Security laws, regulations and guidelines directory

By CSO staff, CSO |  Security, privacy, regulation

This directory includes laws, regulations and industry guidelines with significant security and privacy impact and requirements. Each entry includes a link to the full text of the law or reg as well as information about what and who is covered.

The list is intentionally US-centric, but includes selected laws of other nations that have an impact on US-based global companies.

The security regulations and guidelines directory will be updated and expanded over time on Please email editor Derek Slater ( with suggestions or updates.

Click on a link to skip to a subsection of the directory:

* Broadly applicable laws and regulations

* Industry-specific guidelines and requirements

* Key state laws

* International laws

Section one: Broadly applicable laws and regulations

Sarbanes-Oxley Act (aka Sarbox, SOX)

What Sarbanes-Oxley covers: Enacted in 2002, the Sarbanes-Oxley Act is designed to protect investors and the public by increasing the accuracy and reliability of corporate disclosures. It was enacted after the high-profile Enron and WorldCom financial scandals of the early 2000s. It is administered by the Securities and Exchange Commission, which publishes SOX rules and requirements defining audit requirements and the records businesses should store and for how long.

More about Sarbanes-Oxley

* How infosec can learn to love Sarbanes-Oxley

* Cyberattacks a SOX issue?

Who is affected: U.S. public company boards, management and public accounting firms.

Full text of Sarbanes-Oxley Act:

Key requirements/provisions: The Act is organized into 11 titles:

1. Public Company Accounting Oversight

2. Auditor Independence

3. Corporate Responsibility

4. Enhanced Financial Disclosures

5. Analyst Conflicts of Interest

6. Commission Resources and Authority

7. Studies and Reports

8. Corporate and Criminal Fraud Accountability

Originally published on CSO |  Click here to read the original story.
Join us:






Spotlight on ...
Online Training

    Upgrade your skills and earn higher pay

    Readers to share their best tips for maximizing training dollars and getting the most out self-directed learning. Here’s what they said.


    Learn more

Answers - Powered by ITworld

ITworld Answers helps you solve problems and share expertise. Ask a question or take a crack at answering the new questions below.

Ask a Question