HomeFinancial ReportingRatio AnalysisAccountingCompliancesUtilitiesArticles
Events Calendar
Legally companies have to  convey the Annual General Meetings before 30th Sept
Basic terminology in Accountancy
Topic Explanation
Going Concern Concept It means the accounts of an organisation are prepared on the assumption that the concern has intentions to stay in the industry for unlimited time. It has no plan to wind up the business, nor it is in a process of liquidation. As a result the balance sheet “carries forward” the balances to the next year
Accrual basis of Accountancy It means the organisation recognizes or accepts the liabilities or claims which will fall due in the near future. At the same time it accounts for the amounts on which it has established its right to receive.
Consistency It underlines the fact that the accounting policies adapted by the organisation during the previous year have been consistently followed without any change in it. therefore the consistency policy gives great level of confidence to the reader of the accounts
Fixed Asset Assets from which benefits are derived in a long run are treated as fixed assets
Current Asset Asses which are convertible in cash in a short time, during the regular course of the business are known as Current assets
Non Current Asset Assets which are realizable within short time and not generated from the day to day operations are known as Non Current Assets. Fixed Deposits in Bank, Deposits of permanent nature, Investments which are not related to the main business are examples of Non Current Assets
Intangible Assets  
Conservative Policy Conservative policy of accounting implies that provision is made for all anticipated losses, expenses and liabilities while those items of revenue or profits which are uncertain to take place have not been accounted for. In short conservative policy “anticipates all losses but ignores uncertain gains”
Revenue Item Items of expenses
Capital Item  
Self generated Intangible assets  
Impairment of asset  
Contingent Liabilities  
Deferred Payment  
Gross Profit
In the case of a Manufacturing unit, it is calculated by deducting from sales, all the expenses related to manufacturing activity. In the case of a Trading unit, it is calculated by deducting cost of sales from the Gross Sales.
Net Profit
It is the net surplus arising out of all the business transactions carried out during the accounting year. Net Profit is always “after Tax Profit”. This amount is available for withdrawal by the Proprietor, Partner or Dividends by the Shareholders
Operating Profit
(Profit from
This figure indicates the net result from the operations. For calculating Operating Profit one has to disregard the income from non operational activities, like Interest on Bank deposits etc.
Net Profit Ratio
This ratio indicates percentage of sales representing Net Profit of the company. Generally it should be compared with the results of previous years. The trend will indicate the operating efficiency of the business. If the ratio is not consistently rising it is not a good sign of behavior.
Gross Profit
Ratio (Definition)
This ratio indicates percentage of sales representing Gross Profit of the company. It indicates the efficiency of the organisation. This ratio is also studied as a Trend. Increasing trend is a good sign where as organisations having decreasing or uncertain trends do not enjoy good credit ratings
This is a figure of Earnings before
Tax and
Other Amortisations
This figure shows cash surplus generated from the operations and which can be appropriated or available for servicing and repayment of fixed obligations, taxes and dividends to the stake holders.
Return on
It indicates the % Yield on the amount invested by the Owners of the business organisation. This is a very important ratio because it indicates how much remunerative the investment is to the promoters.
Return on Capital
Capital invested is a wider term than the Investments by the promoters. Capital invested includes all funds excluding the Provisions for expenses and statutory dues, or it includes Owned funds as well as Long term Loans, Short term borrowings and Sundry creditors. Returns on the capital invested in the business should justify the Interest paid to the outsiders. Therefore this is a very important parameter for appraising the viability of the business organisation
Interest coverage
ratio (Definition)
This ratio is expressed as pure number. It shows how many times the interest payable on Loans is covered by the Profit before Tax. Higher the figure safer is for the lender to lend money.
Fixed Obligation
Coverage Ratio
Also known as
( D S C R )
This ratio is expressed as a Pure Number and it indicates the coverage of Interest and Principle payable in respect of Long term loan to the Profit before Depreciation and Interest. Higher the ratio safer it is for the lender to give loan
(Definition) (Net Profit before tax + Depreciation + Interest on Loans)/ (Repayment of
Principle + interest on Long term Loan)
Break even Point
That level of Operations where all your costs are recovered, but you do not have surplus, in other words you start earning profit after crossing this level of Operation.
