Glossary of Terms Flashcards Preview

CISM > Glossary of Terms > Flashcards

Flashcards in Glossary of Terms Deck (182)
Loading flashcards...

Budget Hierarchy

A group of budgets linked together at different levels such that the budgeting authority of a lower‐ level budget is controlled by an upper‐level budget


Budget Organisation

An entity (department, cost center, division or other group) responsible for entering and maintaining budget data



Memory reserved to temporarily hold data to offset differences between the operating speeds of different devices, such as a printer and a computer


Buffer Overflow

Occurs when a program or process tries to store more data in a buffer (temporary data storage area) than it was intended to hold.


Bulk Data Transfer

A data recovery strategy that includes a recovery from complete backups that are physically shipped offsite once a week.



Common Path or channel between hardware devices. Either between components on a computer, or between external computers on a communcations network.


Bus Configuration

All devices (nodes) are linked along one communication line where transmissions are received by all attached nodes.


Business Balanced score card.

A tool for managing organizational strategy that uses weighted measures for the areas of financial performance (lag) indicators, internal operations, customer measurements, learning and growth
(lead) indicators, combined to rate the enterprise


Business case

Documentation of the rationale for making a business investment, used both to support a business decision on whether to proceed with the investment and as an operational tool to support
management of the investment through its full economic life cycle


Business Continuity

Preventing, mitigating and recovering from disruption


Business Continuity Plan (BCP)

A plan used by an enterprise to respond to disruption of critical business processes. Depends on the contingency plan for restoration of critical systems.


Business Control

The policies, procedures, practices and organizational structures designed to provide reasonable assurance that the business objectives will be achieved and undesired events will be prevented or detected


Business dependency assessment

A process of identifying resources critical to the operation of a business process


Business Function

An activity that an enterprise does, or needs to do, to achieve its objectives


Business Goal

The translation of the enterprise's mission from a statement of intention into performance targets and results


Business Impact Analysis

The translation of the enterprise's mission from a statement of intention into performance targets and results.


Business impact analysis/assessment (BIA)

Evaluating the criticality and sensitivity of information assets.
An exercise that determines the impact of losing the support of any resource to an enterprise, establishes the escalation of that loss over time, identifies the minimum resources needed to recover, and prioritizes the recovery of processes and the supporting system


Business Interruption

Any event, whether anticipated (i.e., public service strike) or unanticipated (i.e., blackout) that disrupts the normal course of business operations at an enterprise


Business Model for Information Security (BMIS)

A holistic and business‐oriented model that supports enterprise governance and management information security, and provides a common language for information security professionals and
business management


Business Objective

A further development of the business goals into tactical targets and desired results and outcomes


Business Process

An inter‐related set of cross‐functional activities or events that result in the delivery of a specific product or service to a customer.


Business Process Control

The policies, procedures, practices and organizational structures designed to provide reasonable assurance that a business process will achieve its objectives.


Business Process Integrity

Controls over the business processes that are supported by the enterprise resource planning system (ERP)


Business Process owner

The individual responsible for identifying process requirements, approving process design and managing process performance


Business Process re-engineering

The thorough analysis and significant redesign of business processes and management systems to establish a better performing structure, more responsive to the customer base and market
conditions, while yielding material cost savings


Business Risk

A probable situation with uncertain frequency and magnitude of loss (or gain)


Business Service Provider

An application service provider (ASP) that also provides outsourcing of business processes such as payment processing, sales order processing and application development


Business Sponsor

The individual accountable for delivering the benefits and value of an IT‐enabled business investment program to the enterprise



Transactions in which the acquirer is an enterprise or an individual operating in the ambits of his/her professional activity. In this case, laws and regulations related to consumer protection are not applicable.



Selling processes in which the involved parties are the enterprise, which offers goods or services, and a consumer. In this case there is comprehensive legislation that protects the consume