Chapter 2: Domain Two: Business Operations Flashcards
Accounts Payable
Accounts on which an organizations owes money, including utilities or services acquired under informal agreements
Accounts Receivable
Amount due by customers for goods and services already delivered.
Activity
Process or set of processes undertaken by an organization (or on its behalf) that produces or supports products or services.
NOTE: Examples of such processes include accounting, call center, information services, manufacturing, distribution, an dother services.
Analytical Ethics
Attemps to examine ehtical concepts to achieve a deeper understanding of thier meaning and justifcation.
Applied Ethics
Active (not descriptive or prescriptive) type of ethics and appplying ethical concepts in specific business situations. This type of ethics invovles making specific judgements about right and wrong and prescribes types of behavior as ethical in the context of the activity.
Asset
Anything that a company owns or has title to that may provide a future economic benefit.
Auditor
A person with the competence to conduct an audit.
Balance Sheet
Summarizes an organization’s investing and financing.
Budget
Process/financial toll for planning where money is to be allocated for the year. It estimates costs and revenue.
Cash
Amount of currency a company has in its accounts, including cash savings, cash checking, and other currency deposits.
Cash Flow Statement
A statemnet that provides insight into how cash inflows and outflows affect an organization (Also called the statement of cash flows).
Code of Ethics
Statement of organizations shared values - Accepted concepts and beliefts related to the organization’s responsibilities and ethical ambitions.
Conformity
Fulfillment of a requirment.
Continual Improvement
Recurring process of enhancing the security , preparedness, and continuity (SPC) management system to achieve improvements in overall SPC management performance consistent with the organization’s SPC management policy.
NOTE: The process need not take place in all areas of activity simultaneously.
Cost Effectiveness
Producing good results for the money spent.
NOTE: To senior management, it is the primary factor in determining the size or existence of the asset protection program.
Current Ratio
Examines the company’s ability to cover short-term obligations.
Debt to Equity Ratio
Provides a long-term perspective in understanding a company’s financial health.
Descriptive Ethics
Attempts to explain or describe ethical events.
Disruption
An event that interrupts normal business functions, operations, or processes, whether anticipated (for example, a hurricane or political unrest) or unanticipated (for example, blackouts, terror attacks, technology failures, or earthquakes).
NOTE: A disruption can be caused by either positive or negative factors that disrupt normal functions, orerations, or processes.
Emergency
Serious, unexpected, and precarious situation requiring immediate action.
Ethics Program
Guides and supports employees in adhering to the code of ethics.
Evacuation
Organized, phased, and supervised dispersal of people from dangerous or potentially dangerous areas. (ASIS International Business Continuity Guideline, 2004).
Exercises
Evaluating management programs, rehearsing the roles of team members and staff, and testing the recovery or continuity of an organization’s system (such as technology, telephony, or administration) to demonstrate management competence and capability.
NOTE 1: Exercises include activities performed for the purpose of training and condition team members and personnel in appropriate responses with the goal of achieving maximum performance.
NOTE 2: An exercise can involve invoking response and operational continuity procedures, but it is more likely to invovlve the simulation of a response and/or operational continuity incident, announced or unannounced, in which participants role-play to assess what issues might arise, prior to a real incident.
Expenses
Costs of creating and delivering products or services.
Facility (Infrastructure)
Plant, machinery, equipment, property, buildings, vehicles, informatoin systems, transportation facilities, and other itmes of infrastructure or plant and related systems that have a distinct and quantifiable function or service.
Financial Statement
Created in accordance with generally accepted accounting principles to establish and maintain a standard for financial reporting that can be used across all organizations.
Financial Strategy
Management’s financial approach to determining the expected returns of its investments (including its departments and operations) and estimating and managing the relevant risks.
Generally Accepted Accounting Principles
(GAAP) Standards that determine how financial statements are prepared.
Gross Profit Margin
Provides insight into the efficiency of manufacturing a product by measuring profit based strictly on sales and costs of goods sold.
Income Statment
Tells how much money an organization generates, how much it spends, and the difference between those figures.
Interest Payable
Interest payments on loans extended to an organization.
Internal Audit
Systematic, independent, and documented process for obtaining audit evidence and evaluating it objectively to determine the extent to whic the managment system audit criteria set by the organization are fulfilled.
NOTE: In many cases, particularly in smaller organizations, independence can be demonstrated by the freedom from responsibility for the activity being audited.
Job Analysis
The systematic collection and recording of information about the purpose of a job, its major duties, the conditions under which it is performed, required contacts with others, and the knowledge, skills and abilities needed to perform the job effectively.
Key Performance Indicator
(KPI) Metric used to evaluate factors that are crucial to the success of an organization or of a particular activity.
NOTE: The KPI indicates how an organization is performing against its objectives.
Liability
An Organizatins’s financial commitments.
Line Item
Specific entry that appears on a separate line in fiscal budgets.
Loss
Being deprived of someone or something of value.
Management Plan
Clearly defined and documented plan of action, typically covering the key personnel, resouces, services, and actions needed to implement the incident management process.
Management System
Examines the linkages and interactions newtween the elements that comprise entirety of the system.