Margin of Safety
Volume of sales over and above the BEP
Cash BEP That level of Operations where your costs, excluding the Depreciation are
recovered from the sales.
Net Worth
It represented by the shareholders’ funds including the ploughed back profits, or accumulated balance in the Profit and Loss Account.
  Paid up capital + All free reserves +accumulated balance in Profit and Loss account – intangible assets
  This figure indicates the financial involvement of the promoters or the owners of the unit in the business. This is a base figure on which many investors and lenders calculate the maximum borrowing capacity of the unit.
Capital Employed
Capital employed includes funds invested in the business by the owners, financial institutes, debenture as well as creditors, but excludes provisions for expenses etc.
Current Ratio
Current ratio is expressed in relative figure of Current Assets to Current
Liabilities for example 2:1
  Ideally the ratio should be 1.33 :1. That is Current Assets should be 33 % higher than the Liabilities. Current Liabilities include Working capital facilities provided by the bank.
Working Capital
Gap (Definition)
This indicates the net investment in the current assets.
  Current Assets – Current Liabilities
  The difference between two shows funds blocked in the Current Assets of the company. Needless to say that the subtraction should give a Positive figure. If the Gap is negative, it indicates over borrowing by the business organisation against its assets. Current Liabilities here do not include Bank borrowings for working capital.
Net Working
It is calculated by deducting Working capital finance from Bank from the working capital gap
  Current Assets- Current Liabilities- Working capital finance received from Banks
MPBF Method 1 Under the first method of calculation of MPBF, margin is calculated at 25 % of
working capital gap

Total Current Assets-(total current liabilities excluding Bank finance )-Margin = 25% of working capital gap

  Working capital limits calculated by this method is higher than the second method because margin is based on Net current assets This method is used during the initial period of the project. Modestly speaking the promoters should gradually move towards the second method of lending as the project gathers strong footing.
Method 2 Under the second method of lending margin is calculated on gross current assets of the borrower, meaning there by that the promoters should fund 25 % of the gross current assets.
  (Total Current Assets*0.75)- Total current liabilities excluding the Bank finance
  Under this method promoters’ contribution is higher. This method is used for
established clients.
Fixed Assets
Turnover Ratio
This ratio signifies the degree of efficiency of the fixed assets. This ratio is
expressed in a Pure Number.
  Generally this ratio is calculated to study the efficiency of the Plant in Manufacturing industry. Higher ratio indicates higher efficiency.
TOL/TNW This ratio gives us the comparison between the Total liabilities of the organisation vis-e-vis owenrs’ contribution. This ratio is represented in comparable format like 1:2
  Total of the outside liabilities (total of Balance Sheet minus owned funds)/ Tangible Net worth
  There should be some ideal mix of the borrowed funds and owned funds. This ratio tells this proportion. Higher share of owned funds signifies good health of the business organisation, but it may not be prudent policy at all times, because there is a cost to owned funds also and it can be higher than the borrowed funds.
Debt Equity Ratio This ratio indicates proportion of Debt to the Equity of the organisation. 3:1 D E ratio is treated as ideal. Depending upon the need of capital expenditure (Capital extensive Industries ) liberal D/E ratio is accepted
  Long Tern Debt / Capital and Free Reserves
  When the Debt is in proportion to the Equity the organisation remains in a
comfortable position to serve the debt as well as to repay it punctually.
Debtors aging This ratio reveals the duration for which Sundry debtors shown in the balance
sheet are outstanding.
  Sundry debtors *365/Sales
  The ratio indicates “Days” for which the debtors are outstanding. Here the result will not be reliable if the sales of the business unit are not uniform through out the year.
Creditors aging This ratio reveals the time duration for which the Sundry Creditors shown in the balance sheet are outstanding.
  Sundry Creditors *365/Purchases (All items of Purchases like RM, Consumables, Packing Material etc )
  If the business unit is punctual in paying the creditors, the resultant ration will be less. If the business unit draws more credit period from the Suppliers, the resultant answer to the ratio will be higher. It indicates tendency of the business to hold the payment and therefore bank financing for Working capital becomes more watchful in respect of these clients.
Working Capital
Turnover Ratio
It indicates how efficiently the working capital of the business has been utilized.
