e-Government - ein Prüfungsleitfaden - EUROSAI IT Working Group
e-Government - ein Prüfungsleitfaden - EUROSAI IT Working Group
e-Government - ein Prüfungsleitfaden - EUROSAI IT Working Group
Erfolgreiche ePaper selbst erstellen
Machen Sie aus Ihren PDF Publikationen ein blätterbares Flipbook mit unserer einzigartigen Google optimierten e-Paper Software.
76<br />
GLOSSAR<br />
AUS DEM ENGLISCHEN ORIGINAL “E-GOVERNMENT IN AN AUD<strong>IT</strong> PERSPECTIVE”<br />
DER <strong>EUROSAI</strong> <strong>IT</strong> WORKING GROUP<br />
Accountability<br />
Accuracy<br />
Authenticity<br />
Availability<br />
Back office system (or<br />
back end)<br />
Certification authority<br />
Controls in user systems<br />
Completeness<br />
Confidentiality<br />
Digital certificate<br />
– In information security, a principle whereby system users are uniquely<br />
identifiable and are held responsible for their actions. B<strong>ein</strong>g able to identify<br />
users uniquely enables security violations to be traced to individuals.<br />
This objective is defeated with the sharing of passwords.<br />
– Property assured by a system’s control sited immediately before the user<br />
application to validate received transaction data concerning, for example,<br />
product numbers, quantity, quality, prices, etc.<br />
– In information security, the property that determines that the originator of<br />
a message, a file, etc., actually is who he/she/it claims to be.<br />
– The ability to access and use a system, resource or file, when and where<br />
required.<br />
– Computer infrastructure within an organisation, which supports core<br />
business process applications but has no external interface with costumers<br />
(unlike a Web site or portal)<br />
– In cryptography, an authority trusted by all users to create and assign<br />
digital certificates This role is usually performed by public institutions,<br />
such as Post Office or clearing banks (e. g. Barclays).<br />
– Internal pre-programmed controls supplemented to the necessary extent<br />
with manual controls.<br />
– Property assured by a system’s control sited immediately before the user<br />
application, to ensure that there is no break during translation from external<br />
to internal data format or that system failure does not cause loss of<br />
data or that faults with the sender of the transaction does not lead to the<br />
transaction not b<strong>ein</strong>g received in its entirety.<br />
– In information security, the property that information is not made available<br />
or disclosed to unauthorised individuals, entities or processes.<br />
– In cryptography, a message that guarantees the authenticity of the data<br />
contained within it. In public key cryptography to guarantee authentication<br />
a certificate should be issued by a Certification Authority trusted by all<br />
users. A certificate generally contains the public key owner’s identity, the<br />
public key itself and its expiry date.