A key challenge for all IT executive teams is to ensure that the organization avoids breaches of any criminal or civil law, as well as any statutory, regulatory or contractual obligations, and of any security requirements. Everyone in the IT organization (and outside it) needs to have an understanding of the legislation that applies to your organization. This Pocket Guide gives handy, easily-understood guidance on the key aspects of all the key regulations. This pocket guide covers essential North American IT- and information-related regulation, including: * Corporate governance, particularly Sarbanes-Oxley * Basel2 * Breach Notification laws * Online personal privacy * Workplace privacy * HIPAA * GLBA * FRCA * CAN-SPAM Act * FISMA * FFIEC * EU Safe Harbor Framework * PIPEDA * Intellectual Property Rights * Safeguarding organizational records Everyone in the organization should be aware of their specific responsibilities, and the specific controls and individual responsibilities to meet these requirements should be documented and kept up-to-date, and should be linked to the list of all the data assets and processes in the organization, together with their ownership details.