  Gross Sales (inclusive of Taxes) /Average Working capital facilities enjoyed
  If the number is high, it indicates that the funds have been utilized effectively.
Sales to
Cash Cycle
When an organization receives a sales order, a time taken from accepting the order upto the realization of amount from the customer is called Sales to Cash Cycle. It is an indicative time for which working capital funds are blocked.
Internal Rate
of Return
This is a tool for making decision about investing any project. A project involves capital expenditure at the first stage. It is called Negative Cash flow or Cash out flow. The project starts generating Cash surplus over a period of time. However the time element has effect in diluting the value of cash inflow. Therefore the future cash flow is discounted and is known as Net Present Value. The IRR is that rate of discounting which equalizes Cash outflow at Time 1 to the aggregate Cash Surplus generated over a period of time.
  To take the investment decision if the investment project gives IRR which is higher than the cost of funds then investment in that project can be considered the best and therefore gets first preference.
  What does it What does it indicate?
Pay back period
( of a Project)
It is a period in which the initial capital expenditure is recovered from the cash generations from the project.
  It is calculated by taking cumulative total of the Cash generated year by year. The year in which the accumulated cash surplus equals to the initial capital expenditure is the payback period
  For projects requiring longer gestation period the Payback Period is always longer.  Shorter the Payback period better it is to undertake.
Variation of
Payback Period
Payback period with NPV It is desirable to consider the discounted cash flow rather than the actual cash flow.
Topic Explanation
Access Control The processes, rules & development mechanisms that control access to information system, resources and physical access to premises.
A C L Access Control List: An internal computerization of access rules regarding the level of computer access permitted to log on IDs & computer terminals. Also it referred to as access control cables.
Access Control Table An internal computerized table of access rules regarding the level of computer access permitted to log on IDs & computer terminals.
Access Method The techniques used for selecting records in a file, one at a time, for processing, retrieval or storage. The access method is related to; but distinct from, the file organization, which determines how the records are stored.
Access Path The logical route an end user takes to access computerized information. Typically, it includes a route through the operating system, telecommunications software, selected application software & the access control system.
Access Rights The permission or privileges granted to users, programmers or work stations to create, change, delete or view data & files within a system, as defined by rules established by data owner & the information security policy.
Access Servers Provides centralized access control for managing remote access dile-up services.
Address Space The number of distinct locations that may be referred to with the machine address, for most binary machines, it is equal to 2n, where ‘n’ is the number of bits in the machine address.
Administrative Controls The rules, procedures & practices dealing with operational effectiveness, efficiency & adherence to regulation & management policies.
Alternative Routing A service that allows the option of having an alternate route to complete a call when the marked destination is not available. In signaling alternate routing is the process of allocating substitute routes for a giving signaling traffic stream in case of failure affecting normal signaling links or routes of that traffic stream.
Analogue A transmission signal that varies continuously in amplitude & time, and is generated in wave formation. Analogue signals are used in telecommunications.
Anonymous File Transfer Protocol A method for downloading public files using file transfer protocol. Anonymous FTP is called anonymous because users do not need to identify themselves before accessing files from a particular server. In general, user enters the word ‘anonymous’ when the host prompts for a user name; anything can be entered for the password such as the user’s email address, or simply the words ‘guest’. In many cases, anonymous FTP site will not even prompt users for a name & password.
Antivirus Software Application software deployed at multiple points in IT architecture. It is designed to detect & potentially eliminate virus code before damage is done & repaired or quarantine files that have already been infected.
Application A computer program or set of programs that perform the processing of records for a specific functions. Contrast with system program such as an operating systems or network control programs & with utility programs such as copy or sort.
Application Control Policies procedures & activities designed to provide reasonable assurance that objective relevant to automated solution (application) are achieved.
Application Programs A program that processes business data through activities such as data entry, update or query. Contrast with system programs, such as operating systems or networks control programs & with utility programs such as copy or sort.
Application Programming The act or function of developing & maintaining application programs in production.
Application Software Tracing & Mapping Specialized tools that can be used to analyze the flow of data through the processing logic of the application software & document logic, paths, control conditions & processing sequences. Both the command languages and job control statements & programming languages can be analyzed. This technique includes program/system: mapping, tracing, snapshots, parallel simulations & code comparisons.
