Chapter 18 provides discussion on the legal environment and the IT auditor’s role in assisting management and legal counsel. Much has happened in our world and changed our views and outlook. The events of September 11th, 2001 have made us more security conscious. The financial disasters of Enron, WorldCom, and others have generated the call for new laws and federal regulation. With the services industry expanding, the importance of financial responsibility, contract compliance, and monitoring has grown proportionally, exceeding the abilities of the organization to successfully identify problems and alert management to take action before they become business disasters or frauds and end up in the courts. Recent rulings and laws have hastened organizations to examine corporations’ use of electronic mail, intranets, extranets, and the Internet itself. Government’s concern for protection of individual rights has generated a frenzy worldwide and global positioning for information control and dissemination. The Homeland Security Act and the Sarbanes-Oxley Act will have tremendous impact on the audit, control, and security of IT in business and our lives.