ISACA Glossary English Slovenian

ISACA® Glossary of Terms
English - Slovenian
Pojmovnik ISACA® –
angleško - slovenski
ACKNOWLEDGMENTS
®
The ISACA Glossary of Terms has been translated into Slovenian by the Slovenia Chapter and re-
viewed by many volunteers. All of the ISACA members who participated in the review of the translated
glossary deserve our thanks and gratitude.
Expert Translation Reviewers
Janja Zidarn, CRISC, Vesna Brelih, CISA, Tadej Kosmačin, CISA, Iztok Starc,
Jure Pranjić, CISA, Anton Lah, Marko Jagodic, CISA, CRISC.
FEEDBACK
Please contact Slovenia Chapter (tajnik@isaca.si) for any comments or suggested changes.
ISACA® Glossary of Terms, English – Slovenian Pojmovnik ISACA®, angleško - slovenski
Term Izraz Definition Pomen

Abend Izreden zaključek An abnormal end to a computer job; termination of a Izreden zaključek računalniškega posla, prekinitev
task prior to its completion because of an error condi- naloge zaradi napake, ki je ni mogoče rešiti z
tion that cannot be resolved by recovery facilities obnovitvenimi zmogljivostmi v času izvajanja naloge.
while the task is executing
Acceptable Interruption Sprejemljivo obdobje The maximum period of time that a system can be Najdaljše sprejemljivo časovno obdobje, v katerem
Window prekinitve unavailable before compromising the achievement of sistem ni na voljo, preden izpad ogrozi doseganje
the organization's business objectives. poslovnih ciljev organizacije.
Acceptable Use Policy Politika o sprejemljivi A policy that establishes an agreement between users Politika, ki opredeljuje sporazum med uporabniki in
uporabi and the organization and defines for all parties' rang- organizacijo ter za vse udeležence določa obseg
es of use that are approved before gaining access to a uporabe, odobren za posamezne dostope do omrežja
network or the Internet. ali interneta.
Access control Nadzor nad dostopi The processes, rules and deployment mechanisms Procesi, pravila in uvajanje mehanizmov, ki
which control access to information systems, re- nadzorujejo dostop do informacijskih sistemov, virov
sources and physical access to premises in fizičnega dostopa do sistemskih prostorov.
Access control list (ACL) Seznam za nadzor An internal computerized table of access rules regard- Notranja računalniška tabela pravil o dostopih glede
dostopov ing the levels of computer access permitted to logon na dodeljene ravni dostopa do računalnika za
IDs and computer terminals. dostopovne ID-je in računalniške terminale.
Scope Note: Access control lists are also referred to as Opomba: seznam za nadzor dostopa se lahko imenuje
access control tables. tudi tabela za nadzor dostopov.
Access control table Tabela za nadzor dostopov An internal computerized table of access rules regard- Notranja računalniška tabela pravil o dostopih glede
ing the levels of computer access permitted to logon na dodeljene ravni dostopa do računalnika za
IDs and computer terminals. dostopovne ID-je in računalniške terminale.
Access method Metoda dostopa The technique used for selecting records in a file, one Tehnika, ki se uporablja za izbiranje posamičnih
at a time, for processing, retrieval or storage. The ac- zapisov v datoteki, obdelavo, iskanje ali shranjevanje.
cess method is related to, but distinct from, the file Metoda dostopa je povezana, vendar je ločena od
organization, which determines how the records are organizacije datotek, ki določa način shranjevanja
stored. zapisov.
Access path Pot dostopa The logical route an end user takes to access comput- Logična pot, po kateri uporabnik dostopa do
erized information. računalniških podatkov.
Scope Note: Typically, it includes a route through the Opomba: Navadno vključuje pot prek operacijskega
operating system, telecommunications software, se- sistema, namenske programske opreme,
lected application software and the access control telekomunikacijske programske opreme in sistema za
system. nadzor dostopa.
© 2012 ISACA All rights reserved. Page/Stran 2/180 © 2012 ISACA. Vse pravice pridržane.
ISACA® Glossary of Terms, English - Slovenian Pojmovnik ISACA®, angleško - slovenski

Access rights Pravice dostopa The permission or privileges granted to users, pro- Dovoljenje ali privilegiji, podeljeni uporabnikom,
grams or workstations to create, change, delete or programom ali delovnim postajam, za ustvarjanje,
view data and files within a system, as defined by spreminjanje, brisanje ali vpogled v podatke in
rules established by data owners and the information datoteke v sistemu, kot je določeno s pravili, ki jih
security policy sprejmejo lastniki podatkov, in kot določa politika
varovanja informacij.
Access servers Strežnik dostopa Provides centralized access control for managing re- Omogoča centraliziran nadzor dostopov za
mote access dial‐up services upravljanje klicnih storitev za oddaljen dostop
Accountability Odgovornost The ability to map a given activity or event back to the Sposobnost pripisati določeno aktivnost ali dogodek
responsible party. nazaj odgovorni osebi.
Accountable Party Odgovorna oseba The individual, group, or entity that is ultimately re- Posameznik, skupina ali subjekt, ki je dejansko
sponsible for a subject matter, process or scope. odgovoren za zadevo, proces ali področje.
Scope Note: Within ITAF, the term management is Opomba: V ITAF je izraz poslovodstvo enak
equivalent to "accountable party". »odgovorni osebi«.
Acknowledgement (ACK) Potrdilo o prejemu A flag set in a packet to indicate to the sender that Oznaka v paketu, ki označuje pošiljatelju, da je
the previous packet sent was accepted correctly by prejemnik prejšnji poslani paket sprejel pravilno in
the receiver without errors, or that the receiver is brez napak, oziroma obvestilo, da je prejemnik
now ready to accept a transmission. pripravljen sprejeti prenos.
Active Recovery Site Aktivna lokacija za Recovery strategy that involves two active sites, each Strategija okrevanja z dvema aktivnima lokacijama, od
(Mirrored) okrevanje (Zrcaljena) capable of taking over the other's workload in the katerih je v primeru katastrofe vsaka sposobna
event of a disaster. prevzeti delovno breme druge.
Scope Note: Each site will have enough idle pro- Opomba: Vsaka lokacija ima v primeru katastrofe
cessing power to restore data from the other site and dovolj proste procesirne moči za obnovitev podatkov
to accommodate the excess workload in the event of in za prevzem delovne obremenitve druge lokacije.
a disaster.
Active Response Aktivni odziv A response in which the system either automatically, Odziv, v katerem sistem bodisi samodejno bodisi ob
or in concert with the user, blocks or otherwise af- posegu uporabnika zaustavi ugotovljeni napad ali
fects the progress of a detected attack. kako drugače vpliva na njegovo napredovanje.
Scope Note: The responses takes one of three forms; Opomba: Odzivi se udejanjajo v eni od treh oblik:
amending the environment, collecting more infor- spremembi okolja, zbiranju dodatnih informacij ali
mation or striking back against the user. povratnem napadu na uporabnika.
Activity Aktivnost The main actions taken to operate the COBIT process. Glavni ukrepi, sprejeti za delovanje procesa COBIT.

Address Naslov Within computer storage, the code used to designate Oznaka lokacije določenega podatka v računalniškem
the location of a specific piece of data pomnilniku.
Address space Naslovni prostor The number of distinct locations that may be referred Število različnih lokacij, na katere se lahko nanaša
to with the machine address naslov naprave.
Scope Note: For most binary machines, it is equal to Opomba: Za večino binarnih naprav je enak 2n, pri
2n, where n is the number of bits in the machine ad- čemer n predstavlja število bitov v naslovu naprave.
dress.
Addressing Naslavljanje The method used to identify the location of a partici- Metoda, ki se uporablja za identifikacijo lokacije
pant in a network udeleženca v omrežju.
Scope Note: Ideally, addressing specifies where the Opomba: V idealnih razmerah naslavljanje prej
participant is located rather than who they are opredeljuje, kje je udeleženec, kakor kdo je (ime) ali
(name) or how to get there (routing). kako do njega (usmerjanje).
Adjusting Period Prilagojeno obdobje The calendar can contain "real" accounting periods Koledar lahko vsebuje »dejanska« obračunska
and/or adjusting accounting periods. The "real" ac- obdobja in/ali prilagojena obračunska obdobja.
counting periods must not overlap, and cannot have »Dejanska« obračunska obdobja se ne smejo
any gaps between them. Adjusting accounting periods prekrivati in ne smejo imeti vmesnih vrzeli.
can overlap with other accounting periods. Prilagojena obračunska obdobja se lahko prekrivajo z
Scope Note: For example a period called DEC‐93 can drugimi obračunskimi obdobji.
be defined that includes 01‐DEC‐1993 through Opomba: Na primer, obdobje, imenovano DEC-93, je
31‐DEC‐1993. An adjusting period called DEC31‐93 lahko opredeljeno tako, da vključuje dneve od 1.
can also be defined that includes only one day: decembra 1993 do 31. decembra 1993. Prilagojeno
31‐DEC‐1993 through 31‐DEC‐1993. obdobje, imenovano DEC31-93, je lahko opredeljeno
tako, da vključuje samo en dan: od 31. decembra
1993 do 31. decembra 1993.
Administrative controls Administrativne kontrole The rules, procedures and practices dealing with op- Pravila, postopki in prakse, ki se nanašajo na
erational effectiveness, efficiency and adherence to operativno uspešnost, učinkovitost in skladnost z
regulations and management policies. zakonodajo in politikami poslovodstva.

Adware Oglaševalsko programje Any software package that automatically plays, dis- Vsak programski paket, ki samodejno predvaja,
plays or downloads advertising material to a comput- prikazuje ali v računalnik prenaša oglasne vsebine, ko
er after the software is installed on it or while the ap- ga namestite ali poganjate.
plication is being used Opomba: V večini primerov se izvaja brez opozorila
Scope Note: In most cases, this is done without any uporabniku ali brez uporabnikove privolitve. Izraz
notification to the user or the user’s consent. The Oglaševalsko programje se prav tako lahko nanaša na
term adware may also refer to software that displays programje, ki prikazuje oglase ne glede na
advertisements, whether or not it does so with the uporabnikovo privolitev; tako programje prikazuje
user’s consent; such programs display advertisements oglase kot nadomestilo plačila registracije
as an alternative to shareware registration fees. The- preizkusnega programja. Razvrščeno je kot
se are classified as "adware" in the sense of advertis- »oglaševalsko programje«, ker se podpira z
ing‐supported software, but not as spyware. Adware oglaševanjem, in ne kot »vohunsko programje«.
in this form does not operate surreptitiously or mis- Oglaševalsko programje v tej obliki ne deluje prikrito,
lead the user, and provides the user with a specific ne zavaja uporabnika in mu zagotavlja določeno
service. storitev.
Alert Situation Stanje pripravljenosti The point in an emergency procedure when the Trenutek v kriznem postopku, v katerem je
elapsed time passes a threshold and the interruption prekoračen čas, predviden za odpravo motnje.
is not resolved. The organization entering into an alert Organizacija, ki vstopa v stanje pripravljenosti, začne
situation initiates a series of escalation steps. izvajati stopnjevalne ukrepe.
Allocation Entry Dodelitveni vnos A recurring journal entry used to allocate revenues or Ponavljajoča se vknjižba, namenjena dodelitvi
costs. prihodkov ali stroškov.
Scope Note: For example, an allocation entry could be Opomba: na primer, dodelitveni vnos bi bil lahko
defined to allocate costs to each department based določen tako, da stroške dodeli vsakemu oddelku na
on head count. podlagi števila zaposlenih.
Alpha Alfa The use of alphabetic characters or an alphabetic Uporaba znakov abecede ali niza znakov abecede
character string
Alternate Facilities Nadomestne zmogljivosti Locations and infrastructures from which emergency Lokacije in infrastruktura, na katerih se izvajajo nujni
or backup processes are executed, when the main ali rezervni postopki, ko glavni prostori niso na voljo
premises are unavailable or destroyed. ali so uničeni.
Scope Note: This includes other buildings, offices or Opomba: Vključuje druge stavbe, pisarne ali
data processing centers. podatkovne centre.
Alternate Process Nadomestni proces Automatic or manual processes designed and estab- Samodejni ali ročni postopki, zasnovani in vpeljani za
lished to continue critical business processes from nadaljevanje izvajanja kritičnih poslovnih procesov od
point‐of‐failure to return‐to‐normal. odpovedi do vrnitve v običajno delovanje.

Alternative routing Alternativno usmerjanje A service that allows the option of having an alternate Storitev, ki omogoča možnost dokončanje klica po
route to complete a call when the marked destination nadomestni poti, kadar ciljni naslov ni na voljo.
is not available Opomba: Pri signalizaciji alternativno usmerjanje
Scope Note: In signaling, alternate routing is the pro- predstavlja proces priprave nadomestnih poti, po
cess of allocating substitute routes for a given signal- katerih bo v primeru odpovedi običajnih povezav ali
ing traffic stream in case of failure(s) affecting the poti stekel obstoječi tok signalnega prometa.
normal signaling links or routes of that traffic stream.
American Standard Code American Standard Code See ASCII Glej ASCII
for Information Inter- for Information Inter-
change change
Amortization Amortizacija The process of cost allocation that assigns the original Proces razporeditve stroška, ki prvoten strošek
cost of an intangible asset to the periods benefited; neopredmetenega sredstva razdeli na obdobja
calculated in the same way as depreciation. koriščenja. Izračunan na enak način kot odpis.
Analog Analogno A transmission signal that varies continuously in am- Prenosni signal, ki se mu amplituda in čas zvezno
plitude and time and is generated in wave formation spreminjata in ima obliko vala (valovanja).
Scope Note: Analog signals are used in telecommuni- Opomba: Analogni signali se uporabljajo v
cations telekomunikacijah.
Analytical Technique Analitična tehnika The examination of ratios, trends and changes in bal- Pregled razmerij, trendov in sprememb v bilancah in
ances and other values between periods to obtain a drugih medobdobnih vrednostih zaradi pridobitve
broad understanding of the organization’s financial or širšega razumevanja finančnega ali operativnega
operational position and to identify areas that may položaja organizacije in zaradi identifikacije področij,
require further or closer investigation. ki bi lahko zahtevala nadaljnjo ali podrobnejšo
Scope Note: This technique is often used when plan- preiskavo.
ning the assurance assignment. Opomba: Tehnika je pogosto uporabljena pri
planiranju nalog za dajanje zagotovil.
Anomaly Anomalija Unusual or statistically rare. Nenavadno ali statistično redko.
Anomaly Detection Odkrivanje anomalij Detection on the basis of whether the system activity Odkrivanje, ki temelji na ujemanju sistemske
matched that defined as abnormal. aktivnosti s tisto, ki je opredeljena kot nenormalna.
Anonymity Anonimnost The quality or state of not being named or identified Lastnost ali stanje neimenovanosti, biti neprepoznan.

Antivirus software Protivirusna programska An application software deployed at multiple points in Programska oprema nameščena na več vozliščih v IT
oprema an IT architecture. It is designed to detect and poten- arhitekturi. Namenjena je za odkrivanje in morebitno
tially eliminate virus code before damage is done and uničenje zlonamerne kode preden je storjena škoda,
repair or quarantine files that have already been inter za popravilo ali osamitev že okuženih datotek.
fected
Appearance Videz The act of giving the idea or impression of being or Povzročati predstavo ali dajati videz, da nekaj je ali
doing something opravlja neko delo.
Appearance of independ- Videz neodvisnosti Behavior adequate to meet the situations occurring Situacijam (intervjuji, sestanki, poročanje, itn.)
ence during audit work (interviews, meetings, reporting, primerno vedenje med revizijskim delom.
etc.) Opomba: Revizor IS se mora zavedati, da je videz
Scope Note: An IS auditor should be aware that ap- neodvisnosti odvisen od dojemanja drugih in lahko
pearance of independence depends on the percep- nanj vplivajo neprimerna dejanja ali druženja.
tions of others and can be influenced by improper ac-
tions or associations.
Applet Aplet A program written in a portable, plat- Programček, ki je napisan v prenosljivem in od
form‐independent computer language, such as Java, platforme neodvisnem programskem jeziku, npr.:
JavaScript or Visual Basic Java, JavaScript ali Visual Basic.
Scope Note: An applet is usually embedded in an Hy- Opomba: Aplet je navadno vdelan v HTML spletni
perText Markup Language (HTML) page downloaded strani, preneseni s spletnih strežnikov in izvedeni v
from web servers and then executed by a browser on brskalniku na odjemalskih napravah, za zagon katere
client machines to run any web‐ based application koli spletne aplikacije (npr. za prikaz spletnih vnosnih
(e.g., generate web page input forms, run audio/video obrazcev, za predvajanje avdio/video programov,
programs, etc.). Applets can only perform a restricted itn.). Apleti lahko izvajajo le omejen nabor operacij, s
set of operations, thus preventing, or at least mini- čimer je preprečeno ali vsaj zmanjšano mogoče
mizing, the possible security compromise of the host varnostno ogrožanje gostiteljskih računalnikov.
computers. However, applets expose the user's ma- Vendar lahko apleti tveganjem izpostavijo
chine to risk if not properly controlled by the browser, uporabnikovo napravo, če v brskalniku niso primerno
which should not allow an applet to access a ma- nadzorovani. Brskalnik apletu ne sme dovoliti dostopa
chine's information without prior authorization of the do informacij na napravi brez predhodnega
user. uporabnikovega dovoljenja.

Application Aplikacija A computer program or set of programs that per- Računalniški program ali nabor programov, ki
forms the processing of records for a specific func- obdeluje zapise za določeno funkcijo.
tion.
Scope Note: Contrasts with systems programs, such Opomba: Razlikuje se od sistemskih programov, kot
as an operating system or network control program, so npr. operacijski sistem ali omrežni nadzorni
and with utility programs, such as copy or sort program, in od sistemskih orodij, kot sta »copy« ali
»sort«.
Application acquisition re- Pregled nabave aplikacije An evaluation of an application system being acquired Ocena aplikacije/sistema, ki ga organizacija namerava
view or evaluated, that considers such matters as: appro- nabaviti. Pri vrednotenju so upoštevani naslednji
priate controls are designed into the system; the ap- kriteriji: sistem vsebuje primerne kontrole; aplikacija
plication will process information in a complete, accu- obdeluje podatke pravilno, natančno in zanesljivo;
rate and reliable manner; the application will function delovanje aplikacije je skladno z zamišljenim
as intended; the application will function in compli- namenom (aplikacija bo delovala, kot je bilo
ance with any applicable statutory provisions; the sys- načrtovano); aplikacija bo delovala skladno z vsemi
tem is acquired in compliance with the established veljavnimi zakonskimi določbami; sistem je nabavljen
system acquisition process v skladu z vzpostavljenim postopkom nabave.
Application benchmarking Primerjalna analiza The process of establishing the effective design and Proces za vzpostavitev učinkovite zasnove in
aplikacije operation of automated controls within an applica- delovanja avtomatiziranih kontrol v aplikaciji.
tion
Application controls Aplikativna kontrola The policies, procedures and activities designed to Politike, postopki in aktivnosti, zasnovani z namenom,
provide reasonable assurance that objectives relevant da dajo razumno zagotovilo, da bodo doseženi cilji,
to a given automated solution (application) are pomembni za določeno avtomatizirano rešitev
achieved. (aplikacijo).
Application Development Pregled razvoja aplikacije An evaluation of an application system under devel- Vrednotenje aplikacijskega sistema v razvoju, ki
Review opment which considers matters such as: appropriate upošteva naslednje vidike: v sistemu so načrtovane
controls are designed into the system; the application primerne kontrole; aplikacija bo obdelovala
will process information in a complete, accurate and informacije celovito, točno in zanesljivo; aplikacija bo
reliable manner; the application will function as in- delovala, kot je predvideno; aplikacija bo delovala
tended; the application will function in compliance skladno z veljavnimi zakonskimi določbami; sistem se
with any applicable statutory provisions; the system is razvija v skladu z uveljavljenim procesom življenjskega
developed in compliance with the established sys- cikla za razvoj sistemov.
tems development life cycle process.

Application Implementa- Pregled uvedbe aplikacije An evaluation of any part of an implementation pro- Vrednotenje poljubnega dela projekta uvedbe.
tion Review ject. Opomba: Primeri obsegajo projektno vodenje, načrte
Scope Note: Examples include project management, testiranja in postopke testiranja sprejemljivosti za
test plans and user acceptance testing procedures. uporabnike.
Application layer Aplikacijska plast In the Open Systems Interconnection (OSI) communi- Aplikacijska plast v komunikacijskem modelu OSI
cations model, the application layer provides services zagotavlja storitve, ki omogočajo učinkovito
for an application program to ensure that effective komunikacijo aplikacijskega programa z drugimi
communication with another application program in a aplikacijskimi programi v omrežju.
network is possible.
Scope Note: The application layer is not the applica- Opomba: Aplikacijska plast ni aplikacija, ki izvaja
tion that is doing the communication; it is a service komunikacijo; je le storitvena plast, ki te storitve
layer that provides these services. zagotavlja.
Application Maintenance Pregled vzdrževanja An evaluation of any part of a project to perform Pregled predstavlja oceno poljubnega dela projekta, ki
Review aplikacije maintenance on an application system. izvaja vzdrževanje aplikacijskega sistema.
Scope Note: Examples include project management, Opomba: Primeri obsegajo projektno vodenje, načrte
test plans and user acceptance testing procedures. testiranja in postopke testiranja sprejemljivosti za
uporabnike.
Application or Managed Ponudnik aplikacij ali A third party that delivers and manages applications Zunanji izvajalec, ki zagotavlja in upravlja aplikacije in
Service Provider upravljanih storitev and computer services, including security services to računalniške storitve, vključno z varnostnimi
(ASP/MSP) multiple users via the Internet or a private network. storitvami, za več uporabnikov prek spleta ali
zasebnega omrežja.
Application program Aplikacijski program A program that processes business data through ac- Program, ki obdeluje poslovne podatke z izvajanjem
tivities such as data entry, update or query aktivnosti, kot so vnos, posodabljanje ali
Scope Note: It contrasts with systems programs, such poizvedovanje.
as an operating system or network control program, Opomba: Razlikuje se od sistemskih programov, kot je
and with utility programs such as copy or sort. operacijski sistemi ali program za nadzor omrežja in
od orodij kot na primer za kopiranje ali razvrščanje.
Application programming Programiranje aplikacij The act or function of developing and maintaining ap- Izvajanje ali funkcija razvoja in vzdrževanja
plications programs in production aplikacijskih programov v produkciji.

Application programming Programski vmesnik (API) A set of routines, protocols and tools referred to as Nabor podprogramov, protokolov in orodij,
interface (API) "building blocks" used in business application soft- imenovanih gradniki, ki se uporabljajo pri razvoju
ware development. poslovne programske opreme.
Scope Note: A good API makes it easier to develop a Opomba: Dober programski vmesnik omogoča lažji
program by providing all the building blocks related to razvoj programa, saj ponuja potrebne gradnike v zvezi
functional characteristics of an operating system that s funkcionalnimi lastnostmi operacijskega sistema, ki
applications need to specify, for example, when inter- jih mora aplikacija določati, na primer, pri
facing with the operating system (e.g., provided by povezovanju z operacijskim sistemom (na primer: MS-
MS‐Windows, different versions of UNIX). A pro- Windows, različne različice UNIX-a). Razvijalec
grammer would utilize these APIs in developing appli- programov bi te programske vmesnike uporabil pri
cations that can operate effectively and efficiently on razvoju, saj uspešno in učinkovito delujejo na izbrani
the platform chosen. platformi.
Application proxy Aplikacijski prehod (proxy) A service that connects programs running on internal Storitev, ki poveže programe, delujoče v notranjih
networks to services on exterior networks by creating omrežjih, s storitvami v zunanjih omrežjih, tako da
two connections, one from the requesting client and vzpostavi dve povezavi: eno od klienta, ki zahteva
another to the destination service povezavo, in druge do ciljne storitve.
Application security Aplikacijska varnost Refers to the security aspects supported by the appli- Nanaša se na varnostne vidike, podprte z aplikacijo,
cation, primarily with regard to the roles or responsi- predvsem na vloge ali odgovornosti in revizijske sledi
bilities and audit trails within the applications. znotraj aplikacij.
Application service provid- Ponudnik aplikacijskih Also known as managed service provider (MSP), it de- Znan tudi kot ponudnik upravljanih storitev (managed
er (ASP) storitev ploys, hosts and manages access to a packaged appli- service provider, MSP); namešča, gosti in upravlja
cation to multiple parties from a centrally managed dostop do paketne aplikacije za več strank iz
facility. centralno vodene zmogljivosti.
Scope Note: The applications are delivered over net-
works on a subscription basis. Opomba: Aplikacije se zagotovljene prek omrežij na
osnovi naročniškega razmerja.

Application software trac- Sledenje in mapiranje Specialized tools that can be used to analyze the flow Specializirana orodja, ki jih je mogoče uporabiti za
ing and mapping aplikativne programske of data through the processing logic of the application analizo toka podatkov skozi obdelavno logiko
opreme software and document the logic, paths, control con- aplikativne programske opreme in za dokumentiranje
ditions and processing sequences. logike, poti, kontrolnih pogojev in vrstnega reda
Scope Note: Both the command language or job con- obdelav.
trol statements and programming language can be Opomba: Analizirati je mogoče tako ukazni jezik kot
analyzed. This technique includes program/system: kontrolne ukaze opravil in programski jezik je možno
mapping, tracing, snapshots, parallel simulations and analizirati. Ta tehnika vključuje izdelavo načrta
code comparisons. poteka, sledenje, posnetke stanj, vzporedne
simulacije in primerjave kode programa ali sistema.
Application system Aplikacijski sistem An integrated set of computer programs designed to Združen sklop računalniških programov, načrtovanih
serve a particular function that has specific input, za podporo določene funkcije, ki ima posebne vnosne,
processing and output activities. obdelovalne in izhodne aktivnosti.
Scope Note: Examples include general ledger, manu- Opomba: Primeri vključujejo glavno knjigo,
facturing resource planning and human resource (HR) načrtovanje proizvodnih virov in upravljanje človeških
management. virov.
Architecture Arhitektura Description of the fundamental underlying design of Opis temeljne zasnove sestavnih delov poslovnega
the components of the business system, or of one el- sistema ali enega od elementov poslovnega sistema
ement of the business system (e.g., technology), the (npr. tehnologije), razmerij med njimi in načina, kako
relationships among them, and the manner in which ti podpirajo doseganje ciljev podjetja.
they support enterprise objectives
Arithmetic logic unit(ALU) Aritmetično logična enota The area of the central processing unit (CPU) that per- Del centralne procesne enote (CPE), ki izvaja
(ALE) forms mathematical and analytical operations matematične in analitične operacije
Artificial intelligence Umetna inteligenca Advanced computer systems that can simulate human Napredni računalniški sistemi, ki lahko simulirajo
capabilities, such as analysis, based on a predeter- človeške sposobnosti, kot je analiza, in temeljijo na
mined set of rules vnaprej določenem naboru pravil.
ASCII ASCII Representing 128 characters, the American Standard Predstavitev 128 znakov, ameriška standardna koda
Code for Information Interchange (ASCII) code nor- za izmenjavo informacij (American Standard Code for
mally uses 7 bits. However, some variations of the Information Interchange, ASCII) ki praviloma
ASCII code set allow 8 bits. This 8‐bit ASCII code al- uporablja 7 bitov. Nekatere izvedenke kode ASCII
lows 256 characters to be represented. dovoljujejo uporabo 8 bitov. 8-bitna koda ASCII
omogoča predstavitev 256 znakov.

Assembler Zbirnik A program that takes as input a program written in Program, ki za vhod uporabi program, napisan v
assembly language and translates it into machine zbirnem jeziku in ga prevede v strojno kodo ali strojni
code or machine language jezik
Assembly language Zbirni jezik A low‐level computer programming language which Nižji računalniški programski jezik, ki uporablja
uses symbolic code and produces machine instruc- simbolno kodo in ustvari navodila za stroj
tions
Assessment Ocena, presoja, A broad review of the different aspects of a company Obširen pregled različnih vidikov podjetja ali funkcije,
vrednotenje or function that includes elements not covered by a ki vključuje elemente, ki niso vključeni v strukturirano
structured assurance initiative. pobudo za dajanje zagotovil.
Scope Note: May include opportunities for reducing Opomba: lahko vključuje priložnosti za zmanjšanje
the costs of poor quality, employee perceptions on stroškov slabe kakovosti, zaznavo zaposlenih o vidikih
quality aspects, proposals to senior management on kakovosti, predloge višjemu vodstvu o politiki, ciljih
policy, goals, etc. itd.
Asset Sredstvo Something of either tangible or intangible value that Nekaj, kar ima materialno ali nematerialno vrednost,
is worth protecting, including people, information, in- ki jo je vredno zaščititi, vključno z ljudmi,
frastructure, finances and reputation. informacijami, infrastrukturo, denarjem in ugledom.
Assurance Dajanje zagotovil An objective examination of evidence for the purpose Objektivno preiskovanje dokazov, s katerimi se
of providing an assessment on risk management, con- organizaciji zagotovi ocena o procesih upravljanja
trol or governance processes for the organization. tveganj, nadzora ali vodenja.
Scope Note: Examples may include financial, perfor-
mance, compliance and system security engage- Opomba: Primeri lahko vključujejo posle v zvezi s
ments. financami, uspešnostjo, skladnostjo ali varnostjo
sistema.
Assurance initiative Pobuda za dajanje An objective examination of evidence for the purpose Objektivno preiskovanje dokazov z namenom
zagotovil of providing an assessment on risk management, con- zagotoviti oceno o procesih upravljanja tveganj,
trol or governance processes for the enterprise. nadzora ali vodenja v podjetju.
Scope Note: Examples may include financial, perfor-
mance, compliance and system security engage- Opomba: Primeri lahko vključujejo posle v zvezi s
ments. financami, uspešnostjo, skladnostjo ali varnostjo
sistema.
Asymmetric key (public Asimetrični ključ (javni A cipher technique in which different cryptographic Šifrirna tehnika, pri kateri se za šifriranje in
key) ključ) keys are used to encrypt and decrypt a message. dešifriranje sporočila uporabita različna šifrirna ključa.
Scope Note: See Public key encryption. Opomba: Glej kriptiranje z javnim ključem.

Asynchronous Transfer Asinhroni način prenosa A high‐bandwidth low‐delay switching and multiplex- Tehnologija preklapljanja in multipleksiranja z visoko
Mode (ATM) (ATM) ing technology that allows integration of real‐ time pasovno širino in majhno zakasnitvijo, ki v realnem
voice and video as well as data. It is a data link layer
času dovoljuje združevanje glasu, videa in podatkov.
protocol. Je protokol na sloju podatkovne povezave.
Opomba: ATM je od protokola neodvisen mehanizem
Scope Note: ATM is a protocol‐independent transport prenosa. Dovoljuje velike prenosne hitrosti do 155
mechanism. It allows high‐speed data transfer rates Mbit/s. Kratice ATM ne gre enačiti z njeno
at up to 155 Mbit/s. The acronym ATM should not be alternativno uporabo, ki se nanaša na bankomat
confused with the alternate usage for ATM, which re- (angl.: automated teller machine).
fers to an automated teller machine.
Asynchronous transmis- Asinhroni prenos Character‐at‐a‐time transmission Prenos podatkov znak po znak
sion
Attest reporting engage- Posel poročanja o An engagement in which an IS auditor is engaged to Posel, pri katerem revizor IS preiskuje trditve
ment preveritvi either examine management’s assertion regarding a poslovodstva v zvezi z določenim predmetom ali
particular subject matter or the subject matter direct- predmet neposredno.
ly.
Scope Note: The IS auditor’s report consists of an Opomba: Poročilo revizorja IS sestoji iz mnenja o
opinion on one of the following: enem od naslednjih:
The subject matter. These reports relate directly to O predmetu. Ta poročila se nanašajo neposredno na
the subject matter itself rather than to an assertion. predmet, ne na trditev. V določenih primerih
In certain situations management will not be able to poslovodstvo ne bo moglo postaviti trditve o
make an assertion over the subject of the engage- predmetu posla, na primer, ko so storitve IT predane
ment. An example of this situation is when IT services v izvajanje tretji (neodvisni) stranki. Poslovodstvo
are outsourced to third party. Management will not praviloma ne bo moglo postaviti trditve o kontrolah,
ordinarily be able to make an assertion over the con- za katere je odgovorna tretja stranka. Zato bo moral
trols that the third party is responsible for. Hence, an revizor IS poročati neposredno o predmetu, ne o
IS auditor would have to report directly on the subject trditvi.
matter rather than on an assertion.
Attitude Odnos, stališče Way of thinking, behaving, feeling, etc. Način mišljenja, obnašanja, čustvovanja itd.
Attribute sampling Vzorčenje lastnosti An audit technique used to select items from a Revizijska tehnika, ki se uporablja za izbiro elementov
population for audit testing purposes based on iz populacije za namen revizijskega preizkušanja;
selecting all those items that have certain attributes temelji na izbiri vseh elementov z določenimi
or characteristics (such as all items over a certain size) značilnostmi ali lastnostmi (na primer vsi elementi
nad določeno velikostjo)

Audit Revizija, revidiranje Formal inspection and verification to check whether a Uradni pregled in preverjanje, da je nek standard ali
standard or set of guidelines is being followed, nabor smernic upoštevan, da so zapisi točni ali da so
records are accurate, or efficiency and effectiveness cilji glede učinkovitosti in uspešnosti doseženi.
targets are being met.
Scope Note: May be carried out by internal or Opomba: Izvedejo ga lahko interne ali eksterne
external groups skupine
Audit accountability Revizijska odgovornost Performance measurement of service delivery Merjenje učinkovitosti izvajanja storitve, ob
including cost, timeliness and quality against agreed upoštevanju stroškov, pravočasnosti in kakovosti
service levels storitve, glede na dogovorjeno raven
Audit authority Revizijske pristojnosti A statement of the position within the enterprise, Položaj revizijskega izvajalca znotraj organizacije,
including lines of reporting and the rights of access vključno z ravnmi poročanja in pravicami dostopov
Audit charter Revizijska listina A document approved by the board that defines the Dokument, ki ga odobri Svet (poslovodstvo) in
purpose, authority and responsibility of the internal opredeljuje namen, pristojnost in odgovornost
audit activity (nalogo) notranjerevizijskega izvajalca kontrolne
Audit evidence Revizijski dokaz The information used to support the audit opinion Informacije, na katerih temelji revizijsko mnenje
Audit expert systems Revizijski ekspertni sistemi Expert or decision support systems that can be used Ekspertni oziroma sistem za podporo odločanju, ki z
to assist IS auditors in the decision‐making process by avtomatiziranjem znanja področnih ekspertov služi
automating the knowledge of experts in the field. revizorjem IS kot pomoč pri odločanju.
Scope Note: This technique includes automated risk Opomba: Ta tehnika vključuje avtomatizirano analizo
analysis, systems software and control objectives tveganja ter programske pakete za sistemske
software packages. programe in kontrolne cilje.
Audit objective Revizijski cilj The specific goal(s) of an audit Poseben(-ni) cilj(-i) revizije
Scope Note: These often center on substantiating the Opomba: Ta je pogosto osredotočen na ugotavljanje
existence of internal controls to minimize business obstoja notranjih kontrol z namenom zmanjšanja
risk. poslovnega tveganja.

Audit plan Revizijski načrt 1. A plan containing the nature, timing and extent of 1. Načrt, v katerem so zajeti narava, čas in obseg
audit procedures to be performed by engagement revizijskih postopkov, ki jih morajo izvesti člani
team members in order to obtain sufficient revizijske skupine, z namenom pridobiti zadostne in
appropriate audit evidence to form an opinion. primerne revizijske dokaze, na podlagi katerih podajo
Scope Note: Includes the areas to be audited, the mnenje.
type of work planned, the high‐level objectives and Opomba: Vključuje področja, ki jih je treba revidirati,
scope of the work, and topics such as budget, vrsto načrtovanega posla, postavljene cilje in obseg
resource allocation, schedule dates, type of report posla, vključno s potrebnimi sredstvi, razporeditvijo
and its intended audience and other general aspects teh sredstev, terminskim planom, načinom poročanja
of the work. in prejemniki poročila ter druge splošne vidike posla.
2. A high‐level description of the audit work to be 2. Osnovni opis revizijskega posla, ki ga je treba izvesti
performed in a certain period of time v določenem časovnem obdobju.
Audit program Revizijski program A step‐by‐step set of audit procedures and Nabor postopkov, ki korak za korakom opisujejo
instructions that should be performed to complete an izvedbo revizije in navodila, ki se jih je treba pri
audit izvedbi držati.
Audit responsibility Revizijska odgovornost The roles, scope and objectives documented in the Vloge, obseg in cilji, dokumentirani v dogovoru o ravni
service level agreement (SLA) between management storitev (SLA) med poslovodstvom in revizorjem.
and audit
Audit risk Revizijsko tveganje The probability that information or financial reports Verjetnost, da informacije ali finančna poročila
may contain material errors and that the auditor may vsebujejo materialne napake in da revizor napake ne
not detect an error that has occurred bo odkril.
Audit sampling Revizijsko vzorčenje The application of audit procedures to less than 100 Uporaba revizijskih postopkov na manj kot 100
percent of the items within a population to obtain odstotkih elementov znotraj populacije, z namenom
audit evidence about a particular characteristic of the pridobivanja dokazil o določeni značilnosti populacije.
population
Audit trail Revizijska sled A visible trail of evidence enabling one to trace Vidna sled dokazov, ki omogoča sledljivost informacij
information contained in statements or reports back v trditvah ali poročilih nazaj do izvora.
to the original input source

Audit universe Revizijski obseg An inventory of audit areas that is compiled and Inventar revizijskih območij, ki se med načrtovanjem
maintained to identify areas for audit during the audit revizije sestavi in vzdržuje za identifikacijo področij za
planning process. revizijo med njenim načrtovanjem.
Opomba: Tradicionalno so na seznamu vsi finančni in
Scope Note: Traditionally, the list includes all financial ključni operativni sistemi, pa tudi druge enote, ki
and key operational systems as well as other units bodo zajete v revizijskem postopku kot del splošnega
that would be audited as part of the overall cycle of cikla načrtovanega dela. Revizijski obseg se upošteva
planned work. The audit universe serves as the source kot vir, na podlagi katerega se pripravi letni revizijski
from which the annual audit schedule is prepared. razpored. Obseg je treba redno pregledovati, tako da
The universe will be periodically revised to reflect odraža spremembe, do katerih pride v skupnem
changes in the overall risk profile. profilu tveganja.
Auditability Možnost revizije The level to which transactions can be traced and Stopnja, do katere je mogoče skozi sistem slediti
audited through a system transakcijam in jih pregledati.
Auditable unit Za revizijo primerna enota Subjects, units or systems that are capable of being Subjekti, enote ali sistemi, ki jih je mogoče opredeliti
defined and evaluated. in ovrednotiti.
Scope Note: Auditable units may include: Opomba: Za revizijo primerne enote lahko vključujejo:
‐Policies, procedures and practices - Politike, postopke in prakse
‐Cost centers, profit centers and investment centers - Stroškovna središča, profitna središča in naložbena
‐General ledger account balances središča
‐Information systems (manual and computerized) - Stanja v glavni knjigi
‐Major contracts and programs ‐ Informacijske sisteme (ročne in računalniško
‐Organizational units, such as product or service lines podprte)
‐Functions, such as information technology (IT), - Večje pogodbe in programe
purchasing, marketing, production, finance, - Organizacijske enote, na primer produkte ali
accounting and human resources (HR) storitvene linije
‐Transaction systems for activities, such as sales, - Funkcije, kot so informacijska tehnologija (IT),
collection, purchasing, disbursement, inventory and nabava, marketing, proizvodnja, finance,
cost accounting, production, treasury, payroll, and računovodstvo in kadrovska služba
capital assets - Transakcijske sisteme za aktivnosti kot so prodaja,
‐Financial statements zbiranje, nabava, izplačila, računovodenje inventarja
‐Laws and regulations in stroškov, proizvodnja, blagajna, plačni oddelek in
osnovna sredstva
- Finančna poročila
- Zakonodajo in pravilnike

Authentication Overjanje 1. The act of verifying identity (i.e., user, system). 1. Dejanje preveritve identitete (to je uporabnika,
Scope Note: Risk: Can also refer to the verification of sistema).
the correctness of a piece of data. Opomba: Tveganje: Nanaša se lahko tudi na
2. The act of verifying the identity of a user and the preverjanje pravilnosti podatka.
user’s eligibility to access computerized information.
Scope Note: Assurance: Authentication is designed to 2. Dejanje preveritve identitete uporabnika in
protect against fraudulent logon activity. It can also uporabnikovih dovoljenj za dostop do računalniških
refer to the verification of the correctness of a piece informacij.
of data. Opomba: Zagotovilo: Overjanje je namenjeno zaščiti
pred goljufivim prijavljanjem. Lahko se nanaša tudi na
preverjanje pravilnosti podatka.
Automated application Avtomatizirane aplikativne Controls that have been programmed and embedded Kontrole, ki so programirane in vgrajene v aplikacijo.
controls kontrole within an application
Availability Razpoložljivost Ensuring timely and reliable access to and use of Zagotavljanje pravočasnega in zanesljivega dostopa
information do informacij ter njihovega uporabljanja.
Awareness Ozaveščenost Being acquainted with, mindful of, conscious of and Biti seznanjen, zavedajoč se, zavedati se določene
well informed on a specific subject, which implies teme in biti o njej dobro poučen; pomeni poznati in
knowing and understanding a subject and acting razumeti neko temo in temu ustrezno ravnati
accordingly
Backbone Hrbtenično omrežje The main communication channel of a digital Glavni komunikacijski kanal digitalnega omrežja. Tisti
network. The part of a network that handles the del omrežja, ki upravlja večino prometa.
major traffic Opomba: Uporablja najhitrejše poti za prenos
Scope: Employs the highest-speed transmission paths podatkov v omrežju in lahko deluje tudi na največjih
in the network and may also run the longest razdaljah. Manjša omrežja so priključena na
distances. Smaller networks are attached to the hrbtenično omrežje in omrežja, ki se neposredno
backbone, and networks that connect directly to the povezujejo z uporabnikom ali stranko se imenujejo
end user or customer are called "access networks." A "dostopovna omrežja". Hrbtenično omrežje se lahko
backbone can span a geographic area of any size from razteza po poljubno velikem geografskem območju od
a single building to an office complex to an entire ene stavbe prek poslovne stavbe do celotne države.
country. Or, it can be as small as a backplane in a Lahko pa je tako majhno kot hrbtna plošča v eni
single cabinet. omarici.
Backup Varnostna kopija Files, equipment, data and procedures available for Datoteke, oprema, podatki in postopki, ki so na voljo
use in the event of a failure or loss, if the originals are za uporabo v primeru odpovedi ali izgube, če so
destroyed or out of service originali uničeni ali nedelujoči.

Backup center Nadomestni center An alternate facility to continue IT/IS operations when Nadomestni objekt, v katerem se nadaljuje delovanje
the primary data processing (DP) center is unavailable IT/IS, kadar glavni center za obdelavo podatkov ni na
voljo.
Badge Značka A card or other device that is presented or displayed Kartica ali druga naprava, ki jo predložimo ali
to obtain access to an otherwise restricted facility, as pokažemo, da pridobimo dostop do objekta z
a symbol of authority (e.g., the police), or as a simple omejenim dostopom, kot znak pristojnosti (npr.
means of identification policije) ali kot preprosto sredstvo prepoznave.
Scope Note: Also used in advertising and publicity Opomba: Uporablja se tudi pri oglaševanju in
reklamiranju.
Balanced scorecard (BSC) Uravnoteženi sistem Developed by Robert S. Kaplan and David P. Norton as Razvila sta ga Robert S. Kaplan in David P. Norton kot
kazalnikov (BSC) a coherent set of performance measures organized koherenten nabor kazalnikov uspešnosti, organiziran
into four categories that includes traditional financial v štiri kategorije. Vključuje tradicionalne finančne
measures, but adds customer, internal business kazalnike, procese v organizaciji ter možnosti za
process, and learning and growth perspectives učenje in rast.
Bandwidth Pasovna širina The range between the highest and lowest Razpon med najvišjimi in najnižjimi frekvencami, ki jih
transmittable frequencies. It equates to the je mogoče prenašati. Enačimo jo z zmogljivostjo
transmission capacity of an electronic line and is prenosa po elektronski povezavi in jo izražamo v
expressed in bytes per second or Hertz (cycles per bajtih na sekundo ali hertzih (ciklih na sekundo).
second).
Bar code Črtna koda A printed machine‐readable code that consists of Zapis podatkov, natisnjen v obliki zaporedja različno
parallel bars of varied width and spacing širokih vzporednih črt in presledkov.
Base case Temeljni primer A standardized body of data created for testing Standardiziran nabor podatkov, ustvarjen za namene
purposes. testiranja.
Scope Note: Users normally establish the data. Base Opomba: Podatke navadno določijo uporabniki.
cases validate production application systems and Temeljni primeri vrednotijo aplikacijske sisteme v
test the ongoing accurate operation of the system. produkciji in preizkušajo natančnost delovanja
sistema.
Baseband Osnovni frekvenčni pas A form of modulation in which data signals are pulsed Oblika modulacije, pri kateri se signali s podatki
directly on the transmission medium without prenašajo neposredno po prenosnem sredstvu brez
frequency division and usually utilize a transceiver. delitve frekvenc in navadno uporabljajo prenosnik
(sprejemno-oddajno napravo).
Scope Note: The entire bandwidth of the transmission Opomba: Celotna pasovna širina prenosnega sredstva
medium (e.g., coaxial cable) is utilized for a single (npr. koaksialnega vodnika) se uporablja za en sam
channel. kanal.

Baseline architecture Osnovna arhitektura The existing description of the fundamental Obstoječi opis temeljnega načrta komponent
underlying design of the components of the business poslovnega sistema pred vstopom v cikel
system before entering a cycle of architecture review arhitekturnega pregleda in preoblikovanja.
and redesign
Batch control Nadzor paketov Correctness checks built into data processing systems Preverjanje pravilnosti, vgrajeno v sisteme za
and applied to batches of input data, particularly in obdelavo podatkov, ki se uporablja za pakete
the data preparation stage. vnesenih podatkov, še posebej v fazi priprave.
Scope Note: There are two main forms of batch Opomba: Obstajata dve glavni obliki nadzora paketov:
controls: sequence control, which involves numbering kontrolno zaporedje, ki zajema zaporedno številčenje
the records in a batch consecutively so that the zapisov v paketu, tako da je mogoče potrditi
presence of each record can be confirmed; and posamezne zapise; kontrolno vsoto, ki je seštevek
control total, which is a total of the values in selected vseh vrednosti v izbranih poljih znotraj transakcije.
fields within the transactions.
Batch processing Paketna obdelava The processing of a group of transactions at the same Sočasna obdelava skupine transakcij.
time. Opomba: Transakcije se zberejo in se ob določenem
Scope Note: Transactions are collected and processed času obdelajo v glavno datoteko.
against the master files at a specified time.
Baud rate Hitrost prenosa The rate of transmission for telecommunications Hitrost, s katero se prenašajo telekomunikacijski
data, expressed in bits per second (bps) podatki, izražena v bitih na sekundo (b/s).
Benchmark Primerjalni preizkus A test that has been designed to evaluate the Preizkus, ki je bil načrtovan za ocenjevanje
performance of a system. zmogljivosti sistema.
Scope Note: In a benchmark test, a system is Opomba: Pri primerjalnem preizkusu se sistem
subjected to a known workload and the performance podvrže znani delovni obremenitvi, da se lahko izmeri
of the system against this workload is measured. zmogljivost sistema ob njej. Namen je navadno
Typically, the purpose is to compare the measured primerjava izmerjene zmogljivosti z drugimi sistemi, ki
performance with that of other systems that have so prestali isti primerjalni preizkus.
been subject to the same benchmark test.
Benchmarking Izvajanje primerjalnega A systematic approach to comparing enterprise Sistematičen pristop k primerjavi uspešnosti podjetja
preizkusa performance against peers and competitors in an z enakovrednimi in s tekmeci, da bi se naučili
effort to learn the best ways of conducting business. najboljših načinov vodenja poslov.
Scope Note: Examples include benchmarking of Opomba: Zgledi vključujejo izvajanje primerjalnega
quality, logistic efficiency and various other metrics. preizkusa kakovosti, logistične učinkovitosti in druga
merila.

Benefit Korist In business, an outcome whose nature and value V poslovanju rezultat, katerega narava in vrednost
(expressed in various ways) are considered (izražena na različne načine) se upoštevata kot
advantageous by an enterprise ugodna za podjetje.
Benefits realization Udejanjenje prednosti One of the objectives of governance. The bringing Eden od ciljev upravljanja. Uresničevanje novih
about of new benefits for the enterprise, the prednosti za podjetje, vzdrževanje in razširjanje
maintenance and extension of existing forms of obstoječih oblik prednosti in odstranjevanje tistih
benefits, and the elimination of those initiatives and pobud in sredstev, ki ne ustvarjajo zadostne
assets that are not creating sufficient value vrednosti.
Best practice Dobra praksa A proven activity or process that has been Preizkušena dejavnost ali proces, ki ga uspešno
successfully used by multiple enterprises uporablja več podjetij.
Binary code Binarna koda A code whose representation is limited to 0 and 1 Koda, predstavljena samo z 0 in 1.
Biometric locks Biometrične ključavnice Door and entry locks that are activated by such Vrata in ključavnice, ki se odklepajo/zaklepajo z
biometric features as voice, eye retina, fingerprint or biometričnimi lastnostmi, na primer s
signature prepoznavanjem glasu, očesne mrežnice, prstnega
odtisa ali podpisa.
Biometrics Biometrija A security technique that verifies an individual’s Varnostna tehnika, ki identiteto posameznika potrjuje
identity by analyzing a unique physical attribute, such z analizo edinstvene fizične lastnosti, na primer
as a handprint odtisom dlani.
Bit‐stream image Slika bitnega toka Bit‐stream backups, also referred to as mirror image Varnostna kopija bitnega toka, ki jo imenujemo tudi
backups, involve the backup of all areas of a varnostna zrcalna slika, zajema varnostno kopiranje
computer hard disk drive or other type of storage vseh delov računalniškega diska ali drugih
media. pomnilniških medijev.
Scope Note: Such backups exactly replicate all sectors Opomba: Take varnostne kopije natančno posnamejo
on a given storage device including all files and vse sektorje na določeni pomnilniški napravi, vključno
ambient data storage areas. z vsemi datotekami in območji za shranjevanje
podatkov okolice.
Black box testing Preizkušanje na način črne A testing approach that focuses on the functionality Način preizkušanja, ki se osredotoča na
škatle of the application or product and does not require funkcionalnost aplikacije ali produkta in ne zahteva
knowledge of the code intervals poznavanja delov kode.