Artificial Intelligence Advanced computer systems that can simulate human capabilities such as analysis, based on predetermined set of rules.
Assembler A program that takes as input a program written in assembly language & translates it into machine code or machine language.
Asymmetric Key A cipher technique in which different cryptographic keys are used to encrypt & decrypt a message.
Attribute Sampling An audit technique used to select items from a population for audit testing purpose based on selecting all those items that have certain attributed attribution or characteristics such as all items over a certain size.
Audit Risk The probability that information or financial reports may contain material errors & that the auditor may not detect an error that has occurred.
Audit Trail A visible trail of evidence enabling one to trace information contained in statements or reports back to the original input source.
Authentication The act of verifying the identity of a user & the user’s eligibility to access computerized information. Authentication is designed to protect against fraudulent log on activity. It can also refer to the verification of correctness of a piece of information.
Backup Files, equipments, data & procedures available for a use of failure or loss, if the original are destroyed or out of service.
Band-width The range between highest & lowest transmittable frequencies. It equates to the transmission capacity of an electronic line & is expressed in bytes per second or hertz.
Base Case A standardized body or data created for testing purpose. Users normally establish the data. Base cases validate production application systems & tests ongoing accurate operation of the systems.
Batch Control Correctness checks built into data processing systems & applied to batches of input data, particularly in the data preparation stage. There are two main forms of batch control: sequence control, which involves consecutively numbering the records in a batch so that the presence of each record can be confirmed & control total, which is a total of the values in selected fields within the transactions.
Batch Processing The processing of a group of transaction at the same time. Transactions are collected & processed against the master files at a specified time
Bayesian filter A method often employed by anti spam software to filter spam based on probabilities. The message header and every word or number are each considered a token & given a spam probability score. A message is given a spam probability score. A message with a high score will be flagged as spam & discarded, returned to its sender or put in spam directory for further review by the intended recipient.
Benchmarking A systematic approach to comparing organization performance against peers and competitors in an effort to learn the best ways of conducting business. Examples include benchmarking of quality, logistic efficiency and various other metrics.
Binary Code A code whose representation is limited to 0 and 1.
Biometrics A security technique that verifies an individual’s identity by analyzing a unique physical attribute such as handprint.
Black Box Testing A testing that focuses on the functionality of the application or product & does not require knowledge of the code intervals.
Bridge A device that connects two similar networks together.
Broadband Multiple channels are formed by dividing the transmission medium into discrete frequency segments. Broadband generally requires the use of modem.
Business Continuity Plan (BCP) A plan  to respond to disruption critical business processes. Depends on the contingency plan for restoration of critical systems.
Business Impact & Analysis (BIA) A process to determine the impact of losing the support of any resource. The BIA assessment study will establish the escalation of that loss over the time. It is predicted on the fact that senior management, when provided liable data to document the potential impact of a lost resource, can make the appropriate decision.
Business Risk A probable situation with uncertain frequency & magnitude of loss (or gain).
Certificate Revocation List (CRL)

An instrument for checking the continued validity of the certificates for which the certification authority (CA) has responsibility.

Cipher Text Information generated by an encryption algorithm to protect the plain text which is unintelligible to the unauthorized reader.
Cloud Computing A model for enabling convenient, on demand network access to a shared pool of configurable computing recourses.
Cold Site An IS backup facility that has the necessary electrical & physical components of a computer facility; but does not have the computer equipments in place. The site is ready to receive the necessary replacement computer equipment in the event the users have to move from the main computing location to the alternative computer facility.
Communication Processor A computer embedded in a communication system that  performs basic task of classifying network traffic & enforcing network policy functions.
Compiler Program that translates a programming language (source code) into machine executable instructions (object code).
Completeness Check A procedure designed to ensure that no fields are missing from a record.
Compliance Testing Tests of control designed to obtain audit evidence on both the effectiveness of the control & their operations during the audit period.
Computer Emergency Response Team (CERT) responsibilities for standby support in case of an information systems emergency. A group of people integrated at the organization with clear lines of reporting to act  as an efficient corrective control & should also act as a single point of contact for all incidents & issues related to information systems.
