IT Auditing and Cybersecurity Controls — Glossary · Postgraduate Certificate in Internal Audit and Controls

IT Auditing #

IT Auditing

IT auditing is the process of evaluating an organization's information technolog… #

IT auditors assess the effectiveness of internal controls, security measures, and risk management practices to identify weaknesses and recommend improvements. They also verify the accuracy and integrity of data, assess the reliability of IT systems, and evaluate the overall performance of the IT function within an organization.

Cybersecurity Controls #

Cybersecurity Controls

Cybersecurity controls are measures put in place to protect an organization's in… #

These controls are designed to prevent unauthorized access, detect and respond to security incidents, and ensure the confidentiality, integrity, and availability of information. Cybersecurity controls can include technical safeguards such as firewalls, encryption, and intrusion detection systems, as well as administrative controls like security policies, training programs, and incident response procedures.

Access Control #

Access Control

Access control is a security measure that restricts access to information techno… #

It involves the use of authentication mechanisms such as passwords, biometric identification, and smart cards to verify the identity of users and determine their level of access rights. Access control helps prevent unauthorized users from gaining access to sensitive information and helps organizations comply with regulatory requirements related to data protection and privacy.

Authentication #

Authentication

Authentication is the process of verifying the identity of a user or system befo… #

It involves the use of credentials such as passwords, PINs, biometric data, or security tokens to confirm that the user is who they claim to be. Authentication helps prevent unauthorized access to sensitive information and ensures that only authorized users can perform specific actions within an IT system.

Authorization #

Authorization

Authorization is the process of granting or denying access to specific resources… #

It involves defining and enforcing access control policies to ensure that users can only access the information and perform the actions that are necessary for their roles and responsibilities. Authorization helps organizations enforce security policies, prevent data breaches, and protect sensitive information from unauthorized access.

Backup and Recovery #

Backup and Recovery

Backup and recovery are processes that involve making copies of data and storing… #

Backup copies allow organizations to restore their systems and data in case of accidental deletion, hardware failure, cyber attacks, or other disasters. Recovery involves retrieving and restoring data from backup copies to return systems to normal operation. Backup and recovery are essential components of a comprehensive data protection strategy and help organizations ensure business continuity and compliance with regulatory requirements.

Business Continuity Planning #

Business Continuity Planning

Business continuity planning is the process of developing and implementing strat… #

It involves identifying potential risks, assessing their impact on business operations, and developing plans to mitigate the effects of disruptions. Business continuity planning aims to minimize downtime, protect critical assets, and maintain essential services during emergencies to ensure the organization's resilience and survival.

Change Management #

Change Management

Change management is the process of controlling and managing changes to informat… #

It involves documenting proposed changes, assessing their impact on systems and operations, obtaining approvals from relevant stakeholders, and implementing changes following established procedures. Change management helps organizations minimize risks associated with system changes, prevent disruptions to business operations, and ensure that changes are implemented efficiently and effectively.

Cloud Computing #

Cloud Computing

Cloud computing is a technology that allows organizations to access and use comp… #

Cloud computing services are provided by third-party vendors who manage and maintain the infrastructure, allowing organizations to scale their IT resources, reduce costs, and increase flexibility. Cloud computing offers benefits such as on-demand access to resources, scalability, and cost-effectiveness, but it also raises security and privacy concerns that organizations need to address through proper controls and risk management practices.

Compliance #

Compliance

Compliance refers to the adherence to laws, regulations, standards, and internal… #

Compliance requirements vary depending on the industry, the geographic location, and the nature of the organization's business. IT auditors evaluate an organization's compliance with relevant laws and regulations, assess the effectiveness of internal controls, and recommend improvements to ensure that the organization meets its legal and regulatory obligations and mitigates compliance risks.

Confidentiality #

Confidentiality

Confidentiality is a security principle that ensures that sensitive information… #

It involves protecting data from unauthorized access, disclosure, or alteration to maintain its privacy and integrity. Confidentiality controls include encryption, access controls, data classification, and security policies that restrict access to sensitive information to authorized users only. Confidentiality is essential for protecting intellectual property, personal data, trade secrets, and other sensitive information from unauthorized disclosure or misuse.

Cryptography #

Cryptography

Cryptography is the practice of securing information by encoding it in a way tha… #

It involves using algorithms to convert plain text into ciphertext, which can only be decrypted by authorized users who possess the key. Cryptography is used to protect sensitive data during transmission over networks, storage on servers, and communication between devices. Cryptographic techniques include encryption, decryption, digital signatures, and key management, which are essential components of cybersecurity controls.

