Sarbanes-Oxley Act (SOX) 2002: Primary federal legislation for public companies that sets requirements for financial reporting, internal controls, and corporate governance
FDICIA: Federal Deposit Insurance Corporation Improvement Act that establishes standards for banking institutions and their internal control reporting
Dodd-Frank Act: Wall Street Reform and Consumer Protection Act that regulates financial institutions and includes provisions for corporate governance and reporting
FCPA: Foreign Corrupt Practices Act that requires companies to maintain accurate books and records and implement adequate internal accounting controls
Bank Secrecy Act: Requires financial institutions to assist government agencies in detecting and preventing money laundering
HIPAA: Health Insurance Portability and Accountability Act that sets standards for protecting sensitive patient health information
SEC Regulations: Securities and Exchange Commission requirements for public companies, including reporting and disclosure obligations
CFPB Requirements: Consumer Financial Protection Bureau regulations protecting consumers in the financial sector
IIA Standards: Institute of Internal Auditors professional standards governing the practice of internal auditing
GAAS: Generally Accepted Auditing Standards providing framework for conducting financial audits
COSO Framework: Internal control framework providing guidance on risk management and fraud deterrence
COBIT Framework: Framework for IT governance and management, specifically relevant for IT audits
State Data Privacy Laws: Various state-specific regulations governing data privacy and protection, such as CCPA in California
Gramm-Leach-Bliley Act: Requires financial institutions to explain their information-sharing practices and protect sensitive data
FISMA: Federal Information Security Management Act defining framework for protecting government information and operations
Fair Labor Standards Act: Federal law establishing standards for wages, overtime pay, and employment records
EEO Laws: Equal Employment Opportunity laws prohibiting workplace discrimination and requiring compliance documentation
PCI DSS: Payment Card Industry Data Security Standard setting requirements for organizations handling credit card information
ISO Standards: International Organization for Standardization frameworks for quality management and information security
NIST Framework: National Institute of Standards and Technology cybersecurity framework for managing and reducing cybersecurity risk
