The “Common Good” Ethical Approach in Information Security Management


The common good approach is an interesting method in that it uses the attention of the gain of an individual for motivation, however, those advantages are then shared community-wide (as long as everyone contributes). As we, as a species, are prone to only looking out for ourselves or loved ones by nature, the common good approach can be more enticing than the other approaches, due to the inclusion of the “doing this will benefit you, thus, benefiting everyone” thought process. For example, let’s take a look at the current global warming disaster. It has been quite difficult to convince a large portion of the population, especially the older generations, of their personal responsibility for the overall human-impact we have on Earth. Even more so, it is difficult to believe that one person can even do anything significant for the cause. With the common good approach, incentives can be created, such as tax right-offs, with the installation of solar panels. So, for one individual to do something ‘good’ by installing solar panels, it then affects the community around him by providing a more environmentally-friendly solution for our planet’s health; you could also go further by mentioning that his/her actions could inspire their neighbors to go the solar route as well, thus leading to a truly common good approach.

Regardless of the situation, the common good approach is merely achieving results based on the by-product of influencing and strengthening your community by following your own self-interests. However, there are many issues with the common good approach. Since we live in a pluralistic society where we all hold different ideas on what a ‘good society’ actually is, it is difficult to rely on the collective-reasoning of a group of people in their determination and motivation to perform ‘good’ actions to get ‘good’ reactions. Even if we somehow agreed on what is ‘good,’ the fact that many would merely enjoy the benefits without performing any of the ‘good’ actions that fuel the common good approach would still linger. For the success of the common good approach, all individuals must commit to performing their required acts; if some don’t, the effectiveness of the approach diminishes, thus devolving those who are ‘thinking about the common good’ into ‘only thinking about themselves’ once more.

In security, say you introduce a new policy where each I.T. group (InfoSec, helpdesk, web dev, sysadmin, etc.) regardless of role, is jointly-responsible for ensuring that each member of their group chronicles all of their activities and jobs by time started/completed, date started/completed, nature of the work, and the length of time it took. So, at the start of the program, you are directly motivated to personally contribute to the common good (of your group) by contributing to your own self-interest (of looking obedient/getting the job done). However, as time goes on, you find some members of your group relying on others to perform the data entry for them; then, those who are having to do extra work will begin to switch their interest from the common good to their own benefits (or in this case, risks). Most likely, those who are doing their work, plus the work of the freeloaders, will inform a higher-up of this issue, knowing it will create tension on the entire group, just so that that one individual (who is doing all of the work) can ensure they do not get held responsible for the freeloader’s actions. This example probably wouldn’t have any legal implications involved, unless they were using these collections of work data/times for calculating wage (which then makes the common-good approach, with the inclusion of freeloaders, highly dangerous).


Whitman, M., & Mattord, H. (2016). Management of Information Security. (6th ed.). Boston, MA: Cengage Learning.

Velasquez, Manuel. (2014). The Common Good. Markkula Center for Applied Ethics. Retrieved from

Leave a Reply

Please log in using one of these methods to post your comment: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s