Computer Aided Software Engineering (CASE) The use of software packages that aid in the development of all phases of an information system. System analyzes, design programming & documentation are provided...
Computer Assisted Audit Techniques (CAAT) Any automated audit techniques, such as Generalized Audit Software (GAS), test data generators, computerized audit programs & specialized audit utilities.
Concurrency Control class of controls used in data base management systems (DBMS) to ensure that transactions are processed in an atomic, consistent, isolated & durable manner
Console Log An automated detailed report of computer system activity.
Control Risk The risk that material error exists that would not be prevented or detected on a timely basis by the system of internal control.
Control Section The area of the central processing unit (CPU) that executes software, allocates internal memory & transfers operations between the arithmetic-logic, internal storage & output sections of the computer.
Cookie A message kept in the web browser for the purpose of identifying users & possibly preparing customized web pages for them.
Corrective Control Designed to correct errors, omissions & unauthorized uses & intrusions once they are detected.
Data Communication The transfer of data between separate computer processing sites/devices using telephone lines, microwave &/or satellite links.
Data Custodian Individual(s) & department(s) responsible for the storage & safeguarding of computerized information..
Data Dictionary A data base that contains the name, type, range of values, source & an authorization for access for each data element in a data base. It also indicates which application programs to use those data so that when a data structure is contemplated, a list if the affected programs can be generated.
Data Leakage Siphoning out or leaking information by dumping computer files or stealing computer reports & tapes.
Data Security Those controls that seek to maintain confidential, integrity & availability of information.
Data Structure The relationships among files in a database & among data items within each file.
Database A stored collection of related data needed by organization & individuals to meet their information processing & retrieval requirements.
Database Administrator (DBA) An individual or department responsible for the security & information classification of the shared data stored on a database system.
Database Management System (DBMS) A software system that controls the organization, storage & retrieval of data in a database.
Decision Support System (DSS) An interactive system that provides the user with easy access to decision models & data, to support semi structured decision making tasks.
Decryption A technique used to recover the original plain text from the ciphertext such that it is intelligible to the reader. The decryption is a reverse process of the encryption.
Decryption Key A piece of information used to recover the plain text from the corresponding ciphertext by decryption.
Detection Risk The risk that material errors or misstatements that have occurred will not be detected by the IS auditor.
Detective Control Exists to detect & report when errors, omissions & unauthorized uses or entries occur.
Dial-Back Used as a control over dialup telecommunication lines. The telecommunication link established through dialup into the computer from a remote location is interrupted. The computer can dial back to the caller...
Digital Signature A piece of information, a digitized form of a signature that provides sender authenticity message integrity & non-repudiation..
Disaster Recovery Plan (DRP) A set of human, physical, technical & procedural recourses to recovered, within a defined time & cost, an activity interrupted by an emergency or disaster.
Diskless A workstation or PC on network that does not have its own disk, but instead stores files on a network file server.
Diverse Routing The method of routing traffic through split cable facility or duplicate cable facilities. This can be accomplished with different &/or duplicate cable sheaths. If different cable sheaths are used, the cable may be in the same conduit &, therefore, subject to the same interruptions as the cable it is backing up. The communication service subscriber can duplicate the facilities of having alternate routes, although the entrance to & from the customer premises may be in the same conduit.
Domain Name System (DNS) A hierarchical database that is distributed across the internet that allows names to be dissolved into IP addresses (& vice versa), to locate services such as web & email servers.
Downloading The act of transferring computerized information from one computer to another computer.
Downtime Report A report that identifies the elapsed time when a computer is not operating correctly because of machine failure.
Encryption The process of taking an unencrypted message (plain text), applying a mathematical function to it (encryption algorithm with a key) & producing an encrypted message (ciphertext).
Encryption Key A piece of information, in a digitalized form, used by an encryption algorithm to convert the plain text to the ciphertext.
Ethernet A popular network protocol & cabling scheme that uses bus topology & carrier sense multiple access/collusion detection (CSMA/CD) to prevent network failure or collusion when two devices try to access the network at the same time.
Extensible Markup Language (XML) Promulgated through the World Wide Web Consortium, XML is a web-based application development technique that allows designer to create their own customized tags.
