Chapter 4 Flashcards
Auditing Standard No. 5
An audit of internal control of financial reporting that is integrated with an audit of financial statement.
(AICPA) Auditing Standards Board of the American Institute of Cerfied Public Accounts (AICPA)
Is an organization that issues and maintains auditing standards
(CVOSO) Committee of Sponsoring Organizations of the Treadway Commission
An organization that provides guidance to executive management on organizational governance, internal controls, and risk management.
Control Activities
Provides the details on how to achieve control objectives.
(COBIT) Control objectives for information and related technology.
A framework providing best practices for IT governance and control
Control Objectives
States the high-level organizational goal of information system measures
Descriptive control
Measures to be applied to a system that are high level and provide a lot of flexibility.
ERM) Enterprise risk management framework
The process organizations use to manage risks related to achieving their goals.
Framework
A conceptual set of rules and ideas that provide structure to a complex and challenging situation.
(ISMS) Information Security Management System
A set of policies governing information security management.
(ITGI) Information Technology Governance Institute
A research think tank that provides resources on IT governance.
Integrated audit
An audit that combines the assessment of financial reporting along with the assessment of related IT controls.
(IEC) International Electrotechnical Commission
An internation, nonprofit organization that publishes global standards on electrotechnology, or all things electronic and electric.
(ISO) International Organization for Standardization
The worlds largest publisher of wordwide standards.
ISACA
A global professional organization that provides resources and guidance around IT governance.
