:
1. Bold, imaginative, strong- willed leaders, efficient, self-confident, and strategic thinkers.
2.
Commander - Weakness:
6
Index No ………………………….
1. They can be arrogant, stubborn, dominant, ruthless, and poor emotion handlers.
2.
Debater - Strengths:
1. Smart and curious thinkers, knowledgeable, quick thinking, energetic, and charismatic.
2.
Debater - Weaknesses:
1. They can be very argumentative, insensitive, intolerant, difficult to focus on the practical
matters.
2.
There can be more correct answers. 0.75 mark for each answer
(b) Assume that you are a project manager. Sudesh is a software engineer hired to your team six months
ago. During this last six months period, there were several complaints raised by the team members
against Sudesh, which includes not respecting other team members, being dishonest, and not being
punctual. As a result, top management has decided to put him into a six-month probation and applied
20% pay cut. However, he is a highly skilled programmer and solve many critical programming issues
in ongoing projects. Sudesh always finishes his daily allocated tasks earlier than the expected time.
Therefore, you consider him as a very good asset for your team.
As the project manager, explain how would you give him a constructive feedback and motivate him to
be an honest and punctual person as well as to be a good team player.
(08 marks)
ANSWER IN THIS BOX
Constructive feedback is providing useful comments and suggestions that contribute to a positive
outcome, a better process or improved behaviours. It provides encouragement, support, corrective
measures and direction to the person receiving it.
One way of giving a constructive feedback is to start with the good things that particular employee
does well and slowly pointing out limitations. See things positively and encourage the employee about
addressing those limitations and be a better person.
Feedback should not be delivered in a way that provokes hurt feelings, shame, defensiveness,
resistance or a sense of failure. Constructive feedback needs to be specific, issue-focused and based
on what is observable.
There can be many correct answers and based on the quality of the student’s answer marks will be
decided.
7
Index No ………………………….
(c) Recent COVID-19 situation has led many of the office work to conduct using online methods. List
three (03) advantages and three (03) disadvantages of ‘work from home’ method.
(06 marks)
ANSWER IN THIS BOX
Advantages:
• There is no commute time or expense.
• Office space rentals and bills will be reduced
• Flexibility to take care of appointments and errands.
• There are fewer interruptions from meetings and chitchat.
Disadvantages:
• There is no physical separation between work and leisure time.
• It is easy to misread cues via electronic communications.
• You have to make the effort to get a change of scenery.
• Digital fatigue
8
Index No ………………………….
(d) As a result of the Industry 4.0 revolution, most of the productions and services would be automated
using intelligent machines.
By thinking on the positive aspects, briefly explain what kind of new job opportunities would be created
as a result of this change.
(05 marks)
ANSWER IN THIS BOX
Even though Industry 4.0 would cut-off jobs related to production lines, it may create several other
job professions/fields such as software development, data science, cloud technologies, engineering
and technician jobs related to robots and embedded systems, etc.
Further, as a result of this automation, production will increase and the prices of products may drop.
Therefore, more sales and services jobs would be created.
There can be many correct answers and based on the quality of the student’s answer marks will be
decided.
25 marks
4) (a) Social networks such as Twitter and Facebook can be used to spread false or misleading information.
List four (04) actions that you would take to verify a particular piece of information is true or false.
(04 Marks)
ANSWER IN THIS BOX
• Check whether this information is coming from a reputable new agency, or does it cite
reputable sources?
• Check that news / information with a fact checker.
• Check the number of followers and no of known contacts which follows that account
• Is the news shared using a fake account or does it belongs to a actual person?
There can be more correct answers. Each correct answer will receive 1 mark
9
Index No ………………………….
(b) Cyberbullying (the use of digital technology to threaten, menace, harass, or humiliate an individual or
group) is becoming a major issue related to the Social Media.
State four (04) actions that you could take to minimize Cyberbullying?
(04 marks)
ANSWER IN THIS BOX
• Keep your profiles set to private; monitor and update privacy settings regularly
• Don't "friend" or follow anyone who isn't a friend
• Don't accept requests or messages from users you don't know
• Never share and protect your password and prevent others from gaining access to your
profiles and private photos
• Educate yourself and others on the negative impact of cyberbullying
• Report the incident to the appropriate authorities.
There can be more correct answers. Each correct answer will receive 1.5 marks
(c) Assume that you are developing a virtual reality environment (a virtual world) that can be used as a
new social networking platform. A 3D humanoid virtual character will be assigned for each registered
user account. Based on the user’s inputs, this virtual character can interact with other virtual characters
(which represent other users) in the virtual world. As the lead developer of this system, you would like
to allow those virtual characters to simulate several real-world interactions in this virtual world, such as
working, playing, partying, shopping, etc.
Briefly explain (03) criminal/illegal activities that can be taken place in this virtual world setting.
(06 Marks)
ANSWER IN THIS BOX
• Some activities can be clearly illegal, such usage of stolen credit cards
• Some may not be the same as in the real-life crime, such as virtual muggings and sex
abuses. In real life scenario they can cause severe mental, physical pain and suffering.
• There are grey areas as well such as unfair operation of virtual casinos
There can be more correct answers. Each correct answer will receive 2 marks
10
Index No ………………………….
(d.) List three (03) best practises of public speaking and presentation?
(06 arks)
ANSWER IN THIS BOX
• Make eye contact with the audience, open the flow of communication and convey interest,
concern, warmth and credibility.
• Deliver an attention-grabbing Introduction. Be creative. Make sure to address the audience.
• Use evidence for the points you make.
• Speak loud enough and clear. Vary your volume, tone, pitch and pace in order to suit what
you say.
• Use proper gestures, body language, and facial expressions
• Use visual supplementary documents such as handouts, posters, slides, videos, etc
There can be more correct answers. Each correct answer will receive 1.5 marks
(e) paraphrasing (express the meaning using different words) is considered as a key writing skill.
i. Briefly explain why it is important
ii. List three (03) methods that can be used for paraphrasing?
(05 marks)
ANSWER IN THIS BOX
i Paraphrasing helps to avoid the risk of plagiarism. Also, it demonstrates the author have a proper
understanding of the source.
Explanation: 2 marks
ii
• Changing vocabulary by using synonyms.
• Changing word class (shift between verb/noun/adjectives).
• Changing word order.
• And more.
Each correct method: 1 mark
11
Index No ………………………….
25 marks
*************
12