Chap 7 Information-Technology Risk And Controls Flashcards Preview

Internal Audit > Chap 7 Information-Technology Risk And Controls > Flashcards

Flashcards in Chap 7 Information-Technology Risk And Controls Deck (17):
1

Information systems (I S) auditor

An auditor who works extensively in the area of computerize information systems and has deep I T risk, control, and audit expertise

2

Database

A large depository of data, typically contained in many linked files, and stored in a manner that allows the data to be easily accessed, retrieved, and manipulated

3

Big data

A term used to refer to the large amount of constantly streaming digital information, massive increase in the capacity to store large amounts of data, and the amount of datat processing power required to manage, interpret, and analyze the large volumes of digital information

4

ERP system

A modular software system that enables an organization to integrate its business process using a single operating database

5

EDI

The computer-to-computer exchange of business documents in electronic form between an organization and it's trading partners

6

I T governance

The leadership, structure, and oversight processes that ensures the organization's IT supports the objectives and strategies of the organization

7

IT risk management

The process conducted by management to understand and handle the IT risks and opportunities that could affect the organization's ability to achieve its objectives

8

IT standards

Support IT policies by more specifically defining what is required to achieve the organization's objectives

9

IT organization and management controls

Provide assurance that the organization is structured with clearly defined lines of reporting and responsibility and has implemented effective control processes

10

IT physical and environmental controls

Protect information system resources from accidental or intentional damage, misuse, or loss

11

Physical access controls

Provide security over tangible IT resources

12

Logical access controls

Provide security over software and information imbedded in the system

13

IT outsourcing

Transferring IT functions to an outside provider to achieve cost reductions while improving service quality and efficiency

14

Integrated auditing

IT risk and control assessments are assimilated into assurance engagements conducted to access process-level reporting, operations, and/or compliance risk and controls

15

GTAG

Provides internal auditors with guidance that will help them better understand the governance, risk management, and control issues surrounding IT

16

GAIT

Describes the relationships among financial reporting risks, key process controls, automated controls and other critical IT functionality, and key IT general controls

17

Bring your own device (BYOD)

A policy whereby organizations allow associates to access business email, calendars, and other data on their personal laptops, smart phones, tablets, or other devices