THIS CHAPTER FOCUSES ON SPECIAL SECURITY ISSUES faced by publicly traded companies. Public companies must comply with a law that tries to improve corporate responsibility and stop fraudulent financial reporting. Rules and regulations created in response to the law impact information systems that process financial data. The rules require that these systems be reviewed to make sure that they appropriately control information security risks and threats to financial data.
This chapter reviews why Congress created this law. It also reviews how the law influences information security practices. Finally, it discusses how this law affects other kinds of organizations.