Detailed outline of topics and subtopics, as well as an annotated bibliography.Pick one country CONSIDER FORTHCOMING LEGISLATION Auditors should how forthcoming and existing legislation like GDPR & PCI-DSS could potentially be incorporated into cyber security programs. Also, auditors need to understand the global regulatory environment and the differences that can exist between geographic regions (e.g., GDPR – PCI-DSS across the EU/US/China/ Russia/India/Japan, etc.).