ISACA has a free glossary of IT, audit, and security terms that is not only helpful in studying for the CISA exam, but is a good reference guide for new and experienced auditors.
The glossary is 38 pages long and can be downloaded free from ISACA in PDF format.
The document includes mostly IT and security terms, but also covers audit terminology and some finance concepts. Although the definitions are not in-depth explanations, they provide the basic concepts, and some include “audit scope” notes.
The glossary defines terms like:
- Attribute sampling
- Black Box testing
- Capability Maturity Model
- Chain of custody
- Materiality
- Objectivity
- Reasonable assurance
- SOD
- Suspense file
- WSDL
Get the glossary here. Click the Entire Glossary PDF link.
Other CISA posts:
** FREE CISA Study Guide **
ITauditSecurity 
The word “IT process” is referred in so many places. The wording goes like “You got to define the goals of each IT process….Link them to business goals”. The goals have to be SMARRT..
What does “IT process” referes to ? Are these are ITSM process such as Incident , change, capacity, availability, SLA management?
Also, I wish to understand what a “business process” is and how it differs from IT process?
LikeLike
Hi Dinesh,
I think an IT process is referring to a process that the IT department uses to deliver its services. So yes, Incident , change, capacity, availability, SLA management, etc.
Likewise, a business process would be how a business department delivers its services, such as payroll, accounts payable, etc.
LikeLike
I updated the link to the glossary, which ISACA changed. I sure wish you’d let me know when a link is broken!
LikeLike