Broadband Širokopasoven Multiple channels are formed by dividing the Več kanalov se ustvari z razdelitvijo prenosnega
transmission medium into discrete frequency posrednika na diskretne frekvenčne pasove.
segments. Opomba: Širokopasovna povezava navadno zahteva
Scope Note: Broadband generally requires the use of uporabo modema.
a modem.
Brouter Mostovni usmerjevalnik Device that performs the functions of both a bridge Naprava, ki izvaja funkcije mostu in usmerjevalnika.
and a router Opomba: Mostovni usmerjevalnik deluje kot
Scope Note: A brouter operates at both the data link podatkovna povezava in kot omrežne plasti. Povezuje
and the network layers. It connects same data link tako enake tipe podatkovnih povezav lokalnega
type LAN segments as well as different data link ones, omrežja kot različne podatkovne povezave, kar je
which is a significant advantage. Like a bridge, it pomembna prednost. Kot most posreduje pakete, ki
forwards packets based on the data link layer address temeljijo na naslovu podatkovne plasti povezave,
to a different network of the same type. Also, drugemu omrežju enakega tipa. Poleg tega na
whenever required, it processes and forwards zahtevo obdela in posreduje sporočila omrežju z
messages to a different data link type network based drugačnim tipom podatkovnih povezav v skladu s
on the network protocol address. When connecting protokolom omrežnega naslova. Pri povezovanju
same data link type networks, it is as fast as a bridge omrežij z enakim tipom podatkovnih povezav je hiter
and is able to connect different data link type kot most in lahko povezuje omrežja z različnimi tipi
networks. podatkovnih povezav.
Browser Brskalnik A computer program that enables the user to retrieve Računalniški program, ki uporabniku omogoča
information that has been made publicly available on pridobivanje informacij, ki so bile javno objavljene na
the Internet; also, that permits multimedia (graphics) internetu in so vsem dostopne; poleg tega omogoča
applications on the World Wide Web tudi poganjanje večpredstavnostnih (grafičnih)
aplikacij na svetovnem spletu.
Brute force Groba sila A class of algorithms that repeatedly try all possible Razred algoritmov (način reševanja problemov?), ki
combinations until a solution is found preizkusi vse možne kombinacije, dokler ne najde
rešitve.
Brute force attack Napad z grobo silo Repeatedly trying all possible combinations of Način napada, pri katerem se preizkušajo vse možne
passwords or encryption keys until the correct one is kombinacije za geslo ali šifrirni ključ, dokler se ne
found odkrije prava.
Budget Proračun Estimated cost and revenue amounts for a given Ocenjeni stroški in višina dohodka za določeno
range of periods and set of books obdobje in nabor knjig.
Scope Note: There can be multiple budget versions Opomba: Za isti nabor knjig lahko obstaja več različic
for the same set of books. proračuna.

Budget formula Formula proračuna A mathematical expression used to calculate budget Matematični izraz, ki se uporablja za izračun
amounts based on actual results, other budget proračunov na podlagi dejanskih rezultatov, drugih
amounts and statistics. vrednosti proračunov in statistike.
Scope Note: With budget formulas, budgets using Opomba: S proračunskimi formulami je mogoče
complex equations, calculations and allocations can samodejno ustvariti proračune z uporabo
be automatically created. kompleksnih enačb, izračune in dodeljevanja.
Budget hierarchy Hierarhija proračuna A group of budgets linked together at different levels Skupina proračunov, povezanih na različnih nivojih,
such that the budgeting authority of a lower‐ level tako da proračunske pristojnosti nižjega proračuna
budget is controlled by an upper‐level budget nadzoruje višji proračun.
Budget organization Proračunska organizacija An entity (department, cost center, division or other Entiteta (oddelek, stroškovno središče, divizija ali
group) responsible for entering and maintaining druga skupina), odgovorna za vnašanje in vzdrževanje
budget data proračunskih podatkov.
Buffer Medpomnilnik Memory reserved to temporarily hold data to offset Pomnilnik, ki je rezerviran za začasno shranjevanje
differences between the operating speeds of different podatkov pri prenosu podatkov med napravami z
devices, such as a printer and a computer. različnimi delovnimi hitrostmi, na primer med
Scope Note: In a program, buffers are reserved areas tiskalnikom in računalnikom.
of random access memory (RAM) that hold data while Opomba: V programu so medpomnilniki rezervirana
they are being processed. območja RAM-a, na katerih se med obdelavo
shranjujejo podatki.

Buffer overflow Prekoračitev Occurs when a program or process tries to store more Do prekoračitve medpomnilnika pride, ko skušata
medpomnilnika data in a buffer (temporary data storage area) than it program ali proces shraniti v medpomnilnik več
was intended to hold. podatkov, kot je dodeljena zmogljivost
Scope Note: Since buffers are created to contain a medpomnilnika.
finite amount of data, the extra information—which Opomba: Medpomnilniki so izdelani tako, da lahko
has to go somewhere—can overflow into adjacent sprejmejo omejeno količino podatkov. Informacije, ki
buffers, corrupting or overwriting the valid data held prekoračijo določeni obseg, morajo nekam iti, zato se
in them. Although it may occur accidentally through lahko prelijejo v sosednje medpomnilnike, pri čemer
programming error, buffer overflow is an increasingly pokvarijo ali prepišejo podatke, ki so začasno
common type of security attack on data integrity. In shranjeni v njih. Čeprav se lahko to zgodi tudi
buffer overflow attacks, the extra data may contain naključno zaradi programerske napake, je
codes designed to trigger specific actions, in effect prekoračitev medpomnilnika vse bolj pogost način
sending new instructions to the attacked computer napada na podatkovno shrambo. Pri napadu s
that could, for example, damage the user's files, prekoračitvijo medpomnilnika lahko presežni del
change data, or disclose confidential information. podatkov vsebuje kodo, ki sproži določena dejanja in
Buffer overflow attacks are said to have arisen napadenemu računalniškemu sistemu pravzaprav
because the C programming language supplied the pošlje nova navodila, ki lahko, na primer, poškodujejo
framework, and poor programming practices supplied uporabniške datoteke, spremenijo podatke ali
the vulnerability. razkrijejo zaupne informacije. Do napadov s
prekoračitvijo medpomnilnika je prišlo, ker je
programski jezik C ustvaril okolje za to, slaba
programerska praksa pa je prispevala ranljivost.
Bulk data transfer Prenos velike količine A data recovery strategy that includes a recovery Strategija za obnovitev podatkov, ki vključuje
podatkov from complete backups that are physically shipped obnovitev iz popolnih varnostnih kopij, ki se enkrat
offsite once a week. tedensko fizično odpošljejo z mesta računalniškega
Scope Note: Specifically, logs are batched sistema.
electronically several times daily, and then loaded Opomba: Še posebej dnevniške datoteke se v paketih
into a tape library located at the same facility as the varnostno kopirajo nekajkrat na dan, nato pa se
planned recovery. naložijo v tračno knjižnico, ki je na istem mestu, od
koder je načrtovana obnovitev.
Bus Vodilo Common path or channel between hardware devices. Skupna pot ali kanal med napravami.
Scope Note: Can be located between components Opomba: Lahko je nameščeno med komponentami
internal to a computer or between external znotraj računalnika ali med zunanjimi računalniki v
computers in a communication network. komunikacijskem omrežju.

Bus configuration Konfiguracija vodil All devices (nodes) are linked along one Vse naprave (vozlišča) so povezane na en
communication line where transmissions are received komunikacijski vod, s katerega vsa vozlišča
by all attached nodes. pridobivajo prenose.
Scope Note: This architecture is reliable in very small Opomba: Ta arhitektura je zanesljiva v zelo majhnih
networks, as well as easy to use and understand. This omrežjih. Je tudi preprosta za uporabo in jo je lahko
configuration requires the least amount of cable to razumeti. Taka konfiguracija zahteva najmanj kablov
connect the computers together and, therefore, is za povezavo računalnikov in je zato cenejša od drugih
less expensive than other cabling arrangements. It is ožičenih različic. Preprosto jo je razširiti in dva kabla je
also easy to extend, and two cables can be easily mogoče hitro povezati s priključkom, tako da se kabel
joined with a connector to make a longer cable for podaljša in je v omrežje mogoče priključiti več
more computers to join the network. A repeater can računalnikov. Poleg tega je za razširitev konfiguracije
also be used to extend a bus configuration. vodil mogoče uporabiti tudi obnavljalnik.
Business balanced Poslovno uravnotežen A tool for managing organizational strategy that uses Orodje za upravljanje organizacijske strategije, ki
scorecard sistem kazalnikov weighted measures for the areas of financial uporablja tehtana merila za področja kazalnikov (z
performance (lag) indicators, internal operations, zamikom) finančne uspešnosti, notranje delovanje,
customer measurements, learning and growth (lead) meritve strank, ter (vodilnih) kazalnikov učenja in
indicators, combined to rate the enterprise rasti, s katerimi skupno ocenimo podjetje.
Business case Poslovni primer Documentation of the rationale for making a business Dokumentacija o upravičenosti poslovne naložbe, ki
investment, used both to support a business decision se uporablja tako za podporo poslovne odločitve o
on whether to proceed with the investment and as an tem, ali se z naložbo nadaljuje, pa tudi kot orodje za
operational tool to support management of the podporo upravljanju naložbe skozi njen celotni
investment through its full economic life cycle življenjski cikel.
Business continuity Neprekinjeno poslovanje Preventing, mitigating and recovering from disruption Preprečevanje, blaženje in vnovično vzpostavljanje po
Scope: The terms ‘business resumption planning’, motnji.
‘disaster recovery planning’ and ‘contingency Opomba: V tem kontekstu je mogoče uporabiti tudi
planning’ also may be used in this context; they focus pojme "načrtovanje nadaljnjega poslovanja podjetja",
on recovery aspects of continuity, and for that reason "načrtovanje obnovitve po katastrofi" in "načrtovanje
the ‘resilience’ aspect should also be taken into ukrepov ob nesrečah", saj se vsi osredotočajo na
account. vnovično vzpostavljanje neprekinjenosti. Tako je
mogoče upoštevati tudi vidike "odpornosti".
Business continuity plan Načrtovanje A plan used by an enterprise to respond to disruption Načrt, ki ga podjetje uporabi kot odgovor na motnjo v
(BCP) neprekinjenega poslovanja of critical business processes. Depends on the kritičnih poslovnih procesih. Odvisen je od načrta
(BCP) contingency plan for restoration of critical systems ukrepov za obnovo kritičnih sistemov.

Business control Nadzor poslovanja The policies, procedures, practices and organizational Politike, postopki, prakse in organizacijske strukture,
structures designed to provide reasonable assurance načrtovani tako, da omogočajo razumno zagotovilo,
that the business objectives will be achieved and da bodo poslovni cilji doseženi in da bodo nezaželeni
undesired events will be prevented or detected dogodki preprečeni ali odkriti.
Business dependency Ocena poslovne odvisnosti A process of identifying resources critical to the Postopek prepoznavanja sredstev, ki so kritična za
assessment operation of a business process delovanje poslovnega procesa.
Business function Poslovna funkcija An activity that an enterprise does, or needs to do, to Dejavnost, ki jo podjetje izvaja ali mora izvajati, da bi
achieve its objectives doseglo svoje cilje.
Business goal Poslovni cilj The translation of the enterprise's mission from a Prenos poslanstva podjetja od izjave o nameri do
statement of intention into performance targets and učinkovitih ciljev in rezultatov
results
Business impact Poslovni učinek The net effect, positive or negative, on the Pozitivni ali negativni neto učinek doseganja
achievement of business objectives poslovnih ciljev.
Business impact analysis Analiza poslovnih učinkov A process to determine the impact of losing the Postopek, s katerim opredelimo vpliv izgube podpore
(BIA) (BIA) support of any resource. katerega koli sredstva.
Scope Note: The BIA assessment study will establish Opomba: Študija, ocena BIA bo ugotovila, kako se bo
the escalation of that loss over time. It is predicated bo sčasoma stopnjevala izguba. Temelji na dejstvu, da
on the fact that senior management, when provided lahko višje poslovodstvo sprejme ustrezno odločitev,
reliable data to document the potential impact of a ko ima na voljo zanesljive podatke o morebitnem
lost resource, can make the appropriate decision. vplivu izgubljenega sredstva.
Business impact Analiza/ocena poslovnih Evaluating the criticality and sensitivity of information Ovrednotenje kritičnosti in občutljivosti informacijskih
analysis/assessment (BIA) učinkov (BIA) assets sredstev
An exercise that determines the impact of losing the Postopek, ki določa vpliv izgube podpore katerega koli
support of any resource to an enterprise, establishes sredstva v podjetju, ugotovi, kakšna bo sčasoma
the escalation of that loss over time, identifies the izguba, prepozna minimalne vire, potrebne
minimum resources needed to recover, and zaobnovitev, ter postavi prioritete v postopkih
prioritizes the recovery of processes and the obnovitve in sistemske podpore.
supporting system. Opomba: Ta proces naslavlja tudi: - Izgubo prihodka -
Scope Note: This process also includes addressing: Nepričakovane stroške - Pravne zadeve (skladnost s
‐Income loss ‐Unexpected expense ‐Legal issues predpisi ali pogodbenimi določili) - Soodvisne procese
(regulatory compliance or contractual) - Izgubo ugleda ali zaupanja javnosti
‐Interdependent processes ‐Loss of public reputation
or public confidence

Business interruption Prekinitev poslovanja Any event, whether anticipated (i.e., public service Kakršen koli dogodek, pričakovan (npr. stavka javnega
strike) or unanticipated (i.e., blackout) that disrupts sektorja) ali nepričakovan (npr. izpad elektrike), ki
the normal course of business operations at an ovira običajen potek delovnih postopkov v podjetju.
enterprise
Business Model for Poslovni model A holistic and business-oriented model that supports Celosten in poslovno orientiran model, ki podpira
Information Security informacijske varnosti enterprise governance and management information vodenje podjetja in upravljanje informacijske varnosti
(BMIS) (BMIS) security, and provides a common language for ter ustvarja skupen jezik za tiste, ki se ukvarjajo z
information security professionals and business informacijsko varnostjo in poslovodstvom.
management
Business objective Cilj poslovanja A further development of the business goals into Nadaljnji razvoj poslovnih ciljev v taktične cilje in
tactical targets and desired results and outcomes želene rezultate.
Business process Poslovni proces An inter‐related set of cross‐functional activities or Nabor medsebojno povezanih več-funkcijskih
events that result in the delivery of a specific product aktivnosti ali dogodkov, katerih rezultat je dobava
or service to a customer določenega izdelka ali storitve za stranko.
Business process control Nadzor poslovnega The policies, procedures, practices and organizational Politike, postopki, prakse in organizacijske strukture,
procesa structures designed to provide reasonable assurance načrtovane tako, da omogočajo smiselno zagotovilo,
that a business process will achieve its objectives. da bo poslovni postopek dosegel svoje cilje.
Business process integrity Integriteta poslovnega Controls over the business processes that are Nadzor nad postopki poslovnega procesa, ki jih
procesa supported by the enterprise resource planning system podpira sistem za načrtovanje virov v podjetju (ERP)
(ERP)
Business process owner Lastnik poslovnega The individual responsible for identifying process Oseba, odgovorna za prepoznavanja zahtev procesa,
procesa requirements, approving process design and odobritev poslovnega načrta in upravljanje
managing process performance. zmogljivosti procesa.
Scope Note: Must be at an appropriately high level in Opomba: Oseba mora biti dovolj visoko v hierarhiji
the enterprise and have authority to commit podjetja in mora imeti avtoriteto za dodeljevanje
resources to process‐specific risk management sredstev za tvegane poslovodneaktivnosti..
activities
Business process Prenova poslovnega The thorough analysis and significant redesign of Podrobna analiza in večjia prenova poslovnih
reengineering (BPR) procesa (BPR) business processes and management systems to procesov ter sistemov upravljanja, katerih rezultat je
establish a better performing structure, more zmogljivejša struktura, ki se hitreje odziva na
responsive to the customer base and market potrošniško bazo in tržne pogoje, pri tem pa še
conditions, while yielding material cost savings prihrani pri materialnih stroških.

Business risk Poslovno tveganje A probable situation with uncertain frequency and Verjetna situacija, za katero ne vemo, kdaj/kolikokrat
magnitude of loss (or gain) se bo pojavila in kakšno izgubo (ali dobiček) bo
povzročila
Business service provider Ponudnik poslovne An application service provider (ASP) that also Ponudnik programskih storitev (ASP), ki ponuja tudi
(BSP) storitve (BSP) provides outsourcing of business processes such as zunanje izvajanje poslovnih procesov, na primer
payment processing, sales order processing and obdelavo plačil, obdelavo naročil in razvoj programov.
application development
Business sponsor Poslovni sponzor The individual accountable for delivering the benefits Posameznik, ki prinaša v podjetje koristi in vrednosti
and value of an IT‐enabled business investment informacijsko podprtemu investicijskemu programu
program to the enterprise
Business‐to‐business Medpodjetniško Transactions in which the acquirer is an enterprise or Transakcije, pri katerih je kupec podjetje ali
poslovanje an individual operating in the ambits of his/her posameznik, ki deluje v okviru svoje profesionalne
professional activity. In this case, laws and regulations dejavnosti. V tem primeru se ne uporabljajo
related to consumer protection are not applicable. zakonodaja in predpisi, ki se nanašajo na zaščito
Scope Note: The contract’s general terms should be potrošnika.
communicated to the other party and specifically Opomba: Splošne pogodbene pogoje je treba
approved. Some companies require the other party to sporočiti drugi stranki, ki jih mora posebej odobriti.
fill out check‐boxes where there is a description such Nekatera podjetja od druge pogodbene stranke
as "I specifically approve the clauses" This is not zahtevajo, da obkljukajo okenca, označena z opisi tipa
convincing; the best solution is the adoption of a "Izrecno potrjujem ta določila". To ni prepričljivo -
digital signature scheme, which allows the approval of najbolje je uporabiti načrt digitalnih podpisov, ki
clauses and terms with the non‐ repudiation omogoča sprejetje pogojev in določil brez možnosti
condition. odklona.

Business‐to‐consumer Poslovanje s potrošniki Selling processes in which the involved parties are the Prodajni postopki, v katerih je ena od strank podjetje,
enterprise, which offers goods or services, and a ki ponuja izdelke ali storitve, druga pa potrošnik. V
consumer. In this case there is comprehensive tem primeru obstaja obsežna zakonodaja, ki varuje
legislation that protects the consumer. potrošnika.
Scope Note: Comprehensive legislation includes: Opomba: Podrobna zakonodaja vključuje: - kar zadeva
‐Regarding contracts established outside the pogodbe, sklenjene izven trgovčeve lastnine (na
merchant’s property (such as the right to end the primer pravica do prekinitve pogodbe s polnim
contract with full refund or the return policy for vračilom plačila ali blaga) - kar zadeva pogodbe na
goods) ‐Regarding distance contracts (such as rules daljavo (na primer pravila, ki določajo, kako mora biti
that establish how a contract should be written, pogodba napisana, posebne člene ter nujnost prenosa
specific clauses and the need to transmit to the pogodbe do potrošnika, ki jo mora odobriti) - kar
consumer and approve it) ‐Regarding electronic form zadeva elektronsko obliko pogodbe (na primer pri
of the contract (such as on the Internet, the possibility internetni prodaji možnost stranke, da zapusti
for the consumer to exit from the procedure without nakupni postopek, ne da bi se shranili njeni podatki)
having his/her data recorded)
Business‐to‐consumer e‐ Elektronsko poslovanje s Refers to the processes by which enterprises conduct Se nanaša na postopke, s katerimi podjetje
commerce (B2C) potrošniki (B2C) business electronically with their customers and/or elektronsko vodi poslovanje s svojimi strankami in/ali
public at large using the Internet as the enabling širšo javnostjo z uporabo interneta kot omogočitvene
technology tehnologije.
Bypass label processing Obhod obdelave oznake A technique of reading a computer file while Tehnika branja računalniške datoteke, pri kateri se
(BLP) (BLP) bypassing the internal file/data set label. This process obide notranjo oznako datoteke/podatkovnega
could result in bypassing of the security access control nabora. S tem postopkom je mogoče zaobiti
system. varnostno preverjanje dostopa v sistem.
Cadbury Cadbury The Committee on the Financial Aspects of Corporate Komisija za finančne vidike upravljanja podjetij, ki so
Governance, set up in May 1991 by the UK Financial jo maja 1991 ustanovili Svet VB za finančno
Reporting Council, the London Stock Exchange and poročanje, londonska borza in britansko združenje
the UK accountancy profession, was chaired by Sir računovodij. Predsedoval ji je Sir Adrian Cadbury in
Adrian Cadbury and produced a report on the subject ustvarila je poročilo, ki je v VB znano kot Cadburyjevo
commonly known in the UK as the Cadbury Report. poročilo.
Capability Zmogljivost An aptitude, competency or resource that an Sposobnot, zmožnost ali sredstvo, ki ga podjetje ima
enterprise may possess or require at an enterprise, ali zahteva od drugega podjetja, raven poslovne
business function or individual level that has the funkcije ali posameznika, ki ima zmožnost ali se
potential, or is required, to contribute to a business zahteva kot prispevek k poslovnemu rezultatu in za
outcome and to create value ustvarjanje vrednosti.

Capability Maturity Model Zrelostni model 1. Contains the essential elements of effective 1. Vsebuje bistvene elemente učinkovitih procesov za
(CMM) (zmogljivosti; CMM) processes for one or more disciplines eno ali več disciplin.
It also describes an evolutionary improvement path Opisuje tudi razvojno izboljšavo od idejnih, nezrelih
from ad hoc, immature processes to disciplined, procesov, do discipliniranih procesov z izboljšano
mature processes with improved quality and kakovostjo in učinkovitostjo.
effectiveness. 2. CMM programerskega inženirskega inštituta (SEI)
2. CMM for software, from the Software Engineering za programsko opremo je model, ki ga veliko podjetij
Institute (SEI), is a model used by many enterprises to uporablja za prepoznavanje najboljših praks in kot
identify best practices useful in helping them assess pomoč pri prepoznavanju in izboljšanju zrelosti
and increase the maturity of their software njihovega postopka za razvoj programske opreme.
development processes. Opomba: CMM razvršča podjetja za razvoj
Scope Note: CMM ranks software development programske opreme v hierarhijo petih ravni zrelostne
enterprises according to a hierarchy of five process stopnje. Razvojna okolja so na ravni razvrščena v
maturity levels. Each level ranks the development skladu s svojo zmožnostjo za proizvajanje kakovostne
environment according to its capability of producing programske opreme. Z vsako petih ravni je povezan
quality software. A set of standards is associated with nabor standardov. Standardi za prvo raven opisujejo
each of the five levels. The standards for level one najmanj zrel ali najbolj kaotičen proces, standardi za
describe the most immature or chaotic processes and peto raven pa najbolj zrel in najbolj kakovosten
the standards for level five describe the most mature proces. Model zrelosti, ki označuje stopnjo
or quality processes. A maturity model that indicates zanesljivosti, ki jo podjetje doseže pri uresničevanju
the degree of reliability or dependency the business želenih ciljev. Nabor navodil, ki jih lahko podjetje
can place on a process achieving the desired goals or upošteva, da pridobi večji nadzor nad svojim
objectives A collection of instructions that an razvojnim ciklom programske opreme.
enterprise can follow to gain better control over its
software development process
Capacity stress testing Stresno preizkušanje Testing an application with large quantities of data to Preizkušanje programa z velikimi količinami podatkov,
zmogljivosti evaluate its performance during peak periods. Also da se lahko ovrednoti njegova zmogljivost med
called volume testing konicami. Imenujemo ga tudi preizkušanje obsega.
Capital Odhodki/stroški za naložbe An expenditure that is recorded as an asset because it Izdatek, ki se beleži kot sredstvo, ker se pričakuje
expenditure/expense (CAPEX) is expected to benefit more than the current period. korist, da bo ustvarjala korist za več kot
(CAPEX) The asset is then depreciated or amortized over the tekočeobdobje. Sredstvo se nato odpisuje ali
expected useful life of the asset. amortizira v času dobe koristnosti sredstva.

Card swipe Čitalec magnetnih kartic A physical control technique that uses a secured card Tehnika fizičnega nadzora, ki uporablja varnostno
or ID to gain access to a highly sensitive location. kartico ali ID za pridobivanje dostopa do zelo
Scope Note: If built correctly, card swipes act as a občutljivega mesta.
preventive control over physical access to those Opomba: Če je pravilno izdelana, čitalec kartic deluje
sensitive locations. After a card has been swiped, the kot preventivni nadzor fizičnega dostopa do
application attached to the physical card swipe device občutljivih mest. Ko je kartica odčitana, v napravi
logs all card users who try to access the secured nameščeni program zabeleži vse uporabnike, ki
location. The card swipe device prevents skušajo dostopati do varovanega mesta. Naprava za
unauthorized access and logs all attempts to enter the odčitavanje kartic onemogoča nepooblaščen dostop
secured location. in beleži vse poskuse vstopa na zavarovano območje.
Cathode ray tube (CRT) Katodni zaslon (CRT) A vacuum tube that displays data by means of an Zaslon, ki deluje na podlagi fosforescentnega premaza
electron beam striking the screen, which is coated in elektronskega snopa v katodni cevi, ali naprava,
with suitable phosphor material or a device similar to podobna televizijskemu zaslonu, na kateri je mogoče
a television screen on which data can be displayed prikazati podatke.
Central processing unit Centralno procesna enota Computer hardware that houses the electronic Računalniška strojna oprema, v kateri so elektronska
(CPU) (CPE) circuits that control/direct all operations of the vezja, ki nadzorujejo/krmilijo vse operacije
computer system računalniškega sistema.
Centralized data Centralizirana obdelava Identified by one central processor and databases Tvorita jo en osrednji procesor in zbirke podatkov, ki
processing podatkov that form a distributed processing configuration so del konfiguracije porazdeljene obdelave podatkov.
Certificate (Certification) Overitelj (CA) A trusted third party that serves authentication Zaupanja vredna tretja oseba, ki preverja pristnost
authority (CA) infrastructures or enterprises and registers entities infrastrukture ali registrira in izdaja digitalna potrdila
and issues them certificates podjetjem.
Certificate revocation list Seznam preklicanih potrdil An instrument for checking the continued validity of Instrument za preverjanje stalne veljavnosti potrdil,
(CRL) (CRL) the certificates for which the certification authority za katere je odgovoren izdajatelj digitalnih potrdil
(CA) has responsibility. (CA).
Scope Note: The CRL details digital certificates that Opomba: Seznam preklicanih potrdil vsebuje
are no longer valid. The time gap between two podrobnosti o potrdilih, ki niso več veljavna. Zelo
updates is very critical and is also a risk in digital kritičen je časovni zamik med dvema posodobitvama
certificates verification. seznama, ki pomeni tudi tveganje pri preverjanju
digitalnih potrdil.

Certification practice Politika delovanja A detailed set of rules governing the certificate Podroben nabor pravil, ki urejajo delovanje overitelja.
statement (CPS) overitelja (CPS) authority's operations. It provides an understanding Podaja ključ za razumevanje vrednosti in zaupanja
of the value and trustworthiness of certificates issued certifikatov, ki jih izda določen overitelj (CA).
by a given certificate authority (CA). Opomba: V smislu kontrol v določenem podjetju je to
Scope Note: In terms of the controls that an metoda, ki jo podjetje uporablja za potrjevanje
enterprise observes, the method it uses to validate avtentičnosti prositelcev certifikatovin pričakovanja
the authenticity of certificate applicants and the CA's overitelja glede rabe certifikatov.
expectations of how its certificates may be used
Chain of custody Nadzorna veriga A legal principle regarding the validity and integrity of Pravni princip, ki zadeva veljavnost in integriteto
evidence. It requires accountability for anything that dokazov. Zahteva odgovornost za vse, kar bo
will be used as evidence in a legal proceeding to uporabljeno kot dokaz v pravnem postopku in je
ensure that it can be accounted for from the time it potreben, da zagotovi, da je mogoče dokazu slediti od
was collected until the time it is presented in a court takrat, ko je bil pridobljen, do takrat, ko bo
of law. predstavljen na sodišču.
Scope Note: Includes documentation as to who had Opomba: Vključuje dokumentacijo o tem, kdo je
access to the evidence and when, as well as the ability dostopal do dokazov in kdaj, lahko pa tudi dokazuje,
to identify evidence as being the exact item that was da je dokaz natanko tisti, ki je bil pridobljen in
recovered or tested. Lack of control over evidence can preizkušen. Če nad dokazi ni nadzora, jih lahko
lead to it being discredited. Chain of custody depends sodišče zavrže. Nadzorna veriga je odvisna od
on the ability to verify that evidence could not have možnosti preverjanja, da dokazov ni nihče spreminjal.
been tampered with. This is accomplished by sealing To je mogoče doseči s plombiranjem dokazov, tako da
off the evidence, so it cannot be changed, and jih ni mogoče spreminjati, in z izpolnjevanjem zapisov
providing a documentary record of custody to prove o hrambi, ki dokazujejo, da so bili dokazi ves čas pod
that the evidence was at all times under strict control strogim nadzorom in jih ni mogel nihče spreminjati.
and not subject to tampering.

Challenge/response token Žeton izziv/odziv A method of user authentication that is carried out Način za preverjanje pristnosti uporabnika, ki se izvaja
through use of the Challenge Handshake s protokolom CHAP.
Authentication Protocol (CHAP). Opomba: Ko se uporabnik skuša prijaviti v strežnik z
Scope Note: When a user tries to log into the server uporabo protokola CHAP, strežnik uporabniku pošlje
using CHAP, the server sends the user a "challenge," "izziv", ki je naključna vrednost. Uporabnik vnese
which is a random value. The user enters a password, geslo, ki se uporablja kot šifrirni ključ za šifriranje
which is used as an encryption key to encrypt the "izziva", in ga vrne strežniku. Steržnik pozna geslo.
"challenge" and return it to the server. The server is Zato šifrira vrednost "izziv" in jo primerja z vrednostjo,
aware of the password. It, therefore, encrypts the ki jo je dobil od uporabnika. Če se vrednosti ujemata,
"challenge" value and compares it with the value je uporabnik overjen. Dejavnost izziva/odziva se
received from the user. If the values match, the user nadaljuje ves čas seje, tako da je ta zaščitena pred
is authenticated. The challenge/response activity napadi z vdorom gesel. Poleg tega CHAP ni občutljiv
continues throughout the session and this protects na napade "posrednikov", saj je izziv naključna
the session from password sniffing attacks. In vrednost, ki se spreminja ob vsakem poskusu
addition, CHAP is not vulnerable to dostopa.
"man‐in‐the‐middle" attacks because the challenge
value is a random value that changes on each access
attempt.
Change management Upravljanje sprememb A holistic and proactive approach to managing the Celosten in proaktiven pristop k upravljanju prehodaiz
transition from a current to a desired organizational t obstoječega v želeno stanje organizacije, ki je
state, focusing specifically on the critical human or osredotočen še posebej na kritične človeške ali
"soft" elements of change. "mehke" elemente sprememb.
Scope Note: Includes activities such as culture change Opomba: Vključuje aktivnosti, kot so kulturne
(values, beliefs and attitudes), development of reward spremembe (vrednote, prepričanja in stališča), razvoj
systems (measures and appropriate incentives), sistemov za nagrajevanje (ukrepi in ustrezne
organizational design, stakeholder management, spodbude), organizacijsko načrtovanje, upravljanje
human resources (HR) policies and procedures, delničarjev, politiko in postopke človeških virov (HR),
executive coaching, change leadership training, team mentoriranje poslovodstva, spremembe v
building and communication planning and execution usposabljanju poslovodstva, krepitev povezav v timu,
načrtovanje in izvajanje komunikacij.
Channel service Kanalska storitvena Interfaces at the physical layer of the open systems Deluje kot vmesnik na fizični ravni modela OSI med
unit/digital service unit enota/digitalna storitvena interconnection (OSI) reference model, data terminal podatkovno terminalsko opremo (DTE) in podatkovno
(CSU/DSU) enota (CSU/DSU) equipment (DTE) to data circuit terminating terminalsko napravo (DCE) za komutirana podatkovna
equipment (DCE), for switched carrier networks omrežja.

Chargeback Porazdelitev stroškov The redistribution of expenditures to the units within Prerazporeditev stroškov po enotah podjetja, kjer so
a company that gave rise to them. nastali.
Scope Note: Chargeback is important because without Opomba: Porazdelitev stroškov je pomembna, ker se
such a policy, misleading views may be given as to the brez te politike lahko ustvarijo zavajajoči pogledi o
real profitability of a product or service because dejanski dobičkonostnosti produkta ali storitve, ker
certain key expenditures will be ignored or calculated bodo nekateri stroški zanemarjeni ali se bodo
according to an arbitrary formula. izračunali v skladu s poljubno formulo.
Check digit Preskusna števka A numeric value, which has been calculated Numerična vrednost, ki je matematično izračunana in
mathematically, is added to data to ensure that se doda podatkom, da se zagotovi, da prvotni podatki
original data have not been altered or that an niso bili spremenjeni, ali da je prišlo do nepravilnega,
incorrect, but valid match has occurred. vendar veljavnega ujemanja.
Scope Note: Check digit control is effective in Opomba: Kontrola s preskusno števko je učinkovita
detecting transposition and transcription errors. pri prepoznavanju napak pri prestavljanju in
prepisovanju.
Check digit verification Preverjanje preskusne A programmed edit or routine that detects Programirano urejanje ali rutina, ki zazna napake pri
(self‐checking digit) števke (samopreskusna transposition and transcription errors by calculating prestavljanju ali prepisovanju z izračunavanjem in
števka) and checking the check digit preverjanjem preskusne števke.
Checklist Kontrolni seznam A list of items that is used to verify the completeness Seznam elementov, ki se uporablja za pregled
of a task or goal. popolnosti opravila ali cilja.
Scope Note: Used in quality assurance (and in general, Opomba: Uporablja se pri zagotavljanju kakovosti (in
in information systems audit), to check process na splošno pri reviziji informacijskih sistemov) za
compliance, code standardization and error preverjanje ustreznosti procesov, standardizacijo
prevention, and other items for which consistency kode in preprečevanje napak ter drugih elementov,
processes or standards have been defined zaradi katerih so bili skladnost postopkov ali
standardi.
Checkpoint restart Postopki za vnovični zagon A point in a routine at which sufficient information Točka v rutini, na kateri je mogoče shraniti toliko
procedures s kontrolne točke can be stored to permit restarting the computation informacij, da je na mogoče izračunavanje ponovno
from that point zagnati od te točke.

Checksum Kontrolna vsota A mathematical value that is assigned to a file and Matematična vrednost, ki se dodeli datoteki in se
used to “test” the file at a later date to verify that the uporablja za "preizkus" datoteke nekoč pozneje, ko se
data contained in the file has not been maliciously preveri, da podatki, ki so v datoteki, niso bili
changed. zlonamerno spremenjeni.
Scope Note: A cryptographic checksum is created by Opomba: Kriptografska preskusna vsota se ustvari z
performing a complicated series of mathematical vrsto zapletenih matematičnih operacij (ki jo
operations (known as a cryptographic algorithm) that imenujemo kriptografski algoritem). Ta podatke v
translates the data in the file into a fixed string of datoteki pretvori v fiksen niz cifer, ki jih imenujemo
digits called a hash value, which is then used as the zgoščena vrednost, ta pa se uporabi kot kontrolna
checksum. Without knowing which cryptographic vsota. Če ne pozna kriptografskega algoritma, s
algorithm was used to create the hash value, it is katerim je bila ustvarjena zgoščena vrednost, je precej
highly unlikely that an unauthorized person would be neverjetno, da bi nepooblaščena oseba lahko
able to change data without inadvertently changing spremenila podatke, ne da bi nehote spremenila tudi
the corresponding checksum. Cryptographic ustrezno preskusno vsoto. Kriptografske preskusne
checksums are used in data transmission and data vsote se uporabljajo pri prenosu in shranjevanju
storage. Cryptographic checksums are also known as podatkov. Kriptografske preskusne vsote poznamo
message authentication codes, integrity check‐values, tudi kot kode za overjanje sporočil, vrednosti za
modification detection codes or message integrity preverjanje celovitosti sporočil, spreminjanje kod za
codes. zaznavanje ali kod celovitosti sporočil.
Chief executive officer Glavni izvršni direktor The highest ranking individual in an enterprise Najvišji direktor v podjetju
(CEO)
Chief financial officer Finančni direktor The individual primarily responsible for managing the Posameznik, odgovoren predvsem za upravljanje
(CFO) financial risk of an enterprise finančnega tveganja podjetja.
Chief information officer Direktor informatike The most senior official of the enterprise who is Najvišji uradnik v podjetju, ki je odgovoren za
(CIO) accountable for IT advocacy, aligning IT and business podporo IT, vzporejanje strategij IT in poslovnih
strategies, and planning, resourcing and managing the strategij, ter načrtovanje, razporejanje sredstev in
delivery of IT services, information and the dodeljevanje IT storitev, informiranje in razporejanje
deployment of associated human resources. povezanih človeških virov.
Scope Note: In some cases, the CIO role has been Opomba: V nekaterih primerih je vloga izvršnega
expanded to become the chief knowledge officer direktorja informatike razširjena na vlogo upravitelja
(CKO) who deals in knowledge, not just information. znanja, ki upravlja tudi z znanjem, ne le z
Also see chief technology officer (CTO). informacijami. Glejte tudi izvršni tehnični direktor.

Chief technology officer Tehnični direktor The individual who focuses on technical issues in an Posameznik, osredotočen na tehnična vprašanja v
(CTO) enterprise. podjetju.
Scope Note: Often viewed as synonymous with chief Opomba: Pogosto se ta izraz uporablja kot sinonim
information officer (CIO) izrazu izvršni direktor informatike.
Ciphertext Tajnopis Information generated by an encryption algorithm to Informacije, ki jih ustvari šifrirni algoritem za zaščito
protect the plaintext and that is unintelligible to the golega besedila, tako da to postane nerazumljivo za
unauthorized reader. nepooblaščenega bralca.
Circuit‐switched network Vodovno komutirano A data transmission service requiring the Storitev za prenos podatkov, ki zahteva vzpostavitev
omrežje (vodovno establishment of a circuit‐switched connection before komutirane zveze, preden je mogoče podatke
omrežje) data can be transferred from source data terminal prenesti iz izvorne podatkovne terminalne naprave
equipment (DTE) to a sink DTE. (DTE) v ponorno DTE.
Scope Note: A circuit‐switched data transmission Opomba: Komutirano omrežje za prenos podatkov
service uses a connection network. uporablja omrežne povezave.
Circular routing Krožno razpošiljanje In open systems architecture, circular routing is the V odprtih sistemskih arhitekturah je krožno
logical path of a message in a communication razpošiljanje logična pot sporočila v komunikacijskem
network based on a series of gates at the physical omrežju, ki temelji na vrsti prehodov na fizični ravni
network layer in the open systems interconnection omrežja v modelu OSI.
(OSI) model.
Cleartext Čisto besedilo Data that is not encrypted. Also known as plaintext. Podatki, ki niso šifrirani. Znano tudi kot golo besedilo.
Client‐server Odjemalec-strežnik A group of computers connected by a communication Skupina računalnikov, povezanih v komunikacijsko
network, in which the client is the requesting machine omrežje, v katerem je odjemalec računalnik, ki
and the server is the supplying machine. zahteva storitev, strežnik pa računalnik, ki jo ponuja.
Scope Note: Software is specialized at both ends. Opomba: Programska oprema je specializirana na
Processing may take place on either the client or the obeh straneh. Obdelava lahko poteka na odjemalcu
server, but it is transparent to the user. ali na strežniku, vendar je to uporabniku vidno.
Cluster controller Krmilnik gruče A communication terminal control hardware unit that Strojna komunikacijska krmilna enota, ki krmili večje
controls a number of computer terminals. število računalniških terminalov.
Scope Note: All messages are buffered by the Opomba: Vsa sporočila se naložijo v vmesnem
controller and then transmitted to the receiver. pomnilniku krmilnika in se nato prenesejo do
sprejemnika.

Coaxial cable Koaksialni kabel Composed of an insulated wire that runs through the Sestavljen je iz izolirane žice, ki poteka po sredini
middle of each cable, a second wire that surrounds vsakega kabla, druge žice, ki obdaja izolacijo prve žice
the insulation of the inner wire like a sheath, and the kot ovojnica, ter zunanje izolacije, ki ščiti drugo žico.
outer insulation which wraps the second wire. Opomba: Ima večjo prenosno zmogljivost kot
Scope Note: Has a greater transmission capacity than standardni kabel iz parice, vendar ima omejen doseg
standard twisted‐pair cables, but has a limited range učinkovitega prenosa.
of effective distance

COBIT COBIT 1. COBIT 5: Formerly known as Control Objectives for 1. COBIT 5: Prej znan kot Kontrolni cilji za
Information and related Technology (COBIT); now informacijsko in sorodno tehnologijo (COBIT), v peti
used only as the acronym in its fifth iteration. A različici se uporablja le v obliki kratice. Popoln,
complete, internationally accepted framework for mednarodno priznan okvir za vodenje in upravljanje
governing and managing enterprise information and informacij in tehnologije (IT) v podjetju, ki podpira
technology (IT) that supports enterprise executives vodstveno in upravljavsko raven podjetja pri njunem
and management in their definition and achievement določanju in doseganju poslovnih ciljev in s
of business goals and related IT goals. COBIT describes poslovnimi povezanih ciljev IT. COBIT opisuje pet
five principles and seven enablers that support principov in sedem omogočevalcev, ki podpirajo
enterprises in the development, implementation, and podjetja pri razvoju, uvajanju in neprekinjenem
continuous improvement and monitoring of good IT- izboljševanju ter nadzoru dobrih praks vodenja in
related governance and management practices. upravljanja IT.
Earlier versions of COBIT focused on control Prejšnje različice COBIT-a so se osredotočale na
objectives related to IT processes, management and kontrolne cilje, povezane s procesi IT, upravljanjem in
control of IT processes and IT governance aspects. nadzorom procesov IT in vidiki vodenja IT-ja. Sprejem
Adoption and use of the COBIT framework are in uporabo okvira COBIT podpirajo navodila rastoče
supported by guidance from a growing family of družine podpornih izdelkov (glejte
supporting products. (See www.isaca.org/cobit for www.isaca.org/cobit za več informacij).
more information.) 2. COBIT 4.1 in starejši: Uradno znan kot Kontrolni cilji
2. COBIT 4.1 and earlier: Formally known as Control za informacijsko in sorodno tehnologijo (COBIT).
Objectives for Information and related Technology Popoln, mednarodno priznan okvir procesov IT, ki
(COBIT). A complete, internationally accepted process podpira poslovno in IT vodstvo in upravljavce pri
framework for IT that supports business and IT opredeljevanju in doseganju poslovnih ciljev in
executives and management in their definition and sorodnih ciljev IT, tako da poskrbi za celosten model
achievement of business goals and related IT goals by vodenja, upravljanja, nadzora in zagotavljanja IT-ja.
providing a comprehensive IT governance, COBIT opisuje procese IT in povezane nadzorne cilje,
management, control and assurance model. COBIT smernice upravljanja (dejavnosti, zadolžitve,
describes IT processes and associated control odgovornosti in merila učinkovitosti) ter zrelostne
objectives, management guidelines (activities, modele. COBIT podpira vodstvo podjetja pri razvoju,
accountabilities, responsibilities and performance uvedbi neprestanem izboljševanju ter nadzoru dobrih
metrics) and maturity models. COBIT supports praks, povezanih z IT-jem.
enterprise management in the development, Sprejem in uporabo okvira COBIT podpirajo navodila
implementation, continuous improvement and za vodilne in upravljavce (navodilo sveta za vodenje
monitoring of good IT-related practices. IT, 2. izdaja), uvajalce vodenja IT (COBIT Quickstart, 2.
Adoption and use of the COBIT framework are izdaja; IT Governance Implementation Guide: Using
supported by guidance for executives and COBIT and Val IT, 2nd Edition; in COBIT Control
management (Board Briefing on IT Governance, 2nd Practices: Guidance to Achieve Control Objectives for
© 2012 ISACA All rights reserved. Edition), IT governance implementers
Page/Stran 37/180 (COBIT Successful IT Governance), ter strokovnjake
© 2012 ISACA. Vse pravice za dajanje
pridržane.
Quickstart, 2nd Edition; IT Governance zagotovil in revizijo IT (IT Assurance Guide Using

CoCo CoCo Criteria of Control, published by the Canadian Kriteriji nadzora, ki jih je kanadski inštitut
Institute of Chartered Accountants in 1995 pooblaščenih računovodij objavil leta 1995.
Code of ethics Etični kodeks A document designed to influence individual and Dokument, oblikovan za to, da vpliva na posamezno
organizational behavior of employees, by defining in organizacijsko vedenje zaposlenih z določitvijo
organizational values and the rules to be applied in vrednot organizacije in pravili, ki se uporabljajo v
certain situations. določenih primerih.
Scope: A code of ethics is adopted to assist those in Opomba: Etični kodeks se sprejme, da v podjetju
the enterprise called upon to make decisions pomaga tistim, ki odločajo, razumeti razliko med
understand the difference between 'right' and 'wrong' 'prav' in 'narobe' in uporabiti to razumevanje pri
and to apply this understanding to their decisions. njihovih odločitvah.
Coevolving Sorazvoj Originated as a biological term, refers to the way two Izvira iz biološke terminologije in se nanaša na način,
or more ecologically interdependent species become na katerega se lahko dva ali več ekološko neodvisnih
intertwined over time. vrst razvija soodvisno.
Scope Note: As these species adapt to their Opomba: Ko se vrste prilagajajo svojemu okolju, se
environment they also adapt to one another. Today’s prilagajajo tudi druga drugi. Današnja podjetja z več
multi‐business companies need to take their cue from dejavnostmi morajo za zgled vzeti biološke
biology to survive. They should assume that links zakonitosti, da lahko preživijo. Domnevati morajo, da
among businesses are temporary and that the so povezave med dejavnostmi začasne in da je
number of connections‐not just their content‐ pomembno tudi število povezav, ne le njihova
matters. Rather than plan collaborative strategy from vsebina. Namesto da bi načrtovale strategije
the top, as traditional companies do, corporate sodelovanja z vrha, kot to počnejo tradicionalna
executives in coevolving companies should simply set podjetja, mora vodstvo korporacije v podjetjih v
the context and let collaboration (and competition) sorazvoju vzpostaviti le kontekst, nato pa mora
emerge from business units. dovoliti, da se sodelovanje (in konkurenca) samo
razvije iz poslovnih enot.
Coherence Koherentnost Establishing a potent binding force and sense of Vzpostavitev močne povezanosti ter občutka za
direction and purpose for the enterprise, relating usmeritev in namen podjetja, ki povezujejo različne
different parts of the enterprise to each other and to dele podjetja med seboj in v celoto, da delujejo kot
the whole to act as a seemingly unique entity navidezno enotna entiteta.

Cohesion Kohezija The extent to which a system unit‐‐subroutine, Stopnja, do katere sistemska enota - podrutina,
program, module, component, subsystem‐‐performs program, modul, komponenta, podsistem - izvaja eno
a single dedicated function. samo namensko funkcijo.
Scope Note: Generally, the more cohesive the unit, Opomba: Na splošno velja, da bolj ko je enota
the easier it is to maintain and enhance a system kohezivna, lažje jo je vzdrževati in izboljševati sistem,
because it is easier to determine where and how to saj je lažje določiti, kje in kako karkoli spremeniti.
apply a change.
Cold site Hladna lokacija An IS backup facility that has the necessary electrical Nadomestni objekt za IS, opremljen s potrebnimi
and physical components of a computer facility, but električnimi in fizičnimi sestavinami računalniškega
does not have the computer equipment in place. objekta, ni pa opremljen z računalniki.
Scope Note: The site is ready to receive the necessary Opomba: Lokacija je opremljena tako, da lahko
replacement computer equipment in the event that sprejme potrebno nadomestno računalniško opremo,
the users have to move from their main computing če se morajo uporabniki preseliti z glavne
location to the alternative computer facility. računalniške lokacije na rezervno.
Combined Code on Kombinirani kodeks The consolidation in 1998 of the "Cadbury," Združitev 'Cadburyjevega', 'Greenburyjevega' in
Corporate Governance vodenja delniških družb "Greenbury" and "Hampel" Reports. 'Hampelovega' poročila iz leta 1998.
Scope Note: Named after the Committee Chairs, Opomba: Poročila so dobila imena po predsednikih
these reports were sponsored by the UK Financial komisij in so jih sponzorirali Svet VB za finančno
Reporting Council, the London Stock Exchange, the poročanje, Londonska borza, Zveza britanske
Confederation of British Industry, the Institute of industrije, Inštitut direktorjev, Posvetovalna komisija
Directors, the Consultative Committee of računovodskih organov, Nacionalna zveza
Accountancy Bodies, the National Association of pokojninskih skladov in Zveza britanskih zavarovalnic.
Pension Funds and the Association of British Insurers Z njimi so želeli nasloviti finančne vidike vodenja
to address the financial aspects of corporate delniških družb, povračila za direktorje ter uvajanje
governance, directors' remuneration and the Cadburyjevih in Greenburyjevih priporočil.
implementation of the Cadbury and Greenbury
recommendations.

Communication processor Komunikacijski procesor A computer embedded in a communications system Računalnik, vgrajen v komunikacijski sistem, ki
that generally performs the basic tasks of classifying navadno izvaja najbolj osnovna opravila razvrščanja
network traffic and enforcing network policy omrežnega prometa in izvajanja funkcij, skladnih z
functions. omrežno politiko.
Scope Note: An example is the message data Opomba: To je na primer procesor za obdelavo
processor of a defense digital network (DDN) podatkov v sporočilih v komutacijskem centru
switching center. More advanced communication obrambnega digitalnega omrežja. Naprednejši
processors may perform additional functions. komunikacijski procesorji lahko opravljajo še dodatne
funkcije.
Communications Komunikacijski krmilnik Small computers used to connect and coordinate Majhni računalniki, ki se uporabljajo za povezovanje
controller communication links between distributed or remote in usklajevanje komunikacijskih povezav med
devices and the main computer, thus freeing the main porazdeljenimi ali oddaljenimi napravami in glavnim
computer from this overhead function računalnikom, s čimer glavni računalnik razbremenijo
te skupne funkcije.