Data Governance #

Data Governance

Data governance is the process of managing the availability, usability, integrit… #

Data governance involves defining data policies, standards, and procedures, establishing data quality controls, and monitoring data usage to ensure that information is accurate, consistent, and reliable. Data governance helps organizations maximize the value of their data assets, mitigate data-related risks, and ensure that data is managed effectively throughout its lifecycle.

Data Loss Prevention (DLP) #

Data Loss Prevention (DLP)

Data loss prevention (DLP) is a set of technologies and practices designed to pr… #

DLP solutions monitor data in motion, at rest, and in use to identify and prevent data breaches, unauthorized sharing, or accidental leaks. DLP tools can classify sensitive data, enforce access controls, encrypt data, and block unauthorized transfers to prevent data loss incidents. Data loss prevention is a critical component of cybersecurity controls aimed at protecting confidential information and intellectual property.

Data Privacy #

Data Privacy

Data privacy refers to the protection of individuals' personal information from… #

Data privacy regulations such as the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA) require organizations to collect, process, and store personal data in a secure and transparent manner, with explicit consent from data subjects. Data privacy controls include data encryption, access controls, data anonymization, and privacy policies that help organizations comply with privacy laws and protect individuals' rights to control their personal information.

Data Security #

Data Security

Data security is the practice of protecting data from unauthorized access, discl… #

Data security controls include encryption, access controls, data masking, and security policies that help organizations prevent data breaches, cyber attacks, and data loss incidents. Data security measures are essential for safeguarding sensitive information, intellectual property, trade secrets, and personal data from unauthorized disclosure or misuse.

Digital Forensics #

Digital Forensics

Digital forensics is the process of collecting, preserving, analyzing, and prese… #

Digital forensic investigations involve examining digital devices, networks, and data to identify the cause of incidents, reconstruct events, and determine the extent of damage. Digital forensics tools and techniques help organizations uncover evidence of malicious activities, identify perpetrators, and respond to incidents in a timely and effective manner to mitigate risks and protect their assets.

Disaster Recovery Planning #

Disaster Recovery Planning

Disaster recovery planning is the process of developing and implementing strateg… #

It involves identifying critical systems and data, defining recovery objectives and priorities, and creating plans to recover IT services and business functions in a timely manner. Disaster recovery planning aims to minimize downtime, recover data, and restore operations to ensure business continuity and resilience in the face of emergencies such as natural disasters, cyber attacks, or system failures.

Encryption #

Encryption

Encryption is the process of converting plain text into ciphertext using mathema… #

Encryption ensures that only authorized users with the decryption key can read and understand the encrypted data. Encryption is used to secure data during transmission over networks, storage on servers, and communication between devices to prevent eavesdropping, data breaches, and cyber attacks. Encryption is a fundamental cybersecurity control that helps organizations protect their sensitive information and maintain confidentiality.

Firewall #

Firewall

A firewall is a network security device that acts as a barrier between an intern… #

Firewalls use rules and policies to filter traffic based on predefined criteria, such as IP addresses, ports, protocols, and applications, to prevent unauthorized access, block malicious content, and protect against cyber threats. Firewalls are essential cybersecurity controls that help organizations secure their networks, prevent unauthorized access, and enforce security policies to safeguard sensitive information.

Incident Response #

Incident Response

Incident response is the process of detecting, analyzing, and responding to secu… #

Incident response involves identifying security incidents, containing the damage, eradicating threats, and recovering systems and data to prevent further harm. Incident response plans outline roles and responsibilities, communication procedures, escalation paths, and recovery steps to help organizations respond effectively to security incidents and mitigate risks to their operations, reputation, and assets.

Information Security #

Information Security

Information security is the practice of protecting information assets from unaut… #

Information security controls include technical safeguards, security policies, awareness training, and risk management practices that help organizations prevent data breaches, cyber attacks, and security incidents. Information security aims to safeguard sensitive information, intellectual property, trade secrets, and personal data from unauthorized disclosure or misuse to maintain the organization's reputation, trust, and competitiveness.

Internal Controls #

Internal Controls

Internal controls are processes, policies, and procedures implemented by an orga… #

Internal controls help organizations safeguard assets, prevent fraud, maintain accurate financial records, and promote operational effectiveness and efficiency. Internal controls can include segregation of duties, access controls, approval processes, and monitoring mechanisms that help organizations achieve their goals, protect their resources, and maintain trust with stakeholders.

