Term
| Information Systems (IS) Auditor |
|
Definition
| An auditor who works extensively in the area of computerized information systems, and has deep IT risk, control, and audit expertise |
|
|
Term
|
Definition
| A large depository of data, typically contained in many linked files, and stored in a manner that allows the data to be easily accessed, retrieved, and manipulated. |
|
|
Term
|
Definition
| A modular software system that enables an organization to integrate its business processes using a single operating database. |
|
|
Term
|
Definition
| The computer-to-computer exchange of business documents in electronic form between an organization and its trading partners. |
|
|
Term
|
Definition
| The leadership, structure, and oversight processes that ensure the organization's information technology supports the objectives and strategies of the organization. |
|
|
Term
|
Definition
| The process conducted by management to understand and handle the IT risks and opportunities that could affect the organization's ability to achieve its objectives. |
|
|
Term
|
Definition
| Support IT policies by more specifically defining what is required to achieve the organization's objectives. |
|
|
Term
| IT Organization and Management Controls |
|
Definition
| Provide assurance that the organization is structured with clearly defined lines of reporting and responsibility and has implemented effective control processes. |
|
|
Term
| IT Physical and Environmental Controls |
|
Definition
| Protect information system resources from accidental or intentional damage, misuse, or loss. |
|
|
Term
|
Definition
| Provide security ove tangible IT resouces. |
|
|
Term
|
Definition
| Provide security over software and information imbedded in the system. |
|
|
Term
|
Definition
| Transferring IT fuctions to an outside provider to achieve cost reductions while improving service quality and efficiency. |
|
|
Term
|
Definition
| IT risk and control assessments are assimilated into assurance engagements conducted to assess process-level finance reporting, operations, and/or compliance risks and controls. |
|
|
Term
|
Definition
| Provides internal auditors with guidance that will help them better understand the governance, risk management, and control issues surrounding IT. |
|
|
Term
|
Definition
| Describes the relationships among financial reporting risks, key process controls, automated controls and other critical IT functionality, and key IT general controls. |
|
|