Community strings Skupni nizi Authenticate access to management information base Overjajo dostop do objektov v bazi upravljavskih
(MIB) objects and function as embedded passwords. informacij (MIB) in delujejo kot vgrajena gesla.
Scope Note: Examples are: ‐Read‐only (RO)‐Gives read Opomba: Zgledi: ‐ Samo za branje- Omogoča dostop
access to all objects in the MIB except the community za branje vseh objektov v MIB, razen skupnih nizov,
strings, but does not allow write access ‐Read‐write vendar ne dovoljuje pisanja ‐ Branje‐pisanje -
(RW) ‐Gives read and write access to all objects in the Omogoča dostop za branje in pisanje vseh objektov v
MIB, but does not allow access to the community MIB, vendar ne omogoča dostopa do skupnih nizov -
strings ‐Read‐write‐all ‐Gives read and write access to Branje-pisanje-vse ‐ Omogoča dostop za branje in
all objects in the MIB, including the community strings pisanje v MIB, vključno s skupnimi nizi (velja le za
(only valid for Catalyst 4000, 5000 and 6000 series stikala iz serij Catalyst 4000, 5000 in 6000 ) Skupni nizi
switches) Simple Network Management Protocol SNMP se pošljejo po omrežju kot čisto besedilo.
(SNMP) community strings are sent across the Najboljši način za zaščito naprave, ki temelji na
network in cleartext. The best way to protect an operacijskm sistemu, pred nepooblaščenim
operating system (OS) software‐based device from upravljanjem SNMP, je sestavljanje standardnega
unauthorized SNMP management is to build a seznama IP dostopov, ki vključuje izvorni naslov
standard IP access list that includes the source upravljavske postaje/postaj. Ustvariti je mogoče več
address of the management station(s). Multiple dostopovnih seznamov in jih vezati na različne skupne
access lists can be defined and tied to different nize. Če je omogočeno beleženje dogodkov v
community strings. If logging is enabled on the access dostopovni seznam, se vsakokrat, ko do naprave
list, then log messages are generated every time that dostopa upravljavska postaja, ustvari dnevniški zapis.
the device is accessed from the management station. V dnevniškem zapisu je tudi izvorni IP naslov paketa.
The log message records the source IP address of the
packet.
Comparison program Primerjalni program A program for the examination of data, using logical Program za pregledovanje podatkov z logičnimi ali
or conditional tests to determine or to identify pogojnimi preizkusi, s katerimi določimo ali
similarities or differences prepoznamo podobnosti ali razlike.
Compensating control Kompenzacijska An internal control that reduces the risk of an existing Notranja kontrola, ki zmanjšuje tveganje obstoječe ali
(nadomestna) kontrola or potential control weakness resulting in errors and možne šibkosti kontrole, ki lahko povzroči napake ali
omissions spreglede.
Competence Kompetenca, Sposobnost The ability to perform a specific task, action or Zmožnost za uspešno izvedbo določenega opravila,
function successfully. dejanja ali funkcije.

Competencies Kompetence (Sposobnosti) The strengths of an enterprise or what it does well. Močne strani podjetja oz. tisto, kar podjetje počne
Scope Note: Can refer to the knowledge, skills and dobro.
abilities of the assurance team or individuals Opomba: Nanaša se lahko na znanje, veščine in
conducting the work. sposobnosti ekipe, ki daje zagotovila, ali
posameznikov, ki izvajajo neko nalogo.
Compiler Prevajalnik A program that translates programming language Program, ki prevede programski jezik (izvorno kodo) v
(source code) into machine executable instructions strojno izvršljiva navodila (objektno kodo).
(object code)
Completely Automated Popolnoma avtomatiziran A type of challenge‐response test used in computing Način preizkusa izziv-odziv, ki se v računalništvu
Public Turing test to tell javni Turingov test za to ensure that the response is not generated by a uporablja za zagotavljanje, da odgovora ni ustvaril
Computers and Humans razločevanje računalnikov computer. An example is the site request for web site računalnik. Na primer, na spletni strani mora
Apart (CAPTCHA) in ljudi users to recognize and type a phrase posted using uporabnik spletne strani prepoznati in natipkati
various challenging‐to‐read fonts. besedo, frazo, prikazano v popačenih pisavah.
Completely connected Popolnoma povezana A network topology in which devices are connected Vrsta omrežja, v katerem so naprave povezane z več
(mesh) configuration (zankasta) konfiguracija with many redundant interconnections between podvojenimi povezavami med omrežnimi vozlišči
network nodes (primarily used for backbone (primarno se uporablja za hrbtenična omrežja).
networks)
Completeness check Preverjanje popolnosti A procedure designed to ensure that no fields are Postopek, načrtovan za zagotavljanje, da v zapisu ne
missing from a record manjkajo polja.
Compliance testing Preizkušanje skladnosti Tests of control designed to obtain audit evidence on Preizkusi kontrole, načrtovani za pridobitev
both the effectiveness of the controls and their revizijskega dokaza o učinkovitosti kontrole in njenem
operation during the audit period delovanju v revizijskem obdobju.

Component Komponenta A general term that is used to mean one part of Splošen izraz za nekaj, kar je del nečesa bolj
something more complex. zapletenega.
Scope Note: For example, a computer system may be Opomba: Na primer računalniški sistem je lahko
a component of an IT service, or an application may komponenta storitve IT; aplikacija je lahko
be a component of a release unit. Components are komponenta enote izdaje. Komponente so sodelujoči
co-operating packages of executable software that sestavni deli paketov izvršljive programske opreme, ki
make their services available through defined dajo svoje storitve na razpolago skozi določene
interfaces. Components used in developing systems vmesnike. Komponente, ki so v uporabi pri razvijanju
may be commercial off-the-shelf software (COTS) or sistemov, so lahko komercialna serijska programska
may be purposely built. However, the goal of oprema (COTS), lahko pa so razviti namensko. Vendar
component-based development is to ultimately use as pa je cilj komponentno usmerjenega razvoja uporaba
many pre-developed, pretested components as kar največ vnaprej razvitih, preizkušenih komponent.
possible.
Comprehensive audit Obširna revizija An audit designed to determine the accuracy of Revizija, pri kateri se ugotavljatočnost finančnih
financial records as well as to evaluate the internal zapisov ter ocenjujenotranje kontrole funkcije ali
controls of a function or department oddelka.
Computationally greedy Računalniško požrešen Requiring a great deal of computing power; processor Zahteva veliko računalniške zmogljivosti; procesorsko
intensive. intenziven.
Computer emergency (CERT) A group of people integrated at the enterprise with Skupina ljudi, oblikovana v podjetju, z jasno hierarhijo
response team (CERT) Skupina za ukrepanje ob clear lines of reporting and responsibilities for poročanja in odgovornosti za podporo v primeru
računalniških incidentih standby support in case of an information systems izrednega dogodka v zvezi z informacijskim sistemom.
emergency. This group will act as an efficient Ta skupina bo delovala kot učinkovita korektivna
corrective control, and should also act as a single kontrola in naj deluje tudi kot edina točka stika za vse
point of contact for all incidents and issues related to incidente in zadeve, ki se nanašajo na informacijski
information systems. sistem.

Computer forensics Računalniška forenzika The application of the scientific method to digital Uporaba znanstvene metode v digitalnih medijih za
media to establish factual information for judicial ugotavljanje dejanskih informacij za sodni pregled.
review. Opomba: Ta proces pogosto vključuje pregledovanje
Scope Note: This process often involves investigating računalniških sistemov in ugotavljanje, ali so (bili)
computer systems to determine whether they are or uporabljeni za nezakonita ali nepooblaščena dejanja.
have been used for illegal or unauthorized activities. Kot disciplina združuje elemente prava in računalniške
As a discipline, it combines elements of law and znanosti za zbiranje in analiziranje podatkov iz
computer science to collect and analyze data from informacijskih sistemov (npr. osebnih računalnikov,
information systems (e.g., personal computers, omrežij, brezžičnih komunikacij in digitalnih naprav za
networks, wireless communication and digital storage shranjevanje podatkov) na način, da so sprejemljivi
devices) in a way that is admissible as evidence in a kot dokaz na sodišču.
court of law.
Computer sequence Računalniško preverjanje Verifies that the control number follows sequentially Preverja, ali si kontrolna števila sledijo v zaporedju, in
checking zaporedij and that any control numbers out of sequence are da so vsa kontrolna števila, ki si ne, zavrnjena ali
rejected or noted on an exception report for further zabeležena v poročilo o izjemah, namenjeno za
research nadaljnjo raziskavo.
Computer server Računalniški strežnik 1. A computer dedicated to servicing requests for 1. Računalnik, namenjen posluževanju zahtev za
resources from other computers on a network. sredstva z drugih računalnikov v omrežju. Na
Servers typically run network operating systems. 2. A strežnikih navadno tečejo omrežni operacijski sistemi.
computer that provides services to another computer 2. Računalnik, ki zagotavlja storitve za drugi
(the client) računalnik (odjemalec).
Computer‐aided software Računalniško podprt The use of software packages that aid in the Uporaba programskih paketov, ki so v pomoč pri
engineering (CASE) programski inženiring development of all phases of an information system. razvoju vseh faz informacijskega sistema.
(CASE) Scope Note: System analysis, design programming Opomba: Zagotavlja sistemsko analizo, zasnovo
and documentation are provided. Changes introduced programiranja in dokumentacijo. Spremembe,
in one CASE chart will update all other related charts izvedene v enem diagramu CASE, bodo samodejno
automatically. CASE can be installed on a posodobile vse povezane diagrame. CASE je za lažjo
microcomputer for easy access. dostopnost mogoče namestiti na mikroračunalnik.
Computer‐assisted audit Računalniško podprta Any automated audit technique, such as generalized Vsaka avtomatizirana revizijska tehnika, na primer
technique (CAAT) revizijska tehnika (CAAT) audit software (GAS), test data generators, splošna revizijska programska oprema (GAS),
computerized audit programs and specialized audit generatorji testnih podatkov, računalniško podprti
utilities revizijski programi in specializirani revizijski
pripomočki.

Concurrency control Nadzor sočasnosti Refers to a class of controls used in a database Se nanaša na vrsto kontrol, ki se v sistemu za
(izvajanja transakcij) management system (DBMS) to ensure that upravljanje podatkovnih baz (DBMS) uporabljajo za
transactions are processed in an atomic, consistent, zagotavljanje, da se transakcije obdelujejo na
isolated and durable manner (ACID). This implies that atomarni, konsistenten, izoliran in trajnosten način
only serial and recoverable schedules are permitted, (ACID). To pomeni, da so dovoljeni le serijski in
and that committed transactions are not discarded obnovljivi urniki in da se zaključene transakcije ne
when undoing aborted transactions. zavržejo, ko se razveljavljajo prekinjene transakcije.
Concurrent access Hkratni dostop A fail‐over process, in which all nodes run the same Proces nadomestnega načina delovanja, pri katerem
resource group (there can be no [Internet Protocol] IP vsa vozlišča uporabljajo isto skupino virov (v skupini
or [mandatory access control] MAC address in a sočasnih virov ne more biti naslovov IP ali MAC) in
concurrent resource group) and access the external sočasno dostopajo do zunanjega pomnilnika.
storage concurrently
Confidentiality Zaupnost Preserving authorized restrictions on access and Ohranjanje pooblaščenih omejitev za dostop in
disclosure, including means for protecting privacy and razkritje, vključno s sredstvi za zaščito zasebnosti in
proprietary information lastniških informacij.
Configurable control Nastavljiva kontrola Typically, an automated control that is based on, and Navadno samodejna kontrola, ki temelji na in je zato
therefore dependent on, the configuration of odvisna od konfiguracije parametrov znotraj
parameters within the application system aplikacijskega sistema.
Configuration item (CI) Element konfiguracije (CI) Component of an infrastructure ‐ or an item, such as a Komponenta infrastrukture - ali element, na primer
request for change, associated with an zahteva za spremembo, povezana z infrastrukturo - ki
infrastructure‐which is (or is to be) under the control je (ali bo) pod nadzorom upravljanja konfiguracije.
of configuration management. Opomba: Elementi se lahko po zapletenosti, velikosti
Scope Note: May vary widely in complexity, size and in tipu zelo razlikujejo, od celotnega sistema (vključno
type, from an entire system (including all hardware, z vso strojno opremo, programsko opremo in
software and documentation) to a single module or a dokumentacijo) pa do posamičnega modula ali
minor hardware component manjše strojne komponente.
Configuration Upravljanje konfiguracije The control of changes to a set of configuration items Nadzor sprememb nad naborom elementov
management over a system life cycle konfiguracije skozi življenjsko dobo sistema.
Console log Dnevnik konzole An automated detail report of computer system Samodejno podrobno poročilo o aktivnostih
activity računalniškega sistema.
Consulted Posvetovan In a RACI (responsible, accountable, consulted, V preglednici ZOPS (Zadolžen, Odgovoren,
informed) chart, refers to those people whose Posvetovan, Seznanjen) se nanaša na tiste ljudi,
opinions are sought on an activity (two‐way katerih mnenje o določeni dejavnosti se išče
communication) (dvosmerna komunikacija)

Content filtering Filtriranje vsebine Controlling access to a network by analyzing the Nadzor dostopa do omrežja z analizo vsebine
contents of the incoming and outgoing packets and prihajajočih in odhajajočih paketov, ki jih ali spusti
either letting them pass or denying them based on a skozi ali jih zavrne glede na seznam pravil.
list of rules. Opomba: Od filtriranja paketov se razlikuje po tem, da
Scope Note: Differs from packet filtering in that it is se analizira podatke v paketu in ne atribute samega
the data in the packet that are analyzed instead of the paketa (npr. oznake izvornega/ciljnega naslova IP,
attributes of the packet itself (e.g., source/target IP zastavice (flags) protokola za prenos [TCP])
address, transmission control protocol [TCP] flags)
Context Kontekst The overall set of internal and external factors that Celoten nabor notranjih in zunanjih faktorjev, ki
might influence or determine how an enterprise, določajo ali imajo lahko vpliv na to, kako delujejo
entity, process or individual acts podjetje, entiteta, proces ali posameznik.
Scope: Context includes:- technology context Opomba: V kontekst sodijo:
(technological factors that affect an enterprise's
ability to extract value from data) - tehnološki kontekst (tehnološki faktorji, ki vplivajo
- data context (data accuracy, availability, currency na zmožnost podjetja, da pridobi vrednost iz
and quality) podatkov),
- skills and knowledge (general experience and
analytical, technical and business skills), - podatkovni kontekst (natančnost, razpoložljivost,
- organizational and cultural context (political factors ažurnost in kakovost podatkov),
and whether the enterprise prefers data to intuition)
- spretnosti in znanje (splošne izkušnje ter analitične,
- strategic context (strategic objectives of the tehnične in poslovne spretnosti),
enterprise)
- organizacijski in kulturni kontekst (politični faktorji in
ali podjetje daje prednost podatkom ali intuiciji),
- strateški kontekst (strateški cilji podjetja).

Contingency plan Načrt ukrepov ob A plan used by an enterprise or business unit to Načrt, ki ga podjetje ali poslovna enota uporabi za
nepredvidenih dogodkih respond to a specific systems failure or disruption odziv v primeru specifične sistemske napake ali
motnje.
Contingency planning Načrtovanje ukrepov ob Process of developing advance arrangements and Proces vnaprejšnjega razvijanja ukrepov in postopkov,
nepredvidenih dogodkih procedures that enable an enterprise to respond to ki podjetju omogočajo odziv na dogodek, ki se lahko
an event that could occur by chance or unforeseen zgodi naključno, ali kot posledica nepredvidenih
circumstances. okoliščin.

Continuity Neprekinjenost Preventing, mitigating and recovering from Preprečevanje, blaženje in obnova po motnji.
disruption. Opomba: V tem kontekstu je mogoče uporabiti tudi
Scope Note: The terms "business resumption pojme "načrtovanje nadaljnjega poslovanja podjetja",
planning," "disaster recovery planning" and "načrtovanje obnovitve po katastrofi" in "načrtovanje
"contingency planning" also may be used in this ukrepov ob nepredvidenih dogodkih", saj se vsi
context; they all concentrate on the recovery aspects osredotočajo na vnovično vzpostavljanje
of continuity. neprekinjenosti.
Continuous auditing i Pristop neprekinjenega This approach allows IS auditors to monitor system Pristop, ki omogoča revizorjem IS neprekinjen nadzor
approach revidiranja reliability on a continuous basis and to gather nad zanesljivostjo sistema in zbiranje izbranih
selective audit evidence through the computer. revizijskih dokazov prek računalnika.
Continuous availability Neprekinjena Nonstop service, with no lapse in service; the highest Stalna storitev brez prekinitev, najvišja stopnja
razpoložljivost level of service in which no downtime is allowed storitve, pri kateri izpad ni dovoljen.
Continuous improvement Stalno izboljševanje The goals of continuous improvement (Kaizen) Cilji stalnih izboljšav (Kaizen) vključujejo odpravljanje
include the elimination of waste, defined as "activities potratnosti, opredeljene kot "dejavnosti, ki prinašajo
that add cost, but do not add value;" just‐in‐time (JIT) stroške in ne prinašajo vrednosti", " dobavo ravno v
delivery; production load leveling of amounts and pravem času (JIT)"; izravnavanje proizvodne
types; standardized work; paced moving lines; and obremenitve po količini in vrsti; standardizirano delo;
right‐sized equipment. premikanje linij v tempu; in pravilno dimenzionirano
Scope Note: A closer definition of the Japanese usage opremo.
of Kaizen is "to take it apart and put it back together Opomba: Natančnejša definicija japonskega izraza
in a better way." What is taken apart is usually a Kaizen je "razstaviti in sestaviti nazaj na boljši način".
process, system, product or service. Kaizen is a daily Navadno se razstavi postopek, sistem, izdelek ali
activity whose purpose goes beyond improvement. It storitev. Kaizen je vsakodnevna aktivnost, katere cilj
is also a process that, when done correctly, presega izboljšave. Je tudi proces, znotraj katerega, če
humanizes the workplace, eliminates hard work (both je izpeljan pravilno, postaja delovno okolje prijaznejše
mental and physical), and teaches people how to do inse ukinja trdo delo (psihično in fizično). Ljudje se
rapid experiments using the scientific method and znotraj procesa naučijo, kako izpeljati hitre poskuse z
how to learn to see and eliminate waste in business znanstveno metodo ter kako se naučiti videti in
processes. odpravljati potratnost v poslovnem procesu.

Control Nadzor The means of managing risk, including policies, Način za upravljanje tveganja, vključno s politikami,
procedures, guidelines, practices or organizational postopki, smernicami, prakso in organizacijsko
structures, which can be of an administrative, strukturo, ki so lahko administrativne, tehnične,
technical, management, or legal nature. upravne ali pravne narave.
Scope: Also used as a synonym for safeguard or Opomba: Uporablja se tudi kot sinonim za varovalo ali
countermeasure. protiukrep.
See also Internal control. Glejte tudi Notranji nadzor
Control center Nadzorno središče Hosts the recovery meetings where disaster recovery Gosti sestanke za obnavljanje, na katerih se upravlja
operations are managed dejavnosti za okrevanja po katastrofi.
Control framework Nadzorni okvir A set of fundamental controls that facilitates the Nabor temeljnih kontrol, ki olajšajo izvrševanje
discharge of business process owner responsibilities odgovornosti lastnika poslovnega procesa, da se
to prevent financial or information loss in an prepreči finančna izguba ali izguba informacij v
enterprise podjetju.
Control group Nadzorna skupina Members of the operations area who are responsible Člani operativnega področja, ki so odgovorni za
for the collection, logging and submission of input for zbiranje, beleženje in predložitev vhodnih podatkov
the various user groups za različne uporabniške skupine.
Control objective Cilj nadzora A statement of the desired result or purpose to be Navedba o želenem rezultatu ali namenu, ki se ga želi
achieved by implementing control procedures in a dosečil z uvajanjem nadzornih postopkov v
particular process določenem procesu.
Control Objectives for Cilji nadzora za vodstvo A discussion document that sets out an "enterprise Dokument za razpravo, ki določa "model vodenja
Enterprise Governance podjetja governance model" focusing strongly on both the podjetju", pri čemer se osredotoča tako na poslovne
enterprise business goals and the information cilje podjetja kot na elemente informacijske
technology enablers that facilitate good enterprise tehnologije, ki omogočajo dobro vodenje podjetja.
governance, published by the Information Systems Dokument je leta 1999 objavila fundacija za revizijo in
Audit and Control Foundation in 1999. nadzor informacijskih sistemov.
Control perimeter Meje nadzora The boundary defining the scope of control authority Meje, ki opredeljujejo doseg pristojnosti nadzora za
for an entity. entiteto.
Scope Note: For example, if a system is within the Opomba: Na primer, če je sistem znotraj meja
control perimeter, the right and ability exist to control nadzora, obstajata pravica in zmožnost, da ga
it in response to an attack. obvladujemo ob odzivu na napad.
Control practice Nadzorna praksa Key control mechanism that supports the Ključni mehanizem nadzora, ki podpira doseganje
achievement of control objectives through ciljev nadzora prek odgovorne rabe sredstev,
responsible use of resources, appropriate ustreznega upravljanja tveganja in v usklajenosti IT-ja
management of risk and alignment of IT with business s potrebami poslovanja.

Control risk Tveganje pri nadzoru The risk that a material error exists that would not be Tveganje, da obstaja materialna napaka, ki je sistem
prevented or detected on a timely basis by the system notranjih kontrol ne more preprečiti ali pravočasno
of internal controls (See Inherent risk) zaznati (glej tudi Inherentno tveganje)
Control risk self‐ Samoocena tveganja pri A method/process by which management and staff of Metoda/proces, s katerim poslovodstvo in osebje na
assessment nadzoru all levels collectively identify and evaluate risk and vseh ravneh skupaj prepoznavajo in vrednotijo
controls with their business areas. This may be under tveganje in nadzor za svoja poslovna področja. Ta
the guidance of a facilitator such as an auditor or risk lahko poteka pod vodstvomusmerjevalca, na primer
manager. revizorja ali upravitelja tveganja.
Control section Nadzorna enota The area of the central processing unit (CPU) that Del centralno-procesne enote (CPE), ki izvaja
executes software, allocates internal memory and program, dodeljuje notranji pomnilnik in prenaša
transfers operations between the arithmetic‐logic, operacije med aritmetično-logičnim delom, notranjim
internal storage and output sections of the computer pomnilnikom in izhodiračunalniške naprave.
Control weakness Šibkost nadzora A deficiency in the design or operation of a control Pomanjkljivost v zasnovi ali delovanju nadzornega
procedure. Control weaknesses can potentially result postopka. Šibkosti nadzora lahko pomenijo, da
in risk relevant to the area of activity not being tveganja, ki se nanašajo na določeno področje
reduced to an acceptable level (relevant risk dejavnosti, ne bodo zmanjšana na sprejemljivo raven
threatens achievement of the objectives relevant to (pomembno tveganje ogroža doseganje ciljev, ki se
the area of activity being examined). Control nanašajo na nadzorovano področje dejavnosti).
weaknesses can be material when the design or Šibkost nadzora je lahko materialna, če zasnova ali
operation of one or more control procedures does delovanje enega ali več nadzornih postopkov ne
not reduce to a relatively low level the risk that zmanjša na dovolj nizko raven tveganja, da se bodo
misstatements caused by illegal acts or irregularities pojavile napačne navedbe kot posledica nezakonitih
may occur and not be detected by the related control dejanj ali da se pojavijo nepravilnosti, ki jih povezani
procedures. nadzorni postopki ne bodo zaznali.
Controls Kontrole . .
Scope Note: See Internal control. Opomba: Glejte Notranji nadzor

Cookie Piškotek A message kept in the web browser for the purpose Sporočilo, ki ga hrani spletni brskalnik, da so lahko
of identifying users and possibly preparing uporabniki ob naslednjem obisku prepoznani in da se
customized web pages for them. zanje morebiti celo pripravi osebno prilagojene
Scope Note: The first time a cookie is set, a user may spletne strani.
be required to go through a registration process. Opomba: Prvič, ko se vzpostavi piškotek, bo
Subsequent to this, whenever the cookie's message is uporabnik morda moral skozi postopek registracije.
sent to the server, a customized view based on that Ko se v nadaljevanju sporočilo piškotka pošlje
user's preferences can be produced. The browser's strežniku, je mogoče ustvariti prikaz, prilagojen
implementation of cookies has, however, brought uporabnikovim željam. Vendar pa je implementacija
several security concerns, allowing breaches of piškotkov v spletne brskalnike prineslo več varnostnih
security and the theft of personal information (e.g., vprašanj, ki so omogočile varnostne kršitve in krajo
user passwords that validate the user identity and osebnih informacij (npr. uporabniških gesel, ki
enable restricted web services). overjajo identiteto uporabnika in omogočajo omejen
dostop do spletnih storitev).
Corporate exchange rate Podjetniški menjalni tečaj An exchange rate that can be used optionally to Menjalni tečaj, ki ga je mogoče uporabiti opcijsko za
perform foreign currency conversion. The corporate pretvorbo med valutami. Podjetniški menjalni tečaj je
exchange rate is generally a standard market rate navadno standarden tržni tečaj, ki ga določi višje
determined by senior financial management for use finančno poslovodstvo za uporabo v celotnem
throughout the enterprise. podjetju.
Corporate governance Vodenje podjetij The system by which enterprises are directed and Sistem, po katerem se podjetja usmerja in nadzoruje.
controlled. The board of directors is responsible for Za vodenje podjetja je odgovoren upravni odbor.
the governance of their enterprise. It consists of the Sestavljajo ga vodstvo ter organizacijskie strukture in
leadership and organizational structures and procesi, ki zagotavljajo, da podjetje vzdržuje in razširja
processes that ensure the enterprise sustains and strategije in cilje.
extends strategies and objectives.
Corporate security officer Vodja varovanja Responsible for coordinating the planning, Odgovoren za koordiniranje načrtovanja, razvoja,
(CSO) development, implementation, maintenance and uvajanja, vzdrževanja in nadzora programavarovanja
monitoring of the information security program informacij.
Corrective control Popravna kontrola Designed to correct errors, omissions and Zasnovana za popravljanje napak, opustitev,
unauthorized uses and intrusions, once they are nepooblaščene rabe in vdorov, potem ko so zaznani.
detected

COSO COSO Committee of Sponsoring Organizations of the Committee of Sponsoring Organizations of the
Treadway Commission. Treadway Commission.
Scope Note: Its 1992 report "Internal Opomba: Poročilo komisije iz leta 1992 "Notranji
Control‐‐Integrated Framework" is an internationally nadzor - integrirani okvir" je mednarodno priznan
accepted standard for corporate governance. See standard za vodenje podjetja. Glej www.coso.org.
www.coso.org.
Countermeasure Protiukrep Any process that directly reduces a threat or Kateri koli proces, ki neposredno zmanjša grožnjo ali
vulnerability ranljivost.
Coupling Sklopljenost Measure of interconnectivity among structure of Mera medsebojne povezanosti v strukturi programske
software programs. Coupling depends on the opreme. Sklopljenost je odvisna od kompleksnosti
interface complexity between modules. This can be vmesnika med moduli. To je mogoče opredeliti kot
defined as the point at which entry or reference is točko, na kateri se izvedeta vnos ali sklic na modul in
made to a module, and what data pass across the določi, kakšni podatki gredo skozi vmesnik.
interface. Opomba: V načrtovanju aplikativne programske
Scope Note: In application software design, it is opreme se je priporočljivo truditi za kar najmanjšo
preferable to strive for the lowest possible coupling sklopljenost med moduli. Preprosta povezanost
between modules. Simple connectivity among medmoduli da programsko opremo, ki je bolj
modules results in software that is easier to razumljiva in jo je lažje vzdrževati ter ni toliko
understand and maintain and is less prone to a ripple nagnjena k stranskim ali učinku rušenja domin, ki se
or domino effect caused when errors occur at one pojavi, ko se napake iz enega mesta razširijo skozi
location and propagate through the system. celoten sistem.
Coverage Kritje The proportion of known attacks detected by an Delež znanih napadov, ki jih zazna sistem za
intrusion detection system (IDS) zaznavanje vdorov (IDS).
Crack Skrekati To "break into" or "get around" a software program. "Vdreti v" ali "zaobiti" programsko opremo.
Scope Note: For example, there are certain Opomba: Obstaja na primer nekaj novičarskih skupin,
newsgroups that post serial numbers for pirated ki objavljajo serijske številke za piratske različice
versions of software. A cracker may download this programske opreme. Kreker lahko informacije
information in an attempt to crack the program so prenese k sebi ter poskusi skrekati program, da ga
he/she can use it. It is commonly used in the case of lahko uporablja. Pogosto se uporablja v primeru
cracking (unencrypting) a password or other sensitive krekanja (dešifriranja) gesel ali drugi varnostno
data. občutljivih podatkov.

Credentialed analysis Analiza pooblaščenosti In vulnerability analysis, passive monitoring Pri analizi ranljivosti so to pristopi pasivnega
approaches in which passwords or other access spremljanja, pri katerih se zahteva gesla ali druge
credentials are required. poverilnice
Scope Note: Usually involves accessing a system data Opomba: Navadno vključuje dostop do objekta
object sistemskih podatkov.
Criteria Merila The standards and benchmarks used to measure and Standardi in primerjave, ki se uporabljajo za merjenje
present the subject matter and against which an IS in predstavitev zadeve in jih revizior IS uporabi za
auditor evaluates the subject matter. ovrednotenje zadeve.
Scope Note: Criteria should be: Objective‐‐free from Opomba: Merila morajo biti: Objektivna -
bias, Measurable‐‐provide for consistent nepristranska; Merljiva - morajo dati konsistentne
measurement, Complete‐‐include all relevant factors rezultate; Popolna - vključevati morajo vse relevantne
to reach a conclusion, Relevant‐‐relate to the subject faktorje, ki vodijo do sklepa; Relevantna - morajo se
matter In an attestation engagement, benchmarks nanašati na zadevo. V nalogah potrjevanja so to
against which management's written assertion on the primerjalne meritve,nasproti katerim je moč preveriti
subject matter can be evaluated. The practitioner pisne trditve vodstva glede zadeve Izvajalec pride do
forms a conclusion concerning subject matter by zaključka o zadevi na podlagi primerjave z ustreznimi
referring to suitable criteria. meril.i
Critical functions Kritične funkcije Business activities or information that could not be Poslovne aktivnosti ali informacije, ki ne morejo biti
interrupted or unavailable for several business days prekinjene ali nerazpoložljive več delovnih dni, ne da
without significantly jeopardizing operation of the bi to resno ogrozilo delovanje podjetja.
enterprise
Critical infrastructure Kritična infrastruktura Systems whose incapacity or destruction would have Sistemi, katerih nedelovanje ali uničenje bi oslabilo
a debilitating effect on the economic security of an ekonomsko varnost podjetja, skupnosti ali naroda.
enterprise, community or nation.
Critical success factor (CSF) Ključni dejavnik uspeha The most important issue or action for management Najpomembnejša zadeva ali ukrepanje poslovodstva,
(CSF) to achieve control over and within its IT processes s katerim pridobi nadzor nad postopki IT in znotraj
njih
Criticality analysis Analiza kritičnosti An analysis to evaluate resources or business Analiza s katero se ovrednoti sredstva ali poslovne
functions to identify their importance to the funkcije, da se ufotovi njihova pomembnost za
enterprise, and the impact if a function cannot be podjetje, ter njihov vpliv, če funkcija ne more biti
completed or a resource is not available izpeljana ali sredstvo ni na razpolago.

Cross‐certification Navzkrižno certificiranje A certificate issued by one certificate authority (CA) to Certifikat, ki ga izda overitelj (CA) drugemu CA-ju, tako
a second CA so that users of the first certification da lahko uporabniki prvega CA-ja pridobijo javni ključ
authority are able to obtain the public key of the drugega CA-ja in preverijo certifikate, ki jih je ta izdal.
second CA and verify the certificates it has created. Opomba: Pogosto se nanaša na certifikate, ki jih drug
Scope Note: Often refers to certificates issued to each drugemu izdata CA-ja na isti hierarhični ravni.
other by two CAs at the same level in a hierarchy
Cross‐site request forgery Potvarjanje zahtevkov med A type of malicious exploit of a web site whereby Vrsta zlonamernega izkoriščanja spletne strani, s
(CSRF) stranmi (CSRF) unauthorized commands are transmitted from a user katerim so od uporabnika, ki mu spletna stran zaupa,
that the web site trusts (also known as a one‐click preneseni nedovoljeni ukazi (znan tudi kot napad z
attack or session riding); acronym pronounced enim klikom ali jezdenje na seji); angleška kratica se
"sea‐surf" izgovarja kot "sea-surf" - "jezdenje na valu".
Cryptography Kriptografija The art of designing, analyzing and attacking Umetnost snovanja, analiziranja in napadanja
cryptographic schemes kriptografskih shem
Culture Kultura A pattern of behaviors, beliefs, assumptions, attitudes Vzorec vedenja, prepričanj, domnev, odnosov in
and ways of doing things načinov delovanja.
Customer relationship Upravljanje odnosov s A way to identify, acquire and retain customers. CRM Način za prepoznavanje, pridobivanje in zadrževanje
management (CRM) strankami(CRM) is also an industry term for software solutions that strank. CRM se v branži uporablja tudi kot ime za
help an enterprise manage customer relationships in programske rešitve, ki podjetju pomagajo na
an organized manner. organiziran način upravljati odnose s strankami.
Cybercop Spletni kriminalist An investigator of activities related to computer crime Preiskovalec dejavnosti, povezanih z računalniškim
kriminalom.
Damage evaluation Ocena škode The determination of the extent of damage that is Določitev obsega škode, ki je potrebna zaradi ocene
necessary to provide for an estimation of the recovery časovnega okvira za obnovitev in ocene morebitne
time frame and the potential loss to the enterprise izgube za podjetje.
Dashboard Nadzorna plošča A tool for setting expectations for an enterprise at Orodje za določanje pričakovanj podjetja na vsaki
each level of responsibility and continuous monitoring ravni odgovornosti ter za neprekinjen nadzor
of the performance against set targets uspešnosti glede na zastavljene cilje.

Data analysis Podatkovna analiza Typically in large enterprises in which the amount of Navadno v uporabi v velikih podjetjih, kjer sistem za
data processed by the enterprise resource planning načrtovanje virov podjetja (ERP) obdeluje ogromno
(ERP) system is extremely voluminous, analysis of količino podatkov. Analiza vzorcev in trendov je zelo
patterns and trends proves to be extremely useful in koristna pri ugotavljanju uspešnosti in učinkovitosti
ascertaining the efficiency and effectiveness of delovanja.
operations. Opomba: Večina sistemov ERP omogoča izločanje in
Scope Note: Most ERP systems provide opportunities analizo podatkov z orodji, ki jih razvijejo neodvisni
for extraction and analysis of data (some with built‐in razvijalci in se vgradijo v sisteme ERP. Nekateri sistemi
tools) through the use of tools developed by third ERP imajo ta orodja že vgrajena.
parties that interface with the ERP systems.
Data classification Razvrstitev podatkov The assignment of a level of sensitivity to data (or Dodeljevanje stopnje občutljivosti podatkom (ali
information) that results in the specification of informacijam), kar je osnova za določitev kontrol za
controls for each level of classification. Levels of vsako stopnjo. Stopnje občutljivosti podatkov se
sensitivity of data are assigned according to dodelijo v skladu z vnaprej opredeljenimi
predefined categories as data are created, amended, kategorijami, ko se podatki ustvarjajo, popravljajo,
enhanced, stored or transmitted. The classification izboljšujejo, shranjujejo ali prenašajo. Stopnja
level is an indication of the value or importance of the razvrstitve pomeni vrednost ali pomembnost podatka
data to the enterprise. za podjetje.
Data classification scheme Shema razvrstitve An enterprise scheme for classifying data by factors Shema podjetja za razvrstitev podatkov v skladu s
podatkov such as criticality, sensitivity and ownership faktorji, kot so kritičnost, občutljivost in lastništvo.
Data communications Podatkovne komunikacije The transfer of data between separate computer Prenos podatkov med različnimi računalniškimi
processing sites/devices using telephone lines, centri/napravami z uporabo telefonskih linij,
microwave and/or satellite links mikrovalov in/ali satelitskih povezav.
Data custodian Skrbnik podatkov The individual(s) and department(s) responsible for Posameznik(-i) in oddelek(-lki), odgovorni za
the storage and safeguarding of computerized data shranjevanje in varovanje računalniških podatkov.

Data dictionary Slovar podatkov A database that contains the name, type, range of Podatkovna zbirka, ki vključuje ime, vrsto, razpon
values, source and authorization for access for each vrednosti, vir in pooblastila za dostop za vsak
data element in a database. It also indicates which podatkovni element v podatkovni zbirki. Vključuje
application programs use those data so that when a tudi podatke o tem, kateri programi uporabljajo
data structure is contemplated, a list of the affected katere podatke, tako da je pri obravnavanju
programs can be generated. podatkovne strukture mogoče sestaviti seznam
Scope Note: May be a stand‐alone information programov, na katere obravnava vpliva.
system used for management or documentation Opomba: Lahko je samostojen informacijski sistem, ki
purposes, or it may control the operation of a se uporablja za poslovodenje ali dokumentacijo, ali pa
database nadzoruje delovanje podatkovne zbirke.
Data diddling Kvarjenje podatkov Changing data with malicious intent before or during Zlonamerno spreminjanje podatkov pred ali med
input into the system vnosom v sistem.
Data Encryption Standard DES An algorithm for encoding binary data. Algoritem za kodiranje binarnih podatkov.
(DES) Scope Note: It is a secret key cryptosystem published Opomba: Sistem s skrivnim ključem, ki ga je objavil
by the National Bureau of Standards (NBS), the NBS (National Bureau of Standards), predhodnik NIST-
predecessor of the US National Institute of Standards a (National Institute of Standards and Technology,
and Technology (NIST). DES was defined as a Federal ZDA). DES je bil določen kot zvezni standard za
Information Processing Standard (FIPS) in 1976 and obdelavo podatkov - Federal Information Processing
has been used commonly for data encryption in the Standard (FIPS) leta 1976 in je bil v široki uporabi za
forms of software and hardware implementation. šifriranje podatkov s programsko in strojno opremo.
Data flow Tok podatkov The flow of data from the input (in Internet banking, Tok podatkov od vnosa (pri spletnem bančništvu
ordinarily user input at his/her desktop) to output (in navadno vnosa uporabnika z njegovega namzija) do
Internet banking, ordinarily data in a bank’s central izhoda (pri spletnem bančništvu navadno podatki v
database) Data flow includes travel through the osrednji podatkovni zbirki banke). Tok podatkov
communication lines, routers, switches and firewalls vključuje promet skozi komunikacijske vode,
as well as processing through various applications on usmerjevalnike, stikala in požarne zidove, kot tudi
servers, which process the data from user fingers to obdelavo v različnih programih na strežnikih, ki
storage in a bank's central database. obdelujejo podatke od tipkovnice do shranjevanja v
centralni podatkovni zbirki.
Data integrity Celovitost podatkov The property that data meet with a priority Lastnost podatkov, da ustrezajo ključnemu
expectation of quality and that the data can be relied pričakovanju o kakovosti in da se je nanje mogoče
on zanesti.

Data leakage Uhajanje podatkov Siphoning out or leaking information by dumping Izpuščanje ali uhajanje informacij s kopiranjem
computer files or stealing computer reports and tapes računalniških datotek ali s krajo računalniških poročil
in trakov.
Data normalization Normalizacija podatkov A structured process for organizing data into tables in Strukturiran postopek za organizacijo podatkov v
such a way that it preserves the relationships among tabele na način, ki ohranjarelacije med podatki.
the data
Data owner Lastnik podatkov The individual(s), normally a manager or director, Posameznik(i), navadno vodja ali direktor, ki je
who has responsibility for the integrity, accurate odgovoren za celovitost, natančno poročanje in
reporting and use of computerized data uporabo računalniških podatkov.
Data security Varnost podatkov Those controls that seek to maintain confidentiality, Nadzor, katerega cilj je ohranjanje zaupnosti,
integrity and availability of information celovitosti in razpoložljivosti informacij.
Data structure Podatkovna struktura The relationships among files in a database and Odnosi med datotekami v podatkovni zbirki in med
among data items within each file posamičnimi podatkovnimi elementi znotraj vsake
datoteke.
Data warehouse Podatkovno skladišče A generic term for a system that stores, retrieves and Splošen izraz za sistem, ki hrani, pridobiva in upravlja
manages large volumes of data. velike količine podatkov.
Scope Note: Data warehouse software often includes Opomba: Programska oprema podatkovnega
sophisticated comparison and hashing techniques for skladišča velikokrat vključuje skrbno razvite
fast searches as well as for advanced filtering. tehnike/mehanizme za primerjavo in zgoščevanje, za
hitro iskanje ter za napredno filtriranje podatkov.
Database Podatkovna zbirka A stored collection of related data needed by Shranjena zbirka povezanih podatkov, ki jih podjetje
enterprises and individuals to meet their information in/ali posamezniki potrebujejo, da lahko izvajajo
processing and retrieval requirements zahteve po obdelavi in pridobivanju podatkov.
Database administrator Skrbnik zbirke podatkov An individual or department responsible for the Posameznik ali oddelek, odgovoren za varnost in
(DBA) (DBA) security and information classification of the shared klasifikacijo informacij skupnih podatkov, shranjenih v
data stored on a database system This responsibility sistemu podatkovnih zbirk. Odgovornost vključuje
includes the design, definition and maintenance of tudi zasnovo, opredelitev in vzdrževanje podatkovne
the database. zbirke.
Database management Sistem za upravljanje zbirk A software system that controls the organization, Programska oprema, ki nadzoruje organizacijo,
system (DBMS) podatkov (DBMS) storage and retrieval of data in a database shranjevanje in pridobivanje podatkov iz podatkovne
zbirke.

Database replication Podvojevanje podatkovne The process of creating and managing duplicate Postopek ustvarjanja in upravljanja podvojenih različic
zbirke versions of a database. podatkovne zbirke.
Scope Note: Replication not only copies a database Opomba: Podvojeanje podatkovne zbirke ne le kopira,
but also synchronizes a set of replicas so that changes ampak ustvari usklajen nabor dvojnikov, tako da se
made to one replica are reflected in all of the others. spremembe, ki se izvedejo na eni kopiji, odražajo na
The beauty of replication is that it enables many users vseh preostalih kopijah zbirke. Prednost podvojevanja
to work with their own local copy of a database, but je, da omogoča uporabnikom delo z lokalno kopijo
have the database updated as if they were working podatkov, spremembne pa se osvežujejo, kot da bi
on a single centralized database. For database delali na eni sami, centralizirani zbirki. Kadar so
applications in which, geographically users are uporabniki geografsko razpršeni, je podvojevanje
distributed widely, replication is often the most pogosto najbolj učinkovit način za dostop do zbirke
efficient method of database access. podatkov.
Database specifications Specifikacija podatkovne These are the requirements for establishing a To so zahteve za vzpostavitevl uporabe podatkovne
zbirke database application. They include field definitions, zbirke. Vključuje opredelitev in zahteve polj ter
field requirements and reporting requirements for the zahteve po poročanju o za posamične informacije v
individual information in the database. podatkovni zbirki.
Datagram Datagram A packet (encapsulated with a frame containing Paket (ovit v okvir informacij), ki se prenaša v paketno
information), that is transmitted in a packet‐ komutiranem omrežju od izvora do cilja.
switching network from source to destination
Data‐oriented systems Podatkovno usmerjeni Focuses on providing ad hoc reporting for users by Osredotoča se na omogočanje ad hoc poročanja
development razvoj sistema developing a suitable accessible database of uporabnikom z razvijanjem primerne dostopne zbirke
information and to provide useable data rather than a informacij in na pripravo uporabnih podatkov, ne le
function funkcionalnosti.
Decentralization Decentralizacija The process of distributing computer processing to Proces porazdeljevanja računalniške obdelave na
different locations within an enterprise različne konce znotraj podjetja.
Decision support systems Sistem za podporo An interactive system that provides the user with easy Interaktivni sistem, ki uporabniku omogoča preprost
(DSS) odločanju (DSS) access to decision models and data, to support semi dostop do modelov odločanja in podatkov, tako da
structured decision‐making tasks podpira polstrukturirana odločevalna opravila.
Decryption Dešifriranje A technique used to recover the original plaintext Tehnika, ki se uporablja za pridobivanje izvornega
from the ciphertext so that it is intelligible to the golega besedila iz tajnopisa, ki ga bralec lahko
reader The decryption is a reverse process of the razume. Postopek obraten šifriranju.
encryption.

Decryption key Dešifrirni ključ A digital piece of information used to recover Digitalna informacija, ki se uporablja za pridobivanje
plaintext from the corresponding ciphertext by izvornega besedila iz pripadajočega tajnopisa, z
decryption dešifriranjem.
Default Privzeto A computer software setting or preference that states Programska nastavitev ali izbira, ki določa, kaj se bo
what will automatically happen in the event that the zgodilo samodejno, če uporabnik ni nastavil drugačne
user has not stated another preference izbire.
For example, a computer may have a default setting Na primer, računalnik ima lahko privzeto nastavitev za
to launch or start Netscape whenever a GIF file is zagon Netscapa, vsakokrat, ko se odpre datoteka GIF;
opened; however, if using Adobe Photoshop is the če pa je za ogled datotek GIF nastavljenn Adobe
preference for viewing a GIF file, the default setting Photoshop, je mogoče privzeto nastavitev nastaviti na
can be changed to Photoshop. In the case of default Photoshop. V primeru privzetih računov so to tisti
accounts, these are accounts that are provided by the računi, ki jih pripravi izdelovalec operacijskega
operating system vendor (e.g., root in UNIX). sistema (npr. root v UNIX-u).
Default deny policy Privzeta politika prepovedi A policy whereby access is denied unless it is Politika, pri kateri je dostop prepovedan, razen če je
specifically allowed; the inverse of default allow posebej dovoljen; nasprotno od kadar je privzeta
nastavitev dovoljeno.
Default password Privzeto geslo The password used to gain access when a system is Geslo za dostop na računalnik ali omrežno napravo, ki
first installed on a computer or network device. je nastavljeno po prvi namestitvi.
Scope Note: There is a large list published on the Opomba: Na internetu je mogoče na več mestih najti
Internet and maintained at several locations. Failure dolg vzdrževan seznam privzetih gesel. Če tega gesla
to change these after the installation leaves the po namestitvi ne spremenite, ostane sistem ranljiv.
system vulnerable.
Defense in depth Obramba v globino The practice of layering defenses to provide added Praksa, pri kateri je za povečanje zaščite uporabljenih
protection Defense in depth increases security by več plasti obrambe. Obramba v globino povečuje
raising the effort needed in an attack. This strategy varnost tako, da povečuje napor, ki je potreben za
places multiple barriers between an attacker and an napad. Pri tej strategiji se postavi več pregrad med
enterprise's computing and information resources. napadalca ter računalniške in informacijske vire v
podjetju.

Degauss Razmagnetenje The application of variable levels of alternating Uporaba več različnih nivojev izmeničnega toka, da se
current for the purpose of demagnetizing magnetic razmagnetijo zapisi na mediju za magnetno
recording media. zapisovanje.
Scope Note: The process involves increasing the Opomba: Postopek zajema postopno povečevanje
alternating current field gradually from zero to some polja izmeničnega toka od ničle do maksimalne
maximum value and back to zero, leaving a very low vrednosti in nazaj na ničlo, kar pusti na nosilcu zelo
residue of magnetic induction on the media. Degauss malo magnetnih sledi. Razmagnetenju bi na splošno
loosely means to erase. lahko rekli tudi brisanje.
Demodulation Demodulacija The process of converting an analog Postopek pretvarjanja analognega
telecommunications signal into a digital computer telekomunikacijskega signala v digitalni računalniški
signal signal.
Demographic Demografski podatek A fact determined by measuring and analyzing data Dejstvo, pridobljeno z merjenjem in analizo podatkov
about a population; it relies heavily on survey o prebivalstvu, ki se močno opira na podatke,
research and census data. pridobljene z raziskavami in popisi.
Denial‐of‐service attack Ohromitev storitve (DoS) An assault on a service from a single source that Napad na storitev z enega vira, ki storitev preplavi s
(DoS) floods it with so many requests that it becomes tako količino zahtevkov, da je preobremenjena in se
overwhelmed and is either stopped completely or ali popolnoma zaustavi ali pa deluje zelo počasi.
operates at a significantly reduced rate
Depreciation Odpisovanje The process of cost allocation that assigns the original Postopek razporejanja stroškov, ki razdeli izvorni
cost of equipment to the periods benefited. strošek za opremo na časovna obdobja.
Scope Note: The most common method of calculating Opomba: Najpogostejši način za izračunavanje odpisa
depreciation is the straight‐line method, which je metoda enakomernega odpisa, ki privzema, da bo
assumes that assets should be written off in equal sredstvo odpisano v enakih zneskih prek življenske
amounts over their lives. dobe.
Detailed IS controls Podrobne kontrole IS Controls over the acquisition, implementation, Kontrole nad nabavo, uvajanjem, dobavo in podporo
delivery and support of IS systems and services made sistemov in storitev IS, ki jih sestavljajo aplikativne
up of application controls plus those general controls kontrole in tiste splošne kontrole, ki niso vključene
not included in pervasive controls med vseobsegajoče kontrole.
Detective application Zaznavne aplikativne Designed to detect errors that may have occurred Zasnovane tako, da zaznavajo napake, do katerih
controls kontrole based on predefined logic or business rules lahko pride glede na vnaprej določeno logiko ali
Usually executed after an action has taken place and poslovna pravila.
often cover a group of transactions Navadno se izvedejo po nekem dejanju, in pogosto
pokrivajo skupino transakcij.

