tiktok���˰�

Sarbanes-Oxley Act (SOX): Federal law that applies to publicly traded companies, requiring specific internal control assessments and financial reporting standards

Gramm-Leach-Bliley Act (GLBA): Federal legislation requiring financial institutions to explain their information-sharing practices and protect sensitive customer data

Health Insurance Portability and Accountability Act (HIPAA): Federal law that sets standards for protecting sensitive patient health information in healthcare organizations

Federal Information Security Management Act (FISMA): Federal law that defines cybersecurity framework for federal agencies and their contractors

General Data Protection Regulation (GDPR): EU regulation that applies to US companies handling EU citizens' data, requiring specific data protection and privacy standards

Payment Card Industry Data Security Standard (PCI DSS): Industry security standard for organizations that handle credit card transactions and payments

NIST Cybersecurity Framework: Voluntary framework of computer security guidance for private sector organizations to assess and improve their ability to prevent, detect, and respond to cyber attacks

ISO/IEC 27001: International standard for information security management systems (ISMS) providing requirements for establishing, implementing, and maintaining an ISMS

State Data Breach Notification Laws: Various state-specific laws requiring organizations to notify individuals of security breaches involving personally identifiable information

California Consumer Privacy Act (CCPA): State-specific privacy law providing California residents with rights regarding their personal information

Federal Acquisition Regulation (FAR): Principal set of rules governing the federal government's purchasing process and requirements for government contractors

AICPA IT Audit Standards: Professional standards set by the American Institute of CPAs for conducting IT audits

ISACA IT Audit Framework: Professional framework providing guidance for IT audit professionals on planning, conducting, and reporting on IT audits

Generally Accepted Government Auditing Standards (GAGAS): Professional standards for government auditing that provide a framework for conducting high-quality audits with competence, integrity, objectivity, and independence