Effective CISSP Questions

Public traded companies in the US are subject to the Sarbanes-Oxley Act (SOX). Which of the following best describes the position of SOX?
A. Statute
B. Regulation
C. Common law
D. Tort

Kindly be reminded that the suggested answer is for your reference only. It doesn’t matter whether you have the right or wrong answer. What really matters is your reasoning process and justifications.

My suggested answer is A. Statute.

SOX, a statute, is a public law (Pub.L. 107–204) passed by the US congress, the legislative branch. It delegates the government agency, Securities and Exchange Commission (SEC) to create regulations to define how public corporations comply with the law.

SOX as a Statute

The Sarbanes–Oxley Act of 2002 (Pub.L. 107–204, 116 Stat. 745, enacted July 30, 2002), also known as the “Public Company Accounting Reform and Investor Protection Act” (in the Senate) and “Corporate and Auditing Accountability, Responsibility, and Transparency Act” (in the House) and more commonly called Sarbanes–Oxley, Sarbox or SOX, is a United States federal law that set new or expanded requirements for all U.S. public company boards, management and public accounting firms. A number of provisions of the Act also apply to privately held companies, such as the willful destruction of evidence to impede a federal investigation.

Regulations Created by SEC

The bill, which contains eleven sections, was enacted as a reaction to a number of major corporate and accounting scandals, including Enron and WorldCom. The sections of the bill cover responsibilities of a public corporation’s board of directors, add criminal penalties for certain misconduct, and require the Securities and Exchange Commission to create regulations to define how public corporations are to comply with the law.

Source: Wikipedia

Statute, Regulation, and Common Law

There are three branches of the US government: legislative, executive, and judicial branches.

  • Statutes are rules made by legislative bodies; they are distinguished from case law or precedent, which is decided by courts, and regulations issued by government agencies. (Wikipedia)
  • The case law made by judges and courts (judge-made law) is also known as common law. (University of Virginia School of Law)

The Government of The US



My new book, The Effective CISSP: Security and Risk Management, helps CISSP aspirants build a solid conceptual security model. It is not only a tutorial for information security but also a study guide for the CISSP exam and an informative reference for security professionals.

美國的上市公司必須遵守《薩班斯-奧克斯利法案》(SOX)。 以下哪項最能描述SOX的定位?
A. 法案 (Statute)
B. 法規 (Regulation)
C. 普通法 (Common law)
D. 侵權 (Tort)


Leave a Reply