[http://www.cpa2biz.com/AST/Main/CPA2BIZ_Primary/InternalControls/COSO/PRDOVR~P
               C-990017/PC-990017.jsp]

            Internal control, five components of (COSO) – The Committee of Sponsoring Organizations of the
            Treadway Commission (COSO) outlines internal control in their Internal Control-Integrated
            Framework, as consisting of five related components that must be present for an entity to
            achieve effective internal controls. These five components are

              The control environment,
              Risk assessment,
              Control activities,
              Information and communication,
              Monitoring.

            Internet of things – The connection of computing devices in everyday objects to the internet,
            which allows them to send and receive data.

            IT auditor – An IT Auditor is a professional possessing the necessary knowledge and skills to
            understand and audit an entity’s IT environment, systems, or applications, in support of a
            financial statement audit, internal audit, or other form of attestation engagement. The IT Auditor
            often has deep domain-specific knowledge or specialized skills (for example in use of
            computerized tools) that make him or her particularly competent to understand the IT
            environment (and its associated risks) or perform IT-specific audit procedures.
            IT general controls – IT general controls (ITGC) are internal controls, generally implemented and
            administered by an organization’s IT department. The objectives of ITGC are to

              Ensure the proper operation of the applications and availability of systems;
              Protect both data and programs from unauthorized changes;
              Protect both data and programs from unauthorized access and disclosure;
              Provide assurance that applications are developed and subsequently maintained, such that
               they provide the functionality required to process transactions and provide automated
               controls; and
              Ensure an organization’s ability to recover from system and operational failures related to IT.
            Key performance indicator – A KPI is a type of performance measurement where the object and
            target metric has been developed strategically. KPIs define and measure progress toward
            organizational goals.

            Logical access controls – Logical access controls are policies, procedures, and automated
            controls that exist for the purpose of restricting access to information assets to only authorized
            users.

            Machine learning – A form of artificial intelligence intended to give computer systems the ability
            to learn by making improvements through experience without being directly programmed to
            do so.

            Malware – Software or firmware intended to perform an unauthorized process that will have
            adverse impact on an information system.




            © 2019 Association of International Certified Professional Accountants. All rights reserved.    Glossary 7