The department of NARA provided the total guidelines to
the federal agencies, official departments and to the other
organization about the record keeping of data and the documentary material for the purpose of strict compliance. When an organization is conducting the business then it will create number of records in the form of variety of media, the quality of record accuracy and reliability is vary from organization to organization and from program to program. The guidelines provided by the government and the relevant compliance departments will help the organization in not only efficient record keeping as well as in making the available data and information ready for the correct compliance that provides the true and clear picture about the organization.. It provides the standards for categorizing the information systems in order to protect from mission impact. It provides standards that consist of minimum requirements of security of information system. Provide guidelines in selecting the security controls for the purpose of information system. Provide guidelines in assessing as well as determining the effectiveness of security control. Provide guidelines in order to security authorization about the information system. It also provides the guidelines about monitoring and authorization of security information systems. Oversight board Independence of Auditor Financial disclosure All the relevant information must be now disclosed that affect the financial status of the business and those items are mostly off balance sheet. From its implementation the law enforces the restriction on taking the personal loan from the corporation to its executives. This act applies on the financial institutions or to those companies who offered financial services or products for example loans, investment advice or the insurance. The federal trade community imposed the law on the organizations related to the law of financial institutions that are not covered by the federal agencies and the SEC. Consumer is person who obtained financial services form the institution for himself, for his family or for the household reasons and the customer is a person who is basically a consumer and continuing the relationship with the institution. In case if the companies share the consumer’s information from another companies then in such case the consumers will receive the privacy notice from the financial institutions. The customer will receive such notice every year as long as he or she became the customer of the company. All the companies equipped with the PCI DSS means that your all business systems are secure and customers are now able to trust you with the information sharing about their sensitive payments cards. Compliance will improve the company’s reputation and the brand of payments and the partners one need in doing the business. Compliance consists of an ongoing process and it is not a onetime event. It will help the institutions to prevent the security breaches as well as from theft of card payment data. This is basically a federal health insurance portability and Accountability Act 1996 and the primary responsibility of the law is to create the ways that help the general public to keep the health insurance. The major important part of that is to provide security and protect the confidentiality of the health care information about the registered individuals. This act basically deals in two titles one is dealing with the portability and the second one is focusing on the administration simplifications. Give rights to the patients to control their information about their health. 2. Set boundaries on the release of the information. 3. Maintain the balance when the health responsibilities support disclosure of some certain kind of data. The deadline in the case of comply with the Privacy rule in April 14, 2003 the major three types of entities covered and specified by the rule 45 CFR and those cover entities are as following, 1. Health plans 2. Health care providers that transfer the information into electronic form 3. Clearing house of healthcare centers. This law protects the rules for securing the legal rights of persons or group of persons relevant to the legal rights about the designs, inventions and about the art work. It works like as the personal property protection rights are working so we can say that this law deals with the control of and dealings with the personal property that are intangible assets. The purpose behind this law is to provide the people incentives to work creatively Committee on National Security Systems: National Information Assurance (IA) Glossary, CNSS Instruction No. 4009, 26 April 2010. ISACA. (2008). Glossary of terms, 2008. Retrieved from http://www.isaca.org/Knowledge- Center/Documents/Glossary/glossary.pdf Pipkin, D. (2000). Information security: Protecting the global enterprise. New York: Hewlett-Packard Company. B., McDermott, E., & Geer, D. (2001). Information security is information risk management. In Proceedings of the 2001 Workshop on New Security Paradigms NSPW ‘01, (pp. 97 – 104). ACM. doi:10.1145/508171.508187 Anderson, J. M. (2003). "Why we need a new definition of information security". Computers & Security, 22(4), 308–313. doi:10.1016/S0167-4048(03)00407-3. Venter, H. S., & Eloff, J. H. P. (2003). "A taxonomy for information security technologies". Computers & Security,