Good shot from NZCS but misses target

Posted on August 9, 2009


The draft Professional Knowledge Curriculum for NZ Computing Professionals has made some great strides towards sustainable practice but has missed an opportunity to demonstrate the excellence the Society is aiming for.

Described as the “non- technical knowledge possessed by ICT professionals” the draft consists of four categories (Ethics and code of conduct; Managing ICT risk; Legal and compliance frameworks; and Organisational roles).

The first of these categories – Ethics and code of conduct – begins with “ethical work practices: understanding the elements of ethical behaviour in dealing with clients and business colleagues”.  The topics are headed with “includes an understanding of the following items:” and the first of these is “the 8 tenets of the NZCS Code of Ethics/Conduct”.

The NZCS Code of Ethics/Conduct applies to “all members of the society”.   It makes interesting reading.  The preamble states that the code is based upon the principles of:

–          Interests of the community

–          Respect for the individual

–          Interests of the client.

It seems the order of these principles is not chance – community comes first (Aside:  while this may seem common sense to us, it does not reflect the naïve view of incoming computing students , the majority of whom saw loyalty to the employer as paramount, regardless of consequences).   Here’s the first three of the eight tenets:

  1. Member’s responsibility for the welfare and rights of the community shall come before their responsibility to their profession, sectional or private interests or to other members.
  2. Members shall act in the execution of their profession with integrity, dignity and honour to merit the trust of the community and the profession, and apply honesty, skill, judgement and initiative to contribute positively to the well-being of society;
  3. Members shall treat people with dignity, good faith and equity; without discrimination; and have consideration for the values and cultural sensitivities of all groups within the community affected by their work;

So, who is this community?    The Code helps here too: “community…refers to all groups in society including members’ own workplaces”.  They then go on to define community wider, including the environment:

–          Acting and working in a way such that the health, safety and well-being of employees and colleagues are not endangered;

–          Ensuring that work undertaken meets community expectations by adopting the norms of recognised professional practice; or communicating any attendant risks or limitations, and their effect, in any work undertaken which does not accord with convention;

–          Being vigilant in ‘duty of care’ toward members of the community;

–          Communicating the results of work undertaken in a clear and unambiguous way;

–          Raising real or perceived conflicts of interest, or issues which may not be in the community interest, at an early stage of involvement;

–          Commitment to the principles of sustainable development of the planet’s resources and seeking to minimise adverse environmental impacts of their work or applications of technology for both present and future generations;

–          Not being involved in any activity which is known to be fraudulent, dishonest or not in the interests of the community (as described); and

–          Not accepting reward or compensation from any more than one party, without the clear understanding and acceptance of all parties.

This section concludes: “these tenets of the Code require members to be mindful of more than their technical and professional responsibilities and their immediate employer or client”.

Sustainability is, therefore, foremost in the NZCS professional knowledge curriculum at place 1.1.1   (it’s not actually numbered, but if it were it would go up to 4.8.5).

Unfortunately, the order of the curriculum is not indicative of the importance of the topic.  There are 91 elements in the curriculum.    While most professional practices – honesty, integrity, expert advice – are things you would hope from a sustainable professional, they do not by themselves nor in concert constitute a sustainable professional.  There is only one more element that approaches sustainability:

importance of informing oneself and one’s clients or employers of the economic, social, environmental or legal consequences which may arise from decisions and actions.

The rest of the curriculum is very heavily weighted to risk avoidance and compliance.   Here’s some random (really) examples:

2.2.2 Typical security frameworks and how and when they apply

2.6.2 The concepts of physical security requirements of information and associated technologies

3.1.4 The legal requirements for managing Spam

3.2.5 The role of industry sectors compliance frameworks that impact on ICT eg HIPPA and Sarbanes-Oxley

4.3.2 The need to determine, measure and review service levels.

Sustainability is therefore only two out of 91 elements.   I would not like to see any more elements – it is already far too long to be used in assessment of professionals.   So what would I like to see changed?

While I am pleased sustainability gets its own element, it should also be a lens for the rest of the document.  So too should other integrative and overarching concepts – “mutual respect” comes to mind – but instead the document is heavily compliance focused.    I think this legalistic focus is regrettable.  Perhaps it reflects the background of the focus group who developed the curriculum (lawyers, security and privacy experts).    It also does not properly reflect the intent of the NZCS professionalisation drive – to create a gold standard.  Instead of aiming for the top of the professionalism ladder, the focus on compliance is only one step above avoidance on the bottom rungs of maturity models

I should like to see the elements in the curriculum that do describe a sustainable professional strengthened.   Specifically, 1.4.2 (“importance of informing oneself and one’s clients or employers of the economic, social, environmental or legal consequences which may arise from decisions and actions”)  needs to go beyond informing, to taking action.   Merely raising an issue doesn’t clear oneself of ethical obligations.  Further, the equivalent areas in security, delivery risk etc have elements that specify understanding of appropriate strategies and tools for action – so too should this section.

Also, as referenced by 1.1.1. the Code of Ethics statement that defines community to include sustainable development should be widened to include

–          a full definition of sustainability (ie include social and economic)

–          and go beyond a requirement to “minimise adverse environmental impacts” to a position of restorative sustainability (ie promote actions that improve outcomes)

Sustainability should be added to elements where appropriate.  For example:  

2.3. (ICT investment risk) lifecycle and replacement models should take into account full life-cycle analysis (including models such as cradle-to-cradle)

2.3.3 (ICT investment risk) should extend cost-benefit analysis to include less tangible return on investment considerations.

3.1.1 (ICT- related laws) should include the Resource Management Act, and have a statement to the effect of maintaining understanding of new and emerging legal frameworks.  These might include the extended producer responsibility, carbon accounting, and environmental labelling.

3.2. (compliance frameworks) should include expectations of market standards (international, national, and market place).

3.2.4 (compliance frameworks) good practice frameworks should include triple bottom line accounting.

3.4.2 (public sector requirements) public agencies should have reference to government sustainable procurement programmes.  

4.2.2 and 4.2.3 (role of information systems strategy) should include environmental drivers for IS strategy.

4.6.4 (business acumen) should include environmental drivers in trends that affect organisations

This is not a complete list, the lens of sustainability should be used to review the entire list.  It is not though a matter of writing “…and sustainability” to the list of considerations.  Rather, an understanding that computing is in a privileged position to make a positive impact beyond our own footprint, and that this is the responsibility of all of us – especially those aiming for a gold standard, should guide a revisioning.