Intrusion Detection System (IDS) #

Intrusion Detection System (IDS)

An intrusion detection system (IDS) is a security tool that monitors network tra… #

IDSs analyze network packets, log files, and system events to detect suspicious behavior, anomalies, or known attack patterns that indicate a security incident. IDSs can be network-based, host-based, or cloud-based, and they generate alerts, notifications, or automated responses to help organizations identify and respond to security incidents in a timely manner to prevent data breaches and protect their assets.

IT Governance #

IT Governance

IT governance is the framework of processes, policies, and controls that guide t… #

IT governance aims to align IT activities with business objectives, manage IT risks, and optimize IT investments to deliver value and support organizational goals. IT governance frameworks such as COBIT, ITIL, and ISO/IEC 27001 provide best practices and standards for managing IT resources, aligning IT with business needs, and ensuring compliance with regulatory requirements to enhance the organization's performance and competitiveness.

Malware #

Malware

Malware, short for malicious software, is a type of software designed to disrupt… #

Malware includes viruses, worms, Trojans, ransomware, spyware, and adware that infect devices, steal information, or cause harm to users and organizations. Malware is often distributed through phishing emails, malicious websites, and software vulnerabilities, and it can compromise the security, privacy, and integrity of systems and data. Malware protection tools, security awareness training, and best practices help organizations defend against malware attacks and protect their assets from cyber threats.

Mobile Device Management (MDM) #

Mobile Device Management (MDM)

Mobile device management (MDM) is a security solution that enables organizations… #

MDM tools enforce security policies, control device settings, encrypt data, and monitor device activities to protect against data breaches, unauthorized access, and malware attacks. MDM solutions help organizations secure mobile endpoints, enforce compliance with security standards, and protect sensitive information from risks associated with mobile devices in the workplace.

Network Security #

Network Security

Network security is the practice of securing computer networks from unauthorized… #

Network security controls include firewalls, intrusion detection systems, virtual private networks, and access controls that help organizations monitor, detect, and prevent unauthorized activities on their networks. Network security aims to safeguard network infrastructure, data transmissions, and communication channels from eavesdropping, data interception, and network disruptions to ensure the confidentiality, integrity, and availability of information.

Penetration Testing #

Penetration Testing

Penetration testing, also known as pen testing, is a security assessment that si… #

Penetration testers, or ethical hackers, use authorized techniques to exploit system weaknesses, gain unauthorized access, and assess the effectiveness of security controls. Penetration testing helps organizations uncover security flaws, assess the impact of potential attacks, and prioritize remediation efforts to strengthen their cybersecurity defenses and protect against real-world threats.

Phishing #

Phishing

Phishing is a cyber attack that uses deceptive emails, messages, or websites to… #

Phishing attacks often impersonate trusted entities such as banks, social media platforms, or government agencies to deceive users into clicking on malicious links, downloading malware, or providing confidential information. Phishing is a common tactic used by cyber criminals to steal identities, commit fraud, and compromise the security of individuals and organizations. Security awareness training, email filters, and anti-phishing tools help organizations defend against phishing attacks and protect their users from online scams.

Ransomware #

Ransomware

Ransomware is a type of malware that encrypts files or locks computer systems to… #

Ransomware attacks typically involve cyber criminals demanding payment in cryptocurrencies to release encrypted files or systems back to their owners. Ransomware infections can disrupt business operations, cause financial losses, and compromise sensitive information if organizations fail to detect and respond to attacks promptly. Ransomware protection measures such as data backups, security patches, and employee training help organizations defend against ransomware threats and recover from attacks without paying ransom demands.

Risk Management #

Risk Management

Risk management is the process of identifying, assessing, prioritizing, and miti… #

Risk management involves analyzing threats, vulnerabilities, and potential impacts to determine the likelihood and severity of risks, developing risk treatment plans, and implementing controls to reduce risks to an acceptable level. Risk management frameworks such as ISO 31000, COSO ERM, and NIST RMF provide guidelines and best practices for managing risks effectively, making informed decisions, and optimizing the organization's risk profile to achieve its strategic goals and protect its interests.

Security Awareness Training #

Security Awareness Training

Security awareness training is an educational program designed to inform employe… #

Security awareness training covers topics such as password security, phishing awareness, data protection, social engineering, and incident reporting to empower employees to be vigilant, compliant, and security-conscious in their daily activities. Security awareness training helps organizations build a culture of security, reduce human errors, and strengthen their defenses against cyber threats by educating employees on cybersecurity principles and practices.