Detective control Zaznavna kontrola Exists to detect and report when errors, omissions Obstaja, da zaznava in poroča, ko pride do napak,
and unauthorized uses or entries occur opustitev in nepooblaščene rabe ali vnosov.
Device Naprava A generic term for a computer subsystem, such as a Splošen izraz za računalniški podsistem, na primer
printer, serial port or disk drive A device frequently tiskalnik, zaporedna vrata ali disk. Naprava pogosto
requires its own controlling software, called a device zahteva lastno krmilno programsko opremo, ki jo
driver. imenujemo gonilnik naprave.
Dial‐back Povezava s povratnim Used as a control over dial‐up telecommunications Uporablja se kot nadzor/preverjanje pri klicnih
klicem lines. The telecommunications link established telekomunikacijskih povezavah. Telekomunikacijska
through dial‐up into the computer from a remote zveza, vzpostavljena prek klicne povezave v računalnik
location is interrupted so the computer can dial back z oddaljene lokacije se prekine, tako da lahko
to the caller. The link is permitted only if the caller is računalnik kličočega pokliče nazaj. Zveza je dovoljena
calling from a valid phone number or le, če kličoči kliče z veljavne telefonske številke ali
telecommunications channel. telekomunikacijskega kanala.
Dial‐in access control Kontrola dostopa pri klicni Prevents unauthorized access from remote users who Preprečuje nedovoljen dostop oddaljenih
povezavi attempt to access a secured environment Ranges uporabnikov, ki poskušajo dostopati v zavarovano
from a dial‐back control to remote user okolje. Sega od kontrole s povratnim klicem do
authentication overjanja oddaljenega uporabnika.
Digital certification Digitalna certifikacija A process to authenticate (or certify) a party’s digital Postopek overjanja (ali certificiranja) digitalnega
signature; carried out by trusted third parties podpisa, ki ga izvajajo zaupanja vredne tretje stranke.
Digital code signing Digitalno podpisovanje The process of digitally signing computer code to Postopek digitalnega podpisovanja računalniške kode,
kode ensure its integrity ki zagotavlja njeno celovitost.
Digital signature Digitalni podpis A piece of information, a digitized form of signature, Informacija, digitalizirana oblika podpisa, ki zagotavlja
that provides sender authenticity, message integrity pošiljateljevo avtentičnost, celovitost sporočila in
and non‐repudiation. A digital signature is generated nezavračanje. Digitalni podpis se ustvari s
using the sender’s private key or applying a one‐way pošiljateljevim zasebnim ključem ali uporabo
hash function. enostranske zgoščevalne funkcije.
Direct reporting Posel z neposrednim An engagement in which management does not make Posel, pri katerem poslovodstvo ne daje pisnih
engagement poročanjem a written assertion about the effectiveness of their zagotovil o učinkovitosti svojih nadzornih postopkov
control procedures and an IS auditor provides an in revizor IS neposredno poda mnenje o zadevi, na
opinion about subject matter directly, such as the primer o učinkovitosti nadzornih postopkov.
effectiveness of the control procedures

Disaster Katastrofa 1. A sudden, unplanned calamitous event causing 1. Nenaden, nesrečen dogodek, ki povzroči veliko
great damage or loss. Any event that creates an škodo ali izgubo. Kakršen koli dogodek, zaradi
inability on an enterprise's part to provide critical katerega podjetje ne more uporabljati kritičnih
business functions for some predetermined period of poslovnih funkcij za nek določen čas. Podobni izrazi so
time. Similar terms are business interruption, outage prekinitev poslovanja, izpad in katastrofa. 2. Obdobje,
and catastrophe. 2. The period when enterprise v katerem se poslovodstvo odloči, da se bo
management decides to divert from normal preusmerilo od običajnega produkcijskega ukrepanja
production responses and exercises its disaster in uporabi načrt za obnovitev po katastrofi (DRP).
recovery plan (DRP). It typically signifies the beginning Navadno to na začetku pomeni selitev s primarne
of a move from a primary location to an alternate lokacije na alternativno lokacijo.
location.
Disaster declaration Razglasitev katastrofe The communication to appropriate internal and Sporočilo o tem, da je v veljavi načrt za obnovitev po
external parties that the disaster recovery plan (DRP) katastrofi (DRP), oddano po ustreznih notranjih in
is being put into operation zunanjih kanalih.
Disaster notification fee Pristojbina ob obvestilu o The fee that the recovery site vendor charges when Pristojbina, ki jo dobavitelj obnovitvene lokacije
katastrofi the customer notifies them that a disaster has zaračuna, ko ga stranka obvesti, da je prišlo do
occurred and the recovery site is required. katastrofe in da potrebuje obnovitveno lokacijo.
Scope Note: The fee is implemented to discourage Opomba: Pristojbina se uporablja, da ne bi prihajalo
false disaster notifications. do lažnih obvestil o katastrofi.
Disaster recovery Okrevanje po katastrofi Activities and programs designed to return the Dejavnosti in programi, zasnovani, da se podjetje vrne
enterprise to an acceptable condition The ability to v sprejemljivo stanje. Zmožnost odziva na prekinitev
respond to an interruption in services by storitev z uporabo načrta za obnovitev po katastrofi
implementing a disaster recovery plan (DRP) to (DRP) za ponovno vzpostavitev kritičnih poslovnih
restore an enterprise's critical business functions funkcij.
Disaster recovery plan Pregled načrta za Typically a read‐through of a disaster recovery plan Navadno pomeni branje načrta za obnovitev po
(DRP) desk checking obnovitev po katastrofi (DRP) without any real actions taking place. katastrofi (DRP), brez dejanskega ukrepanja.
(DRP) Scope Note: Generally involves a reading of the plan, Opomba: Navadno vključuje branje načrta, razpravo o
discussion of the action items and definition of any dejavnostih, ki jih ta predvideva, in opredelitev
gaps that might be identified pomanjkljivosti, če so prepoznane.
Disaster recovery plan Načrt za obnovitev po A set of human, physical, technical and procedural Nabor človeških, fizičnih, tehničnih in postopkovnih
(DRP) katastrofi (DRP) resources to recover, within a defined time and cost, sredstev za vnovično vzpostavitev delovanja podjetja
an activity interrupted by an emergency or disaster v okviru določenega časa in stroškov, ko pride do
katastrofe.

Disaster recovery plan Sprehod skozi načrt za Generally a robust test of the recovery plan requiring V splošnem robusten preizkus načrta za obnovitev po
(DRP) walk‐through obnovitev po katastrofi that some recovery activities take place and are katastrofi, ki zahteva, da se izvede in preizkusi del
(DRP) tested A disaster scenario is often given and the obnovitvenih dejavnosti. Pogosto je podan scenarij
recovery teams talk through the steps that they katastrofe in ekipe za obnovitev prediskutirajo
would need to take to recover. As many aspects of korake, ki bi jih potrebovale za izpeljavo obnovitve.
the plan as possible should be tested Preizkusiti je treba čim več vidikov načrta.
Disaster tolerance Toleranca do katastrofe The time gap during which the business can accept Čas, za katerega lahko podjetje sprejme
the non‐availability of IT facilities nerazpoložljivost objektov IT.
Disclosure controls and Kontrole in postopki The processes in place designed to help ensure that Uveljavljeni procesi načrtovani tako, da pomagajo
procedures razkritja all material information is disclosed by an enterprise zagotoviti, da so v poročilih, ki jih podjetje predloži
in the reports that it files or submits to the U.S. komisiji SEC (ZDA), razkrite vse materialne
Security and Exchange Commission (SEC). informacije.
Scope Note: Disclosure Controls and Procedures also Opomba: Konrole in postopki razkritja zahtevajo, da
require that disclosures be authorized, complete and so razkritja odobrena, popolna in točna, ter
accurate, and recorded, processed, summarized and zabeležena, obdelana, povzeta in da je o njih
reported within the time periods specified in the SEC poročano znotraj časovnih okvirov, ki jih določajo
rules and forms. Deficiencies in controls, and any pravila in obrazci SEC. Pomanjkljivosti kontrol in
significant changes to controls, must be kakršne koli pomembne spremembe kontrol je treba
communicated to the enterprise’s audit committee pravočasno sporočiti revizijskemu odboru in
and auditors in a timely manner. An enterprise’s revizorjem podjetja. Glavni izvršni direktor in finančni
principal executive officer and financial officer must direktor podjetja morata vsako četrtletje overiti
certify the existence of these controls on a quarterly obstoj teh kontrol.
basis.
Discount rate Diskontna stopnja An interest rate used to calculate a present value Obrestna stopnja, ki se uporablja za izračun sedanje
which might or might not include the time value of vrednosti, ki lahko ali pa tudi ne vključuje časovne
money, tax effects, risk or other factors vrednosti denarja, vpliva davkov, tveganja ali drugih
faktorjev.
Discovery sampling Odkrivalno vzorčenje A form of attribute sampling that is used to determine Oblika vzorčenja lastnosti, ki se uporablja za določanje
a specified probability of finding at least one example verjetnosti, da se bo v populaciji našel vsaj en primer
of an occurrence (attribute) in a population pojavitve (lastnosti).

Discretionary access Diskrecijski nadzor A means of restricting access to objects based on the Način omejevanja dostopa do objektov, ki temelji na
control (DAC) dostopa (DAC) identity of subjects and/or groups to which they identiteti subjektov in/ali skupin, ki jim pripadajo.
belong. Opomba: Nadzor je diskrecijski v smislu, da subjekt z
Scope Note: The controls are discretionary in the določenimi dovoljenji za dostop lahko to dovoljenje
sense that a subject with a certain access permission (morda posredno) preda kateremu koli drugemu
is capable of passing that permission (perhaps subjektu.
indirectly) on to any other subject.
Disk mirroring Zrcaljenje diska The practice of duplicating data in separate volumes Praksa podvajanja podatkov na ločenih nosilcih na
on two hard disks to make storage more fault dveh diskih, da hramba bolj odporna na napake.
tolerant. Mirroring provides data protection in the Zrcaljenje ščiti podatke v primeru odpovedi diska, saj
case of disk failure because data are constantly se podatki neprestano osvežujejo na obeh diskih.
updated to both disks.
Diskless workstations Delovne postaje brez A workstation or PC on a network that does not have Delovna postaja ali osebni računalnik v omrežju, ki
diskov its own disk, but instead stores files on a network file nima lastnega diska, ampak datoteke shranjujeta na
server omrežnem datotečnem strežniku.
Distributed data Omrežje za porazdeljeno A system of computers connected together by a Sistem računalnikov, ki jih povezuje komunikacijsko
processing network obdelavo podatkov communication network. omrežje.
Scope Note: Each computer processes its data and Opomba: Vsak računalnik obdela svoje podatke,
the network supports the system as a whole. Such a omrežje pa podpira celoten sistem. Tako omrežje
network enhances communication among the linked izboljša komunikacijo med povezanimi računalniki in
computers and allows access to shared files. omogoča dostop do deljenih datotek.
Distributed denial‐of‐ Porazdeljen napad za A denial‐of‐service (DoS) assault from multiple Napad za ohromitev storitve (DoS) iz več virov.
service attack (DDoS) ohromitev storitve (DDoS) sources

Diverse routing Ločeno usmerjanje The method of routing traffic through split cable Način preusmerjanja prometa skozi deljena ali
facilities or duplicate cable facilities. podvojena ožičenja.
Scope Note: This can be accomplished with different Opomba: To je mogoče doseči z različnimi in/ali
and/or duplicate cable sheaths. If different cable podvojenimi kabelskimi ovoji. Če se uporabljajo
sheaths are used, the cable may be in the same različni kabelski ovoji, je lako kabel v istem vodu in
conduit and, therefore, subject to the same zato občutljiv za iste prekinitve kakor kabel, katerega
interruptions as the cable it is backing up. The podvaja. Naročnik komunikacijske storitve lako
communication service subscriber can duplicate the podvoji vode z alternativnimi usmerjevalniki, čeprav
facilities by having alternate routes, although the je dostop do strankinih prostorov in iz njih lahko v
entrance to and from the customer premises may be istem vodu. Naročnik lahko od krajevnega ponudnika
in the same conduit. The subscriber can obtain pridobi različne usmerjevalnike in alternativne
diverse routing and alternate routing from the local usmerjevalnike, pa tudi dve vhodni napravi. Vendar je
carrier, including dual entrance facilities. However, pridobitev takega dostopa časovno potratna in draga.
acquiring this type of access is time‐ consuming and Večina ponudnikov ponuja vode za alternativno in
costly. Most carriers provide facilities for alternate ločeno usmerjanje, čeprav se večina storitev prenaša
and diverse routing, although the majority of services po zemeljskih nosilcih. Ti kabli so navadno v zemlji ali
are transmitted over terrestrial media. These cable v kanalih. Kabelski vodi v tleh pomenijo veliko
facilities are usually located in the ground or tveganje zaradi staranja infrastrukture v mestih. Poleg
basement. Ground‐based facilities are at great risk tega kabelski vodi navadno svoj prostor delijo še z
due to the aging infrastructures of cities. In addition, mehanskimi in električnimi sistemi, ki lahko pomenijo
cable‐based facilities usually share room with veliko tveganje zaradi človeških napak in
mechanical and electrical systems that can impose katastrofalnih dogodkov.
great risk due to human error and disastrous events.
Domain Domena In COBIT, the grouping of control objectives into four V COBIT-u združevanje kontrolnih ciljev v skupine
logical stages in the life cycle of investments involving štirih logičnih stopenj v življenjskem ciklu vlaganja, ki
IT (Plan and Organise, Acquire and Implement, Deliver vključuje IT (načrtuj in organiziraj, nabavi in vpelji,
and Support, and Monitor and Evaluate) izvajaj in podpiraj ter spremljaj in vrednoti).
Domain name system Sistem domenskih imen A hierarchical database that is distributed across the Hierarhična podatkovna zbirka, ki je porazdeljena po
(DNS) (DNS) Internet that allows names to be resolved into IP internetu in omogoča razreševanje imen v naslove IP
addresses (and vice versa) to locate services such as (in nasprotno), tako da je mogoče poiskati storitve, na
web and e‐mail servers primer spletne in e-poštne strežnike.

Domain name system Zastrupljanje sistema Corrupts the table of an Internet server's DNS, Okvari tabelo DNS internetnega strežnika, pri čemer
(DNS) poisoning domenskih imen (DNS) replacing an Internet address with the address of zamenja internetni naslov z drugim ničvrednim ali
another vagrant or scoundrel address. nepredvidljivim naslovom.
Scope Note: If a web user looks for the page with that Opomba: Če spletni uporabnik išče stran s tem
address, the request is redirected by the scoundrel naslovom, ničvredni vnos v tabeli zahtevo preusmeri
entry in the table to a different address. Cache na drug naslov. Zastrupljanje predpomnilnika se
poisoning differs from another form of DNS poisoning razlikuje od druge oblike zastrupljanja DNS, pri kateri
in which the attacker spoofs valid e‐mail accounts and napadalec potvori veljaven e-poštne račune in
floods the "in" boxes of administrative and technical preplavi poštne predale administrativnih in tehničnih
contacts. Cache poisoning is related to URL poisoning stikov. Zastrupljanje predpomnilnika je povezano z
or location poisoning, in which an Internet user zastrupljanjem naslova URL ali kraja, pri kateremu se
behavior is tracked by adding an identification sledi vedenju internetnega uporabnika tako, da se
number to the location line of the browser that can vrstici prostora v brskalniku doda identifikacijska
be recorded as the user visits successive pages on the številka, ki jo je mogoče beležiti, ko uporabnik
site. It is also called DNS cache poisoning or cache obiskuje naslednje strani na spletišču. Imenujemo ga
poisoning. tudi zastrupljanje predpomnilnika DNS ali
zastrupljanje pomnilnika.
Double‐loop step Korak dvojne zanke Integrates the management of tactics (financial Povezuje upravljanje taktik (finančne proračune in
budgets and monthly reviews) and the management mesečne preglede) in upravljanje strategije.
of strategy. Opomba: Sistem poročanja, ki temelji na
Scope Note: A reporting system, based on the uravnoteženem sistemu kazalnikov (BSC), ki omogoča
balanced scorecard (BSC), that allows process to be postopku, da ga nadzorujemo v skladu s strategijo, in
monitored against strategy and corrective actions to da se izvedejo popravljalna dejanja, ko so zahtevana.
be taken as required
Downloading Prenos The act of transferring computerized information Prenos računalniških informacij iz enega v drug
from one computer to another computer računalnik.
Downtime report Poročilo o času izpada A report that identifies the elapsed time when a Poročilo, v katerem je zabeležen čas, ko računalnik ni
computer is not operating correctly because of pravilno deloval zaradi odpovedi.
machine failure
Driver (value and risk) Gonilo (vrednosti in A driver includes an event or other activity that Gonilo vključuje dogodek ali drugo aktivnost,
tveganja) results in the identification of an assurance/audit katere(ga) izid je prepoznave potrebe po
need zavarovanju/reviziji.

Dry‐pipe fire extinguisher Suhocevni sistem za Refers to a sprinkler system that does not have water Nanaša se na sistem razpršilnikov, v katerih v času
system gašenje požara in the pipes during idle usage, unlike a fully charged neuporabe ni vode. V polnem sistemu za gašenje
fire extinguisher system that has water in the pipes at požarov je v ceveh vedno voda.
all times. Opomba: Suhocevni sistem se aktivira v času
Scope Note: The dry‐pipe system is activated at the požarnega alarma in voda steče v cevi iz vodnega
time of the fire alarm and water is emitted to the rezervoarja, da bi se razpršila na mestu požara.
pipes from a water reservoir for discharge to the
location of the fire.
Dual control Dvojni nadzor A procedure that uses two or more entities (usually Postopek, ki uporablja dve ali več entitet (navadno
persons) operating in concert to protect a system oseb), ki delujeta skupaj, da bi zaščitili sistemsko
resource so that no single entity acting alone can sredstvo, tako da do njega ne more dostopati zgolj en
access that resource posameznik.
Due care Dolžna skrbnost The level of care expected from a reasonable person Stopnja skrbnosti, ki se pričakuje od razmne osebe
of similar competency under similar conditions podobne zmožnosti v podobnih pogojih.
Due diligence Skrbni pregled The performance of those actions that are generally Izvajanje tistih dejanj, ki jih imamo navadno za
regarded as prudent, responsible and necessary to previdna, odgovorna in potrebna pri izvajanju
conduct a thorough and objective investigation, podrobnega in objektivnega pregleda, revizije in/ali
review and/or analysis analize.
Due professional care Dolžna strokovna skrbnost Diligence that a person, who possesses a special skill, Skrbnost osebe s posebnim znanjem, ki jo bo ta
would exercise under a given set of circumstances udejanjila v določenih okoliščinah.
Dumb terminal Preprosti terminal A display terminal without processing capability. Prikazni terminal brez zmožnosti obdelave.
Scope Note: Dumb terminals are dependent on the Opomba: Preprosti terminali so za obdelavo podatkov
main computer for processing. All entered data are odvisni od glavnega računalnika. Sprejemajo vse
accepted without further editing or validation. vnešene podatke brez dodatnega urejanja ali
preverjanja.
Duplex routing Dvostransko usmerjanje The method or communication mode of routing data Metoda oz. komunikacijski način za usmerjanjem
over the communication network podatkov prek komunikacijskega omrežja.
Dynamic analysis Dinamična analiza Analysis that is performed in a real‐time or Analiza, ki se izvaja v realnem času ali neprekinjeno.
continuous form

Dynamic Host Protokol DHCP A protocol used by networked computers (clients) to Protokol, ki ga računalniki v omrežju (odjemalci)
Configuration Protocol obtain IP addresses and other parameters such as the uporabljajo za pridobivanje naslova IP in drugih
(DHCP) default gateway, subnet mask and IP addresses of parametrov, kot so privzeti prehod, podomrežna
domain name system (DNS) servers from a DHCP maska in naslovi IP strežnikov DNS od strežnika DHCP.
server. Opomba: Strežnik DHCP zagotavlja, da so vsi naslovi IP
Scope Note: The DHCP server ensures that all IP edinstveni (da se npr. noben naslov IP ne dodeli
addresses are unique (e.g., no IP address is assigned drugemu odjemalcu, medtem ko je še v uporabi pri
to a second client while the first client's assignment is prvem [njegov najem še ni potekel]). Nabor naslovov
valid [its lease has not expired]). Thus, IP address pool IP torej upravlja strežnik, ne omrežni skrbnik - človek.
management is done by the server and not by a
human network administrator.
Dynamic partitioning Dinamično dodeljevanje The variable allocation of central processing unit Spremenljivo dodeljevanje zmogljivosti centralno
(CPU) processing and memory to multiple procesne enote (CPE) in pomnilnika več programom
applications and data on a server in podatkom na strežniku.
Echo checks Preverjanje odmeva Detects line errors by retransmitting data back to the Zaznava napake na liniji z vračanjem poslanih
sending device for comparison with the original podatkov pošiljatelju, ki jih primerja z originalnimi
transmission podatki.
E‐commerce E‐trgovanje The processes by which enterprises conduct business Postopek, s katerim podjetja elektronsko poslujejo s
electronically with their customers, suppliers and svojimi strankami, dobavitelji in drugimi zunanjimi
other external business partners, using the Internet as poslovnimi partnerji prek interneta kot tehnologije, ki
an enabling technology. to omogoča.
Scope Note: E‐commerce encompasses both Opomba: E-trgovanje zajema medpodjetniško
business‐to‐business (B2B) and business‐to‐consumer poslovanje (B2B) in modele e-trgovanja s strankami
(B2C) e‐commerce models, but does not include (B2C), ne zajema pa obstoječih neinternetnih metod
existing non‐Internet e‐commerce methods based on trgovanja, ki temeljijo na zasebnih omrežjih, na
private networks such as electronic data interchange primer EDI in SWIFT.
(EDI) and Society for Worldwide Interbank Financial
Telecommunication (SWIFT).

Economic value Ekonomska dodana Technique developed by G. Bennett Stewart III and Tehnika, ki jo je razvil G. Bennett Stewart III in jo je
added(EVA) vrednost (EVA) registered by the consulting firm of Stern, Stewart, in registriala svetovalna družba Stern, Stewart, pri kateri
which the performance of the corporate capital base je uspešnost kapitalske osnove družbe (vključno z
(including depreciated investments such as training, amortiziranimi naložbami, na primer urjenjem,
research and development) as well as more raziskavami in razvojem), pa tudi bolj tradicionalnimi
traditional capital investments such as physical naložbami, na primer v fizično lastnino in opremo,
property and equipment are measured against what izmerjena v primerjavi s tistim, kar bi deležniki lahko
shareholders could earn elsewhere zaslužili drugje.
Edit control Nadzor urejanja Detects errors in the input portion of information that Zaznava napake na vhodnem delu informacij, ki se
is sent to the computer for processing May be manual pošiljajo računalniku v obdelavo. Lahko je ročen ali
or automated and allow the user to edit data errors avtomatiziran in omogoča uporabniku urejanje napak
before processing na podatkih pred obdelavo.
Editing Urejanje Ensures that data conform to predetermined criteria Zagotavlja, da podatki ustrezajo vnaprej določenim
and enable early identification of potential errors merilom in omogoča zgodnje odkrivanje morebitnih
napak.
Electronic data Računalniško izmenjavanje The electronic transmission of transactions Elektronski prenos transakcij (informacij) med dvema
interchange (EDI) podatkov (EDI - RIP) (information) between two enterprises. EDI promotes podjetjema. EDI spodbuja učinkovitejše brezpapirno
a more efficient paperless environment. EDI okolje. Prenosi EDI lahko zamenjajo uporabo
transmissions can replace the use of standard standardnih dokumentov, vključno z računi in
documents, including invoices or purchase orders. naročilnicami.

Electronic document Elektronski dokument An administrative document (a document with legal Administrativni dokument (dokument s pravno
validity, such as a contract) in any graphical, veljavo, na primer pogodba) v kakršni koli grafični,
photographic, electromagnetic (tape) or other fotografski, elektromagnetni (trak) ali drugi
electronic representation of the content. elektronski upodobitvi vsebine.
Scope Note: Almost all countries have developed Opomba: Skoraj vse države imajo razvito zakonodajo,
legislation concerning the definition, use and legal ki se nanaša na opredelitev, uporabo in pravno
validity of an electronic document. An electronic veljavo elektronskega dokumenta. Elektronski
document, in whatever media that contains the data dokument v kateri koli obliki in na kakršnem koli
or information used as evidence of a contract or nosilcu, ki vsebuje podatke ali informacije, ki se
transaction between parties, is considered together uporabljajo kot dokaz pogodbe ali transakcije med
with the software program capable to read it. The strankami, se obravnava skupaj s programsko
definition of a legally valid document as any opremo, ki ga lahko prebere. Opredelitev pravno
representation of legally relevant data, not only those veljavnega dokumenta kot predstavitve pravno
printed on paper, was introduced into the legislation relevantnih podatkov, ne le tistih, ki so natisnjeni na
related to computer crime. In addition, many papirju, je bila vnešena v zakonodajo v povezavi z
countries in defining and disciplining the use of such računalniškim kriminalom. Poleg tega je velikodržav
instruments have issued regulations defining pri opredeljevanju in sankcioniranju uporabe takih
specifics, such as the electronic signature and data instrumentov izdalo pravilnike, ki določajo posebne
interchange formats. primere, na primer elektronske podpise in zapise za
izmenjavo podatkov.
Electronic funds transfer Elektronski prenos The exchange of money via telecommunications EFT Izmenjava denarja po telekomunikacijskih kanalih EFT
(EFT) sredstev (EFT) refers to any financial transaction that originates at a se nanaša na vse finančne transakcije, ki izhajajo iz
terminal and transfers a sum of money from one terminala in prenašajo denarne vsote z enega računa
account to another na drugega.
Electronic signature Elektronski podpis Any technique designed to provide the electronic Katera koli tehnika, načrtovana, da ustvari
equivalent of a handwritten signature to demonstrate lastnoročnemu enakovreden elektronski podpis, s
the origin and integrity of specific data Digital katerim se dokazuje izvor in celovitost določenih
signatures are an example of electronic signatures. podatkov. Digitalni podpisi so zgled elektronskih
podpisov.

Electronic vaulting Shranjevanje v elektronski A data recovery strategy that allows enterprises to Strategija za obnovitev podatkov, ki podjetjem
trezor recover data within hours after a disaster. omogoča obnovitev podatkov v nekaj urah po
Scope Note: Typically used for batch/journal updates katastrofi.
to critical files to supplement full backups taken Opomba: Navadno se uporablja za paketno/dnevno
periodically; includes recovery of data from an offsite osveževanje kritičnih datotek, s čimer se dopolnjuje
storage media that mirrors data via a communication redno varnostno kopiranje vseh podatkov; vključuje
link obnovitev podatkov z nosilca, shranjenega na ločeni
lokaciji, na katerem se prek komunikacijske povezave
shranjuje zrcalna kopija podatkov.
Embedded audit module Vdelani revizijski modul Integral part of an application system that is designed Del aplikacijskega sistema, ki je načrtovan za
(EAM) (EAM) to identify and report specific transactions or other prepoznavanje in poročanje o posebnih transakcijah
information based on pre‐determined criteria ali drugih informacijah, ki temeljijo na vnaprej
Identification of reportable items occurs as part of določenih merilih. Identifikacija elementov za
real‐time processing. Reporting may be real‐time poročanje se dogaja kot del obdelave v realnem času.
online or may use store and forward methods. Also Poročanje je lahko v realnem času prek spleta, lahko
known as integrated test facility or continuous pa se uporabijo metode shranjevanja in posredovanja.
auditing module. Znan tudi kot vdelan preizkus možnosti ali
neprekinjeni revizijski modul.
Encapsulation (objects) Ovijanje (objekti) The technique used by layered protocols in which a Tehnika, ki jo uporabljajo nivojski protokoli, pri kateri
lower‐layer protocol accepts a message from a protokol nižjega nivoja sprejme sporočilo protokola
higher‐layer protocol and places it in the data portion višjega nivoja in ga postavi v podatkovni del okvira v
of a frame in the lower layer spodnjem nivoju.
Encryption Šifriranje The process of taking an unencrypted message Proces, pri katerem se na nešifriranem sporočilu
(plaintext), applying a mathematical function to it (golem, navadnem besedilu) uporabi matematična
(encryption algorithm with a key) and producing an funkcija (šifrirni algoritem s ključem), da se ustvari
encrypted message (ciphertext) šifrirano sporočilo (tajnopis).
Encryption key Šifrirni ključ A piece of information, in a digitized form, used by an Del informacije v digitalni obliki, ki ga uporablja šifrirni
encryption algorithm to convert the plaintext to the algoritem za pretvorbo golega besedila v tajnopis.
ciphertext
End‐user computing The ability of end users to design and implement their Zmožnost končnega uporabnika, da načrtuje in uvede
own information system utilizing computer software lastni informacijski sistem z uporabo programske
products opreme

Engagement letter Listina o poslu Formal document which defines an IS auditor's Uraden dokument, ki opredeljuje zadolžitev,
responsibility, authority and accountability for a pooblastila in odgovornost revizorja IS za določeno
specific assignment nalogo.
Enterprise Podjetje A group of individuals working together for a common Skupina posameznikov, ki delajo skupaj za skupni cilj,
purpose, typically within the context of an navadno v obliki neke organizacije, na primer
organizational form such as a corporation, public korporacije, javne agencije, dobrodelne organizacije
agency, charity or trust ali sklada.
Enterprise architecture Arhitektura podjetja (EA) Description of the fundamental underlying design of Opis temeljnega načrta komponent v poslovnem
(EA) the components of the business system, or of one sistemu ali enega elementa poslovnega sistema (npr.
element of the business system (e.g., technology), the tehnologije), odnosov med njimi in načina, na
relationships among them, and the manner in which katerega podpirajo cilje podjetja.
they support the enterprise’s objectives
Enterprise architecture Arhitektura podjetja (EA) Description of the fundamental underlying design of Opis temeljnega načrta komponent IT v podjetju,
(EA) for IT za IT the IT components of the business, the relationships odnosov med njimi in načina, na katerega podpirajo
among them, and the manner in which they support cilje podjetja.
the enterprise’s objectives
Enterprise goal Cilj podjetja See Business goal Glejte Poslovni cilj.
Enterprise governance Vodenje podjetja A set of responsibilities and practices exercised by the Nabor zadolžitev in praks, ki jih izvajata odbor in
board and executive management with the goal of poslovodstvo, katerih cilj je strateška usmeritev ter
providing strategic direction, ensuring that objectives zagotavljanje, da se dosegajo cilji, da se ustrezno
are achieved, ascertaining that risk is managed upravlja tveganje in da se preverja, da se sredstva in
appropriately and verifying that the enterprise’s viri uporabljajo odgovorno.
resources are used responsibly
Enterprise risk Obvladovanje tveganj v The discipline by which an enterprise in any industry Disciplina, s katero podjetje v kateri koli branži
management (ERM) podjetju (ERM) assesses, controls, exploits, finances and monitors risk ugotavlja, kontrolira, izkorišča, financira in nadzira
from all sources for the purpose of increasing the tveganja iz vseh virov. Njen namen je povečevanje
enterprise's short‐ and long‐term value to its kratko- in dolgoročne vrednosti podjetja za deležnike.
stakeholders
ERP (enterprise resource Sistem za načrtovanje A packaged business software system that allows an Celovito povezana programska rešitev, ki podjetju
planning) system virov podjetja (ERP) enterprise to automate and integrate the majority of omogoča avtomatizacijo in povezavo večine poslovnih
its business processes, share common data and procesov, deljenje skupnih podatkov in praks ter
practices across the entire enterprise, and produce ustvarjanje in dostop do informacij v okolju,
and access information in a real-time environment delujočem v realnem času.

Error Napaka A deviation from accuracy or correctness. Odstop od natančnosti ali pravilnosti.
Scope Note: As it relates to audit work, errors may Opomba: Ko se nanašajo na revizijsko delo, so napake
relate to control deviations (compliance testing) or lahko povezane z nadzorom odstopanj (preverjanje
misstatements (substantive testing). ustreznosti) ali napačnimi navedbami (vsebinsko
preverjanje).
Escrow agent Fiduciar A person, agency or enterprise that is authorized to Oseba, agencija ali podjetje, ki je pooblaščeno, da
act on behalf of another to create a legal relationship deluje v imenu drugega pri sklepanju zakonitih
with a third party in regard to an escrow agreement; pogodb s tretjo osebo v zvezi z neko pogodbo o
the custodian of an asset according to an escrow hrambi računalniške kode; varuh sredstva v skladu s
agreement. pogodbo o hrambi računalniške kode.
Scope Note: As it relates to a cryptographic key, an Opomba: Ko se nanaša na šifrirni ključ, je fiduciar
escrow agent is the agency or enterprise charged with agencija ali podjetje, kateremu je poverjena
the responsibility for safeguarding the key odgovornost za varovanje ključnih delov edinstvenega
components of the unique key. ključa.

Escrow agreement Pogodba o hrambi A legal arrangement whereby an asset (often money, Pravni dogovor, v katerem se sredstvo (pogosto
računalniške kode but sometimes other property such as art, a deed of denar, lahko pa tudi druga lastnina, na primer
title, web site, software source code or a umetnina, dokazna listina o lastnini, spletna stran,
cryptographic key) is delivered to a third party (called izvorna programska koda, šifrirni ključ) preda tretji
an escrow agent) to be held in trust or otherwise osebi (fiduciarju) v varstvo ali ko čaka na zavarovalni
pending a contingency or the fulfillment of a primer ali na izpolnitev pogodbenega pogoja (ali
condition or conditions in a contract. pogojev).
Scope Note: Upon the occurrence of the escrow Opomba: Ko se ustvari pogodba o hrambi
agreement, the escrow agent will deliver the asset to računalniške kode, bo fiduciar sredstvo predal
the proper recipient; otherwise the escrow agent is ustreznemu prejemniku; sicer ga zaupna dolžnost
bound by his/her fiduciary duty to maintain the veže na to, da ohrani fiduciarni račun. Dogovor o
escrow account. Source code escrow means deposit hrambi izvorne računalniške kode pomeni, da bo
of the source code for the software into an account izvorna koda deponirana na račun, ki ga varuje
held by an escrow agent. Escrow is typically requested fiduciar. Dogovor o hrambi računalniške kode
by a party licensing software (e.g., licensee or buyer), navadno zahteva stranka, ki licencira programsko
to ensure maintenance of the software. The software opremo (npr. lastnik licence ali kupec), da si zagotovi
source code is released by the escrow agent to the vzdrževanje programske opreme. Fiduciar preda
licensee if the licensor (e.g., seller or contractor) files izvorno programsko kodo prejemniku licence, če
for bankruptcy or otherwise fails to maintain and dajalec licence (npr. prodajalec ali pogodbenik)
update the software as promised in the software razglasi stečaj ali sicer ne more vzdrževati ali
license agreement. osveževati programske opreme, kot je bilo
dogovorjeno z licenčno pogodbo
Ethernet Ethernet A popular network protocol and cabling scheme that Priljubljen omrežni protokol in shema ožičenja, ki
uses a bus topology and carrier sense multiple uporablja topologijo vodil ter CSMA/CD za
access/collision detection (CSMA/CD) to prevent preprečevanje odpovedi omrežja ali sovpadanja, ko
network failures or collisions when two devices try to skušata do omrežja sočasno dostopati dve napravi.
access the network at the same time
Event Dogodek Something that happens at a specific place and/or Nekaj, kar se zgodi ob določenem času na določenem
time kraju.

Event type Tip dogodka For the purpose of IT risk management, one of three Za namen upravljanja tveganja IT, eden od treh vrst
possible sorts of events: threat event, loss event and dogodkov: uresničitev grožnja, škodni dogodek in
vulnerability event. izraba ranljivost.
Scope Note: Being able to consistently and effectively Opomba: Zmožnost konsistentnega in učinkovitega
differentiate the different types of events that ločevanja različnih tipov dogodkov, ki prispevajo k
contribute to risk is a critical element in developing tveganju, je ključnega pomena pri razvijanju dobrih
good risk‐related metrics and well‐informed meritev, povezanih s tveganjem, in pri sprejemanju
decisions. Unless these categorical differences are odločitev, ki temeljijo na dobrem informiranju. Če
recognized and applied, any resulting metrics lose kategorije niso prepoznane in se ne uporabljajo, vsa
meaning and, as a result, decisions based on those merjenja izgubijo pomen. Posledično je veliko večja
metrics are far more likely to be flawed. verjetnost, da bodo odločitve, ki temeljijo na teh
merjenjih, napačne.
Evidence Dokaz 1. Information that proves or disproves a stated issue 1. Informacija, ki dokaže ali ovrže trditev. 2.
2. Information that an auditor gathers in the course of Informacije, ki jih revizor zbere med revizijo IS;
performing an IS audit; relevant if it pertains to the relevantne so, če se nanašajo na revizijske cilje in
audit objectives and has a logical relationship to the imajo logično zvezo z najdbami in sklepi, ki se
findings and conclusions it is used to support. uporabljajo za podporo.
Scope Note: Audit perspective Opomba: Revizijski vidik
Exception reports Poročila o izjemah An exception report is generated by a program that Poročilo o izjemi ustvari program, ki prepozna
identifies transactions or data that appear to be transakcije ali podatke, za katere se zdi, da so
incorrect. nepravilni.
Scope Note: Exception reports may be outside a Opomba: Poročilo o izjemah sme biti zunaj vnaprej
predetermined range or may not conform to specified določenega obsega in ni nujno, da se prilagaja
criteria. določenim merilom.
Exclusive‐OR (XOR) Ekskluzivni ALI (XOR) The exclusive‐OR operator returns a value of TRUE Operator ekskluzivni ALI vrne vrednost TRUE, le če je
only if just one of its operands is TRUE. natanko eden njegovih operandov TRUE.
Scope Note: The XOR operation is a Boolean Opomba: Operacija XOR je Boolova operacija, ki vrne
operation that produces a 0 if its two Boolean inputs vrednost 0, če sta dva Boolova vnosa enaka (0 in 0 ali
are the same (0 and 0 or 1 and 1) and that produces a 1 in 1), in vrne vrednost 1, če sta dva vnosa različna (1
1 if its two inputs are different (1 and 0). In contrast, in 0). Nasprotno operater inkluzivni ALI vrne vrednost
an inclusive‐OR operator returns a value of TRUE if TRUE, če sta eden ali oba operanda TRUE.
either or both of its operands are TRUE.
Executable code Izvršljiva koda The machine language code that is generally referred Koda strojnega jezika, o kateri navadno govorimo kot
to as the object or load module o objektu ali o modulu za nalaganje.

Expert system Ekspertni sistem The most prevalent type of computer system that Najbolj pogost tip računalniškega sistema, ki izhaja iz
arises from the research of artificial intelligence. raziskave umetne inteligence.
Scope Note: An expert system has a built in hierarchy Opomba: Ekspertni sistem ima vgrajeno hierarhijo
of rules, which are acquired from human experts in pravil, ki jih v ustrezna polja vnesejo strokovnjaki. Ko
the appropriate field. Once input is provided, the so pravila vnesena, lahko sistem opredeli problem in
system should be able to define the nature of the poda priporočila za njegovo rešitev.
problem and provide recommendations to solve the
problem.
Exposure Izpostavljenost The potential loss to an area due to the occurrence of Morebitna izguba na območju, do katere pride zaradi
an adverse event pojavitve neželenega dogodka.
Extended Binary‐coded for EBCDIC An 8‐bit code representing 256 characters; used in 8-bitna koda, ki predstavlja 256 znakov; uporablja se v
Decimal Interchange Code most large computer systems večini večjih računalniških sistemov.
(EBCDIC)
Extended enterprise Razširjeno podjetje Describes an enterprise that extends outside its Opisuje podjetje, ki se širi prek tradicionalnih meja.
traditional boundaries. Such enterprise concentrate Tako podjetje se osredotoča na postopke, ki jih izvaja
on the processes they do best and rely on someone najbolje, in se nanaša na zunanjega izvajalca, da izvaja
outside the entity to perform the remaining preostale postopke.
processes.
eXtensible Access Control Razširljivi označevalni jezik A declarative online software application user access Jezik deklarativne politike nadzora dostopa
Markup Language (XACML) za nadzor dostopa control policy language implemented in Extensible uporabnikov do spletnih aplikacij, izveden v jeziku
(XACML) Markup Language (XML) XML.
eXtensible Markup Razširljivi označevalni jezik Promulgated through the World Wide Web XML je razširil konzorcij svetovnega spleta in je
Language (XML) (XML) Consortium, XML is a web‐based application razvojna tehnologija spletnih aplikacij, ki
development technique that allows designers to načrtovalcem omogoča ustvarjanje uporabniško
create their own customized tags, thus, enabling the prilagojenih oznak. S tem se omogočajo
definition, transmission, validation and interpretation opredeljevanje, prenos, overjanje in razumevanje
of data between applications and enterprises. podatkov med aplikacijami in podjetji.
External router Zunanji usmerjevalnik The router at the extreme edge of the network under Usmerjevalnik na skrajnem koncu nadzorovanega
control, usually connected to an Internet service omrežja, navadno priključen na ponudnika
provider (ISP) or other service provider; also known as internetnih storitev (ISP) ali drugega ponudnika
border router. storitev; znan tudi kot mejni usmerjevalnik.
External storage Zunanja shramba The location that contains the backup copies to be Mesto, na katerem so shranjene varnostne kopije, ki
used in case recovery or restoration is required in the se uporabijo, če je zaradi katastrofe treba sistem
event of a disaster obnoviti.

Extranet Zunanje omrežje A private network that resides on the Internet and Zasebno omrežje, ki gostuje v internetu in podjetju
allows a company to securely share business omogoča varno izmenjavo poslovnih podatkov s
information with customers, suppliers or other strankami, dobavitelji ali drugimi podjetji, pa tudi
businesses as well as to execute electronic izvajanje elektronskih transakcij.
transactions. Opomba: Od notranjega omrežja se razlikuje po tem,
Scope Note: Different from an Intranet in that it is da je nameščeno zunaj požarnega zidu podjetja. Zato
located beyond the company's firewall. Therefore, an se zunanje omrežje zanaša na uporabo varno izdanih
extranet relies on the use of securely issued digital digitalnih certifikatov (ali drugih načinov overjanja
certificates (or alternative methods of user uporabniške identitete) in na šifriranje sporočil. Za
authentication) and encryption of messages. A virtual uvajanje zunanjih omrežij se zaradi zagotavljanja
private network (VPN) and tunneling are often used varnosti in zasebnosti velikokrat ustvari navidezno
to implement extranets, to ensure security and zasebno omrežje (VPN) in tuneliranje.
privacy.
Fail‐over Nadomestni način The transfer of service from an incapacitated primary Prenos storitev z glavne komponente, ki je
delovanja component to its backup component odpovedala, na nadomestno komponento.
Fail‐safe Varovalka Describes the design properties of a computer system Opisuje načrtovane lastnosti računalniškega sistema,
that allow it to resist active attempts to attack or ki omogočajo odpor na aktivne poskuse napada ali
bypass it obvoda.
Fallback procedures Rezervni postopki A plan of action or set of procedures to be performed Načrt dejanj ali nabor postopkov, ki se izvedejo, če
if a system implementation, upgrade or modification uvajanje, posodobitev ali sprememba sistema ne
does not work as intended. deluje, kot je bilo načrtovano.
Scope Note: May involve restoring the system to its Opomba: Vključuje lahko obnovitev sistema v stanje
state prior to the implementation or change. Fallback pred uvajanjem ali spremembo. Vzpostavitveni
procedures are needed to ensure that normal postopki so potrebni, da se zagotovi, da se nadaljujejo
business processes continue in the event of failure običajni poslovni procesi v primeru odpovedi in bi jih
and should always be considered in system migration bilo treba vedno upoštevati pri selitvi ali uvedbi
or implementation. sistema.
Fall‐through logic Logika izjalovitve An optimized code based on a branch prediction that Optimizirana koda, ki temelji na predvidevanjih
predicts which way a program will branch when an branže, v katero smer se bo razvejal program, ko bo
application is presented aplikacija predstavljena.
False authorization Lažno overjanje Also called false acceptance, occurs when an Tudi lažni sprejem, do česar pride, ko je z
unauthorized person is identified as an authorized biometričnim sistemom prepoznavanja
person by the biometric system nepooblaščena oseba prepoznana kot pooblaščena
oseba.

False enrollment Lažni vpis Occurs when an unauthorized person manages to Do tega pride, ko se nepooblaščeni osebi uspe vpisati
enroll into the biometric system. v biometrični sistem.
Scope Note: Enrollment is the initial process of Opomba: Vpis je začetni proces pridobivanja
acquiring a biometric feature and saving it as a biometrične lastnosti in njenega shranjevanja kot
personal reference on a smart card, a PC or in a osebno predstavitveno lastnost na pametno kartico,
central database. osebni računalnik ali v glavno zbirko podatkov.
False negative Lažno negativen rezultat In intrusion detection, an error that occurs when an Pri zaznavanju vdorov napaka, do katere pride, ko je
attack is misdiagnosed as a normal activity napad napačno prepoznan kot običajna dejavnost.
False positive Lažno pozitiven rezultat A result that has been mistakenly identified as a Rezultat, ki je bil ponesreči prepoznan kot problem,
problem when, in reality, the situation is normal pa je v resnici običajno stanje.
Fault tolerance Odpornost na napake A system’s level of resilience to seamlessly react to Zmožnost sistema, da se neopazno odzove na
hardware and/or software failure odpoved strojne ali programske opreme.
Feasibility study Študija izvedljivosti A phase of a system development life cycle (SDLC) Razvojna faza življenjskega cikla sistema (SDLC), ki
methodology that researches the feasibility and raziskuje izvedljivost in primernost sredstev za razvoj
adequacy of resources for the development or ali pridobivanje sistemske rešitve za uporabnikove
acquisition of a system solution to a user need potrebe.
Fiber‐optic cable Optični kabel Glass fibers that transmit binary signals over a Kabel iz optičnih vlaken, ki prenaša binarne signale po
telecommunications network. telekomunikacijskem omrežju.
Scope Note: Fiber‐optic systems have low Opomba: V sistemih iz optičnih vlaken prihaja do
transmission losses as compared to twisted‐pair maloštevilnih izgub v primerjavi z omrežji s kabli iz
cables. They do not radiate energy or conduct sukanih paric. Poleg tega ne oddajajo energije in niso
electricity. They are free from corruption and električni prevodniki. Zavarovani so pred okvarami in
lightning‐ induced interference, and they reduce the interferencami zaradi strele, poleg tega pa zmanjšajo
risk of wiretaps. tveganje prisluškovanja.
Field Polje An individual data element in a computer record. Posamezni podatkovni element v računalniškem
Scope Note: Examples include employee name, zapisu.
customer address, account number, product unit Opomba: Zgledi: ime zaposlenega, naslov stranke,
price and product quantity in stock. številka računa, cena proizvodne enote, količina
izdelka na zalogi.
File Datoteka A named collection of related records Poimenovana zbirka povezanih zapisov.

File allocation table (FAT) Tabela dodeljevanj A table used by the operating system to keep track of Tabela, ki jo operacijski sistem uporablja, da beleži,
datotek (FAT) where every file is located on the disk. kje je katera datoteka na disku.
Scope Note: Since a file is often fragmented and thus Opomba: Ker je datoteka velikokrat fragmentirana in
subdivided into many sectors within the disk, the razdeljena na več sektorjev na disku, se informacije, ki
information stored in the FAT is used when loading or se shranijo v tabeli FAT, uporabijo pri nalaganju ali
updating the contents of the file. osveževanju vsebine datotek.
File layout Oblika datoteke Specifies the length of the file record and the Določa dolžino datotečnega zapisa ter zaporedje in
sequence and size of its fields. velikost njegovih polj.
Scope Note: Also will specify the type of data Opomba: Določa tudi tip podatkov v posamičnih
contained within each field; for example, poljih, na primer: alfanumerični, segmentirani
alphanumeric, zoned decimal, packed and binary. decimalni, paketni in binarni.
File server Datotečni strežnik A high‐capacity disk storage device or a computer Naprava za shranjevanje podatkov z veliko diskovno
that stores data centrally for network users and zmogljivostjo ali računalnik, ki shranjuje podatke
manages access to those data. centralno za vse omrežne uporabnike ter upravlja
Scope Note: File servers can be dedicated so that no dostop do teh podatkov.
process other than network management can be Opomba: Datotečni strežniki so lahko namenski, tako
executed while the network is available; file servers da je mogoče med razpoložljivostjo omrežja izvajati
can be non‐dedicated so that standard user samo upravljanje omrežja; lahko so
applications can run while the network is available. nenamenski/splošni, tako da lahko med
razpoložljivostjo omrežja na njih tečejo tudi
standardni uporabniški programi.
File Transfer Protocol (FTP) Protokol za prenos datotek A protocol used to transfer files over a Transmission Protokol, ki se uporablja za prenos datotek prek
(FTP) Control Protocol/Internet Protocol (TCP/IP) network omrežja TCP/IP (internet, UNIX itd.)
(Internet, UNIX, etc.)
Filtering router Filtrirni usmerjevalnik A router that is configured to control network access Usmerjevalnik, ki je nastavljen tako, da nadzira dostop
by comparing the attributes of the incoming or do omrežja s primerjavo atributov prihajajočih in
outgoing packets to a set of rules odhajajočih paketov z naborom pravil.
FIN (Final) FIN (Končen) A flag set in a packet to indicate that this packet is the Zastavica, ki jo s seboj nosi paket in označuje, da je to
final data packet of the transmission zadnji paket podatkov v prenosu.
Financial audit Finančna revizija An audit designed to determine the accuracy of Revizija, načrtovana za ugotovitev točnosti finančnih
financial records and information zapisov in informacij.
Finger Prst A protocol and program that allows the remote Protokol in program, ki omogoča oddaljeno
identification of users logged into a system identifikacijo uporabnika, prijavljenega v sistem.

Firewall Požarni zid A system or combination of systems that enforces a Sistem ali kombinacija sistemov, ki uveljavlja mejo
boundary between two or more networks, typically med dvema omrežjema ali več omrežji, navadno tako,
forming a barrier between a secure and an open da ustvari pregrado med varnim okoljem in okoljem,
environment such as the Internet kakršno je internet.
Firmware Strojna programska Memory chips with embedded program code that Pomnilniški čipi z vdelano programsko kodo, ki ohrani
oprema hold their content when power is turned off vsebino, tudi ko ni več pod napajanjem.
Fiscal year Poslovno leto Any yearly accounting period without regard to its Vsako obračunsko obdobje enega leta, ne glede na
relationship to a calendar year koledarsko leto.
Foreign key Tuji ključ A value that represents a reference to a tuple (a row Vrednost, ki predstavlja referenco n-terici (ena vrstica
in a table) containing the matching candidate key v preglednici), v kateri je ustrezni kandidat vrednosti
value. ključa.
Scope Note: The problem of ensuring that the Opomba: Problem zagotavljanja, da v zbirki podatkov
database does not include any invalid foreign key ni neveljavnih vrednosti tujih ključev, jeznan kot
values is known as the referential integrity problem. referenčni problem neokrnjenosti. Omejitev, da
The constraint that values of a given foreign key must morajo vrednosti nekega tujega ključa ustrezati
match values of the corresponding candidate key is vrednostim ustreznega kandidata za ključ, je znana
known as a referential constraint. The relation (table) kot referenčna omejitev. Povezavo (preglednico), v
that contains the foreign key is referred to as the kateri je tuji ključ, imenujemo referenčna povezava, in
referencing relation and the relation that contains the povezavo, v kateri je ustrezni kandidat za ključ,
corresponding candidate key as the referenced referenčna povezava ali ciljna povezava. (V teoriji
relation or target relation. (In the relational theory it povezav bi bil kandidat za ključ, v resničnih sistemih
would be a candidate key, but in real database za upravljanje podatkovnihzbirk (DBMS) pa je to
management systems (DBMSs) implementations it is vedno primarni ključ.)
always the primary key.)
Forensic examination Forenzičen pregled The process of collecting, assessing, classifying and Postopek zbiranja, vrednotenja, razvrščanja in
documenting digital evidence to assist in the popisovanja digitalnih dokazov, ki so namenjeni za
identification of an offender and the method of pomoč pri identifikaciji prestopnika in prestopka.
compromise
Format checking Preverjanje oblike zapisa The application of an edit, using a predefined field Uporaba urejanja z vnaprej opredeljeno definicijo polj
definition to a submitted information stream; a test na poslanem toku informacij; preizkus, s katerim se
to ensure that data conform to a predefined format zagotavlja, da se podatki skladajo z vnaprej določeno
obliko zapisa.

Fourth‐generation Jezik 4. generacije High‐level, user‐friendly, nonprocedural computer Visoko-nivojski, uporabniku prijazen, neproceduralni
language (4GL) language used to program and/or read and process računalniški jezik, ki se uporablja za programiranje
computer files in/ali branje in obdelavo računalniških datotek.
Frame relay Blokovno posredovanje A packet‐switched wide‐area‐network (WAN) Tehnologija paketno komutiranega prostranega
technology that provides faster performance than omrežja (WAN), ki omogoča večjo učinkovitost od
older packet‐switched WAN technologies. starejših tehnologij paketno komutiranega
Scope Note: Best suited for data and image transfers. prostranega omrežja WAN.
Because of its variable‐length packet architecture, it is Opomba: Najbolj primerno za prenos podatkov in slik.
not the most efficient technology for real‐time voice Zaradi arhitekture paketov spremenljive dolžine ni
and video. In a frame‐relay network, end nodes najbolj učinkovita tehnologija za prenos zvoka in
establish a connection via a permanent virtual circuit videoposnetkov v realnem času. V omrežju z
(PVC). blokovnim posredovanjem zaključna vozlišča
vzpostavijo povezavo prek trajnega navideznega
omrežja/voda (PVC).
Framework Okvir . .
Scope Note: See Control framework and IT Opomba: Glejte Nadzorni okviri in okviri vodenja
governance framework. informatike.
Frequency Pogostost A measure of the rate by which events occur over a Merilo hitrosti, s katero se določen dogodek ponavlja
certain period of time v določenem času.
Full economic life cycle Polna ekonomska The period of time during which material business Časovno obdobje, v katerem se pričakuje, da bo prišlo
življenjska doba benefits are expected to arise from, and/or during do materialnih poslovnih koristi, in/ali v katerem se
which material expenditures (including investments, pričakuje, da bodo nastali stroški (vključno z
running and retirement costs) are expected to be investicijami, tekočimi in RETIREMENT stroški) v
incurred by, an investment program investicijskem programu.
Function point analysis Analiza funkcijskih točk A technique used to determine the size of a Tehnika, ki se uporablja za določanje velikosti
development task, based on the number of function razvojne naloge glede na število funkcijskih točk.
points. Opomba: Funkcijske točke so faktorji tipa vnosi,
Scope Note: Function points are factors such as rezultati, poizvedbe in logična interna mesta.
inputs, outputs, inquiries and logical internal sites.
Gateway Prehod A device (router, firewall) on a network that serves as Naprava (usmerjevalnik, požarni zid) v omrežju, ki se
an entrance to another network uporablja kot vhodno mesto za drugo omrežje.

General computer control Splošna računalniška A Control, other than an application control, that Kontrola, ki ni aplikativna kontrola in se nanaša na
kontrola relates to the environment within which computer‐ okolje, v katerem se razvijajo, vzdržujejo in delujejo
based application systems are developed, maintained računalški sistemi, tako da se nanaša na vse aplikacije.
and operated, and that is therefore applicable to all Cilji splošnih kontrol so zagotoviti ustrezni razvoj in
applications The objectives of general controls are to uvajanje aplikaciji ter celovitost programskih in
ensure the proper development and implementation podatkovnih datotek in računalniških operacij. Tako
of applications and the integrity of program and data kot aplikativne kontrole so lahko tudi splošne kontrole
files and of computer operations. Like application ročne ali programirane. Primeri splošnih kontrol
controls, general controls may be either manual or vključujejo razvoj in uvajanje strategije IS in varnostno
programmed. Examples of general controls include politiko IS, organizacijo osebja IS za razmejitev spornih
the development and implementation of an IS dolžnosti ter načrtovanje za preprečevanje katastrof
strategy and an IS security policy, the organization of in vzpostavitev delovanja po njih.
IS staff to separate conflicting duties and planning for
disaster prevention and recovery.
Generalized audit software Splošna revizijska Multipurpose audit software that can be used for Večnamenska revizijska programska oprema, ki jo je
(GAS) programska oprema (GAS) general processes, such as record selection, matching, mogoče uporabljati za splošne postopke, na primer
recalculation and reporting beleženje in primerjanje zapisov, vnovično
izračunavanje in poročanje.
Generic process control Splošna procesna kontrola A control that applies to all processes of the Kontrola, ki se nanaša na vse procese v podjetju.
enterprise
Geographic disk mirroring Geografsko zrcaljenje A data recovery strategy that takes a set of physically Strategija za obnovitev podatkov, ki temelji na
diska disparate disks and synchronously mirrors them over kompletu fizično ločenih diskov, na katere se podatki
high‐performance communication lines Any write to a neprestano zrcalijo prek zelo zmogljivih
disk on one side will result in a write on the other komunikacijskih povezav. Kateri koli zapis na disk na
side. The local write will not return until the eni strani, se bo takoj ponovil na drugi strani. Lokalni
acknowledgment of the remote write is successful. zapis se ne bo pojavil, dokler ne bo dobil potrditve, da
je bil oddaljeni zapis uspešen.
Geographical information Geografski informacijski A tool used to integrate, convert, handle, analyze and Orodje, ki se uporablja za integracijo, preoblikovanje,
system (GIS) sistem (GIS) produce information regarding the surface of the rokovanje, analiziranje in izdelavo informacij, ki se
earth. nanašajo na zemeljsko površino.
Scope Note: GIS data exist as maps, tri‐dimensional Opomba: Podatki GIS so predstavljeni kot zemljevidi,
virtual models, lists and tables trirazsežni navideznoresnični modeli, seznami in
preglednice.

Good practice Dobra praksa A proven activity or process that has been Preizkušena dejavnost ali proces, ki ga uspešno
successfully used by multiple enterprises and has uporablja več podjetij in dokazano daje zanesljive
been shown to produce reliable results rezultate.
Governance Vodenje Ensures that stakeholder needs, conditions and Zagotavlja, da so potrebe, pogoji in možnosti
options are evaluated to determine balanced, agreed- deležnika ovrednotene, s čimer se opredelijo
on enterprise objectives to be achieved; setting uravnoteženi in sporazumni cilji, ki jih je treba doseči;
direction through prioritization and decision making; določanje smernic z določanjem prednosti in
and monitoring performance and compliance against odločanjem; in nadzor uspešnosti in skladnosti z
agreed-on direction and objectives dogovorjenimi smernicami in cilji.
Scope: Conditions can include the cost of capital, Opomba: Pogoji lahko vključujejo stroške kapitala,
foreign exchange rates, etc. Options can include devizne tečaje itd. Možnosti lahko zajemajo prenos
shifting manufacturing to other locations, sub- proizvodnje na druge lokacije, predajo delov podjetja
contracting portions of the enterprise to third-parties, v podizvajanje tretjim osebam, izbiro mešanice
selecting a product mix from many available choices, proizvodov med razpoložljivimi možnostmi itd.
etc.
Governance enabler Kar omogoča vodenje Something (tangible or intangible) that assists in the Nekaj (oprijemljivega ali neopremljivega), kar pomaga
realization of effective governance pri uresničevanju učinkovitega vodenja.
Governance framework Vodstveni okvir A framework is a basic conceptual structure used to Okvir je osnovna konceptualna struktura, ki se
solve or address complex issues. An enabler of uporablja za reševanje ali naslavljanje zapletenih
governance. A set of concepts, assumptions and zadev. Omogoča vodenje. Nabor konceptov, domnev
practices that define how something can be in praks, ki opredeljujejo, kako je mogoče k nečemu
approached or understood, the relationships amongst pristopiti ali kako nekaj razumeti, odnosov med
the entities involved, the roles of those involved, and vpletenimi entitetami, vlog vpletenih in meja (kaj je in
the boundaries (what is and is not included in the kaj ni vključeno v sistem vodenja).
governance system). Primeri: COBIT, COSO-v Notranji nadzor - Integrirani
Examples: COBIT, COSO’s Internal Control--Integrated okvir
Framework
Governance of enterprise Vodenje IT v podjetju A governance view that ensures that information and Vodstveni pogled, ki zagotavlja, da informacije in z
IT related technology support and enable the enterprise njimi povezana tehnologija podpirajo in omogočajo
strategy and the achievement of enterprise strategijo podjetja ter doseganje ciljev podjetja; to
objectives; this also includes the functional vključuje tudi funkcionalno vodenje IT, npr.
governance of IT, i.e., ensuring that IT capabilities are zagotavljanje, da so zmogljivosti IT dobavljene
provided efficiently and effectively. uspešno in učinkovito.

Governance/ management Vodstvena/poslovodska For each COBIT process, the governance and Za vsak proces COBIT prakse vodenja in upravljanja
practice praksa management practices provide a complete set of urejajo popoln nabor visonivojskih zahtev za
high-level requirements for effective and practical učinkovito in praktično vodenje in upravljanje IT-ja v
governance and management of enterprise IT. They podjetju. To so trditve o dejanjih s strani vodstvenih
are statements of actions from governance bodies organov in poslovodstva.
and management.
Guideline Smernica A description of a particular way of accomplishing Opis posebnega načina za doseganje nečesa, ki je
something that is less prescriptive than a procedure manj opisen od postopka.
Hacker Heker An individual who attempts to gain unauthorized Posameznik, ki skuša pridobiti nepooblaščen dostop
access to a computer system do računalniškega sistema.
Handprint scanner Čitalnik odtisa dlani A biometric device that is used to authenticate a user Biometrična naprava, ki se uporablja za overjanje
through palm scans uporabnikove identitete z odčitavanjem njegove
dlani.
Harden Utrditi To configure a computer or other network device to Računalnik ali omrežno napravo konfigurirati tako, da
resist attacks bo odporna proti napadom.
Hardware Strojna oprema The physical components of a computer system Fizični del računalniškega sistema.
Hash function Zgoščevalna funkcija An algorithm that maps or translates one set of bits Algoritem, ki preslika ali prevaja en nabor bitov v
into another (generally smaller) so that a message drugega (navadno manjšega), tako da sporočilo da
yields the same result every time the algorithm is vsakokrat enak rezultat, ko se algoritem uporabi na
executed using the same message as input. istem vhodnem sporočilu.
Scope Note: It is computationally infeasible for a Opomba: Računsko ni izvedljivo, da bi se sporočilo
message to be derived or reconstituted from the povrnilo ali izpeljalo iz rezultata, ki ga ustvari
result produced by the algorithm or to find two algoritem, ali da bi obstajali dve različni sporočili, ki bi
different messages that produce the same hash result dali enak zgoščen rezultat z enakim algoritmom.
using the same algorithm.
Hash total Zgoščevalna vsota The total of any numeric data field in a document or Vsota katerega koli numeričnega podatkovnega polja
computer file This total is checked against a control v dokumentu ali računalniški datoteki. Vsota se
total of the same field to facilitate accuracy of primerja s kontrolno vsoto istega polja, da se zagotovi
processing. natančnost obdelave.

Help desk Center za pomoč A service offered via telephone/Internet by an Storitev, ki jo podjetje ponuja prek telefona/interneta
uporabnikom enterprise to its clients or employees that provides svojim strankam ali zaposlenim. Storitev je
information, assistance and troubleshooting advice namenjena podajanju informacij, pomoči in nasvetom
regarding software, hardware or networks. za odpravljanje težav s programsko in strojno opremo
Scope Note: A help desk is staffed by people who can ter omrežji.
either resolve the problem on their own or escalate Opomba: V centru so zaposlene osebe, ki lahko
the problem to specialized personnel. A help desk is težavo rešijo same ali jo predajo specializiranemu
often equipped with dedicated customer relationship osebju. Center za pomoč je pogosto opremljen z
management (CRM) software that logs the problems namensko programsko opremo za upravljanje
and tracks them until they are solved. odnosov z odjemalci (CRM), s katero je mogoče
beležiti težave in jim slediti, dokler se ne razrežijo.
Heuristic filter Hevristični filter A method often employed by antispam software to Metoda, ki jo programska oprema za zaščito pred
filter spam using criteria established in a centralized neželeno pošto pogosto uporablja za filtriranje
rule database. neželene pošte v skladu s pravili, postavljenimi v
Scope Note: Every e‐mail message is given a rank, centralizirani zbirki podatkov.
based on its header and contents, which is then Opomba: Vsakemu e-poštnemu sporočilu dodeli
matched against preset thresholds. A message that stopnjo pomembnosti, ki temelji na vsebini glave in
surpasses the threshold will be flagged as spam and vsebini sporočila. Ta se primerja z vnaprej
discarded, returned to its sender or put in a spam nastavljenimi pragi. Sporočilo, ki preseže prag, bo
directory for further review by the intended recipient. označeno kot vsiljena pošta in zavrženo, vrnilo se bo
pošiljatelju ali se prestavilo v mapo za vsiljeno pošto,
kjer ga bo lahko preveril še naslovnik.
Hexadecimal Šestnajstiški sistem A numbering system that uses a base of 16 and uses Številski sistem, ki za osnovo uporablja število 16 in
16 digits: 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, A, B, C, D, E and F uporablja 16 števk: 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, A, B, C, D,
Programmers use hexadecimal numbers as a E in F. Programerji šestnajstiški sistem uporabljajo za
convenient way of representing binary numbers. prikaz binarnih števil.
Hierarchical database Hierarhična zbirka A database structured in a tree/root or parent/child Zbirka podatkov, ki je strukturirana v razmerja
podatkov relationship. drevo/koren ali roditelj/potomec.
Scope Note: Each parent can have many children, but Opomba: Vsak roditlej ima lahko več potomcev, vsak
each child may have only one parent. potomec pa lahko ima le enega roditelja.

Honeypot Limanice A specially configured server, also known as a decoy Posebej konfiguriran strežnik, ki ga imenujemo tudi
server, designed to attract and monitor intruders in a vaba, načrtovan tako, da pritegne in nadzoruje
manner such that their actions do not affect vsiljivce, pri čemer njihova dejanja v resnici ne
production systems. vplivajo na produkcijske sisteme.
Scope Note: Also known as "decoy server" Opomba: Znan tudi kot "strežnik - vaba".
Hot site Vroča lokacija A fully operational offsite data processing facility Objekt na lokaciji, ločeni od glavne, v katerem je
equipped with both hardware and system software to popolnoma delujoč sistem strojne in programske
be used in the event of a disaster opreme, ki se uporabi v primeru katastrofe.
Hub Razdelilnik A common connection point for devices in a network, Skupna povezovalna točka za omrežne naprave.
hubs are used to connect segments of a local area Razdelilniki se uporabljajo za povezavo delov
network (LAN). krajevnega omrežja (LAN).
Scope Note: A hub contains multiple ports. When a Opomba: En razdelilnik ima več vrat. Ko paket
packet arrives at one port, it is copied to the other podatkov pride na ena vrata, se kopira na druga, tako
ports so that all segments of the LAN can see all da lahko vse pakete vidijo vsi deli LAN-a.
packets.
Hurdle rate Mejna stopnja donosa Also known as required rate of return, above which Znana tudi kot zahtevana stopnja donosa, nad katero
an investment makes sense and below which it does je vlaganje smiselno in pod katero ni.
not. Opomba: Pogosto temelji na strošku kapitala
Scope Note: Often based on the cost of capital, plus (plus/minus premija za tveganje) in se pogosto
or minus a risk premium, and often varied based on spreminja glede na prevladujoče ekonomske razmere.
prevailing economic conditions
Hybrid application controls Hibridne aplikativne Consist of a combination of manual and automated Sestojijo iz kombinacije ročnih in avtomatiziranih
kontrole activities, all of which must operate for the control to dejanj, ki morajo delovati, da je nadzor učinkovit.
be effective. Opomba: Včasih uporabljamo izraz "računalniško
Scope Note: Sometimes referred to as odvisne aplikativne kontrole".
computer‐dependent application controls
Hyperlink Hiperpovezava An electronic pathway that may be displayed in the Elektronska pot, ki je lahko prikazana v obliki
form of highlighted text, graphics or a button that označenega besedila, slike ali kot gumb in povezuje
connects one web page with another web page spletno stran s spletno stranjo na drugem naslovu.
address

Hypertext Hipertekst A language that enables electronic documents that Jezik, ki elektronskim dokumentom omogoča
present information to be connected by links instead predstavitev informacij s povezavami, namesto da so
of being presented sequentially, as is the case with predstavljene zaporedno, kot je to v običajnem
normal text besedilu.
Hypertext Markup Označevalni jezik HTML A language designed for the creation of web pages Jezik, načrtovan za oblikovanje spletnih strani in
Language (HTML) with hypertext and other information to be displayed drugih informacij za prikaz v spletnem brskalniku;
in a web browser; used to structure uporablja se za strukturiranje informacij - označevanje
information‐‐denoting certain text sure as headings, dela besedila kot glava, odstavek, seznam. Do neke
paragraphs, lists‐‐and can be used to describe, to mere se lahko uporablja za opis videza in semantike
some degree, the appearance and semantics of a dokumenta.
document
Hypertext Transfer Varen protokol za prenos A protocol for accessing a secure web server, Protokol za dostop do varnega spletnega strežnika, s
Protocol Secure (HTTPS) hiperteksta (HTTPS) whereby all data transferred are encrypted. katerega se prenašajo le šifrirani podatki.
Hypertext Transfer Protokol za prenos A communication protocol used to connect to servers Komunikacijski protokol, ki se uporablja za
Protocol (HTTP) hiperteksta (HTTP) on the World Wide Web. Its primary function is to povezovanje strežnikov na svetovnem spletu. Njegova
establish a connection with a web server and transmit poglavitna funkcija je vzpostavitev povezave s
hypertext markup language (HTML), extensible spletnim strežnikom in prenos označevalnega jezika
markup language (XML) or other pages to client HTML, razširljivega označevalnega jezika XML ali
browsers drugih strani v spletne brskalnike uporabnikov.
Identity access Upravljanje identitet in Encapsulates people, processes and products to Zajema ljudi, procese in izdelke za identifikacijo in
management (IAM) dostopa (IAM) identify and manage the data used in an information upravljanje podatkov, ki se uporabljajo v
system to authenticate users and grant or deny access informacijskih sistemih za ugotavljanje istovetnosti
rights to data and system resources. The goal of IAM uporabnikov in podelitev ali zavračanje pravic za
is to provide appropriate access to enterprise dostop do podatkov in sistemskih sredstev. Cilj IAM je
resources. zagotoviti ustrezen dostop do sredstev podjeta.

Idle standby Nedejaven / V A fail‐over process in which the primary node owns Nadomestni način delovanja, pri katerem ima
pripravljenosti the resource group and the backup node runs idle, primarno vozlišče v lasti skupino virov, nadomestno
only supervising the primary node. vozlišče pa je v mirovanju in le nadzoruje primarno
Scope Note: In case of a primary node outage, the vozlišče.
backup node takes over. The nodes are prioritized, Opomba: Če izpade primarno vozlišče, prevzame
which means that the surviving node with the highest funkcijo nadomestno vozlišče za. Vozlišča so
priority will acquire the resource group. A higher razvrščena po prednosti, kar pomeni, da bo skupino
priority node joining the cluster will thus cause a virov prevzelo nadrejeno vozlišče. Če se gruči pridruži
short service interruption. vozlišče z višjo prednostjo, bo to torej povzročilo
kratko prekinitev storitve.
IEEE (Institute of Electrical IEEE Pronounced I‐triple‐E; IEEE is an organization IEEE je organizacija, sestavljena iz inženirjev,
and Electronics Engineers) composed of engineers, scientists and students. znanstvenikov in študentov.
Scope Note: Best known for developing standards for Opomba: Znana je po razvijanju standardov za
the computer and electronics industry računalniško in elektronsko industrijo.
Image processing Obdelava slik The process of electronically inputting source Proces digitaliziranja izvornih dokumentov tako, da se
documents by taking an image of the document, zajame njihove fotografije, s čimer se izognemo
thereby eliminating the need for key entry tipkanju.
Impact analysis Analiza vpliva A study to prioritize the criticality of information Študija za razvrščanje kritičnosti informacijskih virov
resources for the enterprise based on costs (or za podjetje, ki temeljijo na stroških (ali posledicah)
consequences) of adverse events. In an impact neugodnih dogodkov. Z analizo vpliva se
analysis, threats to assets are identified and potential prepoznavajo grožnje sredstvom ter morebitne izgube
business losses determined for different time periods. posla za različna časovna obdobja. Ocena se uporablja
This assessment is used to justify the extent of za upravičenje obsega zahtevanih varnostnih ukrepov
safeguards that are required and recovery time in časovnih okvirov za obnovitev sistema. Analiza je
frames. This analysis is the basis for establishing the temelj za vzpostavitev strategije obnovitve.
recovery strategy.
Impact assessment Ocena vpliva A review of the possible consequences of a risk. Pregled možnih posledic tveganja.
Scope Note: See also Impact analysis. Opomba: Glej tudi Analiza vpliva.

Impersonation Pretvarjanje A security concept related to Windows NT that allows Varnostni koncept, ki se nanaša na Windows NT in
a server application to temporarily "be" the client in strežniški aplikaciji omogoča, da se začasno
terms of access to secure objects. predstavlja kot odjemalec pri dostopu do varovanih
Scope Note: Impersonation has three possible levels: objektov.
identification, letting the server inspect the client's Opomba: Pretvarjanje se dogaja na treh možnih
identity; impersonation, letting the server act on ravneh: identifikacija, s katero strežnik preverja
behalf of the client; and delegation, the same as identiteto odjemalca; pretvarjanje, pri katerem se
impersonation but extended to remote systems to strežnik predstavlja kot odjemalec; zadolžitev, ki je
which the server connects (through the preservation enaka kot pretvarjanje, vendar je razširjena na
of credentials). Impersonation by imitating or copying oddaljene sisteme, s katerimi se strežnik povezuje (z
the identification, behavior or actions of another may ohranjanjem akreditacij). Pretvarjanje s posnemanjem
also be used in social engineering to obtain otherwise ali kopiranjem identifikacije, vedenja ali dejanj drugih
unauthorized physical access. je mogoče uporabljati tudi v socialnem inženiringu za
pridobivanje sicer nepooblaščenega fizičnega
dostopa.
Implement Izvesti, uvajati In business, includes the full economic life cycle of the V poslovanju vključuje popoln ekonomski življenjski
investment program through retirement; (i.e., when cikel naložbenega programa do opustitve; (npr. ko se
the full expected value of the investment is realized, uresniči celotna pričakovana vrednost naložbe, ko se
as much value as is deemed possible has been uresniči mogoča vrednost naložbe, ali ko je odločeno,
realized, or it is determined that the expected value da ni mogoče uresničiti pričakovane vrednosti, je
cannot be realized and the program is terminated) program končan)
Implementation life cycle Pregled življenjskega cikla Refers to the controls that support the process of Nanaša se na kontrole, ki podpirajo proces
review izvedbe transformation of the enterprise’s legacy information preoblikovanja starega informacijskega sistema v
systems into the enterprise resource planning (ERP) podjetju v namenske programe (ERP) za načrtovanje
applications. virov podjetja.
Scope Note: Largely covers all aspects of systems Opomba: Na splošno zajema vse vidike uvajanja in
implementation and configuration, such as change konfiguracije, na primer upravljanje sprememb.
management
Incident Incident Any event that is not part of the standard operation Kateri koli dogodek, ki ni del standardnega delovanja
of a service and that causes, or may cause, an storitve in ki povzroči ali lahko povzroči prekinitev ali
interruption to, or a reduction in, the quality of that zmanjšanje kakovosti storitve.
service

Incident response Odziv na incident The response of an enterprise to a disaster or other Odziv podjetja na katastrofo ali drug pomemben
significant event that may significantly affect the dogodek, ki lahko pomembno vpliva na podjetje,
enterprise, its people, or its ability to function njegove zaposlene ali na njegovo zmožnost
productively An incident response may include produktivnega delovanja.Odziv na incident lahko
evacuation of a facility, initiating a disaster recovery vključuje evakuacijo objekta, sprožitev načrta za
plan (DRP), performing damage assessment, and any obnovitev po katastrofi (DRP), oceno škode in katere
other measures necessary to bring an enterprise to a koli druge ukrepe, potrebne za to, da se v podjetju
more stable status. vzpostavi zanesljivo stanje.
Incremental testing Inkrementalno Deliberately testing only the value‐added Namensko preizkušanje samo dodanih
preizkušanje functionality of a software component funkcionalnosti programske komponente.
Independence Neodvisnost 1. Self‐governance 2. Freedom from conflict of 1. Samostojno vodenje 2. Svoboda pred konfliktom
interest and undue influence. interesov in neprimernim vplivom.
Scope Note: The IS auditor should be free to make Opomba: Revizor IS mora imeti možnost
his/her own decisions, not influenced by the samostojnega odločanja brez vpliva ljudi iz podjetja, ki
enterprise being audited and its people (managers je v revizijskem postopku (uprave in zaposlenih).
and employers).
Independent appearance Videz neodvisnosti The outward impression of being self‐governing and Navidezen vtis samostojnosti in neodvisnosti od
free from conflict of interest and undue influence konflikta interesov ter neprimernega vpliva.
Independent attitude Neodvisen odnos Impartial point of view which allows an IS auditor to Nepristranski zorni kot, ki omogoča revizorju IS, da
act objectively and with fairness deluje objektivno in pošteno.
Indexed Sequential Access Metoda dostopa z A disk access method that stores data sequentially Metoda dostopanja do diska, ki zaporedoma
Method (ISAM) zaporednim indeksiranjem while also maintaining an index of key fields to all the shranjuje podatke in hkrati vzdržuje indekse do
(ISAM) records in the file for direct access capability ključnih polj za vse zapise v datoteki, tako da je do
njih mogoče dostopati neposredno.
Indexed sequential file Indeksirana zaporedna A file format in which records are organized and can Datotečna oblika, v kateri so zapisi organizirani tako,
datoteka be accessed, according to a pre‐established key that is da je mogoče do njih dostopati v skladu z vnaprej
part of the record določenim ključem, ki je del zapisa.
Information Informacija An asset that, like other important business assets, is Sredstvo, ki je tako kakor druga pomembna poslovna
essential to an enterprise’s business. It can exist in sredstva bistvenega pomena za poslovanje podjetja.
many forms. It can be printed or written on paper, Obstaja lahko v veliko oblikah. Lahko je natisnjena ali
stored electronically, transmitted by post or by using napisana na papirju, lahko je shranjena elektronsko,
electronic means, shown on films, or spoken in lahko se prenaša po pošti ali po elektronskih
conversation. sredstvih, se prikazuje na filmih ali se pove med
pogovorom.

Information architecture Informacijska arhitektura Information architecture is one component of IT Informacijska arhitektura je eden od gradnikov
architecture (together with applications and arhitekture IT (skupaj z aplikacijami in tehnologijo)
technology)
Information criteria Informacijska merila Attributes of information that must be satisfied to Atributi informacij, ki morajo biti izpolnjeni, da
meet business requirements ustrezajo zahtevam posla.
Information engineering Informacijski inženiring Data‐oriented development techniques that work on Podatkovno usmerjen razvoj tehnik, ki delujejo na
the premise that data are at the center of information domnevi, da so podatki v središču obdelave informacij
processing and that certain data relationships are in da so odnosi med nekaterimi podatki pomembni za
significant to a business and must be represented in podjetje in da morajo biti predstavljeni v podatkovni
the data structure of its systems strukturi sistemov.
Information processing Zmogljivost za obdelavo The computer room and support areas Računalniška soba in podporne lokacije
facility (IPF) informacij (IPF)
Information security Informacijska varnost Ensures that within the enterprise, information is Zagotavlja, da so znotraj podjetja informacije
protected against disclosure to unauthorized users zaščitene pred razkritjem nepooblaščenim
(confidentiality), improper modification (integrity), uporabnikom (zaupnost), nezakonitim spreminjanjem
and non-access when required (availability) (celovitost) in ne-dostopnostjo, ko je ta zahtevana
(razpoložljivost).
Information security Vodenje informacijske The set of responsibilities and practices exercised by Nabor zadolžitev in praks, ki jih izvajata vodstvo in
governance varnosti the board and executive management with the goal uprava, katerih cilj je strateška usmeritev ter
of providing strategic direction, ensuring that zagotavljanje, da se dosegajo cilji, da se ustrezno
objectives are achieved, ascertaining that risk is upravlja tveganje in da se preverja, da se sredstva in
managed appropriately and verifying that the viri uporabljajo odgovorno.
enterprise’s resources are used responsibly
Information security Program informacijske The overall combination of technical, operational and Zbir tehničnih, operativnih, in postopkovnih ukrepov
program varnosti procedural measures and management structures ter upravljalskih struktur, ki so uvedene, da poskrbijo
implemented to provide for the confidentiality, za zaupnost, celovitost in razpoložljivost informacij.
integrity and availability of information based on Temeljijo na poslovnih zahtevah in analizi tveganj.
business requirements and risk analysis

Information systems (IS) Informacijski sistemi (IS) The combination of strategic, managerial and Kombinacija strateških, upravljavskih in operativnih
operational activities involved in gathering, dejavnosti, vključenih v zbiranje, obdelovanje,
processing, storing, distributing and using information shranjevanje, distribucijo in uporabo informacij ter z
and its related technologies. njimi povezanih tehnologij.
Scope Note: Information systems are distinct from Opomba: Informacijski sistemi se ločijo od
information technology (IT) in that an information informacijske tehnologije (IT) po tem, da imajo
system has an IT component that interacts with the informacijskih sistemi komponente IT, povezane s
process components. komponentami procesov.
Information technology Informacijska tehnologija The hardware, software, communication and other Strojna oprema, programska oprema, komunikacije in
(IT) (IT) facilities used to input, store, process, transmit and druge zmogljivosti, ki se uporabljajo za vnos,
output data in whatever form shranjevanje, obdelavo, prenos in izhod podatkov v
kakršni koli obliki.
Informed Seznanjen In a RACI chart (Responsible, Accountable, Consulted, V grafikonu ZOPS (Zadolžen, Odgovoren, Posvetovan,
Informed), Informed refers to those people who are Seznanjen), Seznanjen se nanaša na tiste ljudi, ki se
kept up to date on the progress of an activity sproti obveščajo o napredovanju
(one‐way communication) aktivnosti(enosmerna komunikacija)
Infrastructure as a Service Infrastruktura kot storitev Offers the capability to provision processing, storage, Ponuja zmožnost obdelovanja, shranjevanja, omrežij
(IaaS) (IaaS) networks and other fundamental computing in/ali osnovnih računalniških sredstev, ki omogočajo
resources, enabling the customer to deploy and run stranki, da vzpostavi in poganja poljubno programsko
arbitrary software, which can include operating opremo, ki lahko vključuje operacijske sisteme (OSs)
systems (OSs) and applications in namenske programe
Inherent risk Inherentno tveganje 1. The risk level or exposure without taking into 1. Raven tveganja ali razkritja, ne da bi se pri tem
account the actions that management has taken or upoštevala dejanja, ki jih je poslovodstvo izvedlo ali
might take (e.g., implementing controls) 2. The risk jih bo izvedlo (npr. uvajanje kontrol). 2. Tveganje, da
that a material error could occur, assuming that there bo prišlo do materialne napake ob predpostavki, da ni
are no related internal controls to prevent or detect povezanih notranjih kontrol, ki bi napako preprečile
the error. ali zaznale.
Scope Note: Audit perspective; also see Control risk Opomba: Revizijski vidik; glejte tudi Tveganje pri
nadzoru
Inheritance (objects) Dedovanje (objekti) Database structures that have a strict hierarchy (no Struktura podatkovne zbirke s strogo hierarhijo (ni
multiple inheritance) Inheritance can initiate other večkratnih dedovanj). Dedovanje lahko zažene druge
objects irrespective of the class hierarchy, thus there objekte ne glede na hierarhični razred, tako da ni
is no strict hierarchy of objects stroge hierarhije objektov.

Initial program load (IPL) Zagonsko nalaganje The initialization procedure that causes an operating Zagonski postopek, zaradi katerega se operacijski
programa (IPL) system to be loaded into storage at the beginning of a sistem naloži v pomnilnik na začektu delovnika ali po
workday or after a system malfunction. okvari sistema.
Initialization vector (IV) Navzkrižje zagonskih A major concern is the way that wired equivalent Zelo pomembno je, na kakšen način WEP dodeljuje
collisions vektorjev (IV) privacy (WEP) allocates the RC4 initialization vectors zagonske vektorje RC4, ki ustvarijo ključe za pogon
(IVs) used to create the keys that are used to drive a generatorja psevdonaključnih številk, ki se prej ali slej
pseudo random number generator that is eventually uporabijo za šifriranje brezžičnih podatkov. IV v WEP
used for encryption of the wireless data traffic. The IV je 24-bitno polje - majhen prostor, ki zagotavlja
in WEP is a 24‐bit field‐‐a small space that practically vnovično uporabo, posledica česar je tudi vnovična
guarantees reuse, resulting in key reuse. The WEP uporaba ključev. V standardu WEP ni izrecno
standard also fails to specify how these IVs are navedeno, kako so dodeljeni IV-ji. Veliko kartic za
assigned. Many wireless network cards reset these IVs brezžično povezavo ponastavijo IV-je na nič in jih
to zero and then increment them by one for every povečajo za ena ob vsaki uporabi. Če lahko napadalec
use. If an attacker can capture two packets using the zajame dva paketa z istim IV-jem (isti ključ, če ključ ni
same IV (the same key if the key has not been bil spremenjen), je mogoče uporabiti mehanizme za
changed), mechanisms can be used to determine določanje delov izvornega paketa. Ta in druge slabosti
portions of the original packets. This and other povzročijo vnovično uporabo ključev, zaradi česar je
weaknesses result in key reuse, resulting in sistem občutljiv na napade s preizkušanjem že
susceptibility to attacks to determine the keys used. uporabljenih ključev. Napadi zahtevajo veliko število
These attacks require a large number of packets (5‐6 paketov (5-6 milijonov), da dejansko najdejo celotni
million) to actually fully derive the WEP key, but on a ključ WEP, vendar se lahko v omrežju z veliko prometa
large, busy network this can occur in a short time, to zgodi v kratkem času, morda celo v le 10 minutah
perhaps in as quickly as 10 minutes (although, even (čeprav potrebujejo tudi nekatera omrežja največjih
some of the largest corporate networks will likely podjetij nekaj več časa, da zberejo dovolj paketov). V
require much more time than this to gather enough brezžičnih omrežjih, zaščitenih z WEP-om, velikokrat
packets). In WEP‐protected wireless networks, many uporablja isti deljeni ključ več postaj (ali celo vse). To
times multiple, or all, stations use the same shared močno poveča možnost navzkrižja IV. Če se ključi WEP
key. This increases the chances of IV collisions greatly. ne spreminjajo dovolj pogosto, postane omrežje manj
The result of this is that the network becomes varno. To še dodatno zahteva protokol za upravljanje
insecure if the WEP keys are not changed often. This s ključi WEP.
furthers the need for a WEP key management
protocol.
Input control Vnosne kontrole Techniques and procedures used to verify, validate Tehnike in postopki, ki se uporabljajo za pregled,
and edit data to ensure that only correct data are overjanje in urejanje podatkov, s katerimi se zagotovi,
entered into the computer da se v računalnik vnesejo samo pravilni podatki.

Inputs and outputs Vnosi in rezultati The process work products/artifacts considered Delovni produkti/Izdelki, za katere velja, da so
necessary to support operation of the process potrebni za podporo delovanja procesa.
Scope: Inputs and outputs enable key decisions, Opomba: Omogočajo ključne odločitve, poskrbijo za
provide a record and audit trail of process activities, zapis in revizijsko sled dejavnosti procesa in
and enable follow-up in the event of an incident. They omogočajo nadaljnja dejanja v primeru incidenta.
are defined at the key management practice level, Opredeljeni so na ključni ravni upravljanja, lahko
may include some work products used only within the vključujejo nekaj delovnih produktov, ki se
process and are often essential inputs to other uporabljajo le znotraj procesov, in so pogosto bistveni
processes. The illustrative COBIT 5 inputs and outputs vnosi za druge procese. Ponazoritveni vnosi in
should not be regarded as an exhaustive list since rezultati COBIT 5 ne smejo biti upoštevani kot izčrpen
additional information flows could be defined seznam, saj je mogoče določiti tudi dodatne
depending on a particular enterprise’s environment informacijske tokove, odvisno od okolja podjetja in
and process framework. procesnega okvira.
Instant messaging (IM) Takojšnje sporočanje (IM) An online mechanism or a form of real‐time Spletni sistem za izmenjavo sporočil v realnem času
communication between two or more people based med dvema ali več uporabniki, ki temelji na tipkanem
on typed text and multimedia data. besedilu in večpredstavnostnimi podatki.
Scope Note: Text is conveyed via computers or Opomba: Besedilo se prenaša prek računalnikov ali
another electronic device (e.g., cellular phone or drugih elektronskih naprav (npr. pametnih telefonov
handheld device) connected over a network, such as ali dlančnikov), povezanih v omrežje, kakršno je
the Internet. internet.
Integrated services digital Digitalno omrežje z A public end‐to‐end digital telecommunications Javno digitalno telekomunikacijsko omrežje z
network (ISDN) integriranimi storitvami network with signaling, switching and transport zmožnostjo signaliziranja, komutiranja in prenašanja
(ISDN) capabilities supporting a wide range of service širokega nabora storitev, do katerih se dostopa s
accessed by standardized interfaces with integrated standardiziranimi vmesniki z vgrajenim nadzorom
customer control. uporabnikov.
Scope Note: The standard allows transmission of Opomba: Standard omogoča prenos digitalnega
digital voice, video and data over 64‐Kpbs lines. zvoka, videa in podatkov čez povezave 64 Kb/s.
Integrated test facilities Vgrajeni sistemi testiranja A testing methodology in which test data are Način preizkušanja, pri katerem so testni podatki
(ITF) (ITF) processed in production systems. obdelani v proizvodnih sistemih.
Scope Note: The data usually represent a set of Opomba: Podatki navadno predstavljajo nabor
fictitious entities such as departments, customers or izmišljenih entitet, na primer oddelkov, strank ali
products. Output reports are verified to confirm the proizvodov. Poročila se preverijo, da se potrdi, da je
correctness of the processing. bila obdelava pravilna.

Integrity Celovitost Guarding against improper information modification Varuje pred nezakonitim spreminjanjem ali uničenjem
or destruction, and includes ensuring information in vključuje zagotavljanje nezanikanja in istovetnosti
non-repudiation and authenticity. informacij.
Interface testing Preizkušanje vmesnika A testing technique that is used to evaluate output Tehnika preizkušanja, ki se uporablja za ovrednotenje
from one application while the information is sent as rezultata aplikacije, medtem ko se informacije
input to another application pošljejo kot vhodni podatki drugi aplikaciji.
Internal control Okolje notranjega nadzora The relevant environment on which the controls have Ustrezno okolje, na katero vplivajo kontrole.
environment effect
Internal control over Notranji nadzor A process designed by, or under the supervision of, Postopek, ki so ga načrtovali, ali je bil načrtovan pod
financial reporting finančnega poročanja the registrant’s principal executive and principal njihovim vodstvom, zavezančevi glavni direktorji in
financial officers, or persons performing similar finančniki ali osebe, ki izvajajo podobne naloge, in na
functions, and effected by the registrant’s board of katerega vplivajo zavezančev upravni odbor,
directors, management and other personnel to poslovodstvo ali drugo osebje, da se dajo razumna
provide reasonable assurance regarding the reliability zagotovila o zanesljivosti finančnega poročanja in
of financial reporting and the preparation of financial pripravi finančnih izkazov za javnost, v skladu s
statements for external purposes in accordance with splošno priznanimi računovodskimi standardi. Zajema
generally accepted accounting principals. Includes tiste politike in postopke, ki: - Se nanašajo na
those policies and procedures that: ‐ Pertain to the vzdrževanje zapisov, ki do razumne podrobnosti točno
maintenance of records that in reasonable detail in pošteno odražajo zavezančeve transakcije in
accurately and fairly reflect the transactions and uporabo sredstev, - Poskrbi za razumno zagotovilo, da
dispositions of the assets of the registrant ‐ Provide so transakcije zabeležene, kot je to potrebno, kar
reasonable assurance that transactions are recorded omogoča pripravo finančnih poročil v skladu s splošno
as necessary to permit preparation of financial priznanimi računovodskimi standardi, ter da so
statements in accordance with generally accepted zavezančevi prihodki in odhodki v skladu s pooblastili
accounting principles, and that receipts and zavezančevega poslovodstva in direktorjev; - Poskrbi
expenditures of the registrant are being made only in za razumno zagotovilo o preprepečevanju ali
accordance with authorizations of management and pravočasnem zaznavanju nepooblaščenih nabav in
directors of the registrant ‐ Provide reasonable uporabe ali razpolaganja z zavezančevimi sredstvi, ki
assurance regarding prevention or timely detection of bi lahko materialno vplivali na finančne izkaze.
unauthorized acquisition, use or disposition of the
registrant’s assets that could have a material effect on
the financial statements

Internal control structure Ustroj notranjega nadzora The dynamic, integrated processes‐‐effected by the Dinamični in integrirani procesi, na katere vpliva
governing body, management and all other staff‐‐ vodstveni organ, poslovodstvo in drugo osebje, ki so
that are designed to provide reasonable assurance načrtovani tako, da omogočajo razumno zagotovilo o
regarding the achievement of the following general doseganju naslednjih splošnih ciljev: - Uspešnost,
objectives: ‐Effectiveness, efficiency and economy of učinkovitost in ekonomičnost operacij; - Zanesljivost
operations ‐Reliability of management ‐Compliance poslovodstva; - Skladnost z ustrezno zakonodajo,
with applicable laws, regulations and internal policies. predpisi in notranjimi politikami. Na strategijo
Management’s strategies for achieving these general poslovodstva za doseganje teh splošnih ciljev vplivata
objectives are affected by the design and operation of načrtovanje in delovanje naslednjih sestavin: -
the following components: ‐Control environment kontrolnega okolja; - Informacijskega sistema; -
‐Information system ‐Control procedures kontrolnih postopkov.
Internal controls Notranje kontrole The policies, procedures, practices and organizational Politike, postopki, prakse in organizacijska struktura,
structures designed to provide reasonable assurance načrtovani tako, da omogočajo razumno zagotovilo,
that business objectives will be achieved and da bodo poslovni cilji doseženi in da bodo nezaželeni
undesired events will be prevented or detected and dogodki preprečeni ali zaznani in odpravljeni.
corrected
Internal penetrators Notranji vdiralci Authorized user of a computer system who oversteps Pooblaščeni uporabnik ali računalniški sistem, ki
his/her legitimate access rights. prekorači svoje upravičene pravice dostopa.
Scope Note: This category is divided into Opomba: Ta kategorija se loči na zakrinkane in prikrite
masqueraders and clandestine users. uporabnike.
Internal rate of return Notranja stopnja donosa The discount rate that equates an investment cost Obrestna mera (diskontna stopnja), ki enači stroške
(IRR) (IRR) with its projected earnings. vlaganja s pričakovanim zaslužkom.
Scope Note: When discounted at the IRR, the present Opomba: Diskontirana z IRR bo sedanja vrednost
value of the cash outflow will equal the present value denarnih odtokov izenačena s sedanjo vrednostjo
of the cash inflow. The IRR and net present value denarnih pritokov. IRR in čista (neto) sedanja
(NPV) are measures of the expected profitability of an vrednost (NPV) sta merili pričakovane donosnosti
investment project. naložbenega projekta.
Internal storage Notranji pomnilnik The main memory of the computer’s central Glavni pomnilnik centralno procesne enote (CPE)
processing unit (CPU) računalnika.
Internet Splet, medmrežje, internet 1. Two or more networks connected by a router 2. 1. Dve ali več omrežij, povezanih z usmerjevalnikom.
The world’s largest network using Transmission 2. Največje svetovno omrežje, ki za povezave med
Control Protocol/Internet Protocol (TCP/IP) to link vladnimi, univerzitetnimi in komercialnimi ustanovami
government, university and commercial institutions uporablja protokol TCP/IP.

Internet banking Spletno bančništvo Use of the Internet as a remote delivery channel for Vključuje uporabo interneta kot oddaljenega kanala
banking services. za dostop do bančnih storitev.
Scope Note: Services include traditional ones, such as Opomba: Storitve vključujejo tradicionalne storitve,
opening an account or transferring funds to different npr. odpiranje bančnega računa ali prenos sredstev na
accounts, and new banking services, such as druge račune, in nove bančne storitve, na primer
electronic bill presentment and payment (allowing pošiljanje e-računov in izvajanje e-plačil (kar strankam
customers to receive and pay bills on a bank’s web omogoča, da račune sprejemajo in plačujejo na
site). bančni spletni strani).
Internet Control Message Protokol za spletni nadzor A set of protocols that allow systems to communicate Nabor protokolov, ki sistemom omogočajo
Protocol (ICMP) sporočanja (ICMP) information about the state of services on other posredovanje informacij o stanju storitev v drugih
systems. sistemih.
Scope Note: For example, ICMP is used in determining Opomba: ICMP se na primer uporablja, da se ugotovi,
whether systems are up, maximum packet sizes on ali sistemi delujejo, kakšna je največja velikost
links, whether a destination host/network/port is paketov na povezavah, ali je ciljni
available. Hackers typically use (abuse) ICMP to gostitelj/omrežje/vrata na voljo. Hekerji navadno
determine information about the remote site. ICMP izkoriščajo, da pridobijo informacije o
oddaljenem spletišču.
Internet Engineering Task Delovna skupina za razvoj An organization with international affiliates as Organizacija z mednarodnimi člani, npr. predstavniki
Force (IETF) interneta (IETF) network industry representatives that sets Internet omrežne industrije, ki določa internetne standarde.
standards. This includes all network industry To vključuje vse razvijalce in razsikovalce omrežne
developers and researchers concerned with the industrije, ki se ukvarjajo z razvojem in načrtovano
evolution and planned growth of the Internet. rastjo interneta.
Internet Inter‐ORB Internetni protokol Inter- Developed by the object management group (OMG) Razvila ga je skupina za upravljanje objektov (OMG),
Protocol (IIOP) ORB (IIOP) to implement Common Object Request Broker da bi lahko rešitve arhitekture posrednikov zahtev
Architecture (CORBA) solutions over the World Wide skupnih objektov (CORBA) uvedla prek spleta.
Web. Opomba: CORBA omogoča medsebojno komunikacijo
Scope Note: CORBA enables modules of modulov programov, ki temeljijo na omrežnem
network‐based programs to communicate with one delovanju. Te module ali dele programov, na primer
another. These modules or program parts, such as preglednice, polja in zapletenejše podelemente
tables, arrays, and more complex program programov imenujemo objekti. Uporaba IIOP v teh
subelements, are referred to as objects. Use of IIOP in procesih brskalnikom in strežnikom omogoča
this process enables browsers and servers to izmenjavo preprostih in zapletenih objektov. To se
exchange both simple and complex objects. This zelo razlikuje od protokola za prenos hiperteksta
differs significantly from HyperText Transfer Protocol (HTTP), ki podpira le prenos besedila.
(HTTP), which only supports the transmission of text.

Internet protocol (IP) Internetni protokol (IP) Specifies the format of packets and the addressing Opredeluje obliko paketov in način naslavljanja.
scheme
Internet Protocol (IP) Lažno predstavljanje An attack using packets with the spoofed source Napad z uporabo paketov z lažno predstavljenim
packet spoofing internetnega protokola Internet packet (IP) addresses. izvornim naslovom internetnega paketa (IP).
(IP) Scope Note: This technique exploits applications that Opomba: Ta tehnika izkorišča programe, ki
use authentication based on IP addresses. This uporabljajo avtentikacijo, temelječo na naslovu IP.
technique also may enable an unauthorized user to Lahko tudi omogoča nepooblaščenemu uporabniku
gain root access on the target system. dostop do jedra ciljanega sistema.
Internet service provider Ponudnik internetnih A third party that provides individuals and enterprises Nepovezana oseba, ki posameznikom in podjetjem
(ISP) storitev (ISP) with access to the Internet and a variety of other omogoča dostop do interneta in raznolike, z
Internet‐related services internetom povezane storitve.
Interruption window Prekinitveno okno The time that the company can wait from the point of Čas, ki v podjetju lahko preteče od točke odpovedi do
failure to the restoration of the minimum and critical točke obnove minimalnih in kritičnih storitev ali
services or applications After this time, the aplikacij. Po tem času so izgube, ki jih podjetje utrpi
progressive losses caused by the interruption are zaradi prekinitve, prevelike.
excessive for the enterprise.
Intranet Intranet A private network that uses the infrastructure and Zasebno omrežje, ki uporablja internetno in spletno
standards of the Internet and World Wide Web, but is infrastrukturo in standarde, vendar je od javnega
isolated from the public Internet by firewall barriers interneta ločeno s požarnim zidom.
Intrusion Vdor Any event during which unauthorized access occurs Kateri koli dogodek, pri katerem pride do
nepooblaščenega dostopa.
Intrusion detection Zaznavanje vdorov The process of monitoring the events occurring in a Postopek nadzorovanja dogodkov, do katerih pride v
computer system or network to detect signs of računalniškem sistemu ali v omrežju, s katerim se
unauthorized access or attack zaznava nepooblaščen dostop ali napad.
Intrusion detection system Sistem za zaznavanje Inspects network and host security activity to identify Pregleduje varnost omrežja in gostitelja, da prepozna
(IDS) vdorov (IDS) suspicious patterns that may indicate a network or sumljive vzorce, ki bi lahko naznanjali napad na
system attack omrežje ali sistem.
Intrusive monitoring Vsiljivo nadzorovanje In vulnerability analysis, gaining information by Pri analizi ranljivosti pridobivanje informacij z
performing checks that affect the normal operation of izvajanjem preverjanj, ki vplivajo na običajno
the system, and even by crashing the system delovanje sistema in celo z rušenjem sistema.
Investment portfolio Naložbeni portfelj The collection of investments being considered Zbirka naložb, ki so v obravnavi in/ali so izvedene.
and/or being made

IP Security (IPSec) Varnost IP (IPSec) A set of protocols developed by the Internet Nabor protokolov, ki jih je Delovna skupina za
Engineering Task Force (IETF) to support the secure internetno tehniko (IETF) razvila za podporo varne
exchange of packets izmenjave paketov.
Irregularity Nepravilnost Intentional violation of an established management Namerno kršenje vzpostavljene vodstvene politike ali
policy or regulatory requirement It may consist of nadzornih zahtev. Sestoji lahko iz namerne napačne
deliberate misstatements or omission of information navedbe ali izpusta informacij, ki zadevajo področja v
concerning the area under audit or the enterprise as a reviziji ali celotno podjetje; hude malomarnosti ali
whole; gross negligence or unintentional illegal acts. nenamernega kaznivega dejanja.
ISO 9001:2000 ISO 9001:2000 Code of practice for quality management from the Kodeks upravljanja kakovosti, kot ga je določila
International Organization for Standardization (ISO). Mednarodna organizacija za standardizacijo (ISO). ISO
ISO 9001:2000 specifies requirements for a quality 9001:2000 opredeljuje zahteve za sistem upravljanja
management system for any enterprise that needs to kakovosti za katero koli podjetje, ki mora dokazati
demonstrate its ability to consistently provide svojo zmožnost, da dosledno dobavlja produkte ali
products or services that meet particular quality storitve, ki ustrezajo določenim kakovostnim
targets. zahtevam.
ISO/IEC 17799 ISO/IEC 17799 This standard defines information's confidentiality, Ta standard opredeljuje kontrole za doseganje
integrity and availability controls in a comprehensive zaupnosti in celovitosti in razpoložljivost informacij v
information security management system. splošnem sistemu upravljanja varovanja informacij.
Scope Note: Originally released as part of the British Opomba: Izvorno objavljen kot del britanskih
Standard for Information Security in 1999 and then as standardov za varovanje informacij leta 1999, nato pa
the Code of Practice for Information Security kot kodeks varovanja informacij oktobra 2000.
Management in October 2000, it was elevated by the Mednarodna organizacija za standardizacijo (ISO) ga
International Organization for Standardization (ISO) to je razglasila za mednarodni kodeks varovanja
an international code of practice for information informacij. Zadnja različica: ISO/IEC 17799:2005.
security management. The latest version is ISO/IEC
17799:2005.
ISO/IEC 27001 ISO/IEC 27001 Information Security Management‐‐Specification with Upravljanje varovanja informacij ‐‐Specifikacija s
Guidance for Use; the replacement for BS7799‐ 2. It is smernicami za uporabo; zamenjava za BS7799‐ 2.
intended to provide the foundation for third‐party Namenjen je za uporabo kot temelj revizije neodvisne
audit and is harmonized with other management stranke in je usklajen z drugimi standardi upravljanja,
standards, such as ISO/IEC 9001 and 14001. kot sta ISO/IEC 9001 in 14001.
IT application Aplikacija IT Electronic functionality that constitutes parts of Elektronska funkcionalnost, ki predstavlja dele
business processes undertaken by, or with the poslovnih procesov, ki jih izvaja ali se izvajajo s
assistance of, IT pomočjo IT.

IT architecture Arhitektura IT Description of the fundamental underlying design of Opis temeljnega načrta komponent IT v podjetju,
the IT components of the business, the relationships odnosov med njimi in načina, na katerega podpirajo
among them, and the manner in which they support cilje podjetja.
the enterprise’s objectives
IT goal Cilj IT A statement describing a desired outcome of Izjava, ki opisuje želeni izid IT-ja v podjetju v podporo
enterprise IT in support of enterprise goals. An podjetniških ciljev. Izid je lahko izdelek, pomembna
outcome can be an artifact, a significant change of a sprememba stanja ali pomembna izboljšava
state or a significant capability improvement. zmogljivosti.
IT governance Vodenje informatike The responsibility of executives and the board of Odgovornost direktorjev in upravnega odbora
directors; consists of the leadership, organizational direktorjev; sestoji iz vodstva, organizacijske strukture
structures and processes that ensure that the in postopkov, ki zagotavljajo, da IT podjetja podpira in
enterprise’s IT sustains and extends the enterprise's širi strategije in cilje podjetja.
strategies and objectives
IT governance framework Okvir vodenja informatike A model that integrates a set of guidelines, policies Model, ki obsega nabor smernic, politik in metod, ki
and methods that represent the organizational predstavljajo organizacijski pristop k vodenju
approach to IT governance. informatike.
Scope Note: Per COBIT, IT governance is the Opomba: V skladu s COBIT-om je vodenje IT
responsibility of the board of directors and executive odgovornost upravnega odbora direktorjev in
management. It is an integral part of institutional poslovodstva. Je bistven del vodenja organizacije in
governance and consists of the leadership and sestoji iz vodenja ter organizacijske strukture in
organizational structures and processes that ensure postopkov, ki zagotavljajo, da IT podjetja podpira in
that the enterprise's IT sustains and extends the širi strategije in cilje podjetja.
enterprise's strategy and objectives.
IT Governance Institute® IT Governance Institute® Founded in 1998 by the Information Systems Audit Leta 1998 ga je ustanovilo Združenje za revizijo in
(ITGI®) (ITGI®) and Control Association (now known as ISACA). ITGI nadzor informacijskih sistemov (zdaj pozano kot
strives to assist enterprise leadership in ensuring ISACA). ITGI skuša pomagati vodstvu podjetja pri
long‐term, sustainable enterprise success and to zagotavljanju dolgoročnega, vzdržnega uspeha
increase stakeholder value by expanding awareness. podjetja in povečevanju vrednosti za deležnike z
razširjanjem osveščenosti.
IT incident Incident IT Any event that is not part of the ordinary operation of Kateri koli dogodek, ki ni del običajnega delovanja
a service that causes, or may cause, an interruption storitve in ki povzroči ali lahko povzroči prekinitev ali
to, or a reduction in, the quality of that service zmanjšanje kakovosti storitve.

IT infrastructure Infrastruktura IT The set of hardware, software and facilities that Nabor strojne in programske opreme ter naprav, ki
integrates an enterprise's IT assets. povezujejo IT sredstva nekega podjetja.
Scope Note: Specifically, the equipment (including Opomba: Natančneje so to oprema (vključno s
servers, routers, switches and cabling), software, strežniki, usmerjevalniki, stikali in ožičenjem),
services and products used in storing, processing, programska oprema, storitve in produkti, ki se
transmitting and displaying all forms of information uporabljajo za shranjevanje, obdelavo, prenos in
for the enterprise’s users prikaz vseh oblik informacij za uporabnike v podjetju.
IT investment dashboard Nadzorna plošča naložb v A tool for setting expectations for an enterprise at Orodje za vzpostavitev pričakovanj za podjetje na
IT each level and continuous monitoring of the vsaki ravni in za neprestano spremljanje uspešnosti
performance against set targets for expenditures on, glede na zastavljene cilje za odhodke in donose pri
and returns from, IT‐enabled investment projects in projektih, podprtih z IT, v smislu poslovne vrednosti.
terms of business values
IT risk Tveganje IT The business risk associated with the use, ownership, Poslovno tveganje, povezano z uporabo, lastništvom,
operation, involvement, influence and adoption of IT delovanjem, vpletenostjo, vplivom in sprejetjem IT v
within an enterprise podjetju.
IT risk issue Problem tveganja IT 1. An instance of IT risk 2. A combination of control, 1. Pojavitev tveganja IT 2. Kombinacija nadzora,
value and threat conditions that impose a noteworthy vrednosti in groženj, ki vsilijo pomembno stopnjo
level of IT risk tveganja IT
IT risk profile Profil tveganja IT A description of the overall (identified) IT risk to Opis splošnih (prepoznanih) tveganj IT, katerim je
which the enterprise is exposed izpostavljeno podjetje.
IT risk register Register tveganj IT A repository of the key attributes of potential and Shramba ključnih lastnosti morebitnih in znanih
known IT risk issues Attributes may include name, problemov tveganja IT. Te lastnosti so lahko ime, opis,
description, owner, expected/actual frequency, lastnik, pričakovana/dejanska pogostost,
potential/actual magnitude, potential/actual business morebitni/dejanski obseg, morebitni/dejanski vpliv na
impact, disposition. poslovanje, značaj.
IT risk scenario Scenarij tveganja IT The description of an IT‐related event that can lead to Opis z IT povezanega dogodka, ki lahko vpliva na
a business impact poslovanje.
IT service Storitev IT The day-to-day provision to customers of IT Vsakodnevno oskrbovanje strank z infrastrukturo IT,
infrastructure and applications and support for their aplikacijami in podporo za njihovo uporabo - npr.
use—e.g., service desk, equipment supply and moves, storitveni center, dobavo opreme in selitve ter
and security authorizations varnostna pooblastila.

IT steering committee Komisija za vodenje IT An executive‐management‐level committee that Komisija na izvršni ravni, ki pomaga pri vzpostavljanju
assists in the delivery of the IT strategy, oversees strategije IT, nadzoruje vsakodnevno upravljanje
day‐to‐day management of IT service delivery and IT storitev in projektov IT ter se osredotoča na
projects, and focuses on implementation aspects izvedbene vidike.
IT strategic plan Strateški načrt IT A long‐term plan (i.e., three‐ to five‐year horizon) in Dolgoročni načrt (npr. od 3- do 5-letni), v katerem
which business and IT management cooperatively poslovodstvo in služba IT skupaj opišeta, kako bodo
describe how IT resources will contribute to the sredstva in viri IT prispevali k uresničevanju strateških
enterprise’s strategic objectives (goals) ciljev podjetja.
IT strategy committee Strateška komisija za IT A committee at the level of the board of directors to Komisija na nivoju upravnega odbora, ki zagotavlja, da
ensure that the board is involved in major IT matters je odbor vključen v pomembne zadeve in odločitve o
and decisions. IT.
Scope Note: The committee is primarily accountable Opomba: Komisija je v glavnem odgovorna za
for managing the portfolios of IT‐enabled upravljanje portfeljev z IT podprtih naložb, storitev IT
investments, IT services and other IT resources. The in drugih virov IT. Komisija je lastnik portfelja.
committee is the owner of the portfolio.
IT tactical plan Taktični načrt IT A medium‐term plan (i.e., six‐ to 18‐month horizon) Srednjeročni načrt (npr. od 6- do 18-mesečni), ki
that translates the IT strategic plan direction into strateški načrt IT prenese v zahtevane pobude,
required initiatives, resource requirements and ways zahteve po sredstvih in načine, na katere bodo
in which resources and benefits will be monitored and sredstva in dobrine spremljani in upravljani.
managed
IT user Uporabnik IT A person who uses IT to support or achieve a business Oseba, ki uporablja IT za podporo ali doseganje
objective poslovnega cilja.
ITIL (IT Infrastructure ITIL (IT infrastrukturna The UK Office of Government Commerce (OGC) IT IT infrastrukturna knjižnica britanskega vladnega
Library) knjižnica) Infrastructure Library. A set of guides on the trgovinskega urada (OGC). Nabor smernic za
management and provision of operational IT services upravljanje in zagotavljanje operativnih storitev IT.
IT‐related incident Incident, povezan z IT An IT‐related event that causes an operational, Z IT povezan dogodek, ki operativno, razvojno ali
developmental and/or strategic business impact strateško vpliva na poslovanje.
Job control language (JCL) Jezik nadzora poslov (JCL) Used to control run routines in connection with Uporablja se za nadzor rutin v povezavi z izvedbo
performing tasks on a computer računalniških opravil.
Journal entry Vnos v dnevnik A debit or credit to a general ledger account, in Oracle Debet ali kredit na računu v glavni knjigi, pri Oraclu
See also Manual Journal Entry. glejte tudi Ročni dnevniški vnos.

Judgment sampling Vzorčenje s presojanjem Any sample that is selected subjectively or in such a Kakršen koli vzorec, ki je izbran subjektivno ali na tak
manner that the sample selection process is not način, da postopek izbiranja vzorca ni naključen ali da
random or the sampling results are not evaluated rezultati vzorčenja niso matematično ovrednoteni.
mathematically
Key goal indicator (KGI) Ključni kazalnik cilja (KGI) A measure that tells management, after the fact, Merilo, ki poslovodstvu po dogodku pove, ali je
whether an IT process has achieved its business proces IT dosegel poslovne zahteve; navadno se izraža
requirements; usually expressed in terms of v smislu informacijskih kriterijev.
information criteria
Key management practice Ključne prakse Management practices that are required to Poslovodske prakse, ki se zahtevajo za uspešno
poslovodenja successfully execute business processes izpeljavo poslovnega procesa.
Key performance indicator Ključni kazalnik uspešnosti A measure that determines how well the process is Merilo, ki določa, kako dobro proces omogoča
(KPI) (KPI) performing in enabling the goal to be reached. doseganje cilja.
Scope Note: A lead indicator of whether a goal will Opomba: Vodilni kazalnik, ki kaže, ali je verjetno, da
likely be reached, and a good indicator of capabilities, bo cilj dosežen, in dober kazalnik zmogljivosti, praks in
practices and skills. It measures an activity goal, which spretnosti. Meri cilj dejavnosti, ki je dejanje, ki ga
is an action that the process owner must take to mora lastnik procesa izpeljati, da bi dosegel uspešno
achieve effective process performance. izvajanje procesa.
Key risk indicator (KRI) Ključni kazalnik tveganja A subset of risk indicators that are highly relevant and Podmnožica kazalnikov tveganja, ki so zelo pomembni
(KRI) possess a high probability of predicting or indicating in za katere je zelo verjetno, da napovedujejo ali
important risk. kažejo pomembno tveganje.
Scope Note: See also Risk Indicator. Opomba: Glejte tudi Kazalnik tveganja.
Knowledge portal Portal znanja Refers to the repository of a core of information and Nanaša se na shrambo ključnih informacij in znanja,
knowledge for the extended enterprise. namenjenega uporabi širšega podjetja.
Scope Note: Generally a web‐based implementation Opomba: Na splošno je to spletišče s shrambo
containing a core repository of information provided ključnih informacij, do katerih ima dostop širše
for the extended enterprise to resolve any issues podjetje, da lahko rešuje morebitne težave.
Latency Zakasnitev The time it takes a system and network delay to Čas, ki ga sistem in omrežje potrebujeta za odziv.
respond. Opomba: Natančneje, zakasnitev sistema je čas, ki ga
Scope Note: More specifically, system latency is the sistem potrebuje, da pridobi podatke. Zakasnitev
time that a system takes to retrieve data. Network omrežja je čas, ki ga paket potrebuje za pot od vira do
latency is the time it takes for a packet to travel from cilja.
the source to the final destination.

Leadership Vodenje The ability and process to translate vision into desired Zmožnost in proces, ki prenese vizijo v želeno
behaviors that are followed at all levels of the obnašanje na vseh ravneh razširjenega podjetja.
extended enterprise
Leased line Zakupljeni vod A communication line permanently assigned to Komunikacijska povezava, ki je permanentno
connect two points, as opposed to a dial‐up line that dodeljena povezavi dveh točk, v nasprotju s klicno
is only available and open when a connection is made povezavo, ki je na voljo in odprta le, ko se vzpostavi
by dialing the target machine or network Also known povezava s klicem ciljne naprave ali omrežja. Znana
as a dedicated line tudi kot namenska linija.
Level of assurance Raven zagotovila Refers to the degree to which the subject matter has Nanaša se na stopnjo, do katere je bila zadeva
been examined or reviewed preiskana ali pregledana.
Librarian Knjižničar The individual responsible for the safeguard and Oseba, odgovorna za varovanje in vzdrževanje vseh
maintenance of all program and data files programskih in podatkovnih datotek.
Licensing agreement Licenčna pogodba A contract that establishes the terms and conditions Pogodba, ki ureja pogoje licenciranja programske
under which a piece of software is being licensed (i.e., opreme (npr. zakonitost rabe), sklenjena med
made legally available for use) from the software razvijalcem programa (lastnikom) in uporabnikom.
developer (owner) to the user
Life cycle Življenjski cikel A series of stages that characterize the course of Niz stopenj, ki opredeljujejo poglavitne lastnosti
existence of an organizational investment (e.g., obstoja organizacijske investicije na določeni točki
product, project, program) (npr. produkt, projekt, program)
Limit check Preizkus omejitev Tests specified amount fields against stipulated high Preizkuša določeno število polj z opredeljenimi
or low limits of acceptability. zgornjimi in spodnjimi mejami sprejemljivosti.
Scope Note: When both high and low values are used, Opomba: Ko sta v uporabi zgornja in spodnja
the test may be called a range check. vrednost, lahko preizkus imenujemo tudi preizkus
razpona.
Link editor (linkage editor) Urejevalnik povezav A utility program that combines several separately Program, ki združuje več ločeno prevedenih modulov
compiled modules into one, resolving internal v enega in razrešuje notranje sklice med njimi.
references between them
Literals Literali Any notation for representing a value within Kateri koli zapis, ki predstavlja določeno vrednost v
programming language source code (e.g., a string izvorni kodi programskega jezika (npr. literal kot niz);
literal); a chunk of input data that is represented "as delček vhodnih podatkov, ki je med stisnjenimi
is" in compressed data podatki predstavljen "tak, kot je".

Local area network (LAN) Lokalno omrežje (LAN) Communication network that serves several users Komunikacijsko omrežje, ki streže več uporabnikom
within a specified geographic area. na določenem geografskem območju.
Scope Note: A personal computer LAN functions as a Opomba: Zasebno lokalno omrežje (LAN) deluje kot
distributed processing system in which each sistem porazdeljenega izvajanja, v katerem vsak
computer in the network does its own processing and računalnik v omrežju izvaja svoje obdelave in upravlja
manages some of its data. Shared data are stored in a nekatere od svojih podatkov. Podatki v skupi rabi so
file server that acts as a remote disk drive for all users shranjeni na strežniku, ki deluje kot oddaljeni disk za
in the network. vse uporabnike v omrežju.
Log Dnevnik To record details of information or events in an Služi za zapisovanje podrobnosti o informacijah ali
organized record‐keeping system, usually sequenced dogodkih v urejen sistem hranjenja zapisov, navadno
in the order in which they occurred v zaporedju, v katerem so se zgodili.
Logical access controls Logične kontrole dostopa The policies, procedures, organizational structure and Politika, postopki, organizacijska struktura in
electronic access controls designed to restrict access elektronski nadzor dostopa, načrtovani za omejevanje
to computer software and data files dostopa do računalniških programov in podatkovnih
datotek.
Logoff Odjava The act of disconnecting from the computer Dejanje prekinjanja povezave z računalnikom.
Logon Prijava The act of connecting to the computer, which Dejanje povezovanja z računalnikom, ki navadno
typically requires entry of a user ID and password into zahteva vnos uporabniškega imena in gesla v
a computer terminal računalniški terminal.
Logs/log file Dnevniki/dnevniška Files created specifically to record various actions Datoteke, ki se ustvarijo posebej za beleženje raznih
datoteka occurring on the system to be monitored, such as dogodkov, ki se odvijajo v sistemu in jih je treba
failed login attempts, full disk drives and e‐mail nadzorovati, na primer neuspelih poskusov prijav,
delivery failures polnih diskov in neuspele dostave pošte
Loss event Izguba Any event during which a threat event results in loss. Kateri koli dogodek, pri katerem izpolnitev grožnje
Scope Note: From Jones, J.; "FAIR Taxonomy," Risk povzroči izgubo.
Management Insight, USA, 2008 Opomba: Iz Jones, J.; "FAIR Taxonomy," Risk
Management Insight, ZDA, 2008.
Machine language Strojni jezik The logical language that a computer understands Logični jezik, ki ga razume računalnik.
Magnetic card reader Čitalnik magnetnih kartic Reads cards with a magnetic surface on which data Naprava za branje kartic z magnetno površino, na
can be stored and retrieved katero so podatki lahko shranjeni ali se z nje pridobijo.

Magnetic ink character Prepoznavanje znakov, Used to electronically input, read and interpret Uporablja se za elektronski vnos, branje in tolmačenje
recognition (MICR) zapisanih z magnetnim information directly from a source document. informacij neposredno iz izvornega dokumenta.
črnilom (MICR) Scope Note: MICR requires the source document to Opomba: MICR zahteva, da je izvorni dokument
have specially‐coded magnetic ink zapisan s posebej kodiranim magnetnim črnilom.
Magnitude Velikost A measure of the potential severity of loss or the Merilo resnosti morebitne izgube ali dobička iz
potential gain from realized events/scenarios uresničenih dogodkov/scenarijev.
Mail relay server Strežnik za posredovanje An electronic mail (e‐mail) server that relays Strežnik elektronske pošte, ki posreduje sporočila,
e-pošte messages so that neither the sender nor the recipient tako da niti pošiljatelj niti prejemnik nista lokalna
is a local user uporabnika.
Malware Zlonamerna programska Short for malicious software Designed to infiltrate, Programska oprema, načrtovana tako, da vohuni,
oprema damage or obtain information from a computer poškoduje ali pridobiva informacije iz računalniškega
system without the owner’s consent. sistema brez lastnikovega dovoljenja.
Scope Note: Malware is commonly taken to include Opomba: Zlonamerna programska oprema navadno
computer viruses, worms, Trojan horses, spyware and vključuje računalniške viruse, črve, trojanske konje,
adware. Spyware is generally used for marketing vohunske in oglaševalske programe. Vohunski
purposes and, as such, is not malicious, although it is programi se uporabljajo v marketinške namene in kot
generally unwanted. Spyware can, however, be used tako ni zlonamerno, vendar je na splošno nezaželeno.
to gather information for identity theft or other Vendar pa se lahko uporablja za zbiranje informacij za
clearly illicit purposes. krajo identitete ali v druge očitno nezakonite namene.
Management Poslovodstvo Plans, builds, runs and monitors activities in Načrtuje, gradi, vodi in nadzoruje dejavnosti v skladu s
alignment with the direction set by the governance smerjo, ki jo določi vodstvo, da doseže cilje podjetja.
body to achieve the enterprise objectives.
Management information Upravljalni informacijski An organized assembly of resources and procedures Organizirana zbirka sredstev in postopkov, ki se
system (MIS) sistem (MIS) required to collect, process and distribute data for zahtevajo za zbiranje, obdelavo in posredovanje
use in decision making podatkov za uporabo pri odločanju.
Mandatory access control Obvezni nadzor dostopa A means of restricting access to data based on varying Sredstvo za omejevanje dostopa do podatkov, ki
(MAC) (MAC) degrees of security requirements for information temelji na različnih stopnjah varnostnih zahtev za
contained in the objects and the corresponding informacije, vsebovane v objektih in za ustrezno
security clearance of users or programs acting on varnostno dovoljenje za uporabnike ali programe, ki
their behalf delujejo v imenu uporabnikov.

Man‐in‐the‐middle attack Napad s posrednikom An attack strategy in which the attacker intercepts Strategija napada, pri katerem napadalec prestreže
the communication stream between two parts of the komunikacijski tok med dvema napravama v ciljanem
victim system and then replaces the traffic between sistemu in nato zamenja promet med
the two components with the intruder’s own, komunikacijskima točkama z lastnim, tako da prej ali
eventually assuming control of the communication slej prevzame nadzor nad komunikacijo.
Manual journal entry Ročni dnevniški vnos A journal entry entered at a computer terminal. Dnevniški vnos, vnesen na računalniškem terminalu.
Scope Note: Manual journal entries can include Opomba: Med ročne dnevniške vnose lahko sodijo
regular, statistical, inter‐company and foreign vnosi običajnih, statističnih, medpodjetniških in tujih
currency entries. See also Journal Entry. tečajev. Glejte tudi Dnevniški vnos.
Mapping Preslikava Diagramming data that are to be exchanged Grafična ponazoritev podatkov, namenjenih za
electronically, including how they are to be used and elektronsko izmenjavo, vključno z oznako, kako naj se
what business management systems need them. See uporabljajo in kateri upravljalski sistem jih potrebuje.
also Application Tracing and Mapping. Glejte tudi Sledenje in preslikava aplikacij.
Scope Note: Mapping is a preliminary step for Opomba: Preslikava je pripravljalni korak za razvoj
developing an applications link. aplikacijske povezave.
Masking Maskiranje A computerized technique of blocking out the display Računalniška tehnika za preprečevanje prikaza
of sensitive information, such as passwords, on a občutljivih informacij, npr. gesel. Uporablja se na
computer terminal or report računalniškem zaslonu ali v poročilih.
Masqueraders Maskerji Attackers that penetrate systems by using the identity Napadalci, ki vdrejo v sistem z uporabo identitete in
of legitimate users and their logon credentials poverilnic zakonitih uporabnikov.
Master file Matična datoteka A file of semi permanent information that is used Datoteka s poltrajnimi informacijami, ki se pogosto
frequently for processing data or for more than one uporablja za obdelavo podatkov ali za več kot en
purpose namen.
Materiality Materialnost An auditing concept regarding the importance of an Revizorski koncept, ki zadeva pomembnost
item of information with regard to its impact or effect informacije glede na njen vpliv na delovanje
on the functioning of the entity being audited An revidirane enote. Izraz relativne pomembnosti ali
expression of the relative significance or importance pomembnosti za neko določeno zadevo v kontekstu
of a particular matter in the context of the enterprise podjetja kot celote.
as a whole
Maturity Zrelost In business, indicates the degree of reliability or V podjetju pomeni stopnjo zanesljivosti, ki jo podjetje
dependency that the business can place on a process doseže pri uresničevanju želenih ciljev.
achieving the desired goals or objectives

Maturity model Zrelostni model . .
Scope Note: See Capability Maturity Model (CMM). Opomba: (Zmožnostno) zrelostni model (CMM).
Maximum tolerable največji sprejemljiv izpad Maximum time that an enterprise can support Najdaljši čas, ki ga podjetje zdrži z obdelavo v
outages (MTO) (MTO) processing in alternate mode alternativnem načinu.
Measure Merilo A standard used to evaluate and communicate Standard, ki se uporablja za ovrednotenje in
performance against expected results. komuniciranje uspešnosti v primerjavi s pričakovanimi
Scope Note: Measures are normally quantitative in rezultati.
nature capturing numbers, dollars, percentages, etc., Opomba: Merila so po naravi navadno kvantitativna,
but can also address qualitative information such as ko gre za zajem številk, denarja, odstotkov itd., vendar
customer satisfaction. Reporting and monitoring zajamejo tudi kvalitativne informacije, na primer o
measures help an enterprise gauge progress toward zadovoljstvu strank. Poročanje in spremljanje meril
effective implementation of strategy. pomaga podjetju izmeriti napredek k uspešni izvedbi
strategije.
Media access control Naslov MAC Applied to the hardware at the factory and cannot be Tovarniško določen, nespremenljiv 48-bitno kodiran
(MAC) modified, MAC is a unique, 48‐bit, hard‐coded naslov fizične naprave, na primer kartice za lokalno ali
address of a physical layer device, such as an Ethernet brezžično omrežje.
local area network (LAN) or a wireless network card
Media oxidation Oksidacija nosilca The deterioration of the media on which data are Propadanje nosilca, na katerem so digitalno shranjeni
digitally stored due to exposure to oxygen and podatki, zaradi izpostavljanja kisiku in vlagi.
moisture. Opomba: V toplem vlažnem okolju začnejo trakovi
Scope Note: Tapes deteriorating in a warm, humid propadati zaradi oksidacije. Pravilen nadzor okolja bi
environment are an example of media oxidation. moral ta proces preprečiti ali vsaj zelo upočasniti.
Proper environmental controls should prevent, or
significantly slow, this process.

Memory dump Pomnilniški izpis The act of copying raw data from one place to Kopiranje neobdelanih podatkov z enega na drugo
another with little or no formatting for readability. mesto z minimalnim oblikovanjem ali brez oblikovanja
Scope Note: Usually, dump refers to copying data za branje.
from the main memory to a display screen or a Opomba: Navadno se nanaša na kopiranje podatkov iz
printer. Dumps are useful for diagnosing bugs. After a glavnega pomnilnika na zaslon za prikaz ali na
program fails, one can study the dump and analyze tiskalnik. Ti izpisi so uporabni pri diagnosticiranju
the contents of memory at the time of the failure. A programskih napak. Ko program odpove, je mogoče
memory dump will not help unless each person pomnilniški izpis pregledati in analizirati vsebino
knows what to look for because dumps are usually pomnilnika v času odpovedi. Pomnilniški izpis ne bo
output in a difficult‐to‐read form (binary, octal or pomagal, če osebe, ki ga pregledujejo, ne vedo, kaj
hexadecimal). morajo iskati, saj je navadno v obliki, ki jo je težko
brati (binarni, osmiški ali šestnajstiški sistem).
Message authentication Koda za overjanje An American National Standards Institute (ANSI) Standardna kontrolna vsota ANSI, ki je izračunana z
code sporočila standard checksum that is computed using Data uporabo standarda za šifriranje podatkov (DES).
Encryption Standard (DES)
Message switching Preklapljanje sporočil A telecommunications methodology that controls Telekomunikacijska metodologija, ki nadzoruje
traffic in which a complete message is sent to a promet, v katerem se celotno sporočilo pošlje
concentration point and stored until the koncentratorju, kjer se shrani, dokler ni vzpostavljena
communications path is established komunikacijska povezava.
Metric Metrika A quantifiable entity that allows the measurement of Izmerljiva entiteta, ki omogoča merjenje doseganja
the achievement of a process goal cilja procesa.
Scope: Metrics should be SMART--specific, Opomba: Metrika mora biti SMART - določena,
measurable, actionable, relevant and timely. merljiva, izvedljiva, ustrezna, pravočasna Popolne
Complete metric guidance defines the unit used, smernice za metrike določajo uporabljeno enoto,
measurement frequency, ideal target value (if pogostost meritev, idealno ciljno vrednost (če je to
appropriate) and also the procedure to carry out the primerno) in tudi postopek za izvajanje meritve in
measurement and the procedure for the postopek za interpretacijo ocenjevanja.
interpretation of the assessment.
Microwave transmission Mikrovalovni prenos A high‐capacity line‐of‐sight transmission of data Visoko zmogljiva povezava za prenos podatkovnega
signals through the atmosphere which often requires signala skozi atmosfero, pri kateri se morata
relay stations komunikacijski biti medsebojno vidni in med njima ne
sme biti ovir, zato pogosto zahteva relejske postaje.

Middleware Vmesna programska Another term for an application programmer Drugi izraz za programski vmesnik (API). Nanaša se na
oprema interface (API) It refers to the interfaces that allow vmesnike, ki programerjem omogočajo dostop do
programmers to access lower‐ or higher‐level services nižjih ali višjih ravni storitev z vmesno ravnijo, ki
by providing an intermediary layer that includes vključuje funkcijske klice storitev.
function calls to the services.
Milestone Mejnik A terminal element that marks the completion of a Končni element, ki označuje dokončanje delovnega
work package or phase. paketa ali faze.
Scope Note: Typically marked by a high‐level event Opomba: Navadno ga označuje pomemben dogodek,
such as project completion, receipt, endorsement or na primer dokončanje, sprejetje, odobritev ali predaja
signing of a previously‐defined deliverable or a vnaprej določene količine, ali srečanje na visoki ravni,
high‐level review meeting at which the appropriate na katerem je bil določen in dogovorjen ustrezen nivo
level of project completion is determined and agreed dokončanja projekta. Mejnik je povezan z odločitvijo,
to. A milestone is associated with a decision that ki orisuje prihodnost projekta. Če gre za zunanjega
outlines the future of a project and, for an outsourced izvajalca, je z njim morda povezano tudi plačilo.
project, may have a payment to the contractor
associated with it.
Mirrored site Zrcaljena lokacija An alternate site that contains the same information Alternativna lokacija, na kateri so shranjene enake
as the original. informacije kot na izvorni.
Scope Note: Mirrored sites are set up for backup and Opomba: Zrcaljene lokacije so pripravljene za
disaster recovery and to balance the traffic load for varnostno kopiranje in okrevanje po katastrofi ter za
numerous download requests. Such download uravnavanje obremenitve prometa pri številnih
mirrors are often placed in different locations zahtevah po prenosih. Taka zrcaljena mesta za
throughout the Internet. prenose so pogosto razmeščena na različna mesta po
internetu.
Mission‐critical application Za nalogo kritična An application that is vital to the operation of the Aplikacija, ki je življenjskega pomena za delovanje
aplikacija enterprise. The term is very popular for describing the podjetja. Izraz je zelo priljubljen za opisovanje
applications required to run the day‐to‐day business. aplikacij, so nujne za vsakodnevno poslovanje.
Misuse detection Zaznavanje nepravilne Detection on the basis of whether the system activity Zaznavanje na podlagi tega, ali aktivnost v sistemu
uporabe matches that defined as "bad" ustreza aktivnostim, označenim kot "slabe".

Mobile computing Mobilno računalništvo Extends the concept of wireless computing to devices Širi koncept brezžičnega računalništva na naprave, ki
that enable new kinds of applications and expand an omogočajo nove uporabe ter razširjajo omrežje
enterprise network to reach places in circumstances podjetja tako, da lahko dosežejo mesta v okoliščinah,
that could never have been done by other means. ki jih z drugimi sredstvi ne bi mogli.
Scope Note: Mobile computing is comprised of Opomba: Mobilno računalništvo zajema dlančnike
personal digital assistants (PDAs), cellular phones, (PDA), mobilne telefone, prenosne računalnike in
laptops and other technologies of this kind. drugo podobno tehnologijo.
Mobile site Mobilno mesto The use of a mobile/temporary facility to serve as a Uporaba mobilnih/začasnih sredstev za nadaljevanje
business resumption location The facility can usually poslovanja. Sredstva se lahko dostavijo kamor koli ter
be delivered to any site and can house information lahko zajemajo informacijsko tehnologijo in osebje.
technology and staff.
Model Model A way to describe a given set of components and how Način za opis določenega nabora komponent in v
those components relate to each other in order to kakšnih odnosih so te komponente ena do druge, zato
describe the main workings of an object, system, or da se opiše glavno delovanje objekta, sistema ali
concept koncepta.
Modeling Modeliranje Developing a simplified representation of a system or Razvoj poenostavljene predstavitve sistema ali
phenomenon. pojava.
Scope Note: Such representations may be static or Opomba: Taka predstavitev je lahko statična ali
dynamic, in which case behavior of the system or dinamična. V tem primeru je mogoče simulitrati
phenomenon under different conditions can be vedenje v različnih pogojih.
simulated.
MODEM Modem Connects a terminal or computer to a Povezuje terminal ali računalnik s komunikacijskim
(modulator/demodulato r) (modulator/demodulator) communications network via a telephone line omrežjem prek telefonske povezave.
Modems turn digital pulses from the computer into Modemi spreminjajo digitalne impulze iz računalnika
frequencies within the audio range of the telephone v frekvence, zajete znotraj zvočnega obsega
system. When acting in the receiver capacity, a telefonskega sistema. Ko deluje kot sprejemnik,
modem decodes incoming frequencies. modem dekodira sprejete frekvence.
Modulation Modulacija The process of converting a digital computer signal Postopek spreminjanja digitalnega računalniškega
into an analog telecommunications signal and back to signala v analogni telekomunikacijski signal in nazaj v
a digital signal digitalnega.
Monetary unit sampling Vzorčenje denarne enote A sampling technique that estimates the amount of Tehnika vzorčenja, ki ocenjuje precenitev
overstatement in an account balance knjigovodskega stanja.

Monitoring policy Politika spremljanja Rules outlining or delineating the way in which Uravnava orisovanje ali očrtovanje načina, na
information about the use of computers, networks, katerega se zajemajo in tolmačijo informacije o
applications and information is captured and uporabi računalnikov, omrežij, aplikacij in informacij.
interpreted
Multiplexor Multiplekser A device used for combining several lower‐speed Naprava, ki se uporablja za kombiniranje več
channels into a higher‐speed channel počasnejših kanalov v hitrejši kanal.
Mutual takeover Vzajemni prevzem A fail‐over process, which is basically a two‐way idle Proces nadomestnega načina delovanja, ki je
standby: two servers are configured so that both can pravzaprav dvosmerna pripravljenost: dva strežnika
take over the other node’s resource group. Both must sta nastavljena tako, da lahko kateri koli od obeh
have enough central processing unit (CPU) power to prevzame drugo vozlišče. Oba morata imeti dovolj
run both applications with sufficient speed, or procesne moči, da dovolj hitro poganjata vse
expected performance losses must be taken into aplikacije, ali pa je treba upoštevati pričakovane
account until the failed node reintegrates. izgube učinkovitosti, dokler vozlišče, ki je prenehalo
delovati, ne vzpostavi običajnega stanja.
Net present value (NPV) Čista (neto) sedanja Calculated by using an after‐tax discount rate of an Izračunana z uporabo diskontne stopnje po
vrednost (NPV) investment and a series of expected incremental cash obdavčitvi, naložbe, predvidenih denarnih odlivov
outflows (the initial investment and operational costs) (začetna investicija in obratovalni stroški) in denarnih
and cash inflows (cost savings or revenues) that occur prilivov (prihranki pri stroških ali prihodki), ki se
at regular periods during the life cycle of the pojavljajo v rednih obdobjih v življenjskem ciklu
investment. naložbe.
Scope Note: To arrive at a fair NPV calculation, cash Opomba: Da bi prišli do izračuna poštene NPV, je
inflows accrued by the business up to about five years treba upoštevati tudi pritok sredstev v podjetje v
after project deployment also should be taken into obdobju petih let po vpeljavi projekta.
account.
Net return Čisti donos The revenue that a project or business makes after Prihodki projekta ali podjetja po plačilu davkov in
tax and other deductions; often also classified as net drugih dajatev; imenujemo ga tudi čisti dobiček.
profit

Netcat Netcat A simple UNIX utility, which reads and writes data Preprost programček za UNIX, ki bere in zapisuje
across network connections using Transmission podatke prek omrežnih povezav na osnovi protokolov
Control Protocol (TCP) or User Datagram Protocol TCP ali UDP. Načrtovan je kot zanesljivo zaledno
(UDP). It is designed to be a reliable back‐end tool orodje za neposredno uporabo ali tako, da ga
that can be used directly or is easily driven by other poganjajo drugi programi in skripte. Istočasno deluje
programs and scripts. At the same time, it is a kot orodje z veliko lastnostmi za odpravljanje težav v
feature‐rich network debugging and exploration tool, omrežju in kot raziskovalno orodje, saj lahko
because it can create almost any kind of connection vzpozstavi skoraj vsako od potrebnih povezav in ima
needed and has several interesting built‐in vgrajenih več zanimivih zmogljivosti. Netcat je zdaj del
capabilities. Netcat is now part of the Red Hat Power orodij iz zbirke Red HatPowerTools in je standardno
Tools collection and comes standard on SuSE Linux, vključen v distribucije SuSE Linux, Debian Linux,
Debian Linux, NetBSD and OpenBSD distributions. NetBSD in OpenBSD.
Net‐centric technologies Tehnologije, osredotočene The contents and security of information or objects Vsebina in varnost informacij ali objektov (programov
na omrežje (software and data) on the network are now of prime in podatkov) v omrežju so zdaj najbolj pomembne v
importance compared with traditional computer primerjavi s tradicionalno računalniško obdelavo, ki je
processing that emphasizes the location of hardware bolj poudarjala pomen lokacije strojne opreme ter z
and its related software and data. njo povezanih programov in podatkov.
Scope Note: An example of net‐centric technologies is Opomba: Zgled na omrežje osredotočene tehnologije
the Internet, where the network is its primary je internet, katerega ključna sestavina je omrežje.
concern.
Netware Netware A popular local area network (LAN) operating system Priljubljen operacijski sistem (OS) za lokalno omrežje
(OS) developed by the Novell Corp. (LAN), ki ga je razvila družba Novell Corp.
Network Omrežje A system of interconnected computers and the Sistem medsebojno povezanih računalnikov in
communication equipment used to connect them komunikacijske opreme, ki se uporablja za njihovo
povezovanje.
Network administrator Omrežni skrbnik Responsible for planning, implementing and Oseba, odgovorna za načrtovanje, uvajanje in
maintaining the telecommunications infrastructure; vzdrževanje telekomunikacijske infrastrukture; lahko
also may be responsible for voice networks. je odgovorna tudi za glasovna omrežja.
Scope Note: For smaller enterprises, the network Opomba: V manjših podjetjih je omrežni skrbnik lahko
administrator may also maintain a local area network zadolžen tudi za lokalno omrežje (LAN) in za pomoč
(LAN) and assist end users. uporabnikom.

Network attached storage Omrežno priklopljeni Utilizes dedicated storage devices that centralize Uporablja namenske naprave za shranjevanje
(NAS) pomnilnik (NAS) storage of data. podatkov, ki shranjevanje centralizirajo.
Scope Note: NA storage devices generally do not Opomba: Naprave za shranjevanje podatkov navadno
provide traditional file/print or application services. ne omogočajo tradicionalnih datotečnih/tiskalniških
ali aplikacijskih storitev.
Network hop Omrežni skok An attack strategy in which the attacker successively Strategija napada, pri kateri napadalec uspešno vdre v
hacks into a series of connected systems, obscuring zaporedje povezanih sistemov, pri čemer prikrije
his/her identify from the victim of the attack svojo identiteto pred žrtvijo napada.
Network interface card Kartica omrežnega A communication card that when inserted into a Komunikacijska kartica, ki omogoča komunikacijo z
(NIC) vmesnika (NIC) computer, allows it to communicate with other drugimi računalniki v omrežju, ko je vstavljena v
computers on a network. računalnik.
Scope Note: Most NICs are designed for a particular Opomba: Večina omrežnih kartic je načrtovana za
type of network or protocol. določen tip omrežja ali protokola.
Node Vozlišče Point at which terminals are given access to a Točka, na kateri imajo terminali dostop do omrežja.
network
Noise Šum Disturbances in data transmissions, such as static, Motnje pri prenosu podatkov, npr. statika, zaradi
that cause messages to be misinterpreted by the katerih lahko sprejemnik sporočilo razume narobe.
receiver

Nondisclosure agreement Pogodba o nerazkritju A legal contract between at least two parties that Pravna pogodba med vsaj dvema stranema, ki orisuje
(NDA) (NDA) outlines confidential materials that the parties wish to zaupne materiale, ki jih sme stranka deliti z drugo za
share with one another for certain purposes, but wish določene namene, vendar niso namenjeni splošni
to restrict from generalized use; a contract through uporabi; pogodba, s katero se stranke dogovorijo, da
which the parties agree not to disclose information informacij, zajetih v pogodbi, ne bodo razkrivale.
covered by the agreement. Opomba: Imenujemo jo tudi pogodba o varovanju
Scope Note: Also called a confidential disclosure zaupnosti. Pogodba o nerazkritju ustvari zaupen
agreement (CDA), confidentiality agreement or odnos med strankama, ki ščiti kakršne koli poslovne
secrecy agreement. An NDA creates a confidential skrivnosti. Pogodba kot taka lahko ščiti tudi poslovne
relationship between the parties to protect any type zaupne informacije, ki niso namenjene javnosti. V
of trade secret. As such, an NDA can protect primeru nekaterih vladnih organov je zaupnost
non‐public business information. In the case of informacij, ki niso poslovne skrivnosti, predmet
certain governmental entities, the confidentiality of predpisanih zakonskih zahtev, v nekaterih primerih pa
information other than trade secrets may be subject jih morda morajo razkriti tretji osebi, ki zahteva te
to applicable statutory requirements, and in some informacije. Vladni organi na splošno navadno v
cases may be required to be revealed to an outside pogodbo vključijo določilo, po katerem prodajalec
party requesting the information. Generally, the sme pregledati zahtevo po razkritju informacij, ki jih
governmental entity will include a provision in the sam obravnava kot zaupne, in zavrniti razkritje takih
contract to allow the seller to review a request for informacij. Pogodbo o nerazkritju navadno podpišeta
information that the seller identifies as confidential dve podjetji ali posameznika, ki sta pripravljeni/-a na
and the seller may appeal such a decision requiring poslovno sodelovanje in morata razumeti postopke, ki
disclosure. NDAs are commonly signed when two jih nasprotna stranka uporablja pri poslovanju, da
companies or individuals are considering doing lahko ocenita morebitno poslovno sodelovanje.
business together and need to understand the Pogodba je lahko "vzajemna", kar pomeni, da obe
processes used in one another’s businesses solely for stranki omejujeta uporabo predanih materialov, lahko
the purpose of evaluating the potential business pa zavezuje le eno od obeh strank. Pogodba o
relationship. NDAs can be "mutual," meaning that nerazkritju ali podobna se lahko predloži v podpis tudi
both parties are restricted in their use of the na novo zaposlenemu ob podpisu pogodbe o
materials provided, or they can only restrict a single zaposlitvi. Včasih pa so členi, ki predpisujejo omejitev
party. It is also possible for an employee to sign an "zaupnih informacij" zajeti kar v pogodbi o zaposlitvi.
NDA or NDA‐like agreement with a company at the
time of hiring; in fact, some employment agreements
will include a clause restricting "confidential
information" in general.

Nonintrusive monitoring Nevsiljiv nadzor The use of transported probes or traces to assemble Uporaba prenesenih vzorcev ali sledi za sestavo
information, track traffic and identify vulnerabilities informacij, sledenje prometa in prepoznavanje šibkih
točk.
Nonrepudiable transaction Neovrgljiva transakcija Transaction that cannot be denied after the fact Transakcija, ki je po izvedbi ni mogoče zanikati.
Nonrepudiation Nezavrnitev The assurance that a party cannot later deny Zagotovilo, da stranka pozneje ne more zanikati
originating data; provision of proof of the integrity ustvarjanja podatkov; predložitev dokazila o
and origin of the data and that can be verified by a celovitosti in izvoru podatkov, ki ju lahko potrdi tretja
third party. oseba.
Scope Note: A digital signature can provide Opomba: Digitalni podpis lahko zagotovi
non‐repudiation. nezatajljivost.
Normalization Normalizacija The elimination of redundant data Odstranjevanje odvečnih podatkov.
Numeric check Numerično preverjanje An edit check designed to ensure that the data Preverjanje vnosnega polja, ki zagotovi, da je
element in a particular field is numeric. podatkovni element v določenem polju število.
Object code Objektna koda Machine‐readable instructions produced from a Navodila, ki jih znata prebrati računalnik, ko jih
compiler or assembler program that has accepted and prevedeta prevajalnik ali zbirnik, ki sta sprejela
translated the source code izvorno kodo.
Object management group Skupina za upravljanje A consortium with more than 700 affiliates from the Konzorcij z več kot 700 člani iz programerske
(OMG) objektov (OMG) software industry whose purpose is to provide a industrije, katerega cilj je poskrbeti za skupen okvir za
common framework for developing applications using razvoj aplikacij z objektno usmerjenimi programskimi
object‐oriented programming techniques. tehnologijami.
Scope Note: For example, OMG is known principally Opomba: OMG je znan predvsem po razširjanju
for promulgating the Common Object Request Broker specifikacij CORBA - arhitektura posrednikov zahtev
Architecture (CORBA) specification. skupnih objektov.

Object orientation Objektna usmerjenost An approach to system development in which the Pristop k sistemskemu razvoju, pri katerem je
basic unit of attention is an object, which represents osnovna enota objekt, ki predstavlja skupek podatkov
an encapsulation of both data (an object’s attributes) (atribut objekta) in funkcionalnosti (metoda objekta).
and functionality (an object’s methods). Opomba: Objekti se navadno ustvarijo kot splošna
Scope Note: Objects usually are created using a predloga, ki jo imenujemo razred. Razred je podlaga
general template called a class. A class is the basis for večine načrtov objektnega programiranja. Razred in
most design work in objects. A class and its objects njegovi objekti med seboj komunicirajo na določene
communicate in defined ways. Aggregate classes načine. Zbrani razredi sodelujejo prek sporočil, ki so
interact through messages, which are directed usmerjene zahteve za storitve iz enega razreda
requests for services from one class (the client) to (odjemalca) drugemu razredu (strežniku). Razred
another class (the server). A class may share the lahko deli svojo strukturo ali določene metode v
structure or methods defined in one or more other enem ali več drugih razredov - ta odnos je znan kot
classes‐‐a relationship known as inheritance. dedovanje.
Objective Cilj Statement of a desired outcome Navedba želenega izida.
Objectivity Objektivnost The ability to exercise judgment, express opinions and Zmožnost nepristranskega presojanja, izražanja
present recommendations with impartiality mnenja in predlaganja priporočil.
Object‐oriented system Objektno usmerjen razvoj A system development methodology that is organized Metodologija razvoja informacijskih sistemov, ki je
development sistema around "objects" rather than "actions," and data" organizirana okoli "objektov", ne okoli "dejanj", ter
rather than "logic". okoli "podatkov", ne okoli "logike".
Scope Note: Object‐oriented analysis is an assessment Opomba: Objektno usmerjena analiza je ocenjevanje
of a physical system to determine which objects in the fizičnega sistema, s katerim določimo, kateri objekti iz
real world need to be represented as objects in a resničnega sveta morajo biti predstavljeni kot objekti
software system. Any object‐oriented design is v sistemu programske opreme. Kateri koli objektno
software design that is centered around designing the usmerjen načrt programske opreme je osredotočen
objects that will make up a program. Any na načrtovanje objektov, ki sestavljajo program.
object‐oriented program is one that is composed of Objektno usmerjen program je tak, ki je sestavljen iz
objects or software parts.” objektov ali delov programske opreme.
Offline files Datoteke brez povezave Computer file storage media that are not physically Nosilec za shranjevanje datotek, ki niso fizično
connected to the computer; typical examples are povezane z računalnikom; tipični zgledi za to so
tapes or tape cartridges used for backup purposes. trakovi in tračne diskete, ki se uporabljajo za
varnostno kopiranje.

Offsite storage Oddaljena shramba A facility located away from the building housing the Objekt ločen od stavbe, v kateri je glavni obrat za
primary information processing facility (IPF), used for obdelavo informacij (IPF), ki se uporablja za
storage of computer media such as offline backup shranjevanje računalniških nosilcev, kot so nosilci za
data and storage files varnostno kopiranje in shranjevanje datotek.
Online data processing Priključna obdelava Achieved by entering information into the computer Doseže se z vnosom informacij v računalnik prek
podatkov via a video display terminal. zaslonskega terminala.
Scope Note: With online data processing, the Opomba: Pri priključni obdelavi podatkov računalnik
computer immediately accepts or rejects the takoj sprejme ali zavrne informacije, ko se ta vnaša.
information as it is entered.
Open Source Security Metodologija An open and freely available methodology and Metodologija varnostnega preizkušanja, ki je vsem na
Testing Methodology odprtokodnega manual for security testing voljo brezplačno.
varnostnega preizkušanja
Open system Odprt sistem System for which detailed specifications of the Sistem, za katerega so v nelastniškem okolju
composition of its component are published in a objavljene specifikacije sestave njegovih komponent,
nonproprietary environment, thereby enabling tako da jih lahko konkurenčna podjetja uporabijo za
competing enterprises to use these standard gradnjo konkurenčnih sistemov.
components to build competitive systems. Opomba: Prednost odprtokodnih sistemov so
Scope Note: The advantages of using open systems prenosljivost, medsebojna obratovalnost in
include portability, interoperability and integration. integracija.
Operating system (OS) Operacijski sistem (OS) A master control program that runs the computer and Glavni krmilni program, ki poganja računalnik in
acts as a scheduler and traffic controller. deluje kot časovni razporejevalnik in krmilnik
Scope Note: The operating system is the first program prometa.
copied into the computer’s memory after the Opomba: Operacijski sistem je prvi program, ki se
computer is turned on; it must reside in memory at all namesti v računalniški pomnilnik, ko ga prižgemo; ves
times. It is the software that interfaces between the čas mora delovati v pomnilniku. To je programska
computer hardware (disk, keyboard, mouse, network, oprema, ki deluje kot vmesnik med strojno opremo
modem, printer) and the application software (word računalnika (diskom, tipkovnico, miško, omrežjem,
processor, spreadsheet, e‐mail), which also controls modemom, tiskalnikom) in programsko opremo
access to the devices and is partially responsible for (urejevalnikom besedil, preglednic, programom za e-
security components and sets the standards for the pošto), ki nadzoruje tudi dostop do naprav in je
application programs that run in it. deloma odgovorna za varnost komponent ter določa
standarde za programe, ki potekajo v njem.
Operating system audit Revizijska sled Record of system events generated by a specialized Zapis dogodkov v sistemu, ki jih ustvari specializiran
trail operacijskega sistema operating system mechanism mehanizem operacijskega sistema.

Operational audit Revizija operativnega An audit designed to evaluate the various internal Revizija, namenjena oceni različnih notranjih kontrol,
delovanja controls, economy and efficiency of a function or ekonomičnosti in učinkovitosti funkcije ali oddelka.
department
Operational control Nadzor operativnega Deals with the everyday operation of a company or Obravnava vsakodnevne postopke v družbi ali
delovanja enterprise to ensure that all objectives are achieved podjetju, da zagotovi doseganje vseh ciljev.
Operational level Dogovor o podpori An internal agreement covering the delivery of Notranji dogovor, ki zajema dobavo storitev, ki
agreement (OLA) obratovanju (OLA) services that support the IT organization in its delivery podpirajo organizacijo IT pri njeni dobavi storitev.
of services
Operator console Operaterjeva konzola A special terminal used by computer operations Poseben terminal za nadzor računalnika in delovanje
personnel to control computer and systems sistemskih funkcij ki ga uporablja računalniško
operations functions. osebje..
Scope Note: Operator console terminals typically Opomba: Operaterjeva konzola običajno omogoča
provide a high level of computer access and should be visok nivo dostopa in mora biti ustrezno varovana.
properly secured.
Optical character Optično prepoznavanje Used to electronically scan and input written Uporablja se pri optičnem branju in vnosu zapisanih
recognition (OCR) znakov (OCR) information from a source document informacij iz izvornega dokumenta.
Optical scanner Optični bralnik An input device that reads characters and images that Vhodna enota, ki bere znake in slike, natisnjene ali
are printed or painted on a paper form into the naslikane na papir, ter jih pretvori v računalniško
computer obliko.
Organization Organizacija The manner in which an enterprise is structured; can Način, na katero je strukturirano podjetje; pomeni
also mean the entity lahko tudi entiteto.
Organizational structure Organizacijska struktura An enabler of governance and of management. Omogoča vodenje in upravljanje. Vključuje podjetje in
Includes the enterprise and its structures, hierarchies njegove strukture, hierarhije in odvisnosti.
and dependencies.
Organization for Economic Organizacija za An international organization helping governments Mednarodna organizacija, ki vladam pomaga pri
Cooperation and gospodarsko sodelovanje tackle the economic, social and governance ekonomskih, družbenih in vladnih izzivih globalne
Development (OECD) in razvoj (OECD) challenges of a global economy. ekonomije.
Scope Note: The OECD groups 30 member countries Opomba: OECD združuje 30 držav članic v enoten
in a unique forum to discuss, develop, and refine forum, v katerem razpravljajo, razvijajo in
economic and social policies. izpopolnjujejo ekonomsko in socialno politiko.
Outcome Izid Result Rezultat

Outcome measure Merilo izida Represents the consequences of actions previously Predstavlja posledico prej izvedenih dejanj; pogosto
taken; often referred to as a lag indicator. ga imenujemo tudi kazalnik zamika.
Scope Note: Outcome measure frequently focuses on Opomba: Merilo izida se pogosto osredotoča na
results at the end of a time period and characterize rezultate na koncu časovnega obdobja in prikazuje
historic performance. They are also referred to as a zgodovinsko uspešnost. O njih govorimo tudi kot o
key goal indicator (KGI) and used to indicate whether ključnih kazalnikih ciljev (KGI) in se uporabljajo, da se
goals have been met. These can be measured only označi, ali so bili cilji doseženi. Te je mogoče izmeriti
after the fact and, therefore, are called "lag šele po koncu dejanja, zato jih imenujemo tudi
indicators." "kazalniki zamika".
Output analyzer Analizator izhoda Checks the accuracy of the results produced by a test Preverja pravilnost rezultata preizkusnega delovanja.
run. Opomba: Poznamo tri tipe preverjanj, ki jih lahko
Scope Note: There are three types of checks that an izvede analizator izhoda. Prvič: če za program obstaja
output analyzer can perform. First, if a standard set of standardni nabor preizkusnih podatkov in rezultatov,
test data and test results exist for a program, the je mogoče rezultat preizkusnega delovanja primerjati
output of a test run after program maintenance can z naborom preizkusnih podatkov, ki se mora ustvariti.
be compared with the set of results that should be Drugič: ko programerji pripravljajo preizkusne
produced. Second, as programmers prepare test data podatke in izračunavajo pričakovane rezultate, je te
and calculate the expected results, these results can mogoče shraniti v datoteko in analizator izhoda
be stored in a file and the output analyzer compares primerja dejanske rezultate preizkusnega delovanja s
the actual results of a test run with the expected pričakovanimi rezultati. Tretjič: analizator izhoda
results. Third, the output analyzer can act as a query lahko deluje kot poizvedovalni jezik; sprejema
language; it accepts queries about whether certain poizvedbe o tem, ali določeni odnosi obstajajo v
relationships exist in the file of output results and datoteki izhodnih rezultatov in poroča o skladnosti ali
reports compliance or noncompliance. neskladnosti.
Outsourcing Zunanje izvajanje A formal agreement with a third party to perform IS Uraden dogovor s tretjo stranko, da bo za podjetje
or other business functions for an enterprise izvajala IS ali druge poslovne funkcije.
Owner Lastnik Individual or group that holds or possesses the rights Posameznik ali skupina, ki ima ali poseduje pravice in
of and the responsibilities for an enterprise, entity or odgovornosti do podjetja, entitete ali sredstva.
asset. Primeri:lastnik procesa, lastnik sistema.
Examples: process owner, system owner

Packet Paket Data unit that is routed from source to destination in Podatkovna enota, ki je usmerjena iz vira na cilj v
a packet‐switched network. paketnem omrežju.
Scope Note: A packet contains both routing Opomba: Paket vsebuje usmerjevalne informacije in
information and data. Transmission Control podatke. TCP/IP je tako paketno komutirano omrežje.
Protocol/Internet Protocol (TCP/IP) is such a
packet‐switched network.
Packet filtering Paketno filtriranje Controlling access to a network by analyzing the Nadzoruje dostop do omrežja z analizo lastnosti
attributes of the incoming and outgoing packets and prihajajočih in odhajajočih paketov, ki jih ali spusti
either letting them pass, or denying them, based on a skozi ali jim prepreči pot glede na seznam pravil.
list of rules
Packet internet groper PING An Internet program (Internet Control Message Internetni program (ICMP), ki se uporablja, da se
(PING) Protocol [ICMP]) used to determine whether a določi, ali je določen naslov IP dostopen. To je
specific IP address is accessible or online It is a omrežna aplikacija, ki uporablja UDP, da preveri
network application that uses User Datagram dostopnost drugega gostitelja v povezanem omrežju.
Protocol (UDP) to verify reachability of another host Opomba: Deluje tako, da pošlje paket na določen
on the connected network. naslov in počaka na odgovor. PING se pretežno
Scope Note: It works by sending a packet to the uporablja za odpravljanje težav pri internetnih
specified address and waiting for a reply. PING is used povezavah. Poleg tega PING poroča tudi o številu
primarily to troubleshoot Internet connections. In skokov, ki jih zahteva povezava med dvema
addition, PING reports the number of hops required internetnima gostiteljema. Obstajajo brezplačni in
to connect two Internet hosts. There are both preizkusni (plačljivi) programčki PING za osebne
freeware and shareware PING utilities available for računalnike.
personal computers (PCs).
Packet switching Paketno preklapljanje The process of transmitting messages in convenient Postopek prenašanja sporočil v priročnih delih, ki jih
pieces that can be reassembled at the destination je mogoče na cilju spet združiti v celoto.
Paper test Preizkus na papirju A walk‐through of the steps of a regular test, but Prehod čez vse korake običajnega preizkušanja,
without actually performing the steps. vendar brez dejanskega izvajanja korakov.
Scope Note: Usually used in disaster recovery and Opomba: Navadno se uporablja pri preizkušanju
contingency testing; team members review and okrevanja po katastrofi in načrtovanja ukrepov po
become familiar with the plans and their specific roles nesrečah; člani ekipe pregledajo in se spoznajo s
and responsibilities svojimi vlogami in odgovornostmi.

Parallel simulation Vzporedna simulacija Involves an IS auditor writing a program to replicate Pri tej simulaciji revizor IS napiše program, v katerem
those application processes that are critical to an podvoji programske postopke, ki so ključni za
audit opinion and using this program to reprocess revizijsko mnenje. Ta program uporabi za vnovično
application system data. obdelavo aplikacijskih sistemskih podatkov.
Scope Note: The results produced by parallel Opomba: Rezultati vzporedne simulacije se primerjajo
simulation are compared with the results generated z rezultati, ki jih ustvari aplikacijski sistem, tako da se
by the application system and any discrepancies are ugotovijo morebitne razlike.
identified.
Parallel testing Vzporedno preizkušanje The process of feeding test data into two systems, the Postopek vnašanja preizkusnih podatkov v dva
modified system and an alternative system (possibly sistema, spremenjenega in alternativnega (po
the original system), and comparing results to možnosti izvirnega) ter primerjava rezultatov za prikaz
demonstrate the consistency and inconsistency ujemanj in nedoslednosti med dvema različicama
between two versions of the application aplikacije.
Parity check Preverjanje parnosti A general hardware control that helps to detect data Splošna strojna kontrola, ki pomaga odkriti napake v
errors when data are read from memory or podatkih, ko se preberejo iz pomnilnika ali prenesejo
communicated from one computer to another. iz enega računalnika v drugega.
Scope Note: A 1‐bit digit (either 0 or 1) is added to a Opomba: Podatkovnemu elementu se doda 1-bitna
data item to indicate whether the sum of that data števka (0 ali 1), ki označuje, ali je vsota podatkovnega
item’s bit is odd or even. When the parity bit elementa soda ali liha. Ko se parnostni bit ne ujema z
disagrees with the sum of the other bits, the vsoto drugih bitov, računalnik sporoči napako.
computer reports an error. The probability of a parity Možost, da preverjanje parnosti zazna napako, je
check detecting an error is 50 percent. 50%.
Partitioned file Razdeljena datoteka A file format in which the file is divided into multiple Datotečni zapis, pri katerem je datoteka razdeljena na
sub files and a directory is established to locate each več poddatotek in se ustvari imenik, v katerem so
sub file zapisane lokacije vsake posamezne poddatoteke.

Passive assault Pasivni napad Intruders attempt to learn some characteristic of the Vdiralci poskušajo odkriti nekatere lastnosti podatkov,
data being transmitted. ki se prenašajo.
Scope Note: With a passive assault, intruders may be Opomba: Pri pasivnem napadu vdiralci mogoče lahko
able to read the contents of the data so the privacy of preberejo vsebine podatkov, tako da je kršena
the data is violated. Alternatively, although the zasebnost podatkov. Lahko pa, čeprav ostane vsebina
content of the data itself may remain secure, podatkov varna, vdiralci preberejo in analizirajo golo
intruders may read and analyze the plaintext source besedilo identifikatorjev vira in cilja, ki so pripeti
and destination identifiers attached to a message for sporočilu zaradi usmerjanja, ali pa preverijo dolžino in
routing purposes, or they may examine the lengths pogostost prenašanih sporočil.
and frequency of messages being transmitted.
Passive response Pasivni odziv A response option in intrusion detection in which the Možnost odziva pri zaznavanju vdora, pri katerem
system simply reports and records the problem sistem le poroča in zabeleži zaznano težavo ter se
detected, relying on the user to take subsequent zanese na uporabnika, da bo ukrepal.
action
Password Geslo A protected, generally computer‐encrypted string of Zaščiten, navadno računalniško šifriran niz znakov, ki
characters that authenticate a computer user to the preveri pristnost uporabnika pri dostopu v
computer system računalniški sistem.
Password cracker Razbijalec gesel A tool that tests the strength of user passwords by Orodje, ki preizkuša moč uporabnikovih gesel z
searching for passwords that are easy to guess It iskanjem gesel, ki jih je preprosto uganiti. Večkrat
repeatedly tries words from specially crafted preizkusi besede iz posebej za to ustvarjenih slovarjev
dictionaries and often also generates thousands (and in pogosto tudi ustvari na tisoče (ali, v nekaterih
in some cases, even millions) of permutations of primerih na milijone) permutacij znakov, števk in
characters, numbers and symbols. simbolov.

Patch management Upravljanje popravkov An area of systems management that involves Področje upravljanja sistemov, ki zajema pridobivanje,
acquiring, testing and installing multiple patches preizkušanje in nameščanje več popravkov
(code changes) to an administered computer system (sprememb kode) na upravljani računalniški sistem,
in order to maintain up‐to‐date software and often to da se vzdržuje ažurnost programske opreme in
address security risk. pogosto za odpravo varnostnih tveganj.
Scope Note: Patch management tasks include the Opomba: Upravljanje popravkov vključuje:
following: maintaining current knowledge of available vzdrževanje osveženega znanja o razpoložljivih
patches; deciding what patches are appropriate for programskih popravkih; odločanje o tem, kateri
particular systems; ensuring that patches are installed programski popravki ustrezajo katerim sistemom;
properly; testing systems after installation; and zagotavljanje, da so programski popravki pravilno
documenting all associated procedures, such as nameščeni; preizkušanje sistemov po nameščanju;
specific configurations required. A number of dokumentiranje vseh povezanih postopkov, na primer
products are available to automate patch konfiguracije določenih podrobnosti. Za izvajanje
management tasks. Patches are sometimes opravil samodejnega upravljanja programskih
ineffective and can sometimes cause more problems popravkov je na voljo več izdelkov. Programski
than they fix. Patch management experts suggest that popravki so včasih neučinkoviti in včasih povzročijo
system administrators take simple steps to avoid več težav, kot jih odpravijo. Strokovnjaki za
problems, such as performing backups and testing upravljanje programskih popravkov priporočajo, da
patches on non‐critical systems prior to installations. sistemski skrbniki sledijo preprostim korakom, s
Patch management can be viewed as part of change katerimi se izognejo težavam, na primer: pred
management. namestitvijo ustvarijo varnostne kopije in preizkusijo
programske popravke na sistemih, ki niso ključni.
Upravljanje popravkov je mogoče razumeti tudi kot
del upravljanja sprememb.
Payback period Obdobje vračila The length of time needed to recoup the cost of Čas, potreben za povrnitev stroškov vložka.
capital investment. Opomba: Denarna sredstva v formuli vračila niso
Scope Note: Financial amounts in the payback amortizirana. Pozor, obdobje poplačila ne upošteva
formula are not discounted. Note that the payback denarnega toka po obdobju poplačila, zato ni merilo
period does not take into account cash flows after the dobičkonosnosti investicijskega projekta. Obseg
payback period and therefore is not a measure of the notranje stopnje donosa (IRR), neto sedanje vrednosti
profitability of an investment project. The scope of (NPV) in obdobja vračila je uporabna ekonomska
the internal rate of return (IRR), net present value življenjska doba projekta do največ pet let.
(NPV) and payback period is the useful economic life
of the project up to a maximum of five years.

Payment system Plačilni sistem A financial system that establishes the means for Finančni sistem, ki določa načine za prenos denarja
transferring money between suppliers and users of med dobavitelji in uporabniki sredstev, navadno z
funds, ordinarily by exchanging debits or credits izmenjavo obremenitve in odobritve med bankami ali
between banks or financial institutions finančnimi ustanovami.
Payroll system Plačni sistem An electronic system for processing payroll Elektronski sistem za obdelavo informacij o plačah, ki
information and the related electronic (e.g., deluje kot vmesnik med s plačami povezano
electronic timekeeping and/or human resources [HR] elektronsko opremo (npr. elektronsko beleženje
system), human (e.g., payroll clerk), and external delovnega časa in/ali sistem človeških virov), ljudmi
party (e.g., bank) interfaces In a more limited sense, it (npr. oseba, zadolžena za plače) in tretjimi osebami
is the electronic system that performs the processing (npr. banko). V ožjem smislu je to elektronski sistem,
for generating payroll checks and/or bank direct ki izvaja obdelavo za ustvarjanje plačnih list in/ali
deposits to employees. bančnih nakazil zaposlenim.
Penetration testing Penetracijsko testiranje A live test of the effectiveness of security defenses Preskus uspešnosti varovanja s posnemanjem dejanj
through mimicking the actions of real‐life attackers pravih napadalcev.
Performance Uspešnost In IT, the actual implementation or achievement of a V IT dejanska uresničitev ali dosežek procesa.
process
Performance driver Gonilo uspešnosti A measure that is considered the "driver" of a lag Merilo, ki se upošteva kot "gonilo" kazalnika zamika.
indicator It can be measured before the outcome is Merimo ga lahko, preden je izid jasen in ga zato
clear and, therefore, is called a "lead indicator". imenujemo "vodilni kazalnik".
Scope Note: There is an assumed relationship Opomba: Ta dva naj bi bila povezana, kar pomeni, da
between the two that suggests that improved bo izboljšana uspešnost vodilnega kazalnika privedla
performance in a leading indicator will drive better do izboljšane uspešnosti kazalnika zamika. Imenujemo
performance in the lagging indicator. They are also ju tudi ključna kazalnika poslovanja in se uporabljata,
referred to as key performance indicators (KPIs) and da pokažeta, ali je verjetno, da bodo cilji doseženi.
are used to indicate whether goals are likely to be
met.
Performance indicators Kazalniki uspešnosti A set of metrics designed to measure the extent to Nabor meril, načrtovanih za merjenje obsega, do
which performance objectives are being achieved on katerega bodo nenehno doseženi cilji uspešnosti.
an on‐going basis. Opomba: Vključujejo lahko tudi dogovore o ravni
Scope Note: Performance indicators can include storitve, ključne dejavnike uspeha, ocene zadovoljstva
service level agreements (SLAs), critical success strank, notranje in zunanje primerjalne preizkuse,
factors (CSFs), customer satisfaction ratings, internal najboljšo prakso branže in mednarodne standarde.
or external benchmarks, industry best practices and
international standards.

Performance management Upravljanje uspešnosti In IT, the ability to manage any type of measurement, V IT-ju zmožnost upravljanja kakršnega koli tipa
including employee, team, process, operational or meritev, vključno z meritvami zaposlenega, ekipe,
financial measurements The term connotes procesa, operatitivnimi in finančnimi meritvami.
closed‐loop control and regular monitoring of the Termin označuje nadzor in redno preverjanje meritev
measurement. v zaprtem krogu.
Performance testing Preizkušanje zmogljivosti Comparing the system’s performance to other Primerjava zmogljivosti sistema z drugimi
equivalent systems, using well‐defined benchmarks enakovrednimi sistemi z uporabo natančno
opredeljenih meril uspešnosti.
Peripherals Obrobne naprave Auxiliary computer hardware equipment used for Pomožne računalniške naprave za vnos, izhod in
input, output and data storage. shranjevanje podatkov.
Scope Note: Examples of peripherals include disk Opomba: Med obrobnimi napravami so na primer
drives and printers. zunanji diski in tiskalniki.
Personal digital assistant Dlančnik (PDA) Also called palmtop and pocket computer, PDA is a Naprava z računalniško zmogljivostjo, internetom,
(PDA) handheld device that provide computing, Internet, omrežno povezavo in morda telefonsko povezavo, ki
networking and telephone characteristics. je tako velika, da jo lahko držimo v dlani.
Personal identification Osebna identifikacijska A type of password (i.e., a secret number assigned to Vrsta gesla (npr. tajna številka, dodeljena
number (PIN) številka (PIN) an individual) that, in conjunction with some means posamezniku), ki v povezavi z drugim sredstvom
of identifying the individual, serves to verify the identifikacije posameznika deluje za overjanje njegove
authenticity of the individual. identitete.
Scope Note: PINs have been adopted by financial Opomba: PIN so finančne institucije privzele kot
institutions as the primary means of verifying poglavitnno orodje za overjanje identitete strank v
customers in an electronic funds transfer (EFT) sistemih za elektronski prenos sredstev(EFT).
system.
Pervasive IS control Vseobsegajoča kontrola IS General control designed to manage and monitor the Splošna kontrola, načrtovana za upravljanje in
IS environment and which, therefore, affects all spremljanje okolja IS, ki zato vpliva na vse dejavnosti,
IS‐related activities povezane z IS.
Phase of BCP Faza načrta A step‐by‐step approach consisting of various phases. Postopni pristop, ki sestoji iz različnih faz.
neprekinjenega poslovanja Scope Note: Phase of BCP is usually comprised of the Opomba: Faze BCP navadno zajemajo naslednje faze:
(BCP) following phases: pre‐implementation phase, fazo pred uvajanjem, fazo uvajanja, fazo preizkušanja
implementation phase, testing phase, and in fazo po uvajanju.
post‐implementation phase.

Phishing Ribarjenje This is a type of electronic mail (e‐mail) attack that Vrsta napada z elektronsko pošto, ki poskuša
attempts to convince a user that the originator is uporabnika prepričati, da je pošiljatelj pravi, vendar
genuine, but with the intention of obtaining namerava pridobiti informacije za uporabo v
information for use in social engineering. socialnem inženiringu.
Scope Note: Phishing attacks may take the form of Opomba: Do napadov z ribarjenjem pride lahko v
masquerading as a lottery organization advising the obliki pretvarjanja, da je pošiljatelj loterija, ki
recipient or the user's bank of a large win; in either uporabnika obvešča o zajetnem dobitku; v vsakem
case, the intent is to obtain account and personal primeru želi dobiti podatke o osebnem računu in PIN-
identification number (PIN) details. Alternative u. Drugi napadi lahko npr. iščejo na videz neškodljive
attacks may seek to obtain apparently innocuous poslovne informacije, ki se lahko nato uporabijo v
business information, which may be used in another napadu drugačne vrste.
form of active attack.
Phreakers Kreker telefonov Those who crack security, most frequently telephone Tisti, ki predira varnostne mehanizme v telefonskih in
and other communication networks drugih komunikacijskih omrežjih.
Piggybacking Oprtanje 1. Following an authorized person into a restricted 1. Sledenje pooblaščeni osebi na območje omejenega
access area dostopa.
2. Electronically attaching to an authorized 2. Elektronski napad na pooblaščeno
telecommunications link to intercept and possibly telekomunikacijsko povezavo, s katerim se prestrezajo
alter transmissions in lahko spreminjajo prenosi.
Plaintext Golo besedilo Digital information, such as clear text, that is Digitalne informacije, kakršno je na primer navadno
intelligible to the reader besedilo, ki je razumljivo bralcu.
Platform as a Service Platforma kot storitev Offers the capability to deploy onto the cloud Ponuja zmožnost postavljanja v infrastrukturi oblaka
(PaaS) (PaaS) infrastructure customer‐created or ‐acquired za programe, ki jih stranka naredi ali kupi, napisanih v
applications that are created using programming programskem jeziku in z orodji, ki jih podpira
languages and tools supported by the provider ponudnik.
PMBOK (Project PMBOK (Project A project management standard developed by the Standard za upravljanje projektov, ki ga je ravzil
Management Body of Management Body of Project Management Institute (PMI) Inštitut za upravljanje projektov (PMI).
Knowledge) Knowledge)
Point‐of‐presence (POP) POP A telephone number that represents the area in Telefonska številka, ki predstavlja območje, na
which the communication provider or Internet service katerem ponudnik komunikacijskih ali internetnih
provider (ISP) provides service storitev omogoča uporabniku dostop do storitev.

Point‐of‐sale (POS) Sistemi prodajnih Enables the capture of data at the time and place of Omogoča zajem podatkov o datumu, času in kraju
systems terminalov (POS) transaction. transakcije.
Scope Note: POS terminals may include use of optical Opomba: Terminali POS lahko vključujejo optične
scanners for use with bar codes or magnetic card čitalnike za uporabo s črtnimi kodami ali čitalnike
readers for use with credit cards. POS systems may be magnetnih kartic za uporabo s kreditnimi karticami.
online to a central computer or may use stand‐alone Sistemi POS so lahko povezani z osrednjim
terminals or microcomputers that hold the računalnikom, ali pa uporabljajo samostojne
transactions until the end of a specified period when terminale ali mikroračunalnike, ki shranijo informacije
they are sent to the main computer for batch do konca določenega obdobja, ko se pošljejo
processing. glavnemu računalniku v paketno obdelavo.
Point‐to‐point Protocol Protokol od točke do točke A protocol used for transmitting data between two Protokol, ki se uporablja za prenos podatkov med
(PPP) (PPP) ends of a connection dvema koncema povezave.
Point‐to‐point Tunneling Tunelski protokol od točke A protocol used to transmit data securely between Protokol, ki se uporablja za varen prenos podatkov
Protocol (PPTP) do točke (PPTP) two end points to create a virtual private network med dvema končnima točkama, s katerim se ustvari
(VPN). navidezno zasebno omrežje (VPN).
Policy Politika 1. Generally, a document that records a high-level 1. Na splošno dokument, v katerem je zapisan visoko-
principle or course of action that has been decided on nivojski princip ali smer delovanja, ki je bila izbrana.
The intended purpose is to influence and guide both Njen namen je vplivati in voditi sedanje in prihodnje
present and future decision making to be in line with odločanje, tako da bo v skladu s filozofijo, cilji in
the philosophy, objectives and strategic plans strateškim načrtom, ki so jih pripravile poslovodske
established by the enterprise’s management teams. ekipe podjetja.
Scope: In addition to policy content, policies need to Opomba: Poleg vsebine politike morajo politike
describe the consequences of failing to comply with opisovati tudi posledice neskladij z njimi, sredstva za
the policy, the means for handling exceptions, and ravnanje z izjemami ter način, na katerega bo
the manner in which compliance with the policy will skladnost s politiko preverjana in merjena.
be checked and measured. 2. Splošen namen in smer, kot ju je formalno izrazilo
2. Overall intention and direction as formally poslovodstvo.
expressed by management
Polymorphism (Objects) Mnogoličnost (objekti) Polymorphism refers to database structures that send Mnogoličnost se nanaša na strukture podatkovnih
the same command to different child objects that can zbirk, ki pošiljajo isti ukaz različnim podrejenim
produce different results depending on their family objektom, ki lahko ustvarijo različne rezultate glede
hierarchical tree structure na hierarhično drevesno strukturo svoje družine.

Population Populacija The entire set of data from which a sample is selected Celoten nabor podatkov, iz katerega je izbran vzorec
and about which an IS auditor wishes to draw in na podlagi katerega želi revizor IS potegniti
conclusions zaključke.
Portfolio Portfelj A grouping of "objects of interest" (investment Skupina " objektov zanimanja" (naložbenih
programs, IT services, IT projects, other IT assets or programov, storitev IT, projektov IT, drugih dobrin in
resources) managed and monitored to optimize sredstev IT), ki je upravljana in spremljana tako, da
business value (The investment portfolio is of primary optimizira poslovno vrednost (Naložbeni portfelj
interest to Val IT. IT service, project, asset and other najbolj zadeva Val IT. Portfelji storitev IT, projektov,
resource portfolios are of primary interest to COBIT.) sredstev in drugih virov so najbolj zanimivi za COBIT.)
Posting Knjiženje The process of actually entering transactions into Postopek dejanskega vnosa transakcij v računalniške
computerized or manual files. ali ročne datoteke.
Scope Note: Posting transactions might immediately Opomba: Knjiženje transakcij lahko povzroči takojšnjo
update the master files or may result in memo osvežitev glavnih datotek ali pa povzroči začasno
posting, in which the transactions are accumulated knjiženje, pri katerem se transakcije določen čas
over a period of time and then applied to master file zbirajo, nato pa se uporabijo za osvežitev glavne
updating. datoteke.
Preventive application Preventivna aplikativna Application control that is intended to prevent an Aplikativna kontrola, katere cilj je preprečiti
control kontrola error from occurring morebitno napako.
Preventive application controls are typically executed Preventivne aplikativne kontrole se navadno izvajajo
at the transaction level, before an action is na transakcijski ravni, še preden se dejanje izvede.
performed.
Preventive control Preventivna kontrola An internal control that is used to avoid undesirable Notranja kontrola, ki se uporablja za izogibanje
events, errors and other occurrences that an neželenim dogodkom, napakam in drugim pojavom,
enterprise has determined could have a negative za katere je podjetje ugotovilo, da imajo lahko
material effect on a process or end product negativen učinek na proces ali končni produkt.
PRINCE2 (Projects in a PRINCE2 (projekti v Developed by the Office of Government Commerce PRINCE2 je razvil britanski vladni trgovinski urad
Controlled Environment) nadzorovanem okolju) (OGC), PRINCE2 is a project management method that (OGC) in je metoda projektnega vodenja, ki pokriva
covers the management, control and organization of vodenje, nadzor in organizacijo projekta.
a project.

Principle Načelo An enabler of governance and of management. Omogoča vodenje in upravljanje. Obsega vrednote in
Comprises the values and fundamental assumptions temeljne predpostavke, ki jih ima podjetje,
held by the enterprise, the beliefs that guide and put prepričanja, ki usmerjajo in določajo meje glede
boundaries around the enterprise’s decision making, sprejemanja odločitev v podjetju, komunikacija
communication within and outside the enterprise, znotraj in zunaj podjetja, in skrbništvo za premoženje
and stewardship--caring for assets owned by another. v lasti nekoga drugega.Primeri: Listina o etiki, listina o
Examples:Ethics charter, social responsibility charter. socialni odgovornosti.
Privacy Zasebnost Freedom from unauthorized intrusion or disclosure of Svoboda pred nepooblaščenim vdorom ali razkritjem
information about an individual informacij o posamezniku.
Private branch exchange PBX A telephone exchange that is owned by a private Telefonska izmenjava v lasti zasebnega podjetja, ne
(PBX) business, as opposed to one owned by a common taka, ki jo ima navadno v lasti telefonska družba ali
carrier or by a telephone company običajen operater.
Private key Zasebni ključ A mathematical key (kept secret by the holder) used Matematični ključ (ki ga imetnik skriva), ki se
to create digital signatures and, depending on the uporablja za generiranje digitalnih podpisov in,
algorithm, to decrypt messages or files encrypted (for odvisno od algoritma, za dešifriranje sporočil ali
confidentiality) with the corresponding public key datotek, šifriranih (zaradi zaupnosti) z ustreznim
javnim ključem.
Private key cryptosystems Šifrirni sistemi zasebnih Used in data encryption, it utilizes a secret key to Uporabljajo se pri šifriranju podatkov. Uporabljajo
ključev encrypt the plaintext to the ciphertext. Private key tajen ključ za pretvorbo golega besedila v tajnopis.
cryptosystems also use the same key to decrypt the Zasebni kriptosistemi uporabljajo isti ključ tudi za
ciphertext to the corresponding plaintext. dešifriranje tajnopisa v ustrezno golo besedilo.
Scope Note: In this case, the key is symmetric such Opomba: V tem primeru je ključ simetričen, tako da je
that the encryption key is equivalent to the šifrirni ključ enakovreden dešifrirnemu ključu.
decryption key.
Privilege Privilegij The level of trust with which a system object is Raven zaupanja, ki je dodeljena sistemskemu objektu.
imbued
Problem Težava In IT, the unknown underlying cause of one or more V IT prikrit vzrok za enega ali več incidentov.
incidents

Problem escalation Postopek stopnjevanja The process of escalating a problem up from junior to Postopek stopnjevanja težave od manj
procedure težave senior support staff, and ultimately to higher levels of usposobljenega k bolj usposobljenemu podpornemu
management. osebju in nazadnje do višjih ravni poslovodstva.
Scope Note: Problem escalation procedure is often Opomba: Postopek stopnjevanja težave navadno
used in help desk management, when an unresolved uporabljajo centri za pomoč uporabnikom, ko
problem is escalated up the chain of command, until nerešeno težavo predajo po hierarhični lestvici
it is solved. navzgor, dokler se ta ne razreši.
Procedure Postopek A document containing a detailed description of the Dokument, v katerem so podrobno opisani koraki,
steps necessary to perform specific operations in potrebni za izvajanje določenih operacij v skladu z
conformance with applicable standards. Procedures veljavnimi standardi. Postopki so opredeljeni kot del
are defined as part of processes. procesov.
Process Proces Generally, a collection of activities influenced by the Na splošno zbirka dejavnosti, na katere vpliva politika
enterprise’s policies and procedures that takes inputs podjetja, in procedur, ki zbira vhodne podatke iz
from a number of sources, (including other različnih virov (vključno z drugimi procesi), jih obdela
processes), manipulates the inputs and produces in ustvari izhodne podatke.
outputs. Opomba: Procesi imajo jasen poslovni razlog za
Scope Note: Processes have clear business reasons for obstoj, odgovorne lastnike, jasne vloge in
existing, accountable owners, clear roles and odgovornosti pri izvajanju procesa ter sredstva za
responsibilities around the execution of the process, merjenje uspešnosti.
and the means to measure performance.
Process goals Cilji procesa A statement describing the desired outcome of a Navedba, ki opisuje želeni izid procesa.
process. Opomba: Izid je lahko artefakt, pomembna
Scope: An outcome can be an artifact, a significant sprememba stanja ali pomembna izboljšava
change of a state or a significant capability zmogljivosti drugih procesov.
improvement of other processes.

Process maturity Ocena zrelosti procesa A subjective assessment technique derived from the Tehnika subjektivnega ocenjevanja, ki izhaja iz
assessment Software Engineering Institute (SEI) capability konceptov poenotenega modela zrelosti integracije
maturity model integration (CMMI) concepts and (CMMI) Inštituta za programsko inženirstvo (SEI) ter je
developed as a COBIT management tool. It provides razvita kot upravljavsko orodje COBIT. Poslovodstvu
management with a profile of how well developed zagotavlja pregled o stopnji razvitosti upravljanja z IT
the IT management processes are. procesi.
Scope Note: It enables management to easily place Opomba: Poslovodstvu omogoča, da se preprosto
itself on a scale and appreciate what is required if umesti na lestvico in oceni, kaj je treba izboljšati.
improved performance is needed. It is used to set Uporablja se za določanje ciljev, povečanje
targets, raise awareness, capture broad consensus, osveščenosti, pridobivanje širokega soglasja,
identify improvements and positively motivate ugotovljanje izboljšav in za pozitivno motiviranje za
change. spremembe.
Process maturity attribute Lastnost zrelosti procesa The different aspects of a process covered in an Različni vidiki procesa, ki jih pokriva pobuda za
assurance initiative dajanje zagotovil.
Production program Produkcijski program Program used to process live or actual data that were Program za obdelavo živih ali dejanskih podatkov, ki
received as input into the production environment so bili sprejeti kot vhodni v produkcijsko okolje.
Production software Produkcijska programska Software that is being used and executed to support Programska oprema, ki se uporablja in se izvaja v
oprema normal and authorized organizational operations. podporo običajnemu in pooblaščenemu
Scope Note: Production software is to be organizacijskemu delovanju.
distinguished from test software, which is being Opomba: Produkcijska programska oprema se
developed or modified, but has not yet been razlikuje od preizkusne programske opreme, ki se
authorized for use by management. razvija ali spreminja, vendar je poslovodstvo še ni
odobrilo za uporabo.
Professional competence Strokovna usposobljenost Proven level of ability, often linked to qualifications Dokazana raven zmožnosti, ki je pogosto povezana s
issued by relevant professional bodies and kvalifikacijami, ki jih izdaja ustrezno strokovno telo v
compliance with their codes of practice and standards skladu s svojim kodeksom in standardi.
Professional standards Strokovni standardi Refers to standards issued by ISACA. The term may Nanaša se na standarde, ki jih izdaja ISACA. Izraz se
extend to related guidelines and techniques that lahko nanaša tudi na povezane smernice in tehnike, ki
assist the professional in implementing and complying pomagajo strokovnjakom pri uvajanju in usklajevanju
with authoritative pronouncements of ISACA. In z veljavnimi formalnimi določili ISACA. V nekaterih
certain instances, standards of other professional primerih je mogoče upoštevati standarde drugih
organizations may be considered, depending on the strokovnih organizacij, odvisno od okoliščin, njihove
circumstances and their relevance and relevantnosti in primernosti.
appropriateness.

Program Program A structured grouping of interdependent projects that Strukturiran sklop povezanih projektov, ki je potreben
is both necessary and sufficient to achieve a desired in zadosten za doseganje želenega poslovnega izida
business outcome and create value These projects ter za ustvarjanje vrednosti. Ti projekti lahko
could include, but are not limited to, changes in the vključujejo, vendar niso omejeni na, spremembe v
nature of the business, business processes and the naravi poslovanja, poslovnih procesih in delu, ki ga
work performed by people as well as the izvajajo ljudje, pa tudi v kompetencah, potrebnih za
competencies required to carry out the work, the izvajanje dela, podporne tehnologije in organizacijske
enabling technology, and the organizational structure. strukture.
Program and project Programska in projektna The function responsible for supporting program and Funkcija, odgovorna za podporo programskih in
management office (PMO) pisarna (PMO) project managers, and gathering, assessing and projektnih vodij, ter zbiranje, ocenjevanje in
reporting information about the conduct of their poročanje o poteku programov in projektov.
programs and constituent projects
Program Evaluation and Tehnika za ovednotenje in A project management technique used in the Tehnika za upravljanje projektov, ki se uporablja za
Review Technique (PERT) pregled programa (PERT) planning and control of system projects načrtovanje in nadzor sistema projektov.
Program flowchart Diagram poteka programa Shows the sequence of instructions in a single Prikazuje zaporedje navodil posameznega programa
program or subroutine. ali subrutine.
Scope Note: The symbols used in program flowcharts Opomba: Simboli, ki se uporabljajo v diagramih
should be the internationally accepted standard. poteka programov, morajo biti mednarodno priznani
Program flowcharts should be updated when standardi. Diagrame poteka programa je treba po
necessary. potrebi osveževati.
Program narrative Predstavitev programa Provides a detailed explanation of program Podaja podrobno razlago diagrama poteka programa,
flowcharts, including control points and any external vključno s kontrolnimi točkami in zunanjimi vhodi.
input
Project Projekt A structured set of activities concerned with Strukturiran nabor dejavnosti za izvedbo določene
delivering a defined capability (that is necessary but zmogljivosti (ki so potrebne, a ne zadoščajo za dosego
not sufficient, to achieve a required business zahtevanega poslovnega rezultata) podjetja, ki
outcome) to the enterprise based on an agreed‐on temeljijo na dogovorjenem razporedu in proračunu.
schedule and budget
Project management Vodja projektne pisarne The individual function responsible for the Funkcija posameznika, odgovornega za izvedbo
officer (PMO) (PMO) implementation of a specified initiative, for določene pobude, za podporo vlogi projektnega
supporting the project management role and upravljanja in napredek stroke projektnega vodenja.
advancing the discipline of project management

Project portfolio Projektni portfelj The set of projects owned by a company. Nabor projektov v lasti družbe.
Scope Note: It usually includes the main guidelines Opomba: navadno vključuje glavne smernice, ki se
relative to each project, including objectives, costs, nanašajo na vsak projekt, vključno s cilji, stroški,
time lines and other information specific to the časovnicami in drugimi informacijami, ki se nanašajo
project. na projekt.
Project team Projektna skupina Group of people responsible for a project, whose Skupina ljudi, odgovorna za projekt, katerih mandat
terms of reference may include the development, lahko vkjučuje razvoj, nabavo, uvedbo ali vzdrževanje
acquisition, implementation or maintenance of an aplikacijskega sistema.
application system. Opomba: Med člani projektne ekipe so lahko vodje,
Scope Note: The project team members may include operativno osebje, zunanji izvajalci in revizorji IS.
line management, operational line staff, external
contractors and IS auditors.
Promiscuous mode Mešani način Allows the network interface to capture all network Omogoča omrežnemu vmesniku, da zajame ves
traffic irrespective of the hardware device to which omrežni promet ne glede na to, na katero strojno
the packet is addressed napravo je naslovljen paket.
Protection domain Domea zaščite The area of the system that the intrusion detection Območje sistema, ki ga sistem za zaznavanje vdorov
system (IDS) is meant to monitor and protect (IDS) nadzoruje in ščiti.
Protocol Protokol The rules by which a network operates and controls Pravila, po katerih deluje omrežje ter po katerih
the flow and priority of transmissions nadzoruje potek in prednostne prenose.
Protocol converter Pretvornik protokola Hardware devices, such as asynchronous and Strojne naprave, ki pretvarjajo med različnimi vrstami
synchronous transmissions, that convert between two prenosa, na primer med asinhronimi in sinhronimi.
different types of transmission
Protocol stack Protokolni sklad A set of utilities that implement a particular network Nabor pripomočkov, ki izvajajo določen omrežni
protocol. protokol.
Scope Note: For instance, in Windows machines a Opomba: Na primer, v Windows napravah sestoji
Transmission Control Protocol/Internet Protocol protokolni sklad TCP/IP iz programske opreme TCP/IP,
(TCP/IP) stack consists of TCP/IP software, sockets vtičnikov in gonilnikov za strojno opremo.
software and hardware driver software.

Prototyping Prototipiranje The process of quickly putting together a working Postopek hitrega sestavljanja delujočega modela
model (a prototype) in order to test various aspects of (prototipa), s katerim se preizkusijo različni vidiki
a design, illustrate ideas or features and gather early načrta, predstavijo ideje ali lastnosti in zberejo
user feedback. povratne informacije od prvih uporabnikov.
Scope Note: Prototyping uses programmed simulation Opomba: Prototipiranje uporablja programirane
techniques to represent a model of the final system simulacije za predstavitev modela končnega sistema,
to the user for advisement and critique. The emphasis tako da lahko uporabnik svetuje o njem in ga kritično
is on end‐user screens and reports. Internal controls oceni. Poudarek je na uporabnikovih pregledih in
are not a priority item since this is only a model. poročilih. Notranje kontrole niso prednostne, saj je to
le model.
Proxy server Namestniški strežnik A server that acts on behalf of a user. Strežnik, ki deluje v uporabnikovem imenu.
Scope Note: Typical proxies accept a connection from Opomba: Tipičen namestniški strežnik sprejme
a user, make a decision as to whether the user or povezavo od uporabnika, se odloči, ali ima
client IP address is permitted to use the proxy, uporabnikov ali odjemalčev naslov IP dovoljenje za
perhaps perform additional authentication, and uporabo strežnika, morda izvede dodatno overjanje
complete a connection to a remote destination on identitete in v uporabnikovem imenu sklene povezavo
behalf of the user. do oddaljenega mesta.
Public key Javni ključ In an asymmetric cryptographic scheme, the key that Ključ asimetrične šifrirne sheme, ki omogoča
may be widely published to enable the operation of delovanje sheme in je lahko javno objavljen.
the scheme
Public key cryptosystem Šifrirni sistem z javnim Used in data encryption, it uses an encryption key, as Uporablja se pri šifriranju podatkov. Za pretvarjanje
ključem a public key, to encrypt the plaintext to the golega besedila v tajnopis uporablja šifrirni ključ kot
ciphertext. It uses the different decryption key, as a javni ključ. Za dešifriranje tajnopisa v ustrezno golo
secret key, to decrypt the ciphertext to the besedilo uporablja drugačen dešifrirni ključ kot tajni
corresponding plaintext. ključ.
Scope Note: In contrast to a private key cryptosystem, Opomba: Za razliko od zasebnega šifrirnega sistema
the decryption key should be secret; however, the mora biti dešifrirni ključ tajen, medtem, ko je lahko
encryption key can be known to everyone. In a public šifrirni ključ znan vsem. V šifrirnem sistemu z javnim
key cryptosystem, two keys are asymmetric, such that ključem sta ključa asimetrična, tako da šifrirni ključ ni
the encryption key is not equivalent to the decryption enakovreden dešifrirnemu ključu.
key.

Public key encryption Šifriranje z javnim ključem A cryptographic system that uses two keys: one is a Šifrirni sistem, ki uporablja dva ključa: eden je javni, ki
public key, which is known to everyone, and the je znan vsem, drugi pa zasebni ali tajni kjuč, ki je znan
second is a private or secret key, which is only known samo prejemniku sporočila. Glejte tudi asimetrični
to the recipient of the message See also Asymmetric ključ.
Key.
Public key infrastructure Infrastruktura javnih A series of processes and technologies for the Vrsta postopkov in tehnologij za povezovanje šifrirnih
(PKI) ključev (PKI) association of cryptographic keys with the entity to ključev z entiteto, kateri so bili ti izdani.
whom those keys were issued
Quality Kakovost Being fit for purpose (achieving intended value) Ustreznost namenu (doseganje nameravane
vrednosti).
Quality assurance (QA) Zagotavljanje kakovosti A planned and systematic pattern of all actions Načrtovan in sistematičen vzorec vseh dejanj,
(QA) necessary to provide adequate confidence that an potrebnih za vzpostavitev zadostnega zaupanja, da
item or product conforms to established technical element ali produkt ustreza določenim tehničnim
requirements. (ISO/IEC 24765) zahtevam. (ISO/IEC 24765)
Quality management Sistem upravljanja A system that outlines the policies and procedures Sistem, ki določa smernice in postopke, potrebne za
system (QMS) kakovosti (QMS) necessary to improve and control the various izboljšavo in nadzor nad različnimi postopki, ki bodo v
processes that will ultimately lead to improved končni fazi vodili v večjo zmogljivost podjetja.
enterprise performance
Queue Vrsta A group of items that is waiting to be serviced or Skupina elementov, ki čaka na storitev ali obdelavo.
processed
Quick ship Hitro pošiljanje A recovery solution provided by recovery and/or Obnovitvena rešitev, ki jo ponuja prodajalec vnovične
hardware vendors and includes a pre‐established vzpostavitve delovanja in/ali strojne opreme in
contract to deliver hardware resources within a vključuje vnaprej sklenjeno pogodbo o dobavi
specified number amount of hours after a disaster sredstev strojne opreme v vnaprej dogovorjenem
occurs. številu ur po katastrofi.
Scope Note: The quick ship solution usually provides Opomba: Rešitev hitrega pošiljanja običajno
enterprises with the ability to recover within 72 or podjetjem omogoča vnovično vzpostavitev delovanja
more hours. v 72 ali več urah.
RACI chart Preglednica ZOPS (RACI) Illustrates who is Responsible, Accountable, Prikazuje, kdo je zadolžen, odgovoren, posvetovan,
Consulted and Informed within an organizational seznanjen (ZOPS) znotraj organizacijskega okvira.
framework

Radio wave interference Motnja radijskih valov The superposition of two or more radio waves Prekrivanje dveh ali več radijskih valov z različnim
resulting in a different radio wave pattern that is vzorcem radijskega valovanja, ki ga je težje prestreči
more difficult to intercept and decode properly in pravilno odkodirati.
Random access memory Pomnilnik z naključnim The computer’s primary working memory. Osnovni delovni pomnilnik računalnika.
(RAM) dostopom (RAM) Scope Note: Each byte of RAM can be accessed Opomba: Do vsakega bajta RAM-a je mogoče
randomly regardless of adjacent bytes. dostopati naključno ne glede na sosednje bajte.
Range check Preverjanje obsega Range checks ensure that data fall within a Preverjanja obsega zagotovijo, da se znajdejo v okviru
predetermined range vnaprej določenega obsega.
Rapid application Hiter razvoj aplikacij A methodology that enables enterprises to develop Metodologija, ki omogoča podjetjem hitrejše
development strategically important systems faster, while reducing razvijanje strateško pomembnih sistemov, hkrati pa
development costs and maintaining quality by using a zmanjšati stroške in obdržati kakovost z uporabo vrste
series of proven application development techniques, preizkušenih tehnik za razvoj aplikacij znotraj dobro
within a well‐defined methodology opredeljene metodologije.
Real‐time analysis Analiza v realnem času Analysis that is performed on a continuous basis, with Neprekinjeno izvajana analiza s pravočasno
results gained in time to alter the run‐time system pridobljenimi rezultati za spreminjanje sistema med
izvajanjem.
Real‐time processing Procesiranje v realnem An interactive online system capability that Interaktivna takojšnja zmogljivost sistema, ki takoj
času immediately updates computer files when osveži računalniške datoteke, ko so transakcije
transactions are initiated through a terminal prožene s terminala.
Reasonable assurance Razumno zagotovilo A level of comfort short of a guarantee, but Stopnja udobja brez garancije, vendar se glede na
considered adequate given the costs of the control stroške nadzora in verjetno dosežene koristi smatra za
and the likely benefits achieved ustrezno.
Reasonableness check Preverjanje razumnosti Compares data to predefined reasonability limits or Primerja podatke z vnaprej določenimi mejami
occurrence rates established for the data razumnosti ali stopnjo pojavitve, vzpostavljeno za
podatke.
Reciprocal agreement Vzajemen sporazum Emergency processing agreement between two or Sporazum o zasilnem procesiranju med dvema ali več
more enterprises with similar equipment or podjetji s podobno opremo ali aplikacijami.
applications. Opomba: Navadno stranke vzajemnega sporazuma
Scope Note: Typically, participants of a reciprocal obljubijo, da bodo drugi stranki zagotovile čas za
agreement promise to provide processing time to obdelavo, če bo prišlo do nujnega primera.
each other when an emergency arises.

Record Zapis A collection of related information that is treated as a Zbirka povezanih informacij, ki se obravnava kot
unit. enota.
Scope Note: Separate fields within the record are Opomba: Ločena polja v zapisu se uporabljajo za
used for processing of the information. obdelavo informacij.
Record, screen and report Postavitve zapisov, Record layouts provide information regarding the Postavitve zapisov podajajo informacijo o tipu zapisa,
layouts zaslonov in poročil type of record, its size and the type of data contained njegovi velikosti in tipu vsebovanih podatkov.
in the record. Screen and report layouts describe Postavitve zaslonov in poročil opisujejo, katere
what information is provided and necessary for input. informacije so podane in potrebne za vnos.
Recovery action Vnovična vzpostavitev Execution of a response or task according to a written Izvajanje odziva ali naloge v skladu z napisanim
procedure postopkom.
Recovery point objective Ciljna točka obnove (RPO) Determined based on the acceptable data loss in case Določa se na podlagi sprejemljive izgube podatkov v
(RPO) of a disruption of operations primeru motnja delovanja.
It indicates the earliest point in time that is Prikazuje najzgodnejšo točko v času, ki je sprejemljiva
acceptable to recover the data. The RPO effectively za obnovitev podatkov. Učinkovito meri dovoljeno
quantifies the permissible amount of data loss in case količino izgubljenih podatkov v primeru prekinitve
of interruption. delovanja.
Recovery strategy Strategija obnovitve An approach by an enterprise that will ensure its Pristop, s katerim bo podjetje zagotovilo obnovitev in
recovery and continuity in the face of a disaster or neprekinjeno delovanje ob katastrofi ali drugem
other major outage. večjem izpadu.
Scope Note: Plans and methodologies are determined Opomba: Načrte in metodologijo določa strategija
by the enterprise's strategy. There may be more than podjetja. Za strategijo podjetja lahko obstaja več kot
one methodology or solution for an enterprise's ena metodologija ali rešitev. Zgledi metodologij in
strategy. Examples of methodologies and solutions rešitev: pogodba za vročo ali hladno lokacijo,
include: contracting for hot site or cold site, building vzpostavitev interne vroče ali hladne lokacije,
an internal hot site or cold site, identifying an prepoznavanje alternativnega delovnega območja,
alternate work area, a consortium or reciprocal konzorcij ali vzajemni sporazum, pogodba za mobilno
agreement, contracting for mobile recovery or crate vnovično vzpostavitev stanja ali hitro pošiljanje in
and ship, and many others. drugi.
Recovery testing Preizkušanje obnovitve A test to check the system’s ability to recover after a Preizkus, s katerim preverjamo sposobnost obnovitve
software or hardware failure sistema po odpovedi programske ali strojne opreme.
Recovery time objective Ciljni čas obnove (RTO) The amount of time allowed for the recovery of a Čas, dovoljen za obnovitev poslovne funkcije ali
(RTO) business function or resource after a disaster occurs sredstva po katastrofi.

Redo logs Ponovitveni dnevniki Files maintained by a system, primarily a database Datoteke, ki jih vzdržuje sistem, primarno sistem za
management system (DBMS), for the purpose of upravljanje podatkovnih baz (SUPB), z namenom
reapplying changes following an error or outage vnovičnega vnašanja sprememb po obnovitvi zaradi
recovery napake ali izpada.
Redundancy check Preverjanje z redundanco Detects transmission errors by appending calculated Odkriva napake v prenosu s pripenjanjem izračunanih
bits onto the end of each segment of data bitov na konec vsakega podatkovnega segmenta.
Redundant Array of Diskovno polje (RAID) Provides performance improvements and Skrbi za izboljšano zmogljivost in odpornost proti
Inexpensive Disks (RAID) fault‐tolerant capabilities via hardware or software napakam s strojnimi in programskimi rešitvami za
solutions, by writing to a series of multiple disks to zapisovanje na več diskov, kar izboljša zmogljivost
improve performance and/or save large files in/ali sočasno shranjuje velike datoteke.
simultaneously
Redundant site Redundantna lokacija A recovery strategy involving the duplication of key IT Strategija obnovitve, ki vključuje podvojitev ključnih
components, including data or other key business komponent IT, vključno s podatki in drugimi ključnimi
processes, whereby fast recovery can take place poslovnimi procesi, s katero je mogoče izvesti hitro
obnovitev.
Reengineering Reinženiring A process involving the extraction of components Postopek, ki vključuje ekstrakcijo komponent iz
from existing systems and restructuring these obstoječih sistemov ter njihovo restrukturiranje za
components to develop new systems or to enhance razvoj novih sistemov ali izboljšano učinkovitost
the efficiency of existing systems. obstoječih.
Scope Note: Existing software systems can be Opomba: Obstoječe programske sisteme je mogoče
modernized to prolong their functionality. An posodobiti za podaljšanje njihove funkcionalnosti.
example is a software code translator that can take an Zgled: prevajalnik programske kode, ki lahko vzame
existing hierarchical database system and transpose it obstoječi sistem hierarhične zbirke podatkov in ga
to a relational database system. Computer‐aided prenese v sistem relacijske zbirke podatkov.
software engineering (CASE) includes a source code Računalniško podprt programski inženiring (CASE)
reengineering feature. vključuje reinženiring izvorne kode.
Registration authority (RA) Organ za registracijo (RA) The individual institution that validates an entity's Posamezna institucija, ki overja dokazilo identitete
proof of identity and ownership of a key pair neke entitete in lastništvo para ključev.
Regression testing Regresijsko testiranje A testing technique used to retest earlier program Tehnika preizkušanja predhodnih izrednih zaustavitev
abends or logical errors that occurred during the programa ali logičnih napak, do katerih je prišlo v
initial testing phase začetni fazi preizkušanja.

