過去研究文獻中較少由歷程觀點探究法令遵循對內部控制制度與組織變革之影響，本研究透過個資新法在個案企業組織中衝擊與因應衍變，俾以瞭解在法令遵循要求下，企業組織在內部控制下會如何因應以符合法令要求。本研究目的希望透過法令遵循對企業組織衝擊與因應措施之觀察，能瞭解與發現及詮釋下列事項:1.在外部法令遵循要求下，企業組織會如何啟動其企業政策要求以符合法令要求。2.組織政策要求對內部單位間因應措施如何調適修正。3.在遵循法令過程中，企業組織內部相關部室交互影響的特徵與影響因素。本研究結論為企業組織政策要求與其內部因應措施，其成功與困難之關鍵 (critical factors)因素為，有(1)組織記憶、(2)法律實行日期明確性、(3)企業績效目標、(4)企業組織文化、(5)高階主管支持影響企業資源配置、(6)外部資源導入會加速組織整合成效。 In past literatures, there was a lack of research that the effect of legal compliance influencing over the internal control system.This research is based on the impact of Personal Information Protection Act on the organization and responses of the Case, the corporation, in order to understand how the organization will meet the requirements of the law and regulation under the internal control. The purposes of this study are to observe the impact of corporate organizations and responses and measures through legal and regulation compliance to understand and find and interpret the following:1. Under the requirement of legal compliance from outside, how does an organization initiate its business policy to meet the requirements of legal compliance,2. Under the requirement of Corporation policy, how does an organization adjust and amend the measurement of the internal units among the company,3. In the process of legal and regulations compliance, what are the characteristics and critical factors of the interaction among the relevant departments in the organizations?The results of this study are as following critical factors: (1) Organizational memory, (2) The date for enforcement of Act or regulation shall be precise date of date, (3) Corporate performance objectives, (4) The organizational culture of the enterprise, (5) The top managements’ participation affects the allocation of the enterprise resource, (6) The implementation of external resources will accelerate integration effect.