The GIAC organization takes ethics very seriously. As part of a leading association of information security professionals, GIAC certification holders and those attempting to obtain GIAC certification, must act in a lawful and ethical fashion for the benefit of the public, the profession and the companies to whom they provide professional services.
GIAC is committed to enforcing its Code of Ethics, and has formal procedures that allow fair and objective review of allegations and evidence of violations to the GIAC Code of Ethics. The GIAC Ethics Council has the responsibility of formally reviewing any charges and evidence of ethics violations. The GIAC Ethics code is available at http://www.giac.org/about/ethics/code
Any GIAC member, or member of the public, may submit a written complaint to the GIAC Ethics Council. The complaint must include the following at a minimum:
- A detailed description of the facts known and circumstances relevant to the complaint
- The Complainant's source(s) of information, the names, addresses, phone numbers and other contact information for and of witnesses and other knowledgeable individuals as known.
- Any and all supporting information or evidence
- The section or sections of the GIAC Code of Ethics violated
Each complaint will be reviewed for completeness and forwarded to the GIAC Ethics Council to initiate the review process. If not enough information is present to initiate a review, the form will be returned to the complainant requesting more information.
If enough corroborating evidence is available to support a thorough investigation, the identity of the accuser will not be necessarily divulged to the individual being investigated. If the investigation relies more heavily on testimony from a single source or the evidence presented obviously implicates the identity of the accuser, it may not be possible for the accuser to remain unidentified.