| Terms |
Definitions |
|
Logic Errors
|
incorrect logic
|
|
Virus
|
"A segment of self-replicating
|
|
Processes
|
Represent the transformation of data.
|
|
Economic Espionage
|
"The theft of information
|
|
authentication
|
verify the identity of the individual
|
|
Flowchart
|
An Analytical technique used to describe some aspect of an information system in a clear, concise, and logical manner.
|
|
Likelihood
|
Probability that the threat will happen
|
|
System flowchart
|
A diagrammatical representation that shows the flow of data through a series of operations in an automated data processing system. It shows how data are captured and put into the system, the processes that operate on the data, and the system outputs.
|
|
Best Practices
|
Generally accepted approaches for completing a system development task that have been proven over time to be effective
|
|
digital signature
|
information encrypted with the creator's private-key. proves the author of a document or file.
|
|
digital certificate
|
An electronic document, created and digitally signed by a trusted third party, that certifies the identity of the owner of a particular public key. The digital certificate contains that party's public key. Thus, digital certificates provide an automated method for obtaining an organization's or individual's public key.
|
|
Phishing
|
Sending an email, instant message, or text message pretending to be a legitimate company and requesting information.
|
|
Systems Administrators
|
Responsible for ensuring that the different parts of an information system operate smoothly and efficiently.
|
|
expenditure cycle
|
purchase inventory for resale or production of products for cash or promise
|
|
Computer Forensic Specialists
|
Discover, safeguard, and document computer evidence such that its authenticity, accuracy, and integrity will not succumb to legal challenges.
|
|
Data integrity
|
accuracy and consistency of data values in the data base
|
|
Usability requirement
|
a system requirement that describes the dependability of a system, accounting for such events as service outages, incorrect processing, and error detection and recovery
|
|
Security requirement
|
a system requirement that describes user access to certain functions and the conditions under which access is granted
|
|
Incremental Development
|
A development approach that completes parts of a system in several iterations and then puts them into operation for users
|
|
transitive dependency
|
a nonkey attribute is functionally dependent on one or more other nonkey attributes
|
|
threat 1
|
preventing stockouts and or excess inventory
|
|
support activities
|
make the delivery of the primary activities possible and consist of organization infrastructure, human resources, technology, and procurement
|
|
Typosquatting
|
URL hijacking - setting up web sites with names very similar to real web sites so that typos in URLs will result in reaching a different site - often with fraudulent intentions.
|
|
Data Store
|
A temporary or permanent repository of data.
|
|
Diagnostic control system
|
Measures company progress by comparing actual performance to planned performance. It provides feedback to make adjustments so future outputs will more closely match goals
|
|
Predictive approach
|
an SDLC approach that assumes the development project can be planned and organized in advance and that the new information system can be developed according to the plan
|
|
Technical requirement
|
a system requirement that describes an operational characteristic related to an organization's environment, hardware, or software
|
|
Inheritance
|
A concept in which one class of objects shares some characteristics of another class
|
|
Spoofing
|
Making an e-mail message look as if someone else sent it.
|
|
CERT steps
|
recognize a problem - Contain the problem - recover from the problem - follow-up on the problem.
|
|
information systems managers
|
are leaders of teams of programmers and analysts, project managers, physical facility managers, telecommunication managers, or database specialists.
|
|
Data Control Group
|
Ensures that source data have been properly approved, monitors the flow of work through the computer, reconciles input and output, maintains a record of input errors to ensure their correction and resubmission, and distributes systems throughout.
|
|
Input Controls Matrix
|
Documents the review of source data controls. It shows the control procedures applied to each field of an input record.
|
|
Payback period
|
the point at which the increased cash flow (benefits) exactly pays off the costs of development and operation; sometimes called the breakeven point
|
|
Internal users
|
people inside the company who will use the system to do their work
|
|
Precondition
|
a set of criteria that must be true prior to the initiation of a use case
|
|
hash total
|
A total generated from values for a field that would not usualy be totaled, such as customer account numbers. It is usually generated manually from source documents prior to input and compared iwth machine-generated totals at each subsequent processing step. Any descrepancy may indicate a loss of records or erros in data transcription or processing.
|
|
embedded audit modules
|
segments of program code that perform audit functions
|
|
Batch Totals
|
Summaries of key values for a batch of input records.
|
|
Information systems strategic plan
|
the plan defining the technology and applications that the information systems function needs to support the organizationâs strategic plan
|
|
Steganography Programs
|
"Hide data from one file inside a host file
|
|
core competency
|
is an activity for which a firm is a world class leader
|
|
Data Definition Language (DDL)
|
Used to (1) build the data dictionary (2) initialize or create the database (3) describe the logical views for each individual user or programmer and (4) specify any limitations or constraints on security imposed on database records or fields.
|
