Legislation in the CISSP exam, in general, is not specific to any country. The exam does, however, expect you to know, at least at the definition/purpose level, the common regulatory standards (well-known across the world).
This means that you will be required to know about, say SoX and GDPR. What you don’t need to focus on, for passing the CISSP exam at least, is the specifics. For example, you don’t have to memorise the controls or the details of each control.
Do keep in mind, however, that the ISC2 CISSP book specifies details on both commonly-known regulations and also less commonly-known regulations. The rule of thumb is to only stick to these at the purpose/ definition level. The reason I say this is because if you see these regulations in the exam question, at least your mind will be coded to think right and support you to land on the right answer amongst the 4 choices given.
Let us now list down some of the important ones - which you must know at the definition/ purpose level. Also, there is no need to remember the years when these acts were passed in the parliament (you can thank me later for this relief!).
https://en.wikipedia.org/wiki/Sarbanes%E2%80%93Oxley_Act
https://en.wikipedia.org/wiki/General_Data_Protection_Regulation
https://en.wikipedia.org/wiki/Computer_Fraud_and_Abuse_Act
https://en.wikipedia.org/wiki/Gramm%E2%80%93Leach%E2%80%93Bliley_Act
https://en.wikipedia.org/wiki/Federal_Information_Security_Management_Act_of_2002
https://en.wikipedia.org/wiki/Privacy_Act_of_1974
https://en.wikipedia.org/wiki/NIST_Special_Publication_800-53
https://en.wikipedia.org/wiki/Economic_Espionage_Act_of_1996
https://en.wikipedia.org/…/Health_Insurance_Portability_and…
https://en.wikipedia.org/…/Payment_Card_Industry_Data_Secur…
https://en.wikipedia.org/wiki/Electronic_Communications_Privacy_Act
https://en.wikipedia.org/wiki/Economic_Espionage_Act_of_1996
https://en.wikipedia.org/wiki/Patriot_Act
The author is a professional CISSP trainer within Cyber Management Alliance’s training pool. He is CM-Alliance’s CISSP/CISA/ISO 27001/SOX/Information Risk Management/SAP Cyber security trainer. He has an MBA (Finance), along with qualifications in Computer Engineering, CISSP, CISA, ITIL (expert), COBIT (foundations), and SAP security.
If you are interested in exploring our CISSP Training & Mentorship programme details and register for your Free CISSP session or contact us at info@cm-alliance.com.
For more information on Cyber Management Alliance, ISO 27001 Certification, our Live Online CISSP Training & Mentorship program, GDPR consultation and workshops, and other courses, webinars, the Wisdom of Crowds live and virtual events, and Insights With Cyber Leaders series of executive interviews, contact us today.