Termination of employment because of gross misconduct involving ISO 27001

The name of the pictureThe name of the pictureThe name of the pictureClash Royale CLAN TAG#URR8PPP





.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty margin-bottom:0;







up vote
0
down vote

favorite












I work for a small UK company in the IT department.



Hearing other employees struggle with the slow internet connection I discover malicious software (trojan horse) in the Internet access point.



I had concerns that in the installation of Trojan Horse may be involved someone from technical management. Therefore I addressed the issue directly to the company owner also suggesting a non-invasive and silent audit of the internal network. I got permission from Company owner to conduct an examination.



Two months later I have been accused of a possible gross of misconduct addressed as Data Breach according to the ISO 27001 standard.



My concern is that the disciplinary investigation and hearing process which implied in The letter of termination (due to gross of misconduct) has a formality to achieve terminating of my employment in a disciplinary manner.



Till the moment of accusation, I had little if any knowledge of the company's ISO 27001.



Asking about details such as ISO 27001 appendix A where it states as follows




A.5.1 Information security policy
Objective: To provide management direction and support for information security following business requirements and relevant laws and regulations.



A.5.1.1 Information security policy document



Control



An information security policy document shall be approved by management, and published and communicated to all employees and relevant external parties.




I was told that I should have been aware of the policy as it is A daily Jira process.



My further concern is that ISO 27001 was used as a tool to conduct the process procedurally.






software-industry united-kingdom termination fulltime






share









New contributor




Łukasz D. Tulikowski is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.















  • 1




    Do you really mean 'data bridge'? Or 'data breach'?
    – DJClayworth
    2 mins ago










  • Have you actually been terminated? Or is the investigation still ongoing?
    – DJClayworth
    46 secs ago
















up vote
0
down vote

favorite












I work for a small UK company in the IT department.



Hearing other employees struggle with the slow internet connection I discover malicious software (trojan horse) in the Internet access point.



I had concerns that in the installation of Trojan Horse may be involved someone from technical management. Therefore I addressed the issue directly to the company owner also suggesting a non-invasive and silent audit of the internal network. I got permission from Company owner to conduct an examination.



Two months later I have been accused of a possible gross of misconduct addressed as Data Breach according to the ISO 27001 standard.



My concern is that the disciplinary investigation and hearing process which implied in The letter of termination (due to gross of misconduct) has a formality to achieve terminating of my employment in a disciplinary manner.



Till the moment of accusation, I had little if any knowledge of the company's ISO 27001.



Asking about details such as ISO 27001 appendix A where it states as follows




A.5.1 Information security policy
Objective: To provide management direction and support for information security following business requirements and relevant laws and regulations.



A.5.1.1 Information security policy document



Control



An information security policy document shall be approved by management, and published and communicated to all employees and relevant external parties.




I was told that I should have been aware of the policy as it is A daily Jira process.



My further concern is that ISO 27001 was used as a tool to conduct the process procedurally.






software-industry united-kingdom termination fulltime






share









New contributor




Łukasz D. Tulikowski is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.















  • 1




    Do you really mean 'data bridge'? Or 'data breach'?
    – DJClayworth
    2 mins ago










  • Have you actually been terminated? Or is the investigation still ongoing?
    – DJClayworth
    46 secs ago












up vote
0
down vote

favorite









up vote
0
down vote

favorite











I work for a small UK company in the IT department.



Hearing other employees struggle with the slow internet connection I discover malicious software (trojan horse) in the Internet access point.



I had concerns that in the installation of Trojan Horse may be involved someone from technical management. Therefore I addressed the issue directly to the company owner also suggesting a non-invasive and silent audit of the internal network. I got permission from Company owner to conduct an examination.



Two months later I have been accused of a possible gross of misconduct addressed as Data Breach according to the ISO 27001 standard.



My concern is that the disciplinary investigation and hearing process which implied in The letter of termination (due to gross of misconduct) has a formality to achieve terminating of my employment in a disciplinary manner.



Till the moment of accusation, I had little if any knowledge of the company's ISO 27001.



Asking about details such as ISO 27001 appendix A where it states as follows




A.5.1 Information security policy
Objective: To provide management direction and support for information security following business requirements and relevant laws and regulations.



A.5.1.1 Information security policy document



Control



An information security policy document shall be approved by management, and published and communicated to all employees and relevant external parties.




I was told that I should have been aware of the policy as it is A daily Jira process.



My further concern is that ISO 27001 was used as a tool to conduct the process procedurally.






software-industry united-kingdom termination fulltime






share









New contributor




Łukasz D. Tulikowski is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.











I work for a small UK company in the IT department.



Hearing other employees struggle with the slow internet connection I discover malicious software (trojan horse) in the Internet access point.



I had concerns that in the installation of Trojan Horse may be involved someone from technical management. Therefore I addressed the issue directly to the company owner also suggesting a non-invasive and silent audit of the internal network. I got permission from Company owner to conduct an examination.



Two months later I have been accused of a possible gross of misconduct addressed as Data Breach according to the ISO 27001 standard.



My concern is that the disciplinary investigation and hearing process which implied in The letter of termination (due to gross of misconduct) has a formality to achieve terminating of my employment in a disciplinary manner.



Till the moment of accusation, I had little if any knowledge of the company's ISO 27001.



Asking about details such as ISO 27001 appendix A where it states as follows




A.5.1 Information security policy
Objective: To provide management direction and support for information security following business requirements and relevant laws and regulations.



A.5.1.1 Information security policy document



Control



An information security policy document shall be approved by management, and published and communicated to all employees and relevant external parties.




I was told that I should have been aware of the policy as it is A daily Jira process.



