Page 191 - Courses
P. 191

IT Essentials — Computer Operations

            Configuration — The control settings, security levels, parameters, and reference data that enforce
            authorization, accuracy, and completeness of transaction processing. Configuration choices affect
            system function, performance, and automated controls.

            Continuous Assurance — Performed by internal audit, continuous assurance is a combination of
            continuous auditing and testing of first- and second-line continuous monitoring processes.

            Continuous Auditing — Using computerized techniques to perpetually audit the processing of
            business transactions.

            Continuous Monitoring — The automated review of business processes and controls by associates
            in the business unit. It helps an organization detect errors, fraud, abuse, and system inefficiencies.

            Control — Any action taken by management, the board, and other parties to manage risk and
            increase the likelihood that established objectives and goals will be achieved. Management plans,
            organizes, and directs the performance of sufficient actions to provide reasonable assurance that
            objectives and goals will be achieved.

            Cybersecurity — Precautions taken to guard against crime that involves the internet; especially,
            unauthorized access to computer systems and data connected to the internet.

            IT Service Management — Activities performed by IT to design, plan, implement, manage, and
            control the products and services used by the business and its customers or consumers.

            Malware — Malicious software designed to infiltrate, damage, or obtain information from a
            computer system without the owner’s consent.

            Patch — A small piece of software provided between upgrades to enhance performance, add new
            features or reports, fix a software error, or address a security vulnerability.

            Unstructured Data — Data that is not restricted to a fixed field in a spreadsheet or database.
            Examples of unstructured data that can be interrogated using continuous auditing and continuous
            monitoring techniques include text, audio, video, and multimedia data.

            Zero-Day Vulnerability — A vulnerability in a system or device that has been disclosed but is not yet
            patched.

             TOPIC 2: COMPUTER OPERATIONS

            Computer Operations Overview

            IT activities that are typically included under the computer operations umbrella include:
              Help desk services.
              Backup, restore, and storage services.
              Asset management.

            Copyright © 2021 by The Institute of Internal Auditors, Inc. All rights reserved.
   186   187   188   189   190   191   192   193   194   195   196