Page 5 - Courses
P. 5
IT Change Management — IT Certificate
Key Risk Indicator
Measurement that provides an early warning of increased risk exposure.
Key Performance Indicator
A metric or other form of measuring whether a process or individual tasks are operating within
prescribed tolerances.
Patch
Changes to a computer program designed to address a security vulnerability, an operational
deficiency, or add new or upgraded features between software releases.
Production Environment
The setting in which software and other products become operational for their intended uses by end
users.
Risk
The possibility of an event occurring that will have an impact on the achievement of objectives. Risk
is measured in terms of impact and likelihood.
Risk Appetite
The level of risk that an organization is willing to accept.
Risk Management
A process to identify, assess, manage, and control potential events or situations to provide
reasonable assurance regarding the achievement of the organization’s objectives.
Risk Profile
A composite view of the risk assumed at a particular level of the entity or aspect of the business that
positions management to consider the types, severity, and interdependencies of risks and how they
may affect performance relative to the strategy and business objectives.
Rollback/backout Plan
Plan to or process of restoring an area targeted for a potential change to its original or previous state
in the event implementation or planned implementation of the potential change is found to be
incorrect, unauthorized, or otherwise undesirable.
Scope
The focus and boundaries of the engagement established by internal auditors that specify the
activities, processes, systems, time period, and other elements that are included.
Vulnerability
A condition that may expose an organization to unintended risks and consequences.
Copyright © 2020 by The Institute of Internal Auditors, Inc. All rights reserved.
