A directory of the codes professionals in this field actually agree to — the ones tied to your certifications, your employer, and your conduct. Pick one to commit to for this course; you will submit your choice through the LMS.
Browse the codes below. Each card links you to the official source so you can read it in full — not just the summary on this page. Then:
Why both professional codes and company codes? Because in your career you will be bound by both. A CISSP holder at Microsoft owes duties to (ISC)² and to Microsoft. Knowing what each one expects of you — and where they can conflict — is part of the job.
Codes you agree to as a holder of these certifications. Violations can result in decertification and, for several, are reportable to your employer.
Four mandatory canons: protect society, act honorably, provide diligent service, and advance the profession. Binding on every (ISC)² certificate holder; violations can trigger ethics review and certification revocation.
Seven principles centered on due care, supporting standards and procedures, serving stakeholders, maintaining competency, informing affected parties of audit findings, and promoting professional education.
The 2018 revision covers general moral imperatives, professional responsibilities, leadership responsibilities, and compliance. Widely adopted across academic computing and used in many software-engineering curricula as the baseline reference.
Ten commitments framed around upholding the highest standards of integrity, ethical conduct, and professional behavior — including holding paramount the safety, health, and welfare of the public, and protecting the privacy of others.
Covers responsibility to the community, prohibitions on unethical or unlawful acts, scope of certification claims, and confidentiality of the certification process itself. Violations can revoke certifications and bar future GIAC/SANS participation.
Nineteen tenets covering keeping client information confidential, lawful conduct, prohibiting black-hat activities, and disclosing all conflicts of interest. Specifically tailored to the offensive-security and incident-response roles EC-Council credentials cover.
Integrity, fair dealing, confidentiality of client information, professional competency, and a commitment to refrain from misleading communications. Covers everyone holding a CompTIA cert or participating in the Continuing Education Program.
Bound to exam integrity and the responsible-disclosure ethic OffSec credentials are built on. Cheating, sharing exam content, or using credentials for unauthorized access leads to permanent decertification.
Codes you agree to as an employee of these companies. They govern day-to-day conduct on the job — conflicts of interest, customer data, insider trading, harassment, AI ethics, and a lot more. Each one is also a window into what that company actually values.
Famous for opening with “Don't be evil” (later softened in the formal corporate version to a closing line). Covers conflicts of interest, customer data handling, fair dealing, and use of company resources, with strong language on integrity in advertising.
Microsoft's “Trust Code” is organized around how the company builds trust with customers, governments, investors, partners, representatives, and each other. Strong privacy and AI-ethics sections reflect Microsoft's position as a cloud and AI vendor at scale.
Centered on honesty, respect, confidentiality, and compliance. Strong supplier responsibility provisions and a notably detailed section on protecting Apple's intellectual property — itself one of the most-discussed corporate policies in tech.
Compliance with laws, conflicts of interest, gifts and entertainment, insider trading, fair dealing, and use of company assets. AWS additionally maintains its own code of conduct for customers and the AWS ecosystem.
Frames acceptable conduct for everyone working on Meta's products: privacy of user data, security and integrity of platforms, respect for community, conflicts of interest, and obligations around the moderation systems that govern billions of accounts.
One of the longest-standing codes in tech, regularly cited as a model for the genre. Covers personal conduct, IBM's relationships with itself and others, and broad obligations to act ethically — with separate AI-ethics guidance now layered on top.
A networking-vendor code with heavy emphasis on customer success, fair competition, export controls, and a distinctive “Trust Center” doctrine that ties business conduct to product security obligations.
Notably detailed on data handling, customer commitments, and global compliance — reflecting Oracle's database and ERP customer base. Includes specific guidance for working with public-sector and government customers.
Worth reading for its forthright treatment of working in defense, intelligence, and law-enforcement contexts — topics most tech-company codes avoid. Sections on data, civil liberties, and customer engagements reflect the company's mission posture.
Built around Salesforce's stated core values (trust, customer success, innovation, equality, sustainability). Strong emphasis on customer data trust and stakeholder capitalism. Heavily updated as Salesforce has acquired Slack, MuleSoft, and Tableau.
You will eventually hold more than one of these at the same time — a (ISC)² certification and a Microsoft badge, an ACM membership and an Amazon offer letter. Most of the time they reinforce each other. Occasionally they will not: the boss wants something done that the professional code forbids, or the company's code permits a disclosure your certification's code prohibits. The professional codes are explicit that, in those cases, the public's safety and your professional duty come first, even at the cost of the job. That clause is the whole reason professional codes exist.