PDPA 2012: Singapore's Personal Data Protection Act - Primary legislation governing the collection, use, disclosure, and care of personal data. Must be considered for data handling aspects of the IT audit.

Cybersecurity Act 2018: Singapore's framework for the protection of Critical Information Infrastructure (CII) and regulation of cybersecurity service providers. Essential for security assessment components of the audit.

Computer Misuse Act: Legislation dealing with unauthorized access and modification of computer material. Relevant for security testing and penetration testing scope.

MAS TRM Guidelines: Monetary Authority of Singapore's Technology Risk Management Guidelines - Crucial if the audit involves financial institutions or fintech companies.

Healthcare Cybersecurity Requirements: Specific requirements for healthcare sector including patient data protection and healthcare-specific IT systems compliance.

Public Sector Requirements: Government-specific IT security and data handling requirements applicable for public sector entities.

Companies Act: Singapore's primary legislation governing corporate entities, relevant for corporate governance aspects of IT systems.

Singapore Contract Law: Based on English common law principles, governs the formation and enforcement of the audit proposal contract.

ISO 27001: International standard for information security management systems, providing framework for IT audit methodology.

ISACA Framework: Professional framework for IT governance and audit, providing structured approach for audit execution.

NIST Cybersecurity Framework: US-based framework widely used for cybersecurity assessments and risk management.

SOC Standards: Service Organization Control standards for assessing internal controls and security measures.

GDPR Compliance: EU's General Data Protection Regulation requirements if the audit scope includes handling of EU residents' data.