This document discusses laws, regulations, and ethics related to information security. It begins by explaining the importance of understanding an organization's legal responsibilities and keeping up with changing laws. It then discusses the differences between laws, ethics, and cultural norms. Several US and international laws are outlined pertaining to issues like computer crime, identity theft, copyright, and data privacy. The document also discusses the role of ethics and deterring unethical behavior through training, policies, and professional codes of conduct.