CISM Definitions Flashcards
_____ is a binary-to-text encoding process that converts long bit sequences into
alphanumeric text.
Base64 Encoding
Description of the logical grouping of capabilities that manage the objects necessary to process
information and support the enterprise’s objectives.
Application architecture
A tool for managing organizational strategy that uses weighted measures for the areas of financial
performance (lag) indicators, internal operations, customer measurements, learning and growth
(lead) indicators, combined to rate the enterprise
Business balanced scorecard
An application software deployed at multiple points in an IT architecture. It is designed to detect and
potentially eliminate virus code before damage is done and repair or quarantine files that have
already been infected.
Antivirus software
Logical and physical controls to define a perimeter between the organization and the outside world
Boundary
Preventing, mitigating and recovering from disruption
Continuity
The translation of the enterprise’s mission from a statement of intention into performance targets
and results
Business goal
An algorithm to perform encryption
Cipher
All devices (nodes) are linked along one communication line where transmissions are received by all attached nodes.
Bus configuration
The technique used for selecting records in a file, one at a time, for processing, retrieval or
storage.The access method is related to, but distinct from, the file organization, which determines
how the records are stored.
Access Method
_____ is a way to identify, acquire and retain customers. _____ is also an industry term for software solutions
that help an enterprise manage customer relationships in an organized manner.
Customer relationship management (CRM)
Any process that directly reduces a threat or vulnerability.
Countermeasure
An abnormal end to a computer job; termination of a task prior to its completion because of an error condition that cannot be resolved by recovery facilities while the task is executing.
Abend
A mechanism that is used to isolate applications from each other within the context of a running
operating system instance.
Application containerization
The examination of ratios, trends, and changes in balances and other values between periods to
obtain a broad understanding of the enterprise’s financial or operational position and to identify
areas that may require further or closer investigation
Analytical technique
Automatic or manual process designed and established to continue critical business processes from point-of-failure to return-to-normal.
Alternative routing
The process of cost allocation that assigns the original cost of an intangible asset to the periods benefited; calculated in the same way as depreciation.
Amortization
A third party that delivers and manages applications and computer services, including security
services to multiple users via the Internet or a private network.
Application or managed service provider (ASP/MSP)
Device that performs the functions of both a bridge and a router.
Brouter
An internal computerized table of access rules regarding the levels of computer access permitted to logon ID and computer terminals. Also referred to as conrol tables
Access Control List (ACL)
A program that translates programming language (source code) into machine executable instructions
(object code).
Compiler
A method/process by which management and staff of all levels collectively identify and evaluate risk
and controls with their business areas. This may be under the guidance of a facilitator such as an
auditor or risk manager.
Control risk self-assessment
The MOST important factor in planning for the long-term retention of electronically stored business records is to take into account potential changes in: A. storage capacity and shelf life. B. regulatory and legal requirements. C. business strategy and direction. D. application systems and media.
Answer : D
Explanation: Long-term retention of business records may be severely impacted by changes in application systems and media. For example, data stored in nonstandard formats that can only be read and interpreted by previously decommissioned applications may be difficult, if not impossible, to recover. Business strategy and direction do not generally apply, nor do legal and regulatory requirements. Storage capacity and
shelf life are important but secondary issues
Developed by Robert S. Kaplan and David P. Norton as a coherent set of performance measures organized into four categories that includes traditional financial measures, but adds customer, internal business process, and learning and growth perspectives.
Balanced scorecard (BSC)
Scope Notes: Typically includes a route through the operating system, telecommunications software, selected application software and the access control system.