What information security law or standard aims at protecting stakeholders and the general public from accounting errors and fraudulent activities within organizations?
SOX stands for Sarbanes-Oxley Act of 2002. It is a U.S. federal law enacted to protect shareholders and the general public from accounting errors and corporate fraud.
Key points:
Requires strict internal controls and financial disclosures in publicly traded companies.
Mandates regular audits and IT security controls related to financial data.
Applies especially to accounting systems, databases, access controls, and IT procedures related to financial reporting.
Incorrect Options:
A. PCI-DSS relates to securing credit card data.
B. FISMA pertains to federal agency cybersecurity standards.
D. ISO/IEC 27001:2013 is an international information security standard, not a legal requirement for financial integrity.
Reference – CEH v13 Official Courseware:
Module 01: Introduction to Ethical Hacking
Section: “Compliance and Legal Concepts”
Table: "Major Laws and Regulations in Information Security"
===========
Contribute your Thoughts:
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit