Sarbanes-Oxley Act (SOX) 2002: Federal law establishing requirements for internal controls (Section 404), audit independence, and documentation standards for testing procedures in public companies
IIA Standards: International Standards for the Professional Practice of Internal Auditing, including Code of Ethics requirements and testing methodology guidelines set by the Institute of Internal Auditors
Generally Accepted Auditing Standards (GAAS): Professional standards for substantive testing procedures, documentation requirements, and evidence collection guidelines in auditing
Federal Securities Laws: Including Securities Exchange Act of 1934, Securities Act of 1933, and relevant SEC regulations governing securities and financial reporting
Industry-Specific Regulations: Sector-specific requirements including Federal Reserve regulations for banking, HIPAA for healthcare, and FAR compliance for government contracts
State-Specific Audit Requirements: Various state-level regulatory requirements and documentation standards that may affect audit procedures and reporting
Professional Standards: Standards set by professional bodies including AICPA standards and PCAOB requirements for audit quality and methodology
Data Protection and Privacy Laws: Regulations governing data handling requirements, confidentiality provisions, and privacy protection standards in audit processes
