Term
|
Definition
| Control Objectives for Information Technology. Extensive framework of information technology controls. Important for those who design and audit IT systems. |
|
|
Term
| Trust Services Principles |
|
Definition
| The written guidance for CPAs who provide assurance services for organizations. |
|
|
Term
| IT Risk and control Categories |
|
Definition
| 1. Security 2. Availability 3. Process integrity 4. Online privacy 5. Confidentiality |
|
|
Term
|
Definition
| defined by COBIT as effectiveness, efficiency, confidentiality, integrity, availability, compliance, and reliability |
|
|
Term
|
Definition
| defined by COBIT as applications, information, infrastructure, and people |
|
|
Term
|
Definition
| set of procedures and policies adopted within an organization to safeguard its assets, check the accuracy and reliability of its data, promote operational efficiency, and encourage adherence to prescribed managerial practices. |
|
|
Term
|
Definition
| a prescribed sequence of work steps performed in order to produce a desired result for the organization. |
|
|
Term
| accounting information system |
|
Definition
comprise the processes, procedures, and systems that capture accounting data from business processes;
record, process, report accounting data to internal and external users. |
|
|
Term
|
Definition
| provides materials or operating supplies to an organization |
|
|
Term
|
Definition
| entities, processes, and information flows that involve the movement of materials, funds, and related information through the full logistics process (from acquisition of raw materials to the delivery of finished goods) |
|
|
Term
|
Definition
| the management and control of all materials, funds, and related information in the logistics process. |
|
|
Term
|
Definition
| occurs when you use IT to enhance efficiency and effectiveness of internal or supply chain processes |
|
|
Term
|
Definition
| computers, ancillary equipment, software, services, and related resources as applied to support business processes |
|
|
Term
| business process reengineering (BPR) |
|
Definition
| the purposeful and organized changing of business processes to make them more efficient |
|
|
Term
|
Definition
| smallest unit of information in a computer system |
|
|
Term
|
Definition
| a unit of storage that represents one character |
|
|
Term
|
Definition
| one item within a record (for example, a last name) |
|
|
Term
|
Definition
| a set of related fields for the same entity |
|
|
Term
|
Definition
| an entire set of related records |
|
|
Term
|
Definition
| a collection of data stored on the computer in a form that allows the data to be easily accessed, retrieved, manipulated, and stored. |
|
|
Term
| How is data organized in the data hierarchy? |
|
Definition
| bit, byte, field, record, file, database |
|
|
Term
|
Definition
| stores data in several small 2-D tables that can be joined together in many varying ways to represent many different kinds of relationships among data |
|
|
Term
|
Definition
| relatively permanent files that maintain the detailed data for each major process |
|
|
Term
|
Definition
| set of relatively temporary records that will be processed to update the master file |
|
|
Term
|
Definition
| stores records in sequence with one right after another |
|
|
Term
|
Definition
| not written or read in sequential order; stored in random order on disk media |
|
|
Term
| indexed sequential access method |
|
Definition
| (ISAM) files are stored sequentially, but can also be accessed randomly because an index allows random access to specific records |
|
|
Term
|
Definition
| all similar transactions are grouped together for a specified time, and then this group of transactions is processed as a batch |
|
|
Term
|
Definition
| the opposite of batch processing, each transaction is entered and processed one at a time |
|
|
Term
|
Definition
| the transaction is processed immediately, and in real time, so the output is available immediately |
|
|
Term
|
Definition
| integrated collection of enterprise-wide data that includes 5 to 10 years of nonvolatile data, used to support management in decision making and planning |
|
|
Term
|
Definition
| contains the data that are continually updated as transactions are processed |
|
|
Term
|
Definition
| the process of searching data within the data warehouse for identifiable patterns that can be used to predict future behavior |
|
|
Term
|
Definition
| two or more computers linked together to share information and/or resources |
|
|
Term
|
Definition
| a computer network that spans a relatively small area |
|
|
Term
|
Definition
| the global computer network, "information super-highway" |
|
|
Term
|
Definition
| a company's private network accessible only to the employees of that company |
|
|
Term
|
Definition
| offers access to selected outsiders, such as buyers, suppliers, distributors, and wholesalers in the supply chain |
|
|
Term
|
Definition
| the use of electronic means to enhance business processes, any business done online |
|
|
Term
| electronic data interchange |
|
Definition
| (EDI) intercompany, computer-to-computer transfer of business documents in a standard business format |
|
|
Term
|
Definition
| (POS) system of hardware and software that captures retail sales transactions by standard bar coding |
|
|
Term
|
Definition
| computer hardware and software system in which the software matches an invoice to its related purchase order and receiving report |
|
|
Term
| evaluated receipt settlement |
|
Definition
| (ERS) an invoice-less system in which computer hardware and software complete an invoice-less match that is a comparison of the purchase order with the goods received. |
|
|
Term
| e-payables and electronic invoice presentment and payment |
|
Definition
| (EIPP) terms refer to web-enabled receipt and payment of vendor invoices |
|
|
Term
| enterprise resource planning |
|
Definition
| (ERP) multi-module software system designed to manage all aspects of an enterprise |
|
|
Term
| enterprise risk management |
|
Definition
| ongoing assessment of risks, determining acceptable levels of risk, and managing risks to that acceptable level |
|
|
Term
| Enterprise risk management requires that management set policies and procedures related to: |
|
Definition
| internal environment, objective setting, event identification, risk assessment, risk response, control activities, information and communication, and monitoring |
|
|
Term
|
Definition
| apply to the overall IT accounting system; they are not restricted to any particular accounting application |
|
|
Term
|
Definition
| used specifically in accounting applications to control inputs, processing, and output |
|
|
Term
|
Definition
| an elaborate system of checks and balances whereby a company's leadership is held accountable for building shareholder value and creating confidence in the financial reporting processes |
|
|
Term
|
Definition
| the proper management, control, and use of IT systems are known as IT governance |
|
|
