Aggregate information
Agreement on Trade-Related Aspects of Intellectual Property Rights (TRIPS)
Association of Computing Machinery (ACM)
Civil law
Computer Fraud and Abuse Act of 1986 (CFA Act)
Computer Security Act of 1987
Criminal law
Cultural mores
Department of Homeland Security (DHS)
Digital Millennium Copyright Act (DMCA)
Due care
Due diligence
Economic Espionage Act in 1996
Electronic Communications Privacy Act of 1986
Ethics
Federal Privacy Act of 1974
Financial Services Modernization Act or Gramm-Leach-Bliley Act of 1999
Fraud and Related Activity in Connection with Identification Documents, Authentication Features, and Information (Title 18, U.S.C. § 1028)
Freedom of Information Act
Georgia Computer Systems Protection Act
Health Insurance Portability and Accountability Act Of 1996 (HIPAA)
Information Systems Audit and Control Association (ISACA)
Information Systems Security Association (ISSA)
International Information Systems Security Certification Consortium, Inc. (ISC)2
Jurisdiction
Laws
Liability
Long arm jurisdiction
National Information Infrastructure Protection Act of 1996
National InfraGard Program
National Security Agency (NSA)
Policies
Privacy of Customer Information Section
Private law:
Public law
Restitution
Security and Freedom through Encryption Act of 1999
System Administration, Networking, and Security Institute (SANS)
U.S. Secret Service
USA PATRIOT Act of 2001
USA PATRIOT Improvement and Reauthorization Act
To minimize liabilities/reduce risks, the information security practitioner must
Laws
Ethics
Cultural mores
Criteria for policy enforcement
Implementation of information security legislation
Severity of penalties judged on the purpose
Privacy