| Application control activities | Controls relating to a specific IT task, such as preparation of payroll.
|
 |
|
|
| Application software | Software designed to perform a specific task, for example, preparation of the general ledger.
|
|
|
|
| Batch processing | A system in which like transactions are processed periodically as a group.
|
|
|
|
| C++ | A programming language that is widely used because of its portability across various types of hardware.
|
|
|
|
| Change request log | A log which consists of suggestions for changes in programs. These changes have often been initiated by users who have noted problems or possible enhancements for a program.
|
|
|
|
| Client/server | (IT architecture) A network system in which several computers (clients) share the memory and other capabilities of a larger computer (the server), or that of printers, databases, and so on.
|
|
|
|
| Controlled programs | Duplicate client application programs that are maintained under the auditors' control in order to test the programmed control activities.
|
|
|
|
| Data warehouse | A subject-oriented, integrated collection of data used to support management decision-making processes.
|
|
|
|
| Database administrator | The administrative function of maintaining and safeguarding databases.
|
|
|
|
| Database system | A system that eliminates data redundancy and enforces data integrity by storing data separately from (outside) programs, and contains data for two or more IT applications.
|
|
|
|
| Decision support systems | IT information systems that combine models and data in an attempt to solve nonstructured problems with extensive user involvement.
|
|
|
|
| Direct (random) access | A storage technique in which each piece of data is assigned an address and may be retrieved without searching through other stored data. A magnetic disk drive is a direct access device.
|
|
|
|
| Distributed data processing | An IT system that uses communication links to share data and programs among various users in remote locations throughout the organization. The users may process the data in their own departments.
|
|
|
|
| Electronic commerce | Involves the electronic processing and transmission of data between customer and client. A variety of activities may be included, including electronic trading of goods and services, online delivery of digital products, and electronic funds transfer.
|
|
|
|
| Electronic data interchange (EDI) | A system in which data are exchanged electronically between the computers of different companies. In an EDI system source documents are replaced with electronic transactions created in a standard format.
|
|
|
|
| End user computing | An environment in which a user department is responsible for developing or purchasing, and running, an IT system (application) with minimal or no support from the central information systems department.
|
|
|
|
| Expert system | A computerized information system that guides decision processes within a welldefined area and allows the making of decisions comparable to those of an expert.
|
|
|
|
| Extranet | Private corporate ITnetworks that use Internet software to linkemployees and business partners.
|
|
|
|
| Fiber optic transmission | Transmission using a glass or plastic filament cable used to communicate signals in the form of light waves.
|
|
|
|
| File | An organized collection of related records, such as a customer file.
|
|
|
|
| General control activities | Control activities applicable to all ormany ITsystems in an organization. General control activities include controls over the development of programs and systems, controls over changes to programs and systems, controls over IT operations, and controls over access to programs and data.
|
|
|
|
| Generalized audit software | Computer programs used by auditors to locate and process data contained in a client's IT-based records. The programs perform such functions as rearranging the data in a format more useful to the auditors, comparing records, selecting samples, and making computations. This software is compatible with a wide variety of different IT systems.
|
|
|
|
| Hard copy | IT output in printed form, such as printed listings, reports, and summaries.
|
|
|
|
| Header label | A machine-readable record at the beginning of a file that identifies the file.
|
|
|
|
| Integrated test facility | A set of dummy records and files included in an IT system enabling test data to be processed simultaneously with live input.
|
|
|
|
| Internet | An international network of independently owned computers that operates as a giant computing network. Data on the Internet are stored on "Web servers," computers scattered throughout the world.
|
|
|
|
| Intranet | Internal networks to a company that allow employees to use Internet capabilities, such as browsers, search engines, and e-mail.
|
|
|
|
| JAVA | An object-oriented computer language that operates on many different platforms.
|
|
|
|
| Local area network (LAN) | A communications network that interconnects computers within a limited area, typically a building or a small cluster of buildings.
|
|
|
|
| Master file | A file of relatively permanent data or information that is updated periodically.
|
|
|
|
| Microwave transmission | Transmission using electromagnetic waves of certain radio frequencies.
|
|
|
|
| Networks (of computers) | A group of interconnected computers, allowing transfers of data between them.
|
|
|
|
| Offline | Pertaining to peripheral devices or equipment not in direct communication with the central processing unit of the computer.
|
|
|
|
| Off-the-shelf software | Commercially available software created for a variety of users in the same industry or with the same application.
|
|
|
|
| Online | Pertaining to peripheral devices or equipment in direct communication with the central processing unit of the computer.
|
|
|
|
| Online analytical processing (OLAP) | An information system that allows the user to query the system, conduct an analysis, etc., while the user is at a computer. The database for an OLAP system is often generated from the transactions-based database used for online transaction processing.
|
|
|
|
| Online transaction processing (OLTP) | A processing method in which the IT system processes data immediately after it is captured and provides updated information to the user on a timely basis. OLTP examples include airlines reservation systems and banking systems.
|
|
|
|
| Operating system | Software that coordinates and controls hardware components. For example, authorization procedures may be programmed into the operating system to restrict access to files and programs to authorized personnel only.
|
|
|
|
| Operations manual | A manual that contains the instructions for processing a program. The manual should include sufficient information to allow operators to effectively operate programs, but should not include detailed program documentation.
|
|
|
|
| Patch | A new section of coding added in a rough or expedient way to modify a program.
|
|
|
|
| Program analysis techniques | Techniques for testing programmed control activities that involve the examination of computer-generated flowcharts of application programs.
|
|
|
|
| Program flowchart | A graphic representation of the major steps and logic of a computer program.
|
|
|
|
| Sequential access | A storage technique in which data are read and written in linear (i.e., account number) sequence. A magnetic tape drive is a sequential storage device.
|
|
|
|
| Service auditors' report | A report issued by the auditor of a service organization to provide information about the internal control of the organization. User auditors make use of these reports in considering the internal control over data processing performed for their clients by the service organization.
|
|
|
|
| Software virus | A program that can attach itself to a legitimate program and modify other programs and systems. A virus may cause the loss of data or programs on a system.
|
|
|
|
| System software | Programs that control and coordinate hardware components and provide other support to application software.
|
|
|
|
| Tagging and tracing | A technique for testing programmed control activities in which selected transactions are tagged when they are entered for processing. A computer program provides a printout of the steps in processing the tagged transactions that may be reviewed by the auditors.
|
|
|
|
| Telecommunications | The electronic transmission of information by radio, wire, fiber optics, microwave, laser, and other electromagnetic systems.
|
|
|
|
| Test data | A set of dummy records and transactions developed to test the adequacy of a computer program or system.
|
|
|
|
| User control activities | Controls performed by users of IT information to test its accuracy and completeness.
|
|
|
|
| Wide area network (WAN) | A communications network that interconnects computers within a large geographical area.
|