Which United States law is focused on accounting and financial practices of organizations?
Click on the arrows to vote for the correct answer
A. B. C. D.C.
The Sarbanes-Oxley (SOX) Act is not an act that pertains to privacy or IT security directly, but rather regulates accounting and financial practices used by organizations.
It was passed to protect stakeholders and shareholders from improper practices and errors, and it sets forth rules for compliance, regulated and enforced by the Securities and Exchange Commission (SEC)
The main influence on IT systems and operations is the requirements it sets for data retention, specifically in regard to what types of records must be preserved and for how long.
The correct answer is C. SOX (Sarbanes-Oxley Act)
The Sarbanes-Oxley Act (SOX) is a United States law that was passed in 2002. The law is named after its sponsors, Senator Paul Sarbanes and Representative Michael Oxley. SOX is focused on the accounting and financial practices of organizations, particularly public companies.
SOX was created in response to several high-profile accounting scandals, including those at Enron and WorldCom. The law was intended to restore investor confidence in the financial markets by requiring public companies to be more transparent in their financial reporting.
SOX requires public companies to establish and maintain internal controls over financial reporting, and to have those controls audited annually by an independent auditor. The law also requires companies to disclose any material weaknesses in their internal controls, and to disclose any fraud involving management or employees.
GLBA (Gramm-Leach-Bliley Act) is a U.S. law that regulates the financial industry and governs how financial institutions handle consumer data. It requires financial institutions to explain their information-sharing practices to their customers and to safeguard sensitive data.
HIPAA (Health Insurance Portability and Accountability Act) is a U.S. law that governs the privacy and security of protected health information (PHI). It requires covered entities to safeguard PHI and to limit its use and disclosure.
Safe Harbor was a framework that allowed U.S. companies to transfer personal data from the European Union to the United States in compliance with EU data protection laws. However, the framework was invalidated in 2015 by the European Court of Justice.