Mission
Concrete statement that communicates a business’s functionality and operational methods by specifying its types of products, services, and level of quality.
Net Income
The difference between revenue and expenses.
Net Profit Margin
Measures net profit after all expenses are included.
Objectives
Specific goals that an organization wants units to achieve terms of sales, makert share, product differentiation, or other relevant metrics.
Operating Margin
Earnings before interest, taxes, and amortization divided by revenue.
Organizational Resilience Management Systems
(ORMS) Coordinated activities to manage risk and enhance reilience and security in the organization and its supply chain.
NOTE: Direction and control of ORMS generally include establishment of the policy, planning, and objectives directing operational processes and continual improvement.
ORMS Objective
Something sought, or aimed for, related to managing risk and enchancing resilience and security in the organization and its supply chain.
NOTE 1: Quality Objectives are generally based on the organization’s quality policy.
NOTE 2: Quality objectives are generally specified for relevant functions and levels in the organization.
ORMS Policy
Overall intentions and direction of an organization related to managing risk to enchance resilience and security in the organization and its supply chain as formally expressed by top management.
NOTE 1: Generally, the security and resilience policy isconsistent with the overall policy of the organziation and provides a framework for the setting of securit and resilience objectives.
NOTE 2: ORMS principles can form a basis for the establishment of a quality policy.
Policy
Overall intentions and directions of an organization as formally expressed by top management. (ANSI/ASIS/RIMS RA.1-2015)
Procedure
An established or specified way to conduct an activity or a process. (ANSI/ASIS/RIMS RA. 1-2015)
Process
Actions, changes, or steps taken to achieve a particular end.
Product
Goods and services that are the result of a process.
NOTE: Typically, a product is an item or service that is produced to create value.
Profitablity Ratio
Helps to quantify an organizations’s ability to generate income beyond convering expenses and provides a view of how well a company makes money.
Project Management
Practice of initiating, planning, executing, controlling, and closing the work of a team to achieve specific goals and meet specific success criteria at the specified time.
Qualitative Analysis
Data collection and analysis approach that does not use numbers or numeric values.
Quantitative Analysis
Data collection and analysis approach that uses numeric measures to describe the value.
Quick Ratio
Describes an organizations’s ability to cover bills for the curent reporting period by comparing current liabilities with current assets.
Resilience
Absorptive and adaptive capacity in a complex and changing environment.
Resources
Any assest (human, physical, information, or intangible), facility, equipment, material, product, or waste that has potential value and can be used.
Response Plan
Documented collection of procedures and informatoin that is developed, compiled, and maintained in readiness for use in an incident.
Response Team
Group of individuals responsible for developing, executing, rehearsing, and maintaining the response plan, including the processes and procedures.
Return on Assets
(ROA) Demonstrates the organizations’s ability to generate income based on assets, independent of any financing.
Return on Equity
(ROE) Indicates how well a company uses financed assets to generate income.
Return of Investment
(ROI) Helps compare the desirablity of different ways of spending.
Revenue
Money a company receives for products or services.
Risk Analysis
The process of developing an understanding of risk and level of risk. (ASIS ORM.1-2017)
Risk Evaluation
The process of comparing the estimated levels of risk with the risk criteria defined when the context was established. (ASIS ORM.1-2017)
Risk Identification
The process of indentifying, grading, and documenting risks by means of threat/opportunity analysis, criticality/impact analysis, vulnerablity/capablity analysis, and supply chain analysis. (ASIS ORM.1-2017)
Safety
Freedom from danger, risk, or injury.
Security
The condition of being protected agaisnt risk, hazard, threats, or loss.
Security Metrics
Security-related measurements.
Service Level Agreement
A commitment between a service provider and a client where specific elements of the service that include quality, availablity, and accountability are established between the services provider and the service user.
Targert
Something you are trying to do or achieve with definded metrics.
Testing
Activities performed to evaluate the effectiveness or capablilities of a plan relative to specified objectives or measurement critieria. Testing usually involves exercies designed to maintain the effectiveness of teams and employees and to reveal weaknesses in prepardness and in response/continuity/recovery plans. (ASIS International Business Continunity Guideline, 2004)
Threat
Potential cause of an unwanted incident, which may be result in harm to indvididuals, assets, a system or organization, the enviroment, or the community.
Top Management
Directors, managers, and officers of an organization who can ensure that effective management systems, including ginancial monitoring and control systems, have been put in place to protect assets, earning capacity, and the reputation of the organization.
Training
Acquisition of the knowledge, skills, and abilities that direcetly relate to job performance; the formal process used to facilitate learning.
Vision
Specific description of where the business will be in the long term.
Vision Statement
Converys a general understanding of the business, its culture, and its future goals.
Vulnerablity
State of being susceptible to harm or injury.
NOTE: Suscepitibility to negative outcomes of a risk.
Vulnerablility Assessment
Process of identifying and quantifying something that creates susceptibility to source of risk that can lead to a consequence.
Whistleblowing
Occurs when a person working on behalf of the organization raises a concern about danger, unethical conduct or illegality that affects others, internally or externally.
Zero-based Budgeting
Process wherein funds are placed in a budget only to extent that planned expenditures are justified in detail. It generally includes both expenses and expected revenue.
