CRISC - Certified in Risk and Information Systems Control term definition - Part 24

IT Governance Basic

FIN (Final)

A flag set in a packet to indicate that this packet is the final data packet of the transmission.

Financial audit

An audit designed to determine the accuracy of financial records and information.

Finger

A protocol and program that allows the remote identification of users logged into a system.

Firewall

A system or combination of systems that enforces a boundary between two or more networks, typically forming a barrier between a secure and an open environment such as the Internet.

Firmware

Memory chips with embedded program code that hold their content when power is turned off.

Fiscal year

Any yearly accounting period without regard to its relationship to a calendar year.

Foreign key

A value that represents a reference to a tuple (a row in a table) containing the matching candidate key value. The problem of ensuring that the database does not include any invalid foreign key values is known as the referential integrity problem. The constraint that values of a given foreign key must match values of the corresponding candidate key is known as a referential constraint. The relation (table) that contains the foreign key is referred to as the referencing relation and the relation that contains the corresponding candidate key as the referenced relation or target relation. (In the relational theory it would be a candidate key, but in real database management systems (DBMSs) implementations it is always the primary key.)

Forensic examination

The process of collecting, assessing, classifying and documenting digital evidence to assist in the identification of an offender and the method of compromise.

Format checking

The application of an edit, using a predefined field definition to a submitted information stream; a test to ensure that data conform to a predefined format.

Fourth-generation language (4GL)

High-level, user-friendly, nonprocedural computer language used to program and/or read and process computer files.

Frame relay

A packet-switched wide-area-network (WAN) technology that provides faster performance than older packet-switched WAN technologies. Best suited for data and image transfers. Because of its variable-length packet architecture, it is not the most efficient technology for real-time voice and video. In a frame-relay network, end nodes establish a connection via a permanent virtual circuit (PVC).

Frequency

A measure of the rate by which events occur over a certain period of time

Function point analysis

A technique used to determine the size of a development task, based on the number of function points. Function points are factors such as inputs, outputs, inquiries and logical internal sites.

Full economic life cycle

The period of time during which material business benefits are expected to arise from, and/or during which material expenditures (including investments, running and retirement costs) are expected to be incurred by, an investment program COBIT 5 perspective

Freeware

Software available free of charge

Gateway

A device (router, firewall) on a network that serves as an entrance to another network.

General computer control

A Control, other than an application control, that relates to the environment within which computer-based application systems are developed, maintained and operated, and that is therefore applicable to all applications. The objectives of general controls are to ensure the proper development and implementation of applications and the integrity of program and data files and of computer operations. Like application controls, general controls may be either manual or programmed. Examples of general controls include the development and implementation of an IS strategy and an IS security policy, the organization of IS staff to separate conflicting duties and planning for disaster prevention and recovery.

Generalized audit software (GAS)

Multipurpose audit software that can be used for general processes, such as record selection, matching, recalculation and reporting.

Generic process control

A control that applies to all processes of the enterprise.

Geographic disk mirroring

A data recovery strategy that takes a set of physically disparate disks and synchronously mirrors them over high-performance communication lines. Any write to a disk on one side will result in a write on the other side. The local write will not return until the acknowledgment of the remote write is successful.