Glossary

Question 1

5-Whys

Answer 1

A technique used to determine an issue’s root causes. This technique involves asking the question “Why?” repeatedly until the root cause is identified.

Question 2

A/B testing

Answer 2

A statistical way of comparing two (or more) techniques, typically an incumbent against a new rival. A/B testing aims to determine not only which technique performs better but also whether the difference is statistically significant. A/B testing usually considers only two techniques using one measurement but can be applied to any finite number of techniques and measures.

Question 3

Abend

Answer 3

An abnormal end to a computer job; termination of a task prior to its completion because of an error condition that cannot be resolved by recovery facilities while the task is executing

Question 4

Acceptable interruption window

Answer 4

The maximum period of time that a system can be unavailable before compromising the achievement of the enterprise’s business objectives

Question 5

Acceptable use policy

Answer 5

A policy that establishes an agreement between users and the enterprise that defines, for all parties, the ranges of use that are approved before gaining access to a network or the Internet

Question 6

Acceptance criteria

Answer 6

Criteria that a solution must satisfy to be accepted by customers

Question 7

Acceptance testing

Answer 7

Testing performed to determine whether a customer, acquirer, user, or their designee should accept a solution

Question 8

Access control

Answer 8

The processes, rules and deployment mechanisms that control access to information systems, resources and physical access to premises

Question 9

Access control list (ACL)

Answer 9

An internal computerized table of access rules regarding the levels of computer access permitted to logon IDs and computer terminals

Scope Notes: Also referred to as access control table

Question 10

Access control table

Answer 10

An internal computerized table of access rules regarding the levels of computer access permitted to logon IDs and computer terminals

Scope Notes: Also referred to as Access control list (ACL)

Question 11

Access method

Answer 11

The technique used for selecting records in a file, one at a time, for processing, retrieval or storage. The access method is related to, but distinct from, the file organization, which determines how the records are stored.

Question 12

Access path

Answer 12

The logical route that an end user takes to access computerized information.

Scope Notes: Typically includes a route through the operating system, telecommunications software, selected application software and the access control system.

Question 13

Access rights

Answer 13

The permission or privileges granted to users, programs or workstations to create, change, delete or view data and files within a system, as defined by rules established by data owners and the information security policy

Question 14

Access risk

Answer 14

The risk that information may be divulged or made available to recipients without authorized access from the information owner, reflecting a loss of confidentiality

Question 15

Access server

Answer 15

Provides centralized access control for managing remote access dial-up services

Question 16

Accountability

Answer 16

The ability to map a given activity or event back to the responsible party

Question 17

Accountability of governance

Answer 17

Governance ensures that enterprise objectives are achieved by evaluating stakeholder needs, conditions and options; setting direction through prioritization and decision making; and monitoring performance, compliance and progress against plans. In most enterprises, governance is the responsibility of the board of directors under the leadership of the chairperson.

Scope Notes: COBIT 5 and COBIT 2019 perspective

Question 18

Accountable party

Answer 18

The individual, group or entity that is ultimately responsible for a subject matter, process or scope

Scope Notes: Within the IT Assurance Framework (ITAF), the term “management” is equivalent to “accountable party.”

Question 19

Accuracy

Answer 19

The fraction of predictions that a classification model predicted correctly. In multiclass classification, accuracy is defined as correct predictions divided by total number of examples. In binary classification, accuracy is defined as (true positives plus true negatives) divided by total number of examples.

Question 20

Acknowledgment (ACK)

Answer 20

A flag set in a packet to indicate to the sender that the previous packet sent was accepted correctly by the receiver without errors, or that the receiver is now ready to accept a transmission

Question 21

Acquirer

Answer 21

The stakeholder who obtains a solution from a supplier

See Affected stakeholder

Question 22

Acquisition

Answer 22

Obtaining solutions by establishing and executing supplier agreements

See Supplier agreement

Question 23

Action

Answer 23

In reinforcement learning, the mechanism by which the agent transitions between states of the environment. The agent chooses the action by using a policy.