Aggregate information

Agreement on Trade-Related Aspects of Intellectual Property Rights (TRIPS)

Association of Computing Machinery (ACM)

Civil law

Computer Fraud and Abuse Act of 1986 (CFA Act)

Computer Security Act of 1987

Criminal law

Cultural mores

Department of Homeland Security (DHS)

Digital Millennium Copyright Act (DMCA)

Due care

Due diligence

Economic Espionage Act in 1996

Electronic Communications Privacy Act of 1986

Ethics

Federal Privacy Act of 1974

Financial Services Modernization Act or Gramm-Leach-Bliley Act of 1999

Fraud and Related Activity in Connection with Identification Documents, Authentication Features, and Information (Title 18, U.S.C. § 1028)

Freedom of Information Act

Georgia Computer Systems Protection Act

Health Insurance Portability and Accountability Act Of 1996 (HIPAA)

Information Systems Audit and Control Association (ISACA)

Information Systems Security Association (ISSA)

International Information Systems Security Certification Consortium, Inc. (ISC)2

Jurisdiction

Laws

Liability

Long arm jurisdiction

National Information Infrastructure Protection Act of 1996

National InfraGard Program

National Security Agency (NSA)

Policies

Privacy of Customer Information Section

Private law:

Public law

Restitution

Security and Freedom through Encryption Act of 1999

System Administration, Networking, and Security Institute (SANS)

U.S. Secret Service

USA PATRIOT Act of 2001

USA PATRIOT Improvement and Reauthorization Act

To minimize liabilities/reduce risks, the information security practitioner must

Laws

Ethics

Cultural mores

Criteria for policy enforcement

Implementation of information security legislation

Severity of penalties judged on the purpose

Privacy