data interchange (EDI), automated inventory management systems, and automated data
            collection systems. Source: Wikipedia; http://en.wikipedia.org/wiki/Electronic_commerce

            End-user computing – In the context of this paper, end-user computing (EUC) is a function
            developed using common desktop tools, like spreadsheets, that are used in financial processes
            for purposes of determining amounts used for accounting and financial reporting purposes.

            Enterprise data replication – A mechanism for copying data between two operating systems.
            EDR can be performed on a full set of data or limited to include only a portion of a data set. EDR
            can facilitate the replication of data in real time, over the course of scheduled intervals, or
            sporadically.

            Enterprise resource planning – ERP integrates internal and external systems across the entire
            organization, integrating financial, accounting, manufacturing, sales, service, customer
            relationship management, and supply chain management systems.

            Extract, transform, and load – ETL is a database process especially applied to data warehouses
            that involves

              Extracting data from outside sources
              Transforming data to fit organizational needs, and
              Loading the data into the target database or data warehouse.

            Source: Wikipedia; http://en.wikipedia.org/wiki/Extract_transform_load

            File – A closely related set of records; a full set of all instances of the thing being tracked in the
            database. Also called a table in relational databases.

            Hacktivist – Hacktivists form a small, foreign population of politically active hackers that
            includes individuals and groups with anti-U.S. motives. They pose a medium-level threat of
            carrying out an isolated but damaging attack. Most international hacktivist groups appear bent
            on propaganda rather than damage to critical infrastructures. Their goal is to support their
            political agenda. Their subgoals are propaganda and causing damage to achieve notoriety for
            their cause.

            Incident response plan – A plan made by management in advance of an incident in order to
            effectively respond to the negative event. The purpose of this plan is to minimize the damages
            that could happen as a result of the incident.

            Information lifecycle management – An ILM is the structure and processes associated with
            managing information from creation or capture through disposition or destruction.
            Information security governance – Ensuring that an organization’s data and information remain
            safe, secure, and in the proper hands.

            Information security strategy – An organization’s roadmap to an information security program
            that aligns with the goals, objectives, and strategic initiatives of the organization.

            Inherent risk – Inherent Risk (IR) is the susceptibility that a relevant assertion could be misstated
            assuming that there are no other related controls. The auditor should consider the risk of



            © 2019 Association of International Certified Professional Accountants. All rights reserved.    Glossary 5