Comment on the statutory and ethical consideration of a penetration tester working in the UK.

Posted on February 19, 2022 by Cheapest Assignment

Order Now
Research Appreciation and Methodology

Statutory is understood as relating to or created by statutes.  Statutory is set related to or set by-laws or statutes. Statutory is perceived as something legal and needs to do with law. Whereas, if it is statutory, it is regulated by law.

Statutory law is usually a written law ordered by the body of the legislature. This is against oral and customary law. The statutes perhaps originated with the national, state legislature or local municipalities. The parliament created the laws and the judges interpret the laws using statutory interpretation. The draftsmen are to make sure when drawing a statute endeavour without having ambiguity. The statues contain wording with uncanny meanings. Modern society progresses and statute may still be relevant but with some peculiar wordings. There may be other errors unnoticed by parliament and the statute cannot be covered in detail. Therefore, the judges are in need to imply the rules of the statutory interpretation. There exist four rules by which the statutory interpretations are interpreted. 

HC3152 Individual Assignment

The literal rule: in this interpretation the court is to interpret the statutes in their plain, literal and normal sense. The parliament intentions are examined by the court. The rule is often used since the judges are not allowed to make any new laws and by following the statutes to the letter judges cannot be accused of making laws. The pros of this rule are that it holds the laws despite sometimes being illogical so as to maintain unity in power. The cons are that it is limited and this rule can lead to injustice, weaken society’s confidence in the law and create precedents that require correction by parliament. 

The golden rule: this rule is implied when the literal rule would result in absurdity or an obnoxious result. The parliament’s intentions are investigated by the court whether the statute wording conveyed the same. The positive part of this rule is that the judgments are often time same with the legislator and errors in drafting are corrected before errors occur in the set thus it covers loopholes. Despite there can be changes of meanings and addition but it flouts the separation of powers and judges cannot be influenced by injustice without the presence of absurdity. 

ECO10004 Economic Principles

The mischief rule: this rule is to interpret the gaps parliament intended to cover and apply a ruling that remedies the problem in ambiguous statutes. This rule helps in adapting progressive in society and covers loopholes. But it also helps the judges in making new laws thus infringing the separation in power. This gives chances for a crime to be created after the event.

The purposive approach: this rule is endorsed to ensure that the law is effective as the parliament would have expected.

The rules of statutory law vary but observing these laws helps one to contemplate and reconsider all the laws and implement where the law is most closely to the case. It helps the society to bind together with laws in order to prevent anarchy. It is also to promote justice and coherence. When all these laws are taken it is known as statutory law.

HI5020 Corporate Accounting

The ethical consideration when penetration testing is observed in the UK, there are multiple laws that monitor and guide the activities that form part of the penetration test. In most of the tests, the following laws are included:

  • UK computer Misuse Act 1990
  • UK Data protection act 1998
  • Human rights act 1998
  • Police and justice act 2006

To make sure that penetration testing is conducted in line with UK laws and also to ensure that the test is conducted effectively in the best possible way, a testing consent form is required to observe the precise scope of the test and provides those responsible for an organisation’s infrastructure with a means of providing their consent.  In order to observe the testing, the consent form will help in capturing the following information.

Get Help on HRMT20024

  • Name and position of the individual who is offering their consent
  • Legalised testing period. Both the date and times that testing is allowed
  • The contact information of the members of technical staff who may assist during the test
  • Exclusion to certain hosts, services or areas within applications
  • Credentials that perhaps be required as part of genuine application testing

The consent form is always required to be signed by a person who has a position of an authorised authority within an organisation in order to compensate the testing company for all applicable laws for the duration of the test. It is pivotal that consent also comes from the owner of the third person hosting environments or equipment which will also come under the scope of testing. 

As a secure team, there cannot be any testing activities until and unless the customer returned a fully- done and signed consent form. This makes sure that the team is applicable to the UK laws and that the testing is fully understood by both the parties the client and the consultant who will be conducting the test.  In last, the potentially sensitive information which the testing consent form contains is best handed in accordance with the client and testing organisation data handling procedure.

MN507 Software Engineering

Reference 

A.B.T.M. William Knowles, “Analysis and Recommendations for Standardization in penetration testing and vulnerability assessment,” British Standard Institute, 2015.

Order Now