Security Incident #

Security Incident

A security incident is an event that compromises the confidentiality, integrity,… #

Security incidents include data breaches, malware infections, unauthorized access, denial of service attacks, and other security breaches that threaten the organization's assets, operations, and reputation. Security incidents require detection, analysis, containment, eradication, and recovery measures to minimize their impact and prevent further harm. Security incident response plans outline procedures, roles, and responsibilities for responding to incidents in a timely, coordinated, and effective manner to protect the organization from cyber threats and security risks.

Security Policy #

Security Policy

A security policy is a set of rules, guidelines, and procedures established by a… #

Security policies define the organization's security objectives, responsibilities, controls, and compliance requirements to ensure that information assets are safeguarded effectively. Security policies cover areas such as access control, data protection, incident response, risk management, and compliance to guide employees, contractors, and partners in maintaining a secure and compliant environment. Security policies are essential for establishing a security culture, enforcing security controls, and mitigating security risks within an organization.

Social Engineering #

Social Engineering

Social engineering is a tactic used by cyber criminals to manipulate individuals… #

Social engineering attacks rely on human interactions, trust relationships, and emotional triggers to exploit vulnerabilities in human behavior and bypass technical controls. Social engineering techniques include phishing, pretexting, baiting, and tailgating that trick users into revealing passwords, clicking on malicious links, or disclosing sensitive information. Security awareness training, policy enforcement, and incident response help organizations defend against social engineering attacks and protect their employees from manipulation and fraud.

Software Development Life Cycle (SDLC) #

Software Development Life Cycle (SDLC)

The software development life cycle (SDLC) is a process that outlines the phases… #

The SDLC consists of requirements analysis, design, coding, testing, deployment, and maintenance stages that help organizations plan, execute, and manage software projects effectively. The SDLC ensures that software products meet quality standards, user requirements, and security controls by following best practices, methodologies, and quality assurance processes throughout the development lifecycle. The SDLC is essential for delivering secure, reliable, and high-quality software solutions that meet business needs and regulatory requirements.

Two #

Factor Authentication (2FA)

Two #

factor authentication (2FA) is a security mechanism that requires users to provide two forms of identification before granting access to information technology systems, applications, or data. 2FA combines something the user knows (such as a password) with something the user has

IT Auditing #

IT auditing is the process of evaluating an organization's information technolog… #

IT auditors are responsible for assessing the effectiveness of controls, identifying weaknesses or vulnerabilities, and making recommendations for improvement.

Cybersecurity Controls #

Cybersecurity controls are measures put in place to protect an organization's in… #

These controls help to reduce the risk of cyber attacks and ensure the confidentiality, integrity, and availability of information assets.

Access Controls #

Access controls are security measures that regulate who can access specific reso… #

This includes user authentication, authorization, and accountability mechanisms to ensure that only authorized individuals can access sensitive data or systems.

Application Controls #

Application controls are specific measures within software applications that hel… #

These controls can include input validation, error handling, and processing logic checks to prevent unauthorized or incorrect transactions.

Asset Management #

Asset management involves identifying, classifying, and tracking all of an organ… #

This process helps ensure that assets are properly utilized, protected, and accounted for.

Audit Trail #

An audit trail is a chronological record of all activities and transactions with… #

This log provides a detailed history of who accessed what data, when, and what changes were made. Audit trails are essential for monitoring and investigating security incidents.

Authentication #

Authentication is the process of verifying an individual's identity before grant… #

This can involve something the user knows (password), has (smart card), or is (biometric data) to confirm their identity.

Authorization #

Authorization is the process of determining what actions or resources an authent… #

This involves defining user permissions, roles, and privileges to ensure that only authorized activities are performed.

Backup and Recovery #

Backup and recovery procedures are critical for ensuring the availability and in… #

Regular backups of data are taken and stored securely to enable quick recovery in case of data loss.

Business Continuity Planning #

Business continuity planning involves developing strategies and procedures to en… #

This includes identifying critical processes, resources, and recovery plans.

Change Management #

Change management is the process of controlling and managing changes to informat… #

This includes assessing the impact of proposed changes, obtaining approvals, and implementing changes in a controlled manner to minimize risks.

Compliance #

Compliance refers to adherence to laws, regulations, standards, and internal pol… #

IT auditors ensure that information systems and controls are compliant with relevant requirements to mitigate legal and regulatory risks.

Confidentiality #

Confidentiality is a security principle that ensures that sensitive information… #

This involves protecting data from unauthorized access, disclosure, or theft to maintain its integrity and privacy.

Control Environment #

The control environment refers to the overall attitude, awareness, and commitmen… #

A strong control environment is essential for promoting a culture of compliance, accountability, and risk management.

