Test your basic knowledge |

CISA Certified Information Systems Auditor Vocab

Instructions:
  • Answer 50 questions in 15 minutes.
  • If you are not ready to take this test, you can study here.
  • Match each statement with the correct term.
  • Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. The exchange of money via telecommunications. EFT refers to any financial transaction that originates at a terminal and transfers a sum of money from one account to another.






2. A row or record consisting of a set of attribute value pairs (column or field) in a relational data structure






3. Programs that provide assurance that the software being audited is the correct version of the software; by providing a meaningful listing of any discrepancies between the two versions of the program






4. Used to electronically input; read and interpret information directly from a source document; requires the source document to have specially-coded magnetic ink typeset






5. Provide verification that all transmitted data are read and processed






6. Record layouts provide information regarding the type of record; its size and the type of data contained in the record. Screen and report layouts describe what information is provided and necessary for input.






7. An interface point between the CPU and a peripheral device






8. The rate of transmission for telecommunication data. It is expressed in bits per second (bps).






9. Allows the network interface to capture all network traffic irrespective of the hardware device to which the packet is addressed






10. Permanent reference data used in transaction processing. These data are changed infrequently; such as a product price file or a name and address file.






11. Defined by ISACA as the processes by which organisations conduct business electronically with their customers; suppliers and other external business partners; using the Internet as an enabling technology. It therefore encompasses both business-to-bus






12. The assurance that a party cannot later deny originating data; that it is the provision of proof of the integrity and origin of the data which can be verified by a third party. Nonrepudiation may be provided by a digital signature.






13. A device that forms a barrier between a secure and an open environment. Usually; the open environment is considered hostile. The most notable hostile environment is the Internet. In other words; a firewall enforces a boundary between two or more netw






14. Attackers that penetrate systems by using user identifiers and passwords taken from legitimate users






15. A set of utilities that implement a particular network protocol. For instance; in Windows machines a TCP/IP stack consists of TCP/IP software; sockets software and hardware driver software.






16. A permanent connection between hosts in a packet switched network






17. A packet (encapsulated with a frame containing information); which is transmitted in a packet-switching network from source to destination






18. A sub-network of the Internet through which information is exchanged by text; graphics; audio and video.






19. Common path or channel between hardware devices. It can be between components internal to a computer or between external computers in a communications network.






20. Software packages that sequentially dial telephone numbers; recording any numbers that answer






21. A series of steps to complete an audit objective






22. The person responsible for implementing; monitoring and enforcing security rules established and authorized by management






23. An approach used to plan; design; develop; test and implement an application system or a major modification to an application system. Typical phases include the feasibility study; requirements study; requirements definition; detailed design; programm






24. Universal Description; Discovery and Integration






25. A workstation or PC on a network that does not have its own disk. Instead; it stores files on a network file server.






26. Is present when a financial asset or liability is denominated in a foreign currency or is funded by borrowings in another currency






27. The amount of time allowed for the recovery of a business function or resource after a disaster occurs






28. A high-capacity line-of-sight transmission of data signals through the atmosphere which often requires relay stations






29. Intentional violations of established management policy or regulatory requirements. Deliberate misstatements or omissions of information concerning the area under audit or the organization as a whole; gross negligence or unintentional illegal acts.






30. Files; equipment; data and procedures available for use in the event of a failure or loss; if the originals are destroyed or out of service






31. The information an auditor gathers in the course of performing an IS audit. Evidence is relevant if it pertains to the audit objectives and has a logical relationship to the findings and conclusions it is used to support.






32. A third party that provides organizations with a variety of Internet; and Internet-related services






33. The flow of data from the input (in Internet banking; ordinarily user input at his/her desktop) to output (in Internet banking; ordinarily data in a bank's central database). Data flow includes travelling through the communication lines; routers; swi






34. Formal document which defines the IS auditor's responsibility; authority and accountability for a specific assignment






35. Point-of-sale systems enable capture of data at the time and place of transaction. POS terminals may include use of optical scanners for use with bar codes or magnetic card readers for use with credit cards. POS systems may be online to a central com






36. An entity (department; cost center; division or other group) responsible for entering and maintaining budget data.






37. An edit check designed to ensure the data in a particular field is numeric






38. The relationships among files in a database and among data items within each file






39. An input device that reads characters and images that are printed or painted on a paper form into the computer.






40. A packet-switched wide-area-network technology that provides faster performance than older packet-switched WAN technologies such as X.25 networks; because it was designed for today's reliable circuits and performs less rigorous error detection. Frame






41. The level to which transactions can be traced and audited through a system






42. The property that data meet with a priority expectation of quality and that the data can be relied upon






43. Systems that employ sufficient hardware and software assurance measures to allow their use for processing of a range of sensitive or classified information






44. Is the risk to earnings or capital arising from a bank's inability to meet its obligations when they come due; without incurring unacceptable losses. Internet banking may increase deposit volatility from customers who maintain accounts solely on the






45. The transfer of service from an incapacitated primary component to its backup component






46. The standards and benchmarks used to measure and present the subject matter and against which the IS auditor evaluates the subject matter. Criteria should be: Objective—free from bias Measurable—provide for consistent measurement Complete—include all






47. The risk that an error which could occur in an audit area; and which could be material; individually or in combination with other errors; will not be prevented or detected and corrected on a timely basis by the internal control system






48. An audit designed to determine the accuracy of financial records; as well as evaluate the internal controls of a function or department






49. The outward impression of being self-governing and free from conflict of interest and undue influence






50. Digital information; such as cleartext; that is intelligible to the reader