This paper proposes a framework for teaching information security ethics at colleges and universities. The framework requires that students examine information security ethics from four dimensions: the ethical dimension, the security dimension, the solutions dimension and the personal moral development dimension. The intent is to use the framework to develop and/or select pedagogical resource materials for information security ethics education.