Extranet A private network that resides on the internet & allows a company to securely share business information with customers, suppliers, or other businesses as well as execute electronic transactions, different from an intranet in that it is located beyond the computer’s firewall.
False Authorization Also called false acceptance; occur when an unauthorized person is identified as an authorized person by the biometric system.
Fiber-optic Cable Glass fibers that transmit binary signals over a telecommunication network. Fiber-optic systems have low transmission losses as compared to twisted-pair cables.
File Allocation Tablet A table used by the operating system to keep track of where every file is located on the disk.
Firewall A system or combination of systems that enforces a boundary between two or more networks typically forming a barrier between a secured & an open environment such as the internet.
Firmware A workstation or PC on network that does not have its own disk, but instead stores files on a network file server.
Fourth Generation Language (4GL) High-level, user-friendly, nonprocedural computer language used to program &/or read & process computer files.
Generalized Audit Software (GAS) Multipurpose audit software that can be for general processes such as record selection, matching, recalculation & reporting.
Hierarchical Database A database structure in a tree/route or parent/child relationship. Each parent can have many children, but each child may have only one parent.
Honey-pot A specially configured server, also known as decoy server, designed to attract & monitor intruders in a manner such that their actions do not affect production system.
Hot Site A fully operational offsite data processing facility equipped with both hardware & system software to be used in the event of disaster.
Hypertext Markup Language (HTML) A language design for the creation of web pages with hypertext & other information to be displayed in a web browser. HTML is used to structure information – denoting certain text as headings, paragraphs, lists & so on - & can be used to describe, to some degree, the appearance & semantics of a document.
Image Processing The process of electronically inputting sourced documents by taking an image of the document thereby eliminating need for key entry.
Impact Assessment A review of the possible consequences of a risk.
Information Processing Facility (IPF) The computer room & support areas.
Input Controls Techniques & procedures used to verify, validate & edit data to ensure that only correct data are entered into the computer.
Instant Messaging An online mechanism or a form of real-time communication among two or more people based on typed text & multimedia data.
Internet Packet (IP) Spoofing An attack using packets with the spoofed source internet packet (IP) addresses. This technique exploits applications that use authentication based on IP addresses. This technique also may enable an unauthorized user to gain route access on the target system.
Key Performance Indicators (KPI) A measure that determines how well the process is performing in enabling the goal to be reached. A lead indicator of whether a goal will likely be reached or not & a good indicator of capabilities, practices & skills. It measures the activity goals, which is an action that the process owners must take to achieve effective process performance.
Local Area Network (LAN) Communication network that serves several users within a specified geographical area. A personal computer LAN functions as distributed processing system in which each computer in the network does its own processing & manages some of its data. Shared data is stored in a file server that acts as a remote disk drive for all users in the network.
Malware Short for malicious software. Designed to infiltrate damage or obtain information from a computer system without the owner’s consent. Malware is commonly taken to include computer viruses, worms, Trojan horses, spywares & adware. Spyware is generally used for marketing purposes &, as such, is not really malicious although it is generally unwanted. Spyware can, however, be used to gather information for identity theft or other clearly illicit purposes.
Mandatory Access Controls (MAC) A means of restricting access to data based on varying degrees of security requirements for information contained in the objects & the corresponding security clearance of users or programs acting on their behalf.
Media Oxidation The deterioration of the media on which data are digitally stored due to exposure to oxygen & moisture. Tapes deterioration in a worm, humid environment is examples of media oxidation. Proper environment controls should prevent, or significantly slow, this process.
Message Switching A telecommunications methodology that controls traffic in which a complete message is sent to a concentration point & stored until the communications path is established.
Mobile Site The use of mobile/temporary facility to serve as a business resumption location. The facility can usually be delivered to any site & can house information technology & staff.
Modulation A process of converting a digital signal into an analog telecommunication signal.
Data Normalization The elimination of the redundant data.
Offsite Storage A facility located away from the building housing the primary Information Processing Facility (IPF), used for storage of computer media such as offline backup data & storage files.
Operational Control Deals with the everyday operations of a company or organization to ensure that all the objectives are achieved.
Packet Switching The process of transmitting messages in convenient pieces that can be reassembled at the destination.
