Posted by: Robert Davis
FCPA, Foreign Corrupt Practices Act, GLBA, Gramm-Leach-Bliley Act, Health Insurance Portability and Accountability Act, HIPAA, IAP, Information Asset Protection, Information Security Governance, Information Security Management, ISG, ISM, Sarbanes Oxley Act, SOA, SOX
There are numerous global, regional as well as national laws and regulations focusing on information assets protection (IAP) requiring professional consideration. In particular, at the global level, the World Intellectual Property Organization (WIPO) and World Trade Organization (WTO) have constructed legally binding derivative IAP agreements. While regionally, trans-border coalitions adopting or enacting IAP related laws include the Asia-Pacific Economic Co-operation (APEC), the Council of Europe (COE), the European Union (EU), the Organization of American States (OAS), and the Organization for Economic Cooperation and Development (OECD). Lastly, the Canadian Personal Information Protection and Electronic Documents Act (PIPEDA), the U.K. Data Protection Act, the U.S. Digital Millennium Copyright Act (DMCA), and the U.S. Federal Information Security Management Act (FISMA) are clear examples of IAP national legislation that may affect an entity’s control framework.