My further concern is that ISO 27001 was used as a tool to conduct the process procedurally.






software-industry united-kingdom termination fulltime




software-industry united-kingdom termination fulltime





share









New contributor




Łukasz D. Tulikowski is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.










share









New contributor




Łukasz D. Tulikowski is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.








share



share








edited 1 min ago





















New contributor




Łukasz D. Tulikowski is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.









asked 6 mins ago









Łukasz D. Tulikowski

101




101




New contributor




Łukasz D. Tulikowski is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.





New contributor





Łukasz D. Tulikowski is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.






Łukasz D. Tulikowski is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.







  • 1




    Do you really mean 'data bridge'? Or 'data breach'?
    – DJClayworth
    2 mins ago










  • Have you actually been terminated? Or is the investigation still ongoing?
    – DJClayworth
    46 secs ago












  • 1




    Do you really mean 'data bridge'? Or 'data breach'?
    – DJClayworth
    2 mins ago










  • Have you actually been terminated? Or is the investigation still ongoing?
    – DJClayworth
    46 secs ago







1




1




Do you really mean 'data bridge'? Or 'data breach'?
– DJClayworth
2 mins ago




Do you really mean 'data bridge'? Or 'data breach'?
– DJClayworth
2 mins ago












Have you actually been terminated? Or is the investigation still ongoing?
– DJClayworth
46 secs ago




Have you actually been terminated? Or is the investigation still ongoing?
– DJClayworth
46 secs ago















active

oldest

votes











Your Answer








StackExchange.ready(function()
var channelOptions =
tags: "".split(" "),
id: "423"
;
initTagRenderer("".split(" "), "".split(" "), channelOptions);

StackExchange.using("externalEditor", function()
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled)
StackExchange.using("snippets", function()
createEditor();
);

else
createEditor();

);

function createEditor()
StackExchange.prepareEditor(
heartbeatType: 'answer',
convertImagesToLinks: false,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: null,
bindNavPrevention: true,
postfix: "",
imageUploader:
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
,
noCode: true, onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
);



);






Łukasz D. Tulikowski is a new contributor. Be nice, and check out our Code of Conduct.









 

draft saved


draft discarded


















StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fworkplace.stackexchange.com%2fquestions%2f121948%2ftermination-of-employment-because-of-gross-misconduct-involving-iso-27001%23new-answer', 'question_page');

);

Post as a guest






















active

oldest

votes













active

oldest

votes









active

oldest

votes






active

oldest

votes








Łukasz D. Tulikowski is a new contributor. Be nice, and check out our Code of Conduct.









 

draft saved


draft discarded


















Łukasz D. Tulikowski is a new contributor. Be nice, and check out our Code of Conduct.












Łukasz D. Tulikowski is a new contributor. Be nice, and check out our Code of Conduct.











Łukasz D. Tulikowski is a new contributor. Be nice, and check out our Code of Conduct.













 


draft saved


draft discarded














StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fworkplace.stackexchange.com%2fquestions%2f121948%2ftermination-of-employment-because-of-gross-misconduct-involving-iso-27001%23new-answer', 'question_page');

);

Post as a guest
































































Comments

Post a Comment

Popular posts from this blog

Long meetings (6-7 hours a day): Being “babysat” by supervisor

Image
Clash Royale CLAN TAG #URR8PPP .everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty margin-bottom:0; up vote 31 down vote favorite 4 I hold a PhD in mechanical engineering with a 7 year background in self-guided, self-paced research including 2 years as a graduate level course instructor and a subject matter expert for various engineering projects in a university setting in the United States. For the last 10-11 months, I am working in a research industry in France where my task is to debug C++ spaghetti code written over a period of several years by my current supervisor. It is a team of 2: just I and my supervisor. Diurnally, I am posed with a "bug of the day" to get out of this C++ code. My supervisor generally gives me about 15-30 minutes to solve it and then accosts me about whether or not the task is completed and then rinses and repeats this until the end of the day. Off-late, my supervisor has been holding 6-7 hour long "meetin
Read more

Is the Concept of Multiple Fantasy Races Scientifically Flawed? [closed]

Image
Clash Royale CLAN TAG #URR8PPP up vote 2 down vote favorite Many fantasy worlds have multiple humanoid species (elves, orcs, humans, etc) living in the same world, in addition to that, they often have the ability to interbreed. And I can't help but question their believability... fantasy-races reproduction interspecies-relations share | improve this question edited Aug 9 at 14:46 Michael Kjörling ♦ 21.1k 10 85 161 asked Aug 9 at 13:13 Chlodio 118 6 closed as unclear what you're asking by MichaelK, Gryphon, John, Vincent, Frostfyre Aug 9 at 15:25 Please clarify your specific problem or add additional details to highlight exactly what you need. As it's currently written, it’s hard to tell exactly what you're asking. See the How to Ask page for help clarifying this question. If this question can be reworded to fit the rules in the help center, please edit the question. 3 Stack Exchange exist to
Read more

Confectionery

Image
Prepared foods made with a lot of sugar or other cabohydrates "Sweetmeat" redirects here. For the racehorse, see Sweetmeat (horse). Not to be confused with Sweetbread. This Kransekake is a traditional Scandinavian baker's confection. Confectionery is the art of making confections , which are food items that are rich in sugar and carbohydrates. Exact definitions are difficult. [1] In general, though, confectionery is divided into two broad and somewhat overlapping categories, bakers' confections and sugar confections. [2] Bakers' confectionery, also called flour confections , includes principally sweet pastries, cakes, and similar baked goods. Sugar confectionery includes candies ( sweets in British English), candied nuts, chocolates, chewing gum, bubble gum, pastillage, and other confections that are made primarily of sugar. In some cases, chocolate confections (confections made of chocolate) are treated as a separate category, as are sugar-free versions of
Read more