Paper Test A walk-through of the steps of a regular test, but without actually performing then steps
Parallel Testing The process of feeding test data into two systems, the modified system & an alternative system (possibly the original system), & comparing results to demonstrate the consistency inconsistency between two versions of the applications.
Personal Digital Assistant (PDA) Also called as palmtop & pocket computers, a PDA is a handheld device that provides computing, internet, networking & telephone characteristics.
Personal Identification Number (PIN) A type of password (that is a secret number assigned to an individual) that, in conjunction with some means of identifying the individual, source to verify the authenticity of the individual. PINs have been adopted by financial institutions as the primary means of verifying customers in an electronic funds transfers (EFT) system.
Phishing This type of electronic mail (email) attack that attempts to convince a user that the originator is genuine, but with the intension of obtaining information for use in social engineering. Phishing attacks may take the form of masquerading as a lottery organization advising the recipients or the user’s bank of large win; in either case, the intent is to obtain account & Personal Identification Number (PIN) details..
Private Branch Exchange (PBX) A telephone exchange that is owned by a private business, as opposed to one owned by a common carrier or by a telephone company.
Private Key Cryptosystem Used in data encryption, it utilizes a secret key to encrypt the plaintext to the ciphertext. Private key cryptosystem also use the same key to decrypt the ciphertext to the corresponding plaintext. In this case, the key is symmetric such that the encryption key is equivalent to the decryption key.
Public Key Cryptosystem Used in data encryption, it uses an encryption key, as a public key, to encrypt the plaintext to ciphertext. It uses a different decryption key, as a secret key, to decrypt the ciphertext to the corresponding plaintext..
Public Key Encryption Cryptographic system that uses two keys: one is a public key, which is known to everyone, & the second is a private or secret key, which is only known to the recipient of the message.
Public Key Infrastructure (PKI) A series of processes & technologies for the association of cryptographic keys with the entity to those keys were issued.
Random Access Memory (RAM) The computer’s primary working memory. Each byte of RAM can be accessed randomly regardless of adjacent bytes.
Recovery Point Objective (RPO) Determined based on the acceptable data loss in case of description of operations. It indicates the earliest point in time to which it is acceptable to recover the data. The RPO effectively quantifies the permissible amount of data loss in case of interruption.
Recovery Time Objectives (RTO) Amount of time allowed for the recovery of a business function or resource after a disaster occurs.
Redundant Array of Inexpensive Disks (RAID) Provides performance improvements & fault-tolerant capabilities via hardware or software solutions, while writing to a series of multiple disks to improve performance &/or save large files simultaneously.
Remote Access Service (RAS) Refers to any combination of hardware & software to enable the remote access to tools or information that typically resides on a network of IT devices. Originally coined by Microsoft when referring to their built-in NT remote access tools, RAS was a service provided by Windows NT that allowed most of the services that would be available on a network accessed over a modem link..
Repeaters A physical layer device that regenerates & propagates electrical signals between two network segments. Repeaters receive signals from one network signal & amplify (regenerate) the signal to compensate for signals (analog or digital) distorted by transmission loss due to deduction of signals strength during transmission (i.e., attenuation).
Risk Analysis The initial steps of risk management: analyzing the value of asset to the business, identifying threats to those assets & evaluating how vulnerable each asset is to those threats..
Risk Assessment A process used to identify & evaluate risk & their potential effects. Includes assessing the critical functions necessary for an organization to continue business operations, defining the controls in place to reduce organization exposure & evaluating the cost for such controls.
Risk Evaluation The process of comparing the estimated risk against given risk criteria to determine the significance of the risk
Risk Treatment A process of selection & implementation of measures to modify risk
Router A networking device that can send (route) data packets from one Local Area Network (LAN) or Wide Area Network (WAN) to another, based on addressing at the network layer (Layer 3) in the Open System Interconnections (OSI) model. Networks connected by routers can use different or similar networking protocols. Routers usually of capable of filtering packets based on parameters, such as source address, destination address, protocol & network application (ports).
Secure Socket Layer (SSL) A protocol that is used to transmit private documents through internet. The SSL protocol uses a private key to encrypt the data that is to be transferred though the SSL connection.

foter hisaabkitab logo
Craft logo
               copyrights © 2013- 2014