All information security professionals who are certified by (ISC)² recognize that such certification is a privilege. It must be both earned and maintained.
In support of this principle, all (ISC)² members are required to commit to fully support this Code of Ethics (the "Code").
(ISC)² members who intentionally or knowingly violate any provision of the Code will be subject to action by a peer review panel. This may result in the revocation of certification.
If you observe any actions by an (ISC)² member that breach the Code, you are obligated as an (ISC)² member to follow the ethics complaint procedure. Failure to do so may be considered a breach of the Code pursuant to Canon IV.
There are only four mandatory canons in the Code (described below). By necessity, such high-level guidance is not intended to be a substitute for the ethical judgment of the professional.