IDSC - Test D

physical components of information technology, which includes the computer and the peripherals (storage devices, input devices, output devices)

computer program or collection of programs - precise set of instructions that tells hardware what to do

user > application > OS > hardware

includes graphical items like scroll bars and menus

software stored on nonvolatile memory chips

special-purpose software designed and included inside physical products

a form of computing where systems in different locations communicate and collaborate to complete a task

program that fulfills the requests of a client (hardware context - computer that has been configured to support requests from other computers; software context - program that fulfills requests)

software program that makes requests of a server program

process of development of methodical technology specifications, models, and guidelines

a common technology term that is used for a variety of computing environments, standards, and marketplaces

technology, computing, utility, interaction, marketplaces, on-demand, crowdsourcing, data harvesting

a plan/guidance for business functions and technology built upon a variety of different technologies (hardware, networks, devices) - looks like a pyramid with the business function/requirements/architecture at the top, providing direction for key technology decisions, followed by data architecture > application architecture > technology architecture

mobilization > current state > target state > roadmap

software that houses business logic for use (and reuse) by multiple applications

small pieces of code that are accessed via the application server that permit interoperable machine-to-machine interaction over a network

programming hooks, or guidelines, published by firms that tell other programs how to get a service to perform a task such as send or receive data

set of web services built around an organization's processes and procedures

Linux, Apache, MySQL, PHP

organization or firm that provides access to the internet - providers connect to one another, exchanging traffic and ensuring that messages can get to any other computer that's online and willing to communicate

identifies resources on the internet along with the application protocol needed to retrieve it

application transfer protocol that allows web browsers and web servers to communicate with each other

enables communication by defining the format of data and rules for exchange

a server to hold email

application transfer protocol that is used to copy files from one computer to another

application transport protocol (https://), host name (www.), domain name, top level domain (.com), path (case sensitive), file (case sensitive)

a security standard that creates an encrypted link between a web server and a browser

distributing a computing or networking workload across multiple systems in order to avoid congestion and slow performance

systems that are capable of continuing operation even if a component fails

a firm that provides hardware and servers to run the websites of others

a nonprofit governance and standards-setting body that accredits registrars throughout the world

language used to compose web pages

value used to identify a device that is connected to the internet - can be used to identify a user's physical location, tailor search results, customize advertising

conserves IP addresses by mapping devices on a private network to single internet-connected devices that acts on their behalf - helps delay the impact of the IP address drought but slows down internet access and is complex, cumbersome, and expensive to administer

internet directory service that allows devices and services to be named and discoverable - distributed database that looks up host and domain names and returns the actual IP address for them - likened to a big, hierarchical set of phone books capable of finding web and email servers and more

the 'phonebooks' of a DNS - work together to create the DNS and can get you anywhere you need to go online

temporary storage space used to speed computing tasks

governments, partnerships-imposed standards, and industry standards that oversee and control the data that an organization collects, stores, and uses

1. regulatory requirements
2. monetary and/or reputation risks

data retention, protecting confidential info, financial accountability, disasters recovery

financial reporting, labor laws, data privacy

business partners, supply chain, outsourcers, service providers, and contractors

regulatory requirements for food, medical devices, higher education, etc.

maintaining visibility and control

provides transparency for shareholders, create a high barrier of entry for new competitors, discourages current competitors from cheating

expensive and time consuming, can limit innovation and risk taking, risk of fines and penalties

the set of processes, policies, laws, customs, and rules affecting the way a corporation is directed, managed, and controlled - has a top-down component

play a key role in overseeing, administering, and monitoring a company

the accountability of individuals in an organization through information systems

how organizations align IT strategy with business strategy - has a bottom-up component - technology plays a critical role in monitoring of key regulatory and compliance indicators - enterprise-wide visibility for compliance - monitoring all existing processes is a daunting task - requires access to numerous information systems and timely reporting

when implemented properly, helps companies increase visibility into the effectiveness of compliance efforts - poorly designed leaves companies vulnerable to a variety of potential issues

strategy and direction, performance monitoring, structure and relationship, corporate citizenship, compliance and accountability, transparency and disclosure

enterprise risk management, compliance management, vendor risk management - RSA Archer, SAP GRC, Riskonnect, ServiceNow

DEI, labor practices, health and safety - Affirmity, Equal Reality, Spot, Wolters Kluwer, Safesite

sustainability and carbon management, hazardous substances, waste recycling, water use - Emitwise, SINAI, Watershed, South Pole

outcome focused direction for decision making (e.g. hiring principles) - high strategy, high risk

formal guidelines (e.g. travel expense policy) - med-high strategic, med-high risk

methods and resources provided to support policy (e.g. ISO 9001 standards) - medium strategic/tactical, medium risk

detailed directions on how policies should be followed (e.g. procedure to file for travel reimbursement) - med-high tactical, med-low risk

informal suggested practices (e.g. social media guidelines) - high tactical, low risk

internal financial, external financial, tax, operational, compliance, information system, payroll

log-in credentials, approvals, legal review of contracts, spending authority and spending limits, segregation of duties, account reconciliation

executive > operational > compliance

aims to enforce corporate governance and strengthen corporate accountability by internal checks and balances, levels of approval and sign-off, full transparency, adequate controls, support of enterprise applications (ERP, CRM, SCM)

employees, mobile devices, third parties, cloud service providers

the European Union's new privacy law - many companies worldwide fear it will make collecting and handling personal info prohibitively complicated - prioritizes privacy and attempts to put individuals back in charge

provide transparency to stakeholders