Adapted from Crest-Approved
Code of Conduct
The CMMC-COE Codes of Conduct contains basic principles of good business practice and ethics, values, standards, and rules of behavior which are all-pervasive and guide decisions, procedures and systems in a way that contributes to the welfare of clients and respects the rights of all constituents affected by such operations. They describe the standards of practice expected of CMMC-COE working group members. The Codes of Conduct set out our conduct requirements to enable members to consider how best to achieve the right outcomes for their communities.
Those involved in providing technical information security advice and services hold the role of trusted advisers and there are duties arising from this role and obligations owed to others. This activity is outcomes-focused and concentrates on providing positive outcomes which when achieved will benefit and protect clients. No Code can foresee or address every issue or ethical dilemma which may arise and members must uphold the intention of the Codes as well as their letter.
For members, this means conduct as described in, but not limited to, the submission made to CMMC-COE for membership: It is incumbent upon them to ensure that all relevant staff, contractors and partners are aware of the policies, processes and procedures submitted and reviewed by CMMC-COE.
The working group members are expected to exercise their own judgement, which should be made in such a way as to be reasonably justified, to meet the requirements of the CMMC-COE Codes of Conduct and should seek advice from CMMC-COE if in doubt. The CMMC-COE Codes of Conduct include requirements covering the following headline areas:
• Promotion of Good Practices
• Professional Representation
• CMMC-COE Assignments
• Regulations
• Competencies
• Client Interests
• Sanctions
• Ethics
• Responsible Reporting
Welcome Aboard….
Recent Comments