nerdexam
EC-Council

312-50V11 · Question #999

What information security law or standard aims at protecting stakeholders and the general public from accounting errors and fraudulent activities within organizations?

The correct answer is C. SOX. The Sarbanes-Oxley Act (SOX) is the U.S. federal law enacted specifically to protect shareholders and the public from corporate accounting fraud and errors by mandating strict financial reporting and internal control requirements.

Information Security and Ethical Hacking Fundamentals

Question

What information security law or standard aims at protecting stakeholders and the general public from accounting errors and fraudulent activities within organizations?

Options

  • APCI-DSS
  • BFISMA
  • CSOX
  • DISO/I EC 27001:2013

How the community answered

(34 responses)
  • A
    3% (1)
  • B
    6% (2)
  • C
    88% (30)
  • D
    3% (1)

Why each option

The Sarbanes-Oxley Act (SOX) is the U.S. federal law enacted specifically to protect shareholders and the public from corporate accounting fraud and errors by mandating strict financial reporting and internal control requirements.

APCI-DSS

PCI-DSS (Payment Card Industry Data Security Standard) is a contractual security standard focused on protecting cardholder data during payment processing, not on accounting integrity or corporate fraud.

BFISMA

FISMA (Federal Information Security Management Act) governs information security programs for U.S. federal government agencies and contractors, not corporate financial accountability.

CSOXCorrect

SOX was enacted in 2002 in direct response to high-profile corporate accounting scandals such as Enron and WorldCom. It establishes requirements for accurate financial disclosures, internal controls over financial reporting, and personal accountability for corporate executives, with the explicit goal of protecting investors and the public from fraudulent or erroneous financial activities within organizations.

DISO/I EC 27001:2013

ISO/IEC 27001:2013 is an international standard for establishing and managing an information security management system (ISMS) and does not address financial reporting, accounting errors, or corporate fraud.

Concept tested: Sarbanes-Oxley Act SOX financial fraud protection

Source: https://www.sec.gov/about/laws/soa2002.pdf

Topics

#SOX#compliance framework#accounting fraud#regulatory law

Community Discussion

No community discussion yet for this question.

Full 312-50V11 Practice