Data Encryption #

Data encryption is the process of encoding data to prevent unauthorized access o… #

Encryption algorithms convert plaintext data into ciphertext, which can only be decrypted by authorized parties using a secret key.

Data Loss Prevention (DLP) #

Data loss prevention is a set of technologies and policies designed to prevent t… #

DLP solutions monitor, detect, and block the transmission of confidential information to unauthorized recipients.

Data Privacy #

Data privacy refers to the protection of individuals' personal information from… #

Organizations must comply with privacy laws and regulations to safeguard customer data and maintain trust with stakeholders.

Data Retention #

Data retention policies define how long different types of data should be retain… #

These policies ensure compliance with legal requirements, business needs, and data management best practices.

Data Security #

Data security encompasses measures to protect the confidentiality, integrity, an… #

This includes encryption, access controls, backups, and monitoring to prevent data breaches.

Firewall #

A firewall is a network security device that monitors and controls incoming and… #

Firewalls act as a barrier between a trusted internal network and untrusted external networks to prevent unauthorized access.

Incident Response #

Incident response is a structured approach to managing and responding to cyberse… #

This process includes detection, containment, eradication, recovery, and post-incident analysis.

Information Security #

Information security refers to the protection of information assets from unautho… #

This includes implementing security controls, policies, and procedures to safeguard sensitive data.

Internal Controls #

Internal controls are policies, procedures, and mechanisms implemented within an… #

Internal controls help safeguard assets, prevent fraud, and promote operational efficiency.

IT Governance #

IT governance is the framework and processes used by organizations to ensure tha… #

IT governance aligns IT strategies with organizational goals and ensures accountability for IT performance.

Malware #

Malware is malicious software designed to infiltrate, damage, or disrupt compute… #

Common types of malware include viruses, worms, trojans, ransomware, and spyware, which can steal sensitive data or cause system outages.

Multi #

factor Authentication (MFA):

Multi #

factor authentication requires users to provide more than one form of verification to access information systems or resources. This can include a combination of passwords, security tokens, biometrics, or one-time passcodes to enhance security.

Network Security #

Network security involves measures to protect the integrity, confidentiality, an… #

This includes firewalls, intrusion detection systems, encryption, and secure protocols to prevent unauthorized access or data breaches.

Penetration Testing #

Penetration testing, also known as ethical hacking, is a simulated cyber attack… #

Penetration tests help organizations assess their security posture and remediate weaknesses before real attacks occur.

Phishing #

Phishing is a social engineering technique used by cybercriminals to deceive use… #

Phishing attacks often involve fraudulent emails, websites, or messages that appear legitimate.

Risk Assessment #

Risk assessment is the process of identifying, analyzing, and evaluating potenti… #

This helps organizations prioritize risks, allocate resources, and develop risk mitigation strategies.

Security Awareness Training #

Security awareness training educates employees about cybersecurity risks, best p… #

Training programs cover topics such as phishing awareness, password security, and incident reporting.

Security Controls #

Security controls are safeguards implemented to protect information systems and… #

These controls can be technical (e.g., encryption, access controls), administrative (e.g., policies, procedures), or physical (e.g., locks, alarms) to mitigate risks.

Security Incident #

A security incident is an event that compromises the confidentiality, integrity,… #

Security incidents can include unauthorized access, data breaches, malware infections, or denial-of-service attacks that require investigation and response.

Segregation of Duties #

Segregation of duties is a principle of internal control that requires separatin… #

This ensures that no single individual has the ability to initiate, authorize, and complete a transaction.

Social Engineering #

Social engineering is a tactic used by cyber attackers to manipulate individuals… #

Social engineering techniques can include pretexting, phishing, baiting, or tailgating to exploit human vulnerabilities.

System Development Life Cycle (SDLC) #

The system development life cycle is a structured approach to designing, develop… #

The SDLC includes phases such as planning, analysis, design, implementation, testing, deployment, and maintenance.

Threat Intelligence #

Threat intelligence is information about potential cybersecurity threats, vulner… #

Threat intelligence sources include security vendors, government agencies, and industry reports.

Vulnerability Assessment #

Vulnerability assessment is the process of identifying weaknesses or security fl… #

Vulnerability scans and assessments help organizations prioritize and remediate vulnerabilities to reduce the risk of cyber attacks.

Wireless Security #

Wireless security involves securing wireless networks, devices, and communicatio… #

This includes implementing encryption, authentication, and intrusion detection measures to protect sensitive data transmitted over wireless channels.