Notice: Number Of Individuals Terminated/Revoked for Plagiarism or Other Ethics Violations: 122
Don't make yourself number 123!
Read the Administrivia and all other directions very carefully.

Code of Ethics | Ethics Council | Ethics Violation

The scope and responsibilities of an information security professional are diverse, and afford a great deal of responsibility and trust in protecting the confidentiality, integrity, and availability of an organization's information assets. The services provided by an information security professional are critical to the success of an organization and to the overall security posture of the information technology community. Such responsibilities place a significant expectation on certified professionals to uphold a standard of ethics to guide the application and practice of the information security discipline.

A professional certified by GIAC acknowledges that such a certification is a privilege that must be earned and upheld. GIAC certified professionals pledge to advocate, adhere to, and support the Code of Ethics. It is not enough for information security professionals to simply "do the job". We must hold ourselves and our discipline to the highest standards of ethical and professional conduct.

GIAC customers and certified professionals who violate any principle of the Code may be subject to disciplinary action by GIAC. Sanctions include, but are not limited to:

Code of Ethics

The following GIAC Code of Ethics was developed through the consensus of the GIAC Advisory Board members and GIAC management.

Personal Accountability to the Code of Ethics

Individuals may only make claims regarding their GIAC certification status with respect to the scope of specific certifications they have earned. Individuals may not use the certification or their certification status in such a manner as to mislead others, misrepresent unauthorized information or bring the certification body into disrepute.

If there are any matters affecting a certified individual's ability to continue to fulfill the competencies associated with a specific GIAC certification they hold, the certified individual is required under the code of ethics to inform GIAC without delay by emailing with specific information.

In the event that an individual's certified status is withdrawn for any reason, the person must refrain from use of all references to a certified status.

Exam Ethics

If GIAC detects any exam anomalies before, during or after a GIAC exam attempt, GIAC has the right to investigate, apply sanctions, and void certification results. GIAC also reserves the right to require the candidate to retest under formal proctored conditions.

Ethics Council

GIAC strives to maintain the highest ethical standards. The GIAC Ethics Council, with an international composition, is elected from the GIAC Advisory board and acts as an independent committee regarding ethical matters that may arise in matters of GIAC certification, use of the GIAC credentials and ethical conduct of GIAC certification holders. The primary functions of the Council are to:

Unified Framework of Professional Ethics for Security Professionals

At the present time the GIAC Ethics Council upholds the GIAC Code of Ethics. However, in early 2007 the GIAC Ethics Council joined with other security organizations to formulate a unified code of ethics for the security industry. The GIAC Ethics Council sees this work as an important milestone in achieving increased recognition for the security profession and is proud to be actively involved in this initiative.

Ethics Violation

The GIAC organization takes ethics very seriously. We are committed to enforcing our Code of Ethics, and have formal procedures that allow fair and objective review of allegations and evidence of violations to the GIAC Code of Ethics. The GIAC Ethics Council has the responsibility of formally reviewing any charges and evidence of ethics violations. The GIAC Ethics code is available at

Complaint Submission

Any GIAC member, or member of the public who witness or suspect a violation of GIAC's Code of Ethics, may submit a written complaint to the GIAC Ethics via our online complaint form. The complaint must include the following at a minimum:

  1. A detailed description of the facts known and circumstances relevant to the complaint
  2. The Complainant's source(s) of information, the names, addresses, phone numbers and other contact information for and of witnesses and other knowledgeable individuals as known.
  3. Any and all supporting information or evidence
  4. The section or sections of the GIAC Code of Ethics violated

Each complaint will be reviewed for completeness and forwarded to the GIAC Ethics Council to initiate the review process. If not enough information is present to initiate a review, the form will be returned to the complainant requesting more information.

If enough corroborating evidence is available to support a thorough investigation, the identity of the accuser will not necessarily be divulged to the individual being investigated. If the investigation relies more heavily on testimony from a single source or the evidence presented obviously implicates the identity of the accuser, it may not be possible for the accuser to remain unidentified.

Ethics Violation Review Process

The Ethics Council's chief responsibility is to investigate ethics complaints against GIAC certified individuals, or GIAC candidates.

The investigative process is initiated when the Director of GIAC requests the investigation of a potential misconduct or when the Director is in receipt of a written complaint alleging misconduct.

The Ethics Council will solicit details in writing from the individual being investigated as well as any others who may be able to provide corroborating or exculpatory information. After all solicited information has been reviewed the Council may request further clarification as required.

On completion of its investigation, the Ethics Council will make a written report to the Director recommending whether the complaint should be upheld, and the recommended course of discipline. The written report will be communicated to the Director for review and possible further action.

If a Council member or members have a strong opinion against the majority decision of council then a dissenting opinion may also be written and provided to the Director.

Appeal Process

Individuals found to be in violation may file an appeal within 30 days of the notice of decision, stating the specific grounds for appeal.

The appeal will be conducted by the GIAC Appeals Committee, who will review the details of the original investigation in addition to the appeal to determine if the appeal has merit. The GIAC Director will notify the appealing party regarding the outcome of the Appeal, and the decision will be final.