Code of Conduct

Rogers Cybersecure Catalyst (the “Catalyst”) is a learning, teaching, and working community of students, Catalyst staff and partner personnel (for example, SANS instructors, GIAC accommodations coordinators, Technical Advisors and others) committed to providing a civil and safe environment that is respectful of the rights, responsibilities, well-being and dignity of all of its members. To maintain this environment, all students are expected to refrain from conduct that has a negative impact on other students, instructors and staff. This includes, but is not limited to:

 

  • Disruption of learning, teaching and working of Program activities or operations;
  • Any assault or behaviour that is abusive, demeaning, threatening or intimidating;
  • Theft, damage, and destruction of property;
  • Misuse of facilities, equipment, property, materials or services, including, but not limited to, those related to computing and information technology; 
  • Misconduct related to the use of alcohol/drugs;
  • Conduct that threatens or endangers the health or safety of any person;
  • Any form of sexual violence or non-consensual sexual contact;
  • Engaging or participating in conduct that is, or is reasonably seen to be, humiliating, or demeaning to another person or coercing, enticing or inciting a person to commit an act that is, or is reasonably seen to be, humiliating or demeaning to that person or to others (e.g. hazing), regardless of consent;
  • Forging, altering, or misusing any document, record, card, including, but not limited to, instruments of identification.  instrument of identification; and/or
  • Aiding or encouraging others to commit an act prohibited by this Code or another Program code, policy, or procedure.

 

Violations could consist of a single act, or repeated acts that form a pattern of behaviour that, taken together, constitutes a violation of the Code. Violations of the Code could result in one or more of the following disciplinary measures:

  • Temporary or indefinite removal from a virtual or in person classroom, workshops, speaker events, activities, or communication channels;
  • A written warning or reprimand and letter of expectation or agreement to modify behaviour;      
  • Probation, during which certain conditions must be fulfilled and good behavior must be demonstrated;
  • De-enrolment from any Rogers Cybersecure Catalyst Program and barring from future applications to any Rogers Cybersecure Catalyst Program;     
  • Loss of fees, funding, awards, scholarships;
  • Fines or payment of costs or compensation for any loss, damage, or injury cause by the misconduct;
  • Issuance of an apology, made publicly or private;
  • Restriction or prohibition of access to or use of Program facilities, services, activities, or programs; and/or
  • Any other remedy or sanction that may be appropriate, having regard to all relevant factors, including, but not limited to, the nature and circumstances of the conduct or action in question.

 

SANS, GIAC and other Program partners reserve the right to refer a complaint to the Catalyst for consideration under this Code. Both the Catatlyst and its partners reserve the right to address complaints in accordance with their codes, policies, procedures, and processes.

The following are penalties that can be imposed:

By Program Operations Staff Members (including Course Instructors and Partner Personnel) 

  • Temporary removal from a virtual or in-person classroom, workshops, speaker events, or communication channels, e.g. Slack. Any disruption that results in the removal of a student shall be reported to the Associate Director, Cybersecurity Training Programs. 

 

A Penalty imposed by a course instructor can be appealed, in writing, to the Associate Director, Cybersecurity Training Programs. 

By the Associate Director, Cybersecurity Training Programs

  • Written reprimand—a notice in writing to the student that the student has committed or is committing an offence
  • Letter of Behavioural Expectations — an undertaking (i) not to engage in certain behaviour, and (ii) setting out the consequences if the letter is not followed, and in some cases (iii) that prescribes a range of actions to be taken (e.g. cannot post comments on Slack)
  • De-enrollment from current cohort

 

A penalty imposed by the Associate Director can be appealed, in writing, to the Director, Cybersecurity Training Programs within 10 days of communication of penalty. 

By the Director, Cybersecurity Training Programs 

  • Restriction on communication, accessing premises and/or services — prohibition or limitation on entering Cybersecure Catalyst premises or specific parts thereof, restriction on contact with specific person(s), accessing a specific learning environment 
  • Prohibited from enrolling in all future cohorts

 

A penalty imposed by the Director can be appealed, in writing, to the Founding Executive Director of Rogers Cybersecure Catalyst within 10 days of communication of the penalty.

Any appeal of a disciplinary measure must be received within 10 days of the imposition of the measure.

Code Discrimination and Harassment Prevention

Rogers Cybersecure Catalyst (the “Catalyst”) is committed to fostering a collegial environment which is free of discrimination and harassment and in which all individuals are treated with respect and dignity. Every member of our community has a right to equal treatment under the law with respect to the receipt of training and related services and facilities without illegal discrimination or harassment on the basis of the following grounds: race, ancestry, place of origin, colour, ethnic origin, creed, sex, sexual orientation, gender identity and expression, age, marital and family status, and disability, or other grounds as may be provided for in Ontario’s Human Rights Code.      

Illegal discrimination and harassment, as defined by the Ontario Human Rights Code, are behaviours which are considered incompatible with the standard of conduct required of a member of the Catalyst community. A student found to have engaged in illegal discrimination or harassment may be subject to removal from their program of study, at the discretion of Director, Cybersecurity Training Programs. 

Direct discrimination describes an act, behaviour or practice of treating a person unequally on the basis of any of the prohibited grounds. Direct discrimination may be overt and admitted or covert and denied.

Harassment is normally considered to be a course of unwanted remarks, behaviours, or communications in any form based on a prohibited ground of discrimination where the person responsible for the remarks, behaviours or communications knows or ought reasonably to know that these are unwelcome.

