{[ promptMessage ]}

Bookmark it

{[ promptMessage ]}

This list covers us laws and regulations but almost

Info iconThis preview shows page 1. Sign up to view the full content.

View Full Document Right Arrow Icon
This is the end of the preview. Sign up to access the rest of the document.

Unformatted text preview: pecifics. Be familiar with why laws are developed and put in place and their overall goals, instead of memorizing specific laws and dates. Thus, the following sections on laws and regulations contain information you do not need to memorize, because you will not be asked questions on these items directly. But remember that the CISSP exam is a cognitive exam, so you do need to know the different reasons and motivations for laws and regulations, which is why these sections are provided. This list covers U.S. laws and regulations, but almost every country either has laws similar to these or is in the process of developing them. The Sarbanes-Oxley Act (SOX) The Public Company Accounting Reform and Investor Protection Act of 2002, generally referred to as the Sarbanes-Oxley Act (named after the authors of the bill), was created in the wake of corporate scandals and fraud which cost investors billions of dollars and threatened to undermine the economy. The law, also known as SOX for short, applies to any company that is publicly traded on United States markets. Much of the law governs accounting practices and the ch10.indd ch10.indd 867 12/4/2009 11:39:08 AM All-in-1 / CISSP All-in-One Exam Guide, 5th Ed. / Harris / 160217-8 CISSP All-in-One Exam Guide 868 methods used by companies to report on their financial status. However, some parts, Section 404 in particular, apply directly to information technology. SOX provides requirements for how companies must track, manage, and report on financial information. This includes safeguarding the data and guaranteeing its integrity and authenticity. Most companies rely on computer equipment and electronic storage for transacting and archiving data; therefore, processes and controls must be in place to protect the data. Failure to comply with the Sarbanes-Oxley Act can lead to stiff penalties and potentially significant jail time for company executives, including the Chief Executive Officer (CEO), the Chief Financial Officer (CFO), and others. The Health Insurance Portability and Accountability Act (HIPAA) The Health Insurance Portability and...
View Full Document

{[ snackBarMessage ]}

Ask a homework question - tutors are online