Code of Ethics & Compliance

Code of Ethics

Arena Phone BD Ltd (hereafter the “Company”) and its employees follow the standard Code of Ethics. Employees’ who intentionally or knowingly violate any provision of the Code will be subject to action by a peer review panel, which may result in the termination of employment depending on the gravity of the act.

There are only four mandatory norms in the code. By necessity such high-level guidance is not intended to substitute for the ethical judgment of the professional.

Additional guidance is provided for each of the norms. While this guidance may be considered by the Company in judging behavior, it is advisory rather than mandatory. It is intended to help the professional in identifying and resolving the inevitable ethical dilemmas that will confront him/her.

 

SHORT VERSION: Code of Ethics Preamble

Safety of the commonwealth, duty to our principals, and to each other requires that we adhere, and be seen to adhere, to the highest ethical standards of behavior. Therefore, strict adherence to this code is a condition of employment.

Code of Ethics Norms:

  • Protect society, the commonwealth, and the infrastructure.
  • Act honorably, honestly, justly, responsibly, and legally.
  • Provide diligent and competent service to principals.
  • Advance and protect the profession.

The following additional guidance is given in furtherance of these goals.

Objectives for Guidance

In achieving the following guidance, the Company is mindful of its responsibility to:

  • Ensure guidance for resolving good v. good and bad v. bad dilemmas.
  • Encourage right behavior such as:
    • Research
    • Teaching
    • Identifying, mentoring, and sponsoring candidates for the profession
    • Valuing the certificate
  • Discourage behavior such as:
    • Raising unnecessary rumor, fear, uncertainty, or doubt
    • Giving unwarranted comfort or reassurance
    • Consenting to bad practice
    • Attaching weak systems to the public net
    • Professional association with non-professionals
    • Dealing with amateurs
    • Associating or appearing to associate with criminals or criminal behavior

 

FULL VERSION: Code of Ethics Preamble

Compliance with the preamble and norms is mandatory. Conflicts between the norms should be resolved based on priority. The norms are not equal and conflicts between them are not intended to create ethical binds. Ethical tensions can be best addressed by thoughtful consideration of fundamental principles, rather than blind reliance on detailed regulations. These Principles should influence developers to consider broadly who is affected by their work; to examine if they and their colleagues are treating other human beings with due respect; to consider how the public, if reasonably be well informed, would view their decisions; and to analyze how the least empowered will be affected by their decisions. Above all, these judgments concern for the health, safety and welfare of the public is primary; that is, the “Public Interest” is central to this Code.

Protect society, the commonwealth, and the infrastructure

  • Promote and preserve public trust and confidence in information and systems.
  • Promote the understanding and acceptance of prudent information security measures.
  • Preserve and strengthen the integrity of the public infrastructure.
  • Discourage all kind of unlawful and unsafe practices.

 

Act honorably, honestly, justly, responsibly, and legally

  • Tell the truth; make all stakeholders aware of your actions on a timely basis.
  • Observe all contracts and agreements, express or implied.
  • Treat all constituents fairly. In resolving conflicts, consider public safety and duties towards principals, individuals, and the profession in respective order.
  • Give prudent advice; avoid raising unnecessary distress or giving unwarranted comfort. Encourage to be truthful, objective, cautious, and competent.
  • When resolving differing laws in different jurisdictions, give preference to the laws of the jurisdiction in which you render your service.

 

Provide diligent and competent service to principals

  • Preserve the value of their systems, applications, and information.
  • Respect their trust and the privileges that they grant you.
  • Avoid conflicts of interest or the appearance thereof.
  • Render only those services for which you are fully competent and qualified.

 

Advance and protect the profession

  • Sponsor for professional advancement. Besides, other things, we prefer those who of all other people would stand by these rules and tend to avoid professional association with those whose ill practices could diminish the reputation.
  • Not to destroy the reputation of other professionals through malice, retaliation or malpractices.
  • Maintain competence; we keep skills and knowledge up-to-date. We invest our time and knowledge generously to train newbies.

 

Code of Compliance

Compliance as Code is the process of using automated tools to review code so that teams can build compliance into development and operations. By incorporating compliance policies, checks, and auditing into development, regulatory compliance is no longer a time-consuming burden that development teams need to overcome.

To move towards a Compliance as Code development model, teams need to make sure that they:

  • Start by defining compliance policies, rules, and control workflows
  • Develop code and arrange reviews into the CI/CD (e.g. Continuous Integration & Continuous Deployment) pipeline
  • Reviewing internal development team controls, like engaging in peer reviews or reviewing developer access rights

At its core, Compliance as Code builds traditional governance, risk, and compliance practices directly into the development process. In order to establish Compliance as code, Arena focuses on-

 

  • Business Standard Compliance

Arena immensely emphasizes on retaining the overall standard of the business. All of Arena’s Clients’ are duly informed of the same prior to commencement of any project. Maintaining time constraints, establishing widely practiced standards, ensuring appropriate access controls, providing data security, continuous scanning for security vulnerabilities, enhance cross-functional collaboration within the development team, risk management- all are included in the business standard compliance.

 

  • Customer/ Service Delivery Compliance

Arena is apparently a software development company; however, service is an integral part of Arena. Software maintenance is one of the crucial part of the whole process. Having said this, retaining customers through assurance and execution of admirable service delivery plays the key role in terms of after sales service. Arena assures its customers with standard service delivery which includes, implementation of strict rules for specified time, policies for implementing modification and its limitation, guidelines for renewal process.