A finding of discrimination or harassment on the basis of a protected ground may result in a range of remedies or penalties being imposed.  These sanctions include, but are not restricted to, one or more of the following:

 

  • A directive from a senior administrator of the Catalyst to cease the behaviour, with failure to do so leading to further penalty;
  • A program of education;
  • A verbal or written apology;
  • Loss of privileges;
  • Restriction or prohibition of access to, or use of, any Rogers Cybersecure Catalyst facilities, services, activities or programs;
  • Suspension for a set time from any program provided by Rogers Cybersecure Catalyst; 
  • Expulsion from any program provided by Rogers Cybersecure Catalyst; or
  • Any other remedy or sanction that may be appropriate, having regard to all relevant factors, including, but not limited to, the nature and circumstances of the conduct or action in question. 

The Catalyst is not concerned with the way students conduct their personal lives and will not institute disciplinary proceedings unless the Catalyst’s interests are affected; the actions have a negative impact on staff or other students; the actions damage the learning, teaching and work environment of the Catalyst; the actions disrupt the Catalyst’s operations and activities, or the actions impact the reputation of the Catalyst or its partners. 

SANS, GIAC and other Catalyst partners reserve the right to refer a complaint to the Catalyst for consideration under this Code.  Both the Catalyst and its partners reserve the right to address complaints in accordance with their codes, policies, procedures, and processes.

A student may appeal a disciplinary measure within 10 days of the imposition of the measure. Appeals will be reviewed by the Founding Executive Director, Rogers Cybersecure Catal

Code of Academic Misconduct

Rogers Cybersecure Catalyst and SANS Institute value academic integrity and consider any academic misconduct by a student to be a serious issue. Academic misconduct includes (1) any behaviour that undermines the ability to fairly evaluate students’ academic achievements, and/or (2) any behaviour that a student knew, or reasonably ought to have known, could gain them or others unearned academic advantage or benefit. This includes but is not limited to, the following: 

Plagiarism, including: 

  • Claiming, submitting or presenting the words, ideas, opinions or data of another person, including information found on the Internet and unpublished materials, as if they are one’s own; and/or

Cheating, including:

  • Having ready access to and/or using aids or devices (including wireless communication devices) not expressly allowed during an examination or other evaluation;
  • Copying another person’s answer(s) on an exam or other evaluation;
  • The use of a third party to complete work, with or without payment, for a student, who then submits the work as their own, where such input is not permitted;
  • Consulting with another person or with unauthorized materials outside of an examination room during the examination period (e.g. discussing an exam or consulting materials during an emergency evacuation or when permitted to use a washroom);
  • Improperly obtaining, through deceit, theft, bribery, collusion or otherwise, access to examination questions, or other confidential information;
  • Collaborating on work to be evaluated where such collaboration has been expressly forbidden by the instructor;
  • Purchasing, offering, giving, sharing or selling questions and/or answers to exams, or other work or evaluations, including using exam dump websites;  
  • Allowing work to be copied during an examination, test or other evaluation or assessment.

Misrepresentation of Personal Identity, including:

  • Impersonating someone or having someone impersonate you in person, in writing, or electronically (both the impersonator and the individual impersonated, if aware of the impersonation, may be subject to a penalty); and/or
  • Withholding or altering academic information, essays, transcripts or documents, including during the admissions process.

A student found to have engaged in academic misconduct may be subject to removal from their program of study or any other sanction that is appropriate in the circumstances, having regard to all relevant factors, including, but not limited to, the nature and circumstances of the instance of academic misconduct in question. Sanctions are determined and applied at the sole discretion of the Direct with oversight of the Program. or

All materials provided during CLIC or ACE are for Students’ personal use exclusively and cannot be sold or transferred to anyone else.

Participation in exams and the granting of certifications is administered by GIAC. All students must abide by GIAC’s Code of Conduct and Ethics. With respect to examinations or other aspects of the Program administered independently by GIAC, GIAC’s rights are in addition to and may override any authority exercised by the Program.

If GIAC detects any exam anomalies before, during or after a GIAC exam attempt, GIAC has the right to investigate, apply sanctions, and void certification results in accordance with its practices and policies, including, but not limited to, the GIAC Code of Conduct and Ethics. GIAC also reserves the right to require the candidate to retest under formal proctored conditions. 

GIAC and other Program partners reserve the right to refer a complaint to the Program for consideration under this Code.  Both the Program and its partners reserve the right to address complaints in accordance with their codes, policies, procedures, and processes.

GIAC Code of Ethics

The scope and responsibilities of an information security professional are diverse, and afford a great deal of responsibility and trust in protecting the confidentiality, integrity, and availability of an organization’s information assets. The services provided by an information security professional are critical to the success of an organization and to the overall security posture of the information technology community. Such responsibilities place a significant expectation on certified professionals to uphold a standard of ethics to guide the application and practice of the information security discipline.

A professional certified by GIAC acknowledges that such a certification is a privilege that must be earned and upheld. GIAC certified professionals pledge to advocate, adhere to, and support the Code of Ethics. It is not enough for information security professionals to simply “do the job”. We must hold ourselves and our discipline to the highest standards of ethical and professional conduct.

GIAC customers and certified professionals who violate any principle of the Code of Ethics may be subject to disciplinary action by GIAC. Sanctions include, but are not limited to:

  • Revocation of certifications and/or forfeiture certification attempts
  • GIAC/SANS participation ban
  • Reporting of violation to management and/or other certifying organizations
  • Public posting of ethics violation case details