Ethics and Regulations for System Administrators

With the recent news of Bernie Madoff's programmers being indicted, it got me thinking about ethics in IT.  The SAGE/LOPSA System Administrators' Code of Ethics does a good job of outlining ethical concerns for system administrators, and related to the Madoff case it has this point:
Laws and Policies
I will educate myself and others on relevant laws, regulations, and policies regarding the performance of my duties.

Oddly enough though, the System Administrators' Code of Ethics does not state "I will follow relevant laws, regulations..."

Now, for the Madoff programmers it had to be obvious that they were violating the law by falsifying broker and investment advisor records.  For this rest of us though, finding out which laws are relevant to our job or industry can be quite difficult.  Even the experts frequently disagree on legal requirements in IT, and regulations like SOX and HIPAA do not have specific technical requirements for system administrators.

What resources have you found which outline the regulatory and legal concerns for system administrators and IT in general?  Have you ever had to bring up an ethical or legal concern with management or outside parties?