technology-based audit techniques* — Any automated audit tool, such as generalized audit
                       software, test data generators, computerized audit programs, specialized audit utilities, and
                       computer-assisted audit techniques (CAATs).
                   user acceptance testing — A phase of the SDLC where application users run a series of tests to
                       verify whether the solution meets the business requirements.

                   vendor management — A set of processes to procure goods and services, ensure acceptable
                       delivery or performance, and resolve disputes.

                   version control system — An application used in SDLC to manage changes to the source code
                       and facilitate approvals to promote code from the development environment to the test
                       environment, and then to the production environment.
                   vulnerability scan — Automated routine to detect known weaknesses in software code or
                       configurations. The vulnerabilities may be assigned a score to facilitate prioritization of
                       resolution efforts.
                   web application firewall — A firewall placed between the internet and an application server to
                       filter traffic and prevent various types of cyberattacks.



















































                   31 — theiia.org