CRISC - Certified in Risk and Information Systems Control term definition - Part 11

Chief information officer (CIO)

The most senior official of the enterprise who is accountable for IT advocacy, aligning IT and business strategies, and planning, resourcing and managing the delivery of IT services, information and the deployment of associated human resources

Chief technology officer (CTO)

The individual who focuses on technical issues in an enterprise

Ciphertext

Information generated by an encryption algorithm to protect the plaintext and that is unintelligible to the unauthorized reader. Circuit-switched network A data transmission service requiring the establishment of a circuit-switched connection before data can be transferred from source data terminal equipment (DTE) to a sink DTE

Circular routing

In open systems architecture, circular routing is the logical path of a message in a communication network based on a series of gates at the physical network layer in the open systems interconnection (OSI) model.

Cleartext

Data that is not encrypted. Also known as plaintext.

Client-server

A group of computers connected by a communication network, in which the client is the requesting machine and the server is the supplying machine

Cluster controller

A communication terminal control hardware unit that controls a number of computer terminals

Coaxial cable

Composed of an insulated wire that runs through the middle of each cable, a second wire that surrounds the insulation of the inner wire like a sheath, and the outer insulation which wraps the second wire

COBIT 1. COBIT 5:

Formerly known as Control Objectives for Information and related Technology (COBIT); now used only as the acronym in its fifth iteration. A complete, internationally accepted framework for governing and managing enterprise information and technology (IT) that supports enterprise executives and management in their definition and achievement of business goals and related IT goals. COBIT describes five principles and seven enablers that support enterprises in the development, implementation, and continuous improvement and monitoring of good IT-related governance and management practices

CoCo

Criteria of Control, published by the Canadian Institute of Chartered Accountants in 1995

Coevolving

Originated as a biological term, refers to the way two or more ecologically interdependent species become intertwined over time

Coherence

Establishing a potent binding force and sense of direction and purpose for the enterprise, relating different parts of the enterprise to each other and to the whole to act as a seemingly unique entity

Cohesion

The extent to which a system unit--subroutine, program, module, component, subsystem--performs a single dedicated function

Cold Site

An IS backup facility that has the necessary electrical and physical components of a computer facility, but does not have the computer equipment in place

Combined Code on Corporate Governance

Combined Code on Corporate Governance The consolidation in 1998 of the "Cadbury," "Greenbury" and "Hampel"

Communication processor

A computer embedded in a communications system that generally performs the basic tasks of classifying network traffic and enforcing network policy functions.

Communications controller

Small computers used to connect and coordinate communication links between distributed or remote devices and the main computer, thus freeing the main computer from this overhead function.

Community strings

Authenticate access to management information base (MIB) objects and function as embedded passwords

Comparison program

A program for the examination of data, using logical or conditional tests to determine or to identify similarities or differences.

Compensating control

An internal control that reduces the risk of an existing or potential control weakness resulting in errors and omissions.