Sarbanes-Oxley Act (SOX): Federal law that establishes requirements for financial reporting, corporate governance, and internal control assessments for public companies
Federal Information Security Management Act (FISMA): Legislation that defines a comprehensive framework to protect government information, operations, and assets against natural or human threats
Health Insurance Portability and Accountability Act (HIPAA): Federal law that creates national standards to protect sensitive patient health information and ensures patient privacy rights
Gramm-Leach-Bliley Act (GLBA): Financial services regulation that requires financial institutions to explain their information-sharing practices and protect sensitive data
Fair Labor Standards Act (FLSA): Federal law establishing standards for wage, overtime pay, recordkeeping, and youth employment
Payment Card Industry Data Security Standard (PCI DSS): Security standard for organizations that handle credit card information to ensure protection of payment data
Family Educational Rights and Privacy Act (FERPA): Federal law that protects the privacy of student education records and applies to all schools receiving federal funding
FDA Regulations: Comprehensive regulations governing pharmaceutical, medical device, and food safety compliance requirements
Defense Federal Acquisition Regulation Supplement (DFARS): Department of Defense-specific regulations for government contractors regarding cybersecurity and compliance
California Consumer Privacy Act (CCPA): State law providing California residents with rights regarding their personal information and data privacy
General Data Protection Regulation (GDPR): EU privacy regulation with global impact, establishing strict requirements for processing personal data of EU residents
NIST Cybersecurity Framework: Voluntary guidance for private sector organizations to better manage and reduce cybersecurity risk
ISO 27001: International standard providing requirements for information security management systems (ISMS)
COBIT Framework: Framework for the governance and management of enterprise information and technology
COSO Internal Control Framework: Framework designed to improve organizational performance and governance through effective internal control
EEOC Requirements: Federal agency requirements preventing workplace discrimination and promoting equal opportunity employment
EPA Requirements: Federal environmental regulations governing organizations' environmental impact and compliance obligations
