Chapter 7 Corporate Information Security and Privacy Regulation
by Joanna Lyn Grama
Legal and Privacy Issues in Information Security, 3rd Edition
- Cover
- Title Page
- Copyright Page
- Contents
- Dedication
- Preface
- Acknowledgments
- About the Author
- Chapter 1 Information Security Overview
- Why Is Information Security an Issue?
- What Is Information Security?
- Basic Information Security Concepts
- What Are Common Information Security Concerns?
- What Are the Mechanisms That Ensure Information Security?
- U.S. National Security Information
- Do Special Kinds of Data Require Special Kinds of Protection?
- Chapter Summary
- Key Concepts and Terms
- Chapter 1 Assessment
- Endnotes
- Chapter 2 Privacy Overview
- Why Is Privacy an Issue?
- What Is Privacy?
- How Is Privacy Different from Information Security?
- What Are the Sources of Privacy Law?
- What Are Threats to Personal Data Privacy in the Information Age?
- What Is Workplace Privacy?
- What Are General Principles for Privacy Protection in Information Systems?
- Chapter Summary
- Key Concepts and Terms
- Chapter 2 Assessment
- Endnotes
- Chapter 3 The American Legal System
- Chapter 4 Security and Privacy of Consumer Financial Information
- Business Challenges Facing Financial Institutions
- The Different Types of Financial Institutions
- Consumer Financial Information
- Who Regulates Financial Institutions?
- The Federal Reserve System
- Federal Deposit Insurance Corporation
- National Credit Union Administration
- Office of the Comptroller of the Currency
- Special Role of the Federal Financial Institutions Examination Council
- Special Roles of the Consumer Financial Protection Bureau and the Federal Trade Commission
- The Gramm-Leach-Bliley Act
- Federal Trade Commission Red Flags Rule
- Payment Card Industry Standards
- Case Studies and Examples
- Chapter Summary
- Key Concepts and Terms
- Chapter 4 Assessment
- Endnotes
- Chapter 5 Security and Privacy of Information Belonging to Children and in Educational Records
- Chapter 6 Security and Privacy of Health Information
- Business Challenges Facing the Healthcare Industry
- Why Is Healthcare Information So Sensitive?
- The Health Insurance Portability and Accountability Act
- The Role of State Laws Protecting Medical Records
- Case Studies and Examples
- Chapter Summary
- Key Concepts and Terms
- Chapter 6 Assessment
- Endnotes
- Chapter 7 Corporate Information Security and Privacy Regulation
- The Enron Scandal and Securities-Law Reform
- Why Is Accurate Financial Reporting Important?
- The Sarbanes-Oxley Act of 2002
- Compliance and Security Controls
- SOX Influence in Other Types of Companies
- Corporate Privacy Issues
- Case Studies and Examples
- Chapter Summary
- Key Concepts and Terms
- Chapter 7 Assessment
- Endnotes
- Chapter 8 Federal Government Information Security and Privacy Regulations
- Chapter 9 State Laws Protecting Citizen Information and Breach Notification Laws
- Chapter 10 Intellectual Property Law
- The Digital Wild West and the Importance of Intellectual Property Law
- Legal Ownership and the Importance of Protecting Intellectual Property
- Patents
- Trademarks
- Copyright
- Protecting Copyrights Online—The Digital Millennium Copyright Act (DMCA)
- Case Studies and Examples
- Chapter Summary
- Key Concepts and Terms
- Chapter 10 Assessment
- Endnotes
- Chapter 11 The Role of Contracts
- Chapter 12 Criminal Law and Tort Law Issues in Cyberspace
- Chapter 13 Information Security Governance
- What Is Information Security Governance?
- Information Security Governance Documents
- Recommended Information Security Policies
- Case Studies and Examples
- Chapter Summary
- Key Concepts and Terms
- Chapter 13 Assessment
- Endnotes
- Chapter 14 Risk Analysis, Incident Response, and Contingency Planning
- Chapter 15 Computer Forensics and Investigations
- Appendix A Answer Key
- Appendix B Standard Acronyms
- Appendix C Law and Case Citations
- Appendix D The Constitution of the United States of America
- Glossary of Key Terms
- References
- Index
© mirjanajovic/DigitalVision Vectors/Getty Images
Corporate Information Security and Privacy Regulation
THIS CHAPTER FOCUSES ON special security issues faced by publicly traded companies. Public companies must comply with a law that tries to improve corporate responsibility and stop fraudulent financial reporting. Rules and regulations created in response to the law impact information systems that process financial data. The rules require that these systems be reviewed to make sure that they appropriately control information security risks and threats to financial data.
This chapter reviews why Congress created this law. It also reviews how the law influences information security practices. Finally, it discusses how this law affects other kinds of organizations.
Chapter 7 Topics
This chapter covers the following topics and concepts:
- How the Enron scandal led to securities-law reform
- Why accurate financial reporting is important
- What the Sarbanes-Oxley Act (SOX) is
- What compliance and security controls are
- How SOX influences other types of companies
- What some corporate privacy issues are
- What some case studies and examples are
Chapter 7 Goals
When you complete this chapter, you will be able to:
- Describe the difference between public and private companies
- Explain the history behind the Sarbanes-Oxley Act
- Discuss the main requirements of the Sarbanes-Oxley Act
- Explain the role of the Public Company Accounting Oversight Board
- Describe how Section 404 internal control requirements impact information security
- Discuss frameworks used to guide Sarbanes-Oxley internal control requirements
-
No Comment
..................Content has been hidden....................
You can't read the all page of ebook, please click here login for view all page.