Relational database Sistem za upravljanje The general purpose of a database is to store and Splošni namen zbirke podatkov je shranjevanje in
management system relacijske zbirke podatkov retrieve related information. pridobivanje povezanih informacij.
(RDBMS) (RDBMS) Scope Note: Database management systems have Opomba: Sistem za upravljanje zbirke podatkov se je
evolved from hierarchal to network to relational razvil od hierarhičnega prek omrežnega do
models. Today, the most widely accepted database relacijskega modela. Dandanes je najbolj splošno
model is the relational model. The relational model sprejet relacijski podatkovni model. Relacijski
has three major aspects: structures, operations and podatkovni model ima tri glavne vidike: strukturo,
integrity rules. An Oracle database is a collection of delovanje in pravila celovitosti. Oraclova zbirka
data that is treated as a unit. podatkov je zbirka podatkov, ki se obravnava kot
enota.
Relevant audit evidence Relevanten revizijski dokaz Audit evidence is relevant if it pertains to the audit Revizijski dokaz je relevanten, če se nanaša na
objectives and has a logical relationship to the revizijske cilje in ima logično zvezo z najdbami in
findings and conclusions it is used to support. sklepi, ki se uporabljajo za podporo.
Reliable audit evidence Zanesljiv revizijski dokaz Audit evidence is reliable if, in the IS auditor's opinion, Zanesljiv je, če je po mnenju revizorja IS veljaven,
it is valid, factual, objective and supportable. dejanski, objektiven in podprt.
Remote access service Storitev oddaljenega Refers to any combination of hardware and software Nanaša se na katero koli kombinacijo strojne in
(RAS) dostopa (RAS) to enable the remote access to tools or information programske opreme, ki omogoča oddaljeni dostop do
that typically reside on a network of IT devices. orodij ali informacij, ki navadno domujejo v omrežju
Scope Note: Originally coined by Microsoft when naprav IT.
referring to their built‐in NT remote access tools, RAS Opomba: Termin je ustvaril Microsoft za oznako
was a service provided by Windows NT which allowed svojih vgrajenih orodij za oddaljeni dostop NT. RAS je
most of the services that would be available on a bila storitev, ki jo je omogočal Windows NT in je
network to be accessed over a modem link. Over the dovoljevala dostop prek modemske povezave do
years, many vendors have provided both hardware večine storitev, ki bi bile sicer na voljo v omrežju. V
and software solutions to gain remote access to naslednjih letih je veliko prodajalcev ustvarilo strojne
various types of networked information. In fact, most in programske rešitve za oddaljeni dostop do
modern routers include a basic RAS capability that raznovrstnih omrežnih informacij. Danes večina
can be enabled for any dial‐up interface. sodobnih usmerjevalnikov vključuje zmogljivost RAS,
ki se lahko omogoči za kateri koli klicni vmesnik.
Remote Authentication Storitev overjanja A type of service providing an authentication and Tip storitve, ki omogoča sistem za overjanje in
Dial‐in User Service oddaljenega klicnega accounting system often used for dial‐up and remote obračunavanje, pogosto uporabljan za varnostno
(RADIUS) uporabnika (RADIUS) access security preverjanje pri klicnem in oddaljenem dostopu.

Remote job entry (RJE) Oddaljeni vnos posla (RJE) The transmission of job control language (JCL) and Prenos jezika za nadzor poslov (JCL) in paketov
batches of transactions from a remote terminal transakcij z mesta oddaljenega terminala.
location
Remote procedure call Oddaljeni klic procedure The traditional Internet service protocol widely used Tradicionalni internetni storitveni protokol, ki so ga
(RPC) (RPC) for many years on UNIX‐based operating systems and več let uporabljali operacijski sistemi UNIX in ga je
supported by the Internet Engineering Task Force podpirala Delovna skupina za internetno tehniko
(IETF) that allows a program on one computer to (IETF), ki omogoča programu na enem računalniku
execute a program on another (e.g., server). izvajanje programa na drugem (npr. strežniku).
Scope Note: The primary benefit derived from its use Opomba: Glavna prednost te uporabe je, da
is that a system developer need not develop specific sistemskemu razvijalcu ni treba razviti posebnih
procedures for the targeted computer system. For procedur za ciljani računalniški sistem. Na primer, v
example, in a client‐server arrangement, the client ureditvi odjemalec-strežnik odjemalski program pošlje
program sends a message to the server with sporočilo strežniku z ustreznimi argumenti, strežnik
appropriate arguments, and the server returns a pa vrne sporočilo z rezultatom izvedenega programa.
message containing the results of the program Arhitektura posrednikov zahtev skupnih objektov
executed. Common Object Request Broker (CORBA) in Objektni model porazdeljenih komponent
Architecture (CORBA) and Distributed Component (DCOM) sta novejši objektno usmerjeni metodi za
Object Model (DCOM) are two newer object‐ oriented povezano funkcionalnost RPC.
methods for related RPC functionality.
Repeaters Ponavljalniki A physical layer device that regenerates and Naprava, ki deluje na fizični plasti ter obnavlja in
propagates electrical signals between two network razširja električne signale med dvema segmentoma
segments. omrežja.
Scope Note: Repeaters receive signals from one Opomba: Ponavljalniki sprejemajo signale enega
network segment and amplify (regenerate) the signal segmenta omrežja in jih ojačajo (obnovijo), da
to compensate for signals (analog or digital) distorted nadomestijo popačenje signala (analognega ali
by transmission loss due to reduction of signal digitalnega), do katerega pride zaradi izgub ali
strength during transmission (i.e., attenuation) zmanjšanja moči signala med prenosom (t.j. ošibitve).

Replication Podvojevanje In its broad computing sense, involves the use of V širšem smislu računalništva vključuje uporabo
redundant software or hardware elements to provide podvojenih elementov programske ali strojne
availability and fault‐tolerant capabilities In a opreme, ki poskrbijo za razpoložljivost in odpornost
database context, replication involves the sharing of proti napakam. V kontekstu podatkovnih zbirk
data between databases to reduce workload among podvojevanje zajema deljenje podatkov med zbirkami
database servers, thereby improving client podatki, da se porazdeli obremenitev obdelave med
performance while maintaining consistency among all podatkovne strežnike, s čimer se poveča učinkovitost
systems. odjemalca ob ohranitvi konsistentnosti med vsemi
sistemi.
Repository Shramba An enterprise database that stores and organizes data Podatkovna zbirka podjetja, ki hrani in organizira
podatke.
Repudiation Zanikanje The denial by one of the parties to a transaction, or Zavračanje transakcije s strani enega udeleženca v
participation in all or part of that transaction, or of transakciji ali zavračanje sodelovanja v vsej ali delih
the content of communication related to that transakcije ali zavračanje vsebine komunikacije, ki je
transaction povezana s to transakcijo.
Reputation risk Tveganje ugleda The current and prospective effect on earnings and Trenutni ali morebitni učinek na prihodke in kapital, ki
capital arising from negative public opinion. izhaja iz negativnega javnega mnenja.
Scope Note: Reputation risk affects a bank’s ability to Opomba: Tveganje ugleda vpliva na zmožnost banke,
establish new relationships or services, or to continue da vzpostavi nove odnose ali storitve ali da nadaljuje
servicing existing relationships. It may expose the izvajanje storitev za trenutne odnose. Banko lahko
bank to litigation, financial loss or a decline in its izpostavi tožbam, finančnim izgubam ali upadu baze
customer base. A bank’s reputation can be damaged strank. Ugledu banke lahko škodijo tudi internetne
by Internet banking services that are executed poorly bančne storitve, ki so slabo izvajane ali kako drugače
or otherwise alienate customers and the public. An odganjajo stranke in javnost. Internetna banka izgubi
Internet bank has a greater reputation risk as ugled hitreje kakor tradicionalna banka, saj stranke
compared to a traditional brick‐and‐mortar bank, lažje preidejo od nje k drugi banki, saj ni možnosti
because it is easier for its customers to leave and go osebnega pogovora o težavah s stranko.
to a different Internet bank and since it cannot
discuss any problems in person with the customer.
Request for comments Zahteva po komentarjih A document that has been approved by the Internet Dokument, ki ga je odobrila Delovna skupina za
(RFC) (RFC) Engineering Task Force (IETF) becomes an RFC and is internetno tehniko (IETF), postane RFC in mu je
assigned a unique number once published. dodeljena edinstvena številka, ko je objavljen.
Scope Note: If the RFC gains enough interest, it may Opomba: Če RFC pridobi dovolj zanimanja, se lahko
evolve into an Internet standard. razvije v internetni standard.

Request for proposal (RFP) Zahteva za ponudbo (RFP) A document distributed to software vendors Dokument z zahtevo, ki ga prejmejo dobavitelji
requesting them to submit a proposal to develop or programske opreme, za pripravo ponudbe za razvoj
provide a software product ali dobavo produkta programske opreme.
Requirements definition Opredelitev zahtev A technique used in which the affected user groups Tehnika, s katero udeležene skupine uporabnikov
define the requirements of the system for meeting opredelijo zahteve sistema za izpolnjevanje
the defined needs. opredeljenih potreb.
Scope Note: Some of these are business‐, regulatory‐, Opomba: Zahteve so lahko poslovne, zakonske in
and security‐related requirements as well as varnostne, lahko pa so tudi povezane z razvojem.
development‐related requirements.
Residual risk Preostalo tveganje The remaining risk after management has Preostalo tveganje, po tem, ko je poslovodstvo
implemented a risk response vpeljalo odziv na tveganja.
Resilience Odpornost The ability of a system or network to resist failure or Zmožnost sistema ali omrežja, da se upira odpovedi
to recover quickly from any disruption, usually with ali da po motnji spet hitro vzpostavi delovanje,
minimal recognizable effect navadno z minimalno opaznim učinkom.
Resource Sredstvo Any enterprise asset that can help the organization Katero koli premoženje podjetja, ki lahko organizaciji
achieve its objectives pomaga doseči njene cilje.
Resource optimization Optimizacija sredstev One of the governance objectives. Involves effective, Eden od ciljev vodenja. Zajema učinkovito in
efficient and responsible use of all resources— odgovorno uporabo vseh sredstev - človeških virov,
human, financial, equipment, facilities, etc. finančnih virov, opreme, prostorov in naprav itd.
Responsible Zadolžen In a Responsible, Accountable, Consulted, Informed V preglednici ZOPS (Zadolžen, Odgovoren,
(RACI) chart, refers to the person who must ensure Posvetovan, Seznanjen) se nanaša na osebo, ki mora
that activities are completed successfully zagotoviti, da se aktivnosti uspešno dokončajo.
Return on investment Donosnost naložbe (ROI) A measure of operating performance and efficiency, Merilo operativne uspešnosti in učinkovitosti,
(ROI) computed in its simplest form by dividing net income izračunano v najbolj enostavni obliki z delitvijo neto
by the total investment over the period being dohodka s skupnim vložkom v obravnavanem
considered obdobju.
Reverse engineering Povratno inženirstvo A software engineering technique whereby an Tehnika programskega inženirstva, s katero je mogoče
existing application system code can be redesigned obstoječo aplikcijsko kodo povrniti v izvorno obliko s
and coded using computer‐aided software tehnologijo računalniško podprtega programskega
engineering (CASE) technology inženiringa (CASE).

Ring configuration Konfiguracija obroča Used in either token ring or fiber distributed data Uporablja se v omrežjih obroča z žetonom ali FDDI.
interface (FDDI) networks, all stations (nodes) are Vse postaje (vozlišča) so povezane z enoto za več-
connected to a multi‐station access unit (MSAU), that postajni dostop (MSAU), ki je fizično podobna
physically resembles a star‐type topology. topologiji zvezde.
Scope Note: A ring configuration is created when Opomba: Konfiguracija obroča se ustvari, ko so enote
MSAUs are linked together in forming a network. MSAU medsebojno povezane ter tvorijo omrežje.
Messages in the network are sent in a deterministic Sporočila v omrežju se vnparej opredeljeno pošiljajo
fashion from sender and receiver via a small frame, od pošiljatelja in prejemnika prek majhnega okvira, ki
referred to as a token ring. To send a message, a ga imenujemo obroč z žetonom. Da bi poslal
sender obtains the token with the right priority as the sporočilo, pošiljatelj pridobi žeton s pravo prioriteto,
token travels around the ring, with receiving nodes ki potuje po obroču, vozlišča - prejemniki pa
reading those messages addressed to it. preberejo tista sporočila, ki so naslovljena nanje.
Ring topology Topologija obroča A type of local area network (LAN) architecture in Vrsta arhitekture lokalnega omrežja (LAN), v kateri
which the cable forms a loop, with stations attached kabel oblikuje zanko, okoli katere so razpostavljene in
at intervals around the loop. pripete postaje.
Scope Note: In ring topology, signals transmitted Opomba: V topologiji obroča signali, ki se prenašajo
around the ring take the form of messages. Each po obroču, privzamejo obliko sporočil. Vsaka postaja
station receives the messages and each station prejme sporočila in vsaka na podlagi naslova odloči,
determines, on the basis of an address, whether to ali bo sprejela ali obdelala določeno sporočilo. Vendar
accept or process a given message. However, after po prejetju sporočila vsaka postaja deluje kot
receiving a message, each station acts as a repeater, repetitor in spet pošlje sporočilo z izvorno močjo
retransmitting the message at its original signal signala.
strength.
Risk Tveganje The combination of the probability of an event and its Kombinacija verjetnosti dogodka in njegove posledice.
consequence. (ISO/IEC 73) (ISO/IEC 73)
Risk aggregation Združevanje tveganja The process of integrating risk assessments at a Postopek integracije ocen tveganja na nivoju
corporate level to obtain a complete view on the korporacije, tako da je omogočen celosten pregled
overall risk for the enterprise tveganja za podjetje.

Risk analysis Analiza tveganja 1. A process by which frequency and magnitude of IT 1. Postopek, s katerim sta ocenjena pogostost in vpliv
risk scenarios are estimated 2. The initial steps of risk scenarijev tveganja IT. 2. Začetni koraki upravljanja
management: analyzing the value of assets to the tveganj: analiza vrednosti sredstev podjetja,
business, identifying threats to those assets and prepoznavanje groženj do sredstev, ovrednotenje
evaluating how vulnerable each asset is to those ranljivosti vsakega sredstva za ta tveganja.
threats. Opomba: Pogosto vključuje ovrednotenje verjetne
Scope Note: It often involves an evaluation of the pogostosti določenega dogodka, pa tudi verjetni
probable frequency of a particular event, as well as učinek tega dogodka.
the probable impact of that event.
Risk appetite Apetit tveganja The amount of risk, on a broad level, that an entity is Količina tveganja, na splošno, ki jo je entiteta
willing to accept in pursuit of its mission pripravljena sprejeti pri zasledovanju svoje naloge.
Risk assessment Ocena tveganja A process used to identify and evaluate risk and its Postopek, ki se uporablja za prepoznavanje in oceno
potential effects. tveganja in možnih učinkov tveganja.
Scope Note: Includes assessing the critical functions Opomba: Vključuje ovrednotenje kritičnih funkcij, ki
necessary for an enterprise to continue business jih podjetje potrebuje za nadaljevanje poslovnih
operations, defining the controls in place to reduce operacij, opredelitev nadzornih mehanizmov za
enterprise exposure and evaluating the cost for such zmanjšanje izpostavljenosti podjetja in oceno stroškov
controls. Risk analysis often involves an evaluation of za te mehanizme. Analiza tveganja pogosto vključuje
the probabilities of a particular event. oceno verjetnosti določenega dogodka.
Risk avoidance Izogibanje tveganju The process for systematically avoiding risk, Postopek sistematičnega izogibanja tveganju, ki
constituting one approach to managing risk predstavlja enega od pristopov k upravljanju tveganja.
Risk culture Kultura tveganja The set of shared values and beliefs that governs Nabor skupnih vrednot in prepričanj, ki vodi odnos do
attitudes toward risk‐taking, care and integrity, and sprejemanja tveganja, skrbi in integritete, ter določa,
determines how openly risk and losses are reported kako odkritosrčno se poroča in razpravlja o tveganju
and discussed in izgubah.
Risk evaluation Ovrednotenje tveganja The process of comparing the estimated risk against Postopek primerjanja ocenjenega tveganja s podanimi
given risk criteria to determine the significance of the merili tveganja za določitev pomembnosti tveganja.
risk. [ISO/IEC Guide 73:2002] [ISO/IEC Vodič 73:2002]
Risk factor Faktor tveganja A condition that can influence the frequency and/or Pogoj, ki lahko vpliva na pogostost ali vpliv in končno,
magnitude and, ultimately, the business impact of poslovni učinek dogodkov/scenarijev, povezanih z IT.
IT‐related events/scenarios
Risk indicator Kazalnik tveganja A metric capable of showing that the enterprise is Merilo, s katerim lahko prikažemo, da je podjetje
subject to, or has a high probability of being subject podvrženo ali da je zelo verjetno, da bo izpostavljeno
to, a risk that exceeds the defined risk appetite tveganju, ki presega opredeljeni apetit po tveganju.

Risk management Upravljanje tveganj 1. The coordinated activities to direct and control an 1. Usklajene dejavnosti za usmerjanje in nadzor
enterprise with regard to risk podjetja glede tveganj.
In the International Standard, the term "control" is V mednarodnih standardih je izraz "nadzor"
used as a synonym for "measure." (ISO/IEC Guide uporabljan kot sinonim za "ukrep". (ISO/IEC Vodič
73:2002) 73:2002)
2. One of the governance objectives. Entails 2. Eden od ciljev poslovodstva. Zajema prepoznavanje
recognizing risk; assessing the impact and likelihood tveganja; ovrednotenje vpliva in verjetnosti tveganja;
of that risk; and developing strategies, such as in razvoj strategij, npr. za izogibanje tveganju,
avoiding the risk, reducing the negative effect of the zmanjševanje negativnega učinka tveganja in/ali
risk and/or transferring the risk, to manage it within prenos tveganja, da ga je mogoče upravljati znotraj
the context of the enterprise’s risk appetite. okvira apetita tveganja podjetja.
Risk map Zemljevid tveganja A (graphic) tool for ranking and displaying risk by (Grafično) orodje za razvrstitev in prikaz tveganja po
defined ranges for frequency and magnitude opredeljenih obsegih pogostosti in vpliva.
Risk mitigation Omilitev tveganja The management of risk through the use of Upravljanje tveganj z uporabo protiukrepov in
countermeasures and controls kontrol.
Risk portfolio view Pregled portfelja tveganj 1. A method to identify interdependencies and 1. Metoda za prepoznavanje medsebojne odvisnosti
interconnections among risk, as well as the effect of in povezanosti med tveganji, pa tudi učinek odzivov
risk responses on multiple types of risk 2. A method na tveganje na različne vrste tveganja. 2. Metoda za
to estimate the aggregate impact of multiple types of oceno skupnega vpliva več različnih vrst tveganja (npr.
risk (e.g., cascading and coincidental threat zaporednih ali hkratnih tipov groženj/scenarijev,
types/scenarios, risk concentration/correlation across koncentracija/korelacija tveganja prek silosa) in
silos) and the potential effect of risk response across morebitnega učinka odziva na tveganje prek več
multiple types of risk različnih vrst tveganja.
Risk tolerance Dovoljeno tveganje The acceptable level of variation that management is Sprejemljiva raven odstopanja, ki jo je poslovodstvo
willing to allow for any particular risk as the pripravljeno dovoliti za posamezno tveganje, ko
enterprise pursues its objectives podjetje sledi svojim ciljem.
Risk transfer Prenos tveganja The process of assigning risk to another enterprise, Postopek dodeljevanja tveganja drugemu podjetju,
usually through the purchase of an insurance policy or navadno z nakupom zavarovalne police ali s predajo
by outsourcing the service storitve zunanjemu izvajalcu.
Risk treatment Obravnavanje tveganja The process of selection and implementation of Postopek izbire in uvedbe ukrepov za spreminjanje
measures to modify risk (ISO/IEC Guide 73:2002) tveganja (ISO/IEC Vodič 73:2002)
Root cause analysis Analiza izvora napake A process of diagnosis to establish the origins of Diagnostični postopek za ugotavljanje izvora dogodka,
events, which can be used for learning from ki se lahko uporablja za učenje s posledic, navadno iz
consequences, typically from errors and problems napak in težav.

Rootkit Korenski komplet A software suite designed to aid an intruder in gaining Programski paket, načrtovan za pomoč vdiralcu pri
unauthorized administrative access to a computer pridobivanju nepooblaščenega skrbniškega dostopa
system do računalniškega sistema.
Rotating standby Izmenična pripravljenost A fail‐over process in which there are two nodes (as in Nadomestni način delovanja, v katerem sta dve
idle standby but without priority). vozlišči (tako kot pri nedejavnem stanju
Scope Note: The node that enters the cluster first pripravljenosti, vendar nimata dodeljene prednosti).
owns the resource group, and the second will join as a Opomba: Vozlišče, ki prvo vstopi v gručo, ima v lasti
standby node. skupino sredstev, drugo pa se bo pridružilo kot
vozlišče v pripravljenosti.
Rounding down Zaokrožanje navzdol A method of computer fraud involving a computer Način računalniške goljufije z računalniško kodo, ki
code that instructs the computer to remove small daje računalniku navodilo, da odšteva majhne vsote
amounts of money from an authorized computer denarja iz pooblaščenih računalniških transakcij z
transaction by rounding down to the nearest whole zaokrožanjem navzdol na najbližjo celo vrednost
value denomination and rerouting the rounded off valute in odšteti znesek prepošlje na vdiralčev račun.
amount to the perpetrator’s account
Router Usmerjevalnik A networking device that can send (route) data Omrežna naprava, ki lahko pošlje (usmerja)
packets from one local area network (LAN) or wide podatkovne pakete iz enega lokalnega omrežja (LAN)
area network (WAN) to another, based on addressing ali prostranega omrežja (WAN) v drugo glede na
at the network layer (Layer 3) in the open systems naslavljanje v omrežnem sloju (Sloj 3) v modelu OSI.
interconnection (OSI) model. Opomba: Omrežja, povezana z usmerjevalniki, lahko
Scope Note: Networks connected by routers can use uporabljajo različne ali podobne omrežne protokole.
different or similar networking protocols. Routers Usmerjevalniki navadno lahko filtrirajo pakete glede
usually are capable of filtering packets based on na parametre, na primer glede na izvorni naslov, ciljni
parameters, such as source addresses, destination naslov, protokol in omrežne aplikacije (vrata).
addresses, protocol and network applications (ports).
RS‐232 interface Vmesnik RS-232 An interface between data terminal equipment and Vmesnik med podatkovno terminalsko oprema in
data communications equipment employing serial opremo za podatkovno komunikacijo, ki uporablja
binary data interchange zaporedno izmenjavo binarnih podatkov.

RSA RSA A public key cryptosystem developed by R. Rivest, A. Šifrirni sistem z javnim ključem, ki so ga razvili R.
Shamir and L. Adleman used for both encryption and Rivest, A. Shamir in L. Adleman in se uporablja za
digital signatures. šifriranje in za digitalne podpise.
Scope Note: The RSA has two different keys, the Opomba: RSA ima dva različna ključa, javni šifrirni
public encryption key and the secret decryption key. ključ in tajni dešifrirni ključ. Moč RSA je odvisna od
The strength of the RSA depends on the difficulty of težavnosti razbitja na praštevila. Za aplikacije z visoko
the prime number factorization. For applications with stopnjo varnosti bi moral imeti dešifrirni ključ več kot
high‐level security, the number of the decryption key 512 bitov.
bits should be greater than 512 bits.
Rulebase Temeljna pravila The list of rules and/or guidance that is used to Seznam pravil in/ali smernic, ki se uporabljajo za
analyze event data analizo podatkov o dogodku.
Run instructions Navodila za zagon Computer operating instructions which detail the Navodila za delovanje računalnika s podrobnimi
step‐by‐step processes that are to occur so an koraki postopka, ki se mora izvesti, da se lahko
application system can be properly executed; also aplikacijski sistem pravilno izvaja; podaja tudi način
identifies how to address problems that occur during lotevanja težav, do katerih prihaja med obdelavo.
processing
Run‐to‐run totals Kontrolne vsote Provide evidence that a program processes all input Podajajo dokaz, da program obdela vse vhodne
data and that it processed the data correctly podatke in da je podatke obdelal pravilno.
Safeguard Varovalo A practice, procedure or mechanism that reduces risk Praksa, postopek ali mehanizem za zmanjšanje
tveganja.
Salami technique Tehnika salame A method of computer fraud involving a computer Način računalniške goljufije z računalniško kodo, ki
code that instructs the computer to slice off small daje računalniku navodilo, da odšteva majhne vsote
amounts of money from an authorized computer denarja iz pooblaščenih računalniških transakcij in
transaction and reroute this amount to the odšteti znesek prepošlje na vdiralčev račun.
perpetrator’s account
Sampling risk Tveganje vzorčenja The probability that an IS auditor has reached an Verjetnost, da je revizor IS prišel do napačnega
incorrect conclusion because an audit sample, rather sklepa, ker ga je izpeljal na podlagi vzorca, ne pa na
than the entire population, was tested. podlagi celotne populacije.
Scope Note: While sampling risk can be reduced to an Opomba: Tveganje vzorčenja je mogoče zmanjšati na
acceptably low level by using an appropriate sample sprejemljivo nizko stopnjo z uporabo ustrezno
size and selection method, it can never be eliminated. velikega vzorca in izbiro načina, vendar ga ni mogoče
popolnoma izničiti.

Scheduling Razporejanje A method used in the information processing facility Način, ki ga zmogljivost za obdelavo informacij (IPF)
(IPF) to determine and establish the sequence of uporablja za določanje in vzpostavljanje zaporedja
computer job processing računalniških opravil.
Scope creep Sprememba obsega Also called requirement creep, this refers to Imenujemo jo tudi sprememba zahtev in se nanaša na
uncontrolled changes in a project’s scope. nenadzorovane spremembe v obsegu projekta.
Scope Note: Scope creep can occur when the scope of Opomba: Do sprememb obsega lahko pride, ko obseg
a project is not properly defined, documented and projekta ni pravilno opredeljen, dokumentiran in
controlled. Typically, the scope increase consists of nadzorovan. Navadno povečanje obsega zajema čisto
either new products or new features of already nove produkte ali nove lastnosti že odobrenih
approved products. Hence, the project team drifts produktov. Zaradi tega se projektna ekipa oddalji od
away from its original purpose. Because of one’s izvirnega cilja. Ker se človek navadno osredotoča na
tendency to focus on only one dimension of a project, eno plat projekta, lahko sprememba obsega povzroči
scope creep can also result in a project team tudi preseganje originalnega proračuna in časovnega
overrunning its original budget and schedule. For razporeda. Sprememba obsega je lahko na primer
example, scope creep can be a result of poor change rezultat slabega nadzora sprememb, nepravilnega
control, lack of proper identification of what products prepoznavanja produktov in lastnosti, ki so potrebni
and features are required to bring about the za doseganje ciljev projekta, ali pa šibkega
achievement of project objectives in the first place, or projektnega vodje ali izvršnega sponzorja.
a weak project manager or executive sponsor.
Scoping process Opredeljevanje obsega Identifying the boundary or extent to which a process, Prepoznavanje meja ali razsežnosti, do katerih segajo
procedure, certification, contract, etc., applies proces, postopek, certifikacija, pogodba itd.
Screening routers Izločilni usmerjevalniki A router configured to permit or deny traffic based on Usmerjevalnik nastavljen tako, da omogoča ali
a set of permission rules installed by the preprečuje promet na podlagi nabora pravil o
administrator dovoljenjih, ki jih vzpostavi skrbnik.
Secure Sockets Layer (SSL) Sloj varnih vtičnic (SSL) A protocol that is used to transmit private documents Protokol, ki se uporablja za prenos zasebnih
through the Internet. dokumentov po internetu.
Scope Note: The SSL protocol uses a private key to Opomba: Protokol SSL uporablja zasebni ključ za
encrypt the data that are to be transferred through šifriranje podatkov, ki jih je treba prenesti po povezavi
the SSL connection. SSL.
Security administrator Skrbnik varnosti The person responsible for implementing, monitoring Oseba, zadolžena za uvajanje, nadzor in uveljavljanje
and enforcing security rules established and varnostnih pravil, ki jih določi in odobri poslovodstvo.
authorized by management

Security awareness Osveščenost o varnosti The extent to which every member of an enterprise Obseg, ki ga naj vsak član podjetja in vsak drug
and every other individual who potentially has access posameznik, ki ima možnost dostopa do informacij
to the enterprise's information understand: ‐Security podjetja, razume: ‐Varnost in stopnje varnosti, ki
and the levels of security appropriate to the ustrezajo podjetju; ‐Pomembnost varnosti in
enterprise ‐The importance of security and posledice pomanjkanja varnosti; ‐Njihova osebna
consequences of a lack of security ‐Their individual odgovornost glede varnosti (in ustrezno ravnanje).
responsibilities regarding security (and act Opomba: Ta definicija temelji na definiciji
accordingly). osveščenosti o varnosti IT, kot je opredeljena v vodiču
Scope Note: This definition is based on the definition za uvajanje: How to Make Your Organization Aware of
for IT security awareness as defined in IT Security, European Security Forum (ESF), London,
Implementation Guide: How to Make Your 1993
Organization Aware of IT Security, European Security
Forum (ESF), London, 1993
Security awareness Kampanja osveščanja o A predefined, organized number of actions aimed at Vnaprej opredeljena organizirana dejanja, katerih cilj
campaign varnosti improving the security awareness of a special target je povečanje osveščenosti ciljnega občinstva o
audience about a specific security problem Each posebnem varnostnem problemu. Vsak program za
security awareness program consists of a number of osveščanje o varnosti sestoji iz več kampanj za
security awareness campaigns. osveščanje.
Security awareness Koordinator osveščanja o The individual responsible for setting up and Posameznik, odgovoren za vzpostavljanje in
coordinator varnosti maintaining the security awareness program and vzdrževanje programa za osveščanje o varnosti ter
coordinating the different campaigns and efforts of koordiniranje različnih kampanj in prizadevanj za
the various groups involved in the program He/she is različne skupine, vključene v program. Odgovoren je
also responsible for making sure that all materials are tudi, da je material pripravljen, zagovorniki/trenerji
prepared, advocates/trainers are trained, campaigns izurjeni, kampanje načrtovane, dogodki oglaševani in
are scheduled, events are publicized and the program da program kot celota napreduje.
as a whole moves forward.

Security awareness Program osveščanja o A clearly and formally defined plan, structured Jasno in formalno opredeljen načrt, strukturiran
program varnosti approach, and set of related activities and procedures pristop in nabor povezanih dejavnosti ter postopkov,
with the objective of realizing and maintaining a katerih cilj je uresničitev in vzdrževanje kulture
security‐aware culture. osveščenosti o varnosti.
Scope Note: This definition clearly states that it is Opomba: Ta definicija jasno določa, da gre za
about realizing and maintaining a security‐aware uresničitev in vzdrževanje kulture osveščenosti o
culture, meaning attaining and sustaining security varnosti, kar pomeni, da se je treba neprestano boriti
awareness at all times. This implies that a security za osveščenost o varnosti in jo ohranjati. To pomeni,
awareness program is not a one‐time effort, but a da program osveščanja o varnosti ni enkratno dejanje,
continuous process. ampak neprekinjen proces.
Security forum Varnostni forum Responsible for information security governance Odgovoren za upravljanje informacijske varnosti v
within the enterprise. podjetju.
Scope Note: A security forum can be part of an Opomba: Varnostni forum je lahko del obstoječega
existing management body. Because information upravnega organa. Ker je informacijska varnost
security is a business responsibility shared by all poslovna odgovornost vseh članov izvršne ekipe
members of the executive management team, the poslovodstva, morajo biti člani foruma iz vseh
forum needs to involve executives from all significant pomembnih delov podjetja. Varnostni forum ima
parts of the enterprise. Typically, a security forum has navadno naslednje naloge in odgovornosti:
the following tasks and responsibilities: ‐Defining a ‐Opredelitev varnostne strategije v skladu s poslovno
security strategy in line with the business strategy strategijo; ‐Opredelitev varnostnih zahtev;
‐Identifying security requirements ‐Establishing a ‐Vzpostavljanje politike informacijske varnosti;
security policy ‐Drawing up an overall security ‐Vzpostavitev vsesplošnega varnostnega programa ali
program or plan ‐Approving major initiatives to načrta; ‐Odobritev obsežnejših dejavnosti za
enhance information security ‐Reviewing and izboljšanje informacijske varnosti; ‐Pregled in nadzor
monitoring information security incidents ‐Monitoring incidentov informacijske varnosti; ‐Nadzor
significant changes in the exposure of information pomembnih sprememb pri izpostavljanju
assets to major threats informacijskih sredstev večjim grožnjam.
Security incident Varnostni incident A series of unexpected events that involves an attack Zaporedje nepričakovanih dogodkov, ki vključuje
or series of attacks (compromise and/or breach of napad (ogrožanje ali zlom varnosti) ali vrsto napadov
security) at one or more sites. A security incident na eno ali več mest, Varnostni incident navadno
normally includes an estimation of its level of impact. vključuje oceno stopnje njegovega vpliva.
A limited number of impact levels are defined and, for Opredeljeno je omejeno število stopenj vpliva in za
each, the specific actions required and the people vsako stopnjo so prepoznana zahtevana dejanja in
who need to be notified are identified. ljudje, ki jih je treba obvestiti.

Security management Upravljanje varnosti The process of establishing and maintaining security Proces vzpostavljanja in vzdrževanja varnosti za
for a computer or network system. računalniški ali omrežni sistem.
Scope Note: The stages of the process of security Opomba: Stopnje procesa upravljanja varnosti
management include prevention of security zajemajo preprečevanje varnostnih težav,
problems, detection of intrusions, and investigation of prepoznavanje vdorov, ter raziskovanje in razrešitev
intrusions and resolution. In network management, vdorov. Stopnje upravljanja omrežja so: nadzor
the stages are: controlling access to the network and dostopa do omrežja in sredstev, zaznavanje vdorov,
resources, finding intrusions, identifying entry points prepoznavanje vstopnih točk za vdiralce in popravilo
for intruders and repairing or otherwise closing those ali zapiranje teh dostopnih točk.
avenues of access.
Security metrics Varnostne metrike A standard of measurement used in management of Standard merjenja, ki se uporablja pri upravljanju
security‐related activities dejavnosti, povezanih z varnostjo.
Security perimeter Varnostno območje The boundary that defines the area of security Meja, ki opredeljuje varnostno območje, ki ga pokriva
concern and security policy coverage politika informacijske varnosti.
Security policy Varnostna politika A high‐level document representing an enterprise’s Visokonivojski dokument, ki predstavlja filozofijo in
information security philosophy and commitment zaveze podjetja glede informacijske varnosti.
Security procedures Varnostni postopki The formal documentation of operational steps and Uradna dokumentacija o operativnih korakih in
processes that specify how security goals and postopkih, ki določajo, kako doseči varnostne cilje,
objectives set forward in the security policy and določene v varnostni politiki in standardih.
standards are to be achieved
Security software Varnostna programska Software used to administer security, which usually Programska oprema, ki se uporablja za urejanje
oprema includes authentication of users, access granting varnosti in navadno zajema overjanje uporabnikov,
according to predefined rules, monitoring and podeljevanje dostopa v skladu z vnaprej določenimi
reporting functions pravili, funkcijo nadzora in poročanja.
Security standards Varnostni standardi Practices, directives, guidelines, principles or Prakse, smernice, vodniki, načela in osnove, ki
baselines that state what needs to be done and focus določajo, kaj je treba narediti, ter pomembna in
areas of current relevance and concern; they are a ključna področja na katera se osredotočamo; so
translation of issues already mentioned in the security prevod zadev, ki so že obravnavane v politiki
policy informacijske varnosti.
Security testing Varnostno preizkušanje Ensuring that the modified or new system includes Zagotavljanje, da spremenjen ali nov sistem vključuje
appropriate controls and does not introduce any ustrezen nadzor in da ne prinaša varnostnih lukenj, ki
security holes that might compromise other systems bi lahko spravile v nevarnost druge sisteme, ali zlorab
or misuses of the system or its information sistema ali informacij v sistemu.

Security/transaction risk Varnostno/transakcijsko The current and prospective risk to earnings and Obstoječe ali potencialno tveganje za dobiček in
tveganje capital arising from fraud, error and the inability to kapital, ki izhaja iz goljufij, napak in nezmožnosti
deliver products or services, maintain a competitive dobave produktov ali storitev, vzdrževanja
position, and manage information. konkurenčnega položaja in upravljanja informacij.
Scope Note: Security risk is evident in each product Opomba: Varnostno tveganje je očitno pri vsakem
and service offered, and it encompasses product ponujenem produktu ali storitvi ter zajema razvoj in
development and delivery, transaction processing, dobavo produkta, obdelavo transakcije, razvoj
systems development, computing systems, sistemov, računalniške sisteme, zapletenost produkta
complexity of products and services and the internal in storitve ter okolje notranjega nadzora. Visoko
control environment. A high level of security risk may varnostno tveganje lahko obstaja pri produktih
exist with Internet banking products, particularly if internetnega bančništva, še posebej, če te poti
those lines of business are not adequately planned, poslovanja niso ustrezno načrtovane, uvedene in
implemented and monitored. nadzorovane.
Segregation/separation of Razmejitev dolžnosti (SoD) A basic internal control that prevents or detects Temeljna notranja kontrola, ki preprečuje ali zaznava
duties (SoD) errors and irregularities by assigning to separate napake in nepravilnosti z ločenim dodeljevanjem
individuals the responsibility for initiating and odgovornosti posameznikom za zagon in beleženje
recording transactions and for the custody of assets. transakcij ter za skrbništvo nad sredstvi.
Scope Note: Segregation/separation of duties is Opomba: Razmejitev dolžnosti je v velikih
commonly used in large IT organizations so that no organizacijah IT v splošni rabi, tako da ena sama
single person is in a position to introduce fraudulent oseba ne more vnesti goljufive ali zlonamerne kode v
or malicious code without detection. sistem, ne da bi to bilo zaznano.
Sensitivity Občutljivost A measure of the impact that improper disclosure of Merilo vpliva, ki ga neustrezno razkritje informacij
information may have on an enterprise lahko ima na podjetje.
Sequence check Preverjanje zaporedja Verification that the control number follows Preverjanje, ali si kontrolna števila sledijo v zaporedju.
sequentially and any control numbers out of Ob pojavu kontrolne številke izven zaporedja se ta
sequence are rejected or noted on an exception zavrne ali zabeleži v poročilo o izjemah, namenjeno za
report for further research. nadaljnjo raziskavo.
Scope Note: Can be alpha or numeric and usually Opomba: Lahko je alfanumerično in navadno
utilizes a key field. uporablja ključno polje.
Sequential file Sekvenčna datoteka A computer file storage format in which one record Format hrambe računalniške datoteke, pri katerem en
follows another. zapis sledi drugemu.
Scope Note: Records can be accessed sequentially Opomba: Do zapisov je mogoče dostopati le
only. It is required with magnetic tape. zaporedoma. To je nujno pri magnetnem traku.

Service bureau Storitvena pisarna A computer facility that provides data processing Računalniška infrastruktura, ki strankam neprestano
services to clients on a continual basis ponuja storitve obdelav podatkov.
Service catalogue Katalog storitev Structured information on all IT services available to Strukturirane informacije o vseh storitvah IT, ki so na
customers voljo strankam.
Service delivery objective Cilj dobave storitev (SDO) Directly related to the business needs, SDO is the SDO je stopnja storitev neposredno vezana na
(SDO) level of services to be reached during the alternate poslovne potrebe, ki jo je treba dosegati v načinu
process mode until the normal situation is restored alternativnega procesiranja, dokler ni spet
vzpostavljeno normalno stanje.
Service desk Storitveni center The point of contact within the IT organization for Točka stika v organizaciji IT za uporabnike storitev IT.
users of IT services
Service level agreement Dogovor o ravni storitve An agreement, preferably documented, between a Dogovor, zaželeno, da je dokumentiran, med
(SLA) (SLA) service provider and the customer(s)/user(s) that ponudnikom storitev in stranko/uporabnikom, ki
defines minimum performance targets for a service določa minimalne ciljne zmogljivosti za storitev in
and how they will be measured način njihovega merjenja.
Service provider Ponudnik storitve An organization supplying services to one or more Organizacija, ki ponuja storitve eni ali več (notranjih
(internal or external) customers ali zunanjih) strank.
Service Set Identifier (SSID) Niz SSID A 32‐character unique identifier attached to the Edinstveni identifikator iz 32 znakov, ki je pripet glavi
header of packets sent over a wireless local area paketov, poslanim prek brezžičnega lokalnega
network (WLAN) that acts as a password when a omrežja (WLAN), ki deluje kot geslo, ko se skuša
mobile device tries to connect to the base station mobilna naprava povezati s podsistemom bazne
subsystem (BSS). postaje (BSS).
Scope Note: The SSID differentiates one WLAN from Opomba: SSID razlikuje en WLAN od drugega,zato
another so all access points and all devices attempting morajo vse dostopne točke in naprave, ki se skušajo
to connect to a specific WLAN must use the same povezati v določen WLAN, uporabljati isti SSID.
SSID. A device will not be permitted to join the BSS Napravi ne bo dovoljeno, da se poveže na BSS, razen
unless it can provide the unique SSID. Because an če se predstavi z edinstvenim SSID-jem. Ker je mogoče
SSID can be sniffed in plaintext from a packet, it does SSID prepoznati kot golo besedilo v paketu, za
not supply any security to the network. An SSID is also omrežje ne pomeni nobene varnosti. SSID imenujemo
referred to as a network name, because it is a name tudi naziv omrežja, saj je to naziv, po katerem
that identifies a wireless network. prepoznamo brezžično omrežje.
Service user Uporabnik storitve The organization using the outsourced service. Organizacija, ki uporablja storitev, predano
zunanjemu izvajalcu.

Service‐oriented Storitveno usmerjena A cloud‐based library of proven, functional software Knjižnica (v oblaku) preizkušenih, delujočih
architecture (SOA) arhitektura (SOA) applets that are able to be connected together to programčkov, ki jih je mogoče povezati v uporabno
become a useful online application spletno aplikacijo.
Servlet Servlet/Strežniški A Java applet or a small program that runs within a Javanski programček ali majhen program, ki deluje na
programček web server environment. spletnem strežniku.
Scope Note: A Java servlet is similar to a common Opomba: Javanski strežniški programček je podoben
gateway interface (CGI) program, but unlike a CGI programu skupnega prehodnega vmesnika (CGI),
program, once started, it stays in memory and can vendar za razliko od CGI programa po zagonu ostane v
fulfill multiple requests, thereby saving server pomnilniku in lahko izvaja večkratne zahteve, s čimer
execution time and speeding up the services. prihrani strežniški izvajalni čas in pospeši storitev.
Session border controller Krmilnik roba seje (SBC) Provide security features for voice‐over IP (VoIP) Ponuja varnostne lastnosti za promet internetne
(SBC) traffic similar to that provided by firewalls. telefonije (VoIP), podobno kakor požarni zidovi.
Scope Note: SBCs can be configured to filter specific Opomba: SBC je mogoče nastaviti tako, da filtrira
VoIP protocols, monitor for denial‐of‐service (DOS) določene protokole VoIP, zaznava napade DoS ter
attacks, and provide network address and protocol ponuja lastnosti prevajanja omrežnih naslovov in
translation features. protokolov.
Shell Ukazna lupina The interface between the user and the system Vmesnik med uporabnikom in sistemom.

Shell programming Programiranje ukazne A script written for the shell, or command line Skripta, napisana za ukazno lupino ali ukazno vrstico
lupine interpreter, of an operating system; it is often operacijskega sistema; pogosto se obravnava kot
considered a simple domain‐specific programming preprost za domeno specifičen programski jezik.
language. Opomba: Tipično delovanje, ki ga izvajajo skripte
Scope Note: Typical operations performed by shell ukazne lupine, zajema obravnavo datotek, izvajanje
scripts include file manipulation, program execution programov in tiskanje besedila. Navadno izraz skripte
and printing text. Usually, shell script refers to scripts ukazne lupine uporabljamo za skripte znotraj ukazne
written for a UNIX shell, while command.com (DOS) lupine UNIX, medtem ko skripte ukazne vrstice za
and cmd.exe (Windows) command line scripts are command.com (DOS) ali cmd.exe (Windows) navadno
usually called batch files. Many shell script imenujemo paketne datoteke. Veliko interpretorjev
interpreters double as a command line interface such skript ukazne lupine deluje tudi kot vmesnik ukazne
as the various UNIX shells, Windows PowerShell or vrstice, na primer v različnih ukaznih lupinah UNIX,
the MS‐DOS command.com. Others, such as Windows PowerShell ali MS‐DOS command.com.
AppleScript, add scripting capability to computing Drugi, na primer AppleScript, dodajo zmožnost pisanja
environments lacking a command line interface. skript v računalniško okolje, ki nima vmesnika ukazne
Other examples of programming languages primarily vrstice. Med programskimi jeziki, ki so namenjeni
intended for shell scripting include digital command predvsem pisanju skript za ukazno lupino, sta tudi
language (DCL) and job control language (JCL). ukazni jezik (DCL) in jezik nadzora poslov (JCL).
Sign‐on procedure Postopek vpisa The procedure performed by a user to gain access to Postopek, ki ga uporabnik izvede, da pridobi dostop
an application or operating system. do aplikacije ali operacijskega sistema.
Scope Note: If the user is properly identified and Opomba: Če varnost sistema uporabnika pravilno
authenticated by the system’s security, they will be prepozna in overi, bo lahko dostopal do programske
able to access the software. opreme.
Simple fail‐over Enostavno nadomeščanje A fail‐over process in which the primary node owns Nadomestni način delovanja, pri katerem primarno
the resource group. vozlišče nosi skupino virov.
Scope Note: The backup node runs a non‐critical Opomba: Nadomestno vozlišče, na katerem tečejo
application (e.g., a development or test environment) nekritične aplikacije (npr. razvojno ali testno okolje),
and takes over the critical resource group, but not prevzame skupino kritičnih virov, ne velja pa to za
vice versa. obratno smer.
Simple Mail Transport Protokol za enostavni The standard electronic mail (e‐mail) protocol on the Standardni protokol za prenos elektronske pošte po
Protocol (SMTP) prenos pošte (SMTP) Internet internetu.

Simple Object Access Protokol za enostavni A platform-independent formatted protocol based on Od platforme neodvisno oblikovani protokol, ki
Protocol (SOAP) dostop do objektov (SOAP) extensible markup language (XML) enabling temelji na razširljivem označevalnem jeziku (XML:
applications to communicate with each other over the extensible markup language), ki aplikacijam omogoča
Internet. medsebojno sporočanje po internetu.
Scope Note: Use of SOAP may provide a significant Opomba: Uporaba SOAP-a lahko pomeni precejšnje
security risk to web application operations because varnostno tveganje za delovanje spletne aplikacije, saj
use of SOAP piggybacks onto a web‐based document se uporaba SOAP "oprta" na objektni model spletnega
object model and is transmitted via HyperText dokumenta in se prenese čez protokol HTTP (vrata
Transfer Protocol (HTTP) (port 80) to penetrate server 80), tako da predre požarne zidove strežnikov, ki so
firewalls, which are usually configured to accept port navadno nastavljeni tako, da sprejemajo zahteve vrat
80 and port 21 File Transfer Protocol (FTP) requests. 80 in vrat 21 za protokol FTP. Modeli spletnih
Web‐based document models define how objects on dokumentov opredeljujejo, kako so objekti na spletni
a web page are associated with each other and how strani med seboj povezani in kako jih je mogoče
they can be manipulated while being sent from a spreminjati, medtem ko se pošiljajo s strežnika do
server to a client browser. SOAP typically relies on odjemalčevega brskalnika. SOAP se navadno za
XML for presentation formatting and also adds oblikovanje predstavitve zanaša na XML in doda tudi
appropriate HTTP‐based headers to send it. SOAP ustrezno glavo HTTP za pošiljanje. SOAP oblikuje
forms the foundation layer of the web services stack, temeljno plast sklada spletnih storitev in poskrbi za
providing a basic messaging framework on which osnovni okvir sporočanja, na katerega je mogoče
more abstract layers can build. There are several postaviti več abstraktnih plasti. Obstaja več različnih
different types of messaging patterns in SOAP, but by tipov vzorcev sporočanja v SOAP-u, a najbolj pogost je
far the most common is the Remote Procedure Call vzorec klica za oddaljeni postopek (RPC), pri katerem
(RPC) pattern, in which one network node (the client) eno omrežno vozlišče (odjemalec) pošlje zahtevo
sends a request message to another node (the drugemu vozlišču (strežniku), strežnik pa odjemalcu
server), and the server immediately sends a response takoj pošlje odgovor.
message to the client.
Single point of failure Kritična točka odpovedi A resource whose loss will result in the loss of service Sredstvo, katerega izguba bo povzročila izgubo
(SPoF) or production storitve ali produkta.
Skill Spretnost The learned capacity to achieve pre-determined Naučena zmožnost za doseganje vnaprej določenih
results rezultatov.

Slack time (float) Mrtvi čas (pomičnost) Time in the project schedule, the use of which does Čas v urniku projekta, ki ne vpliva na njegovo kritično
not affect the project’s critical path; the minimum pot; minimalni čas, v katerem je treba dokončati
time to complete the project based on the estimated projekt in temelji na ocenjenem času za vsak segment
time for each project segment and their relationships. projekta in njihovih odnosih.
Scope Note: Slack time is commonly referred to as Opomba: Mrtvi čas imenujemo tudi "pomičnost" in ni
"float" and generally is not "owned" by either party to v "lasti" nobene od strank v transakciji.
the transaction.
SMART SMART Specific, measurable, actionable, realistic and timely, Določenost, merljivost, izvedljivost, ustreznost in
generally used to describe appropriately set goals. pravočasnost, navadno se uporablja za opis ustrezno
postavljenih ciljev.
Smart card Pametna kartica A small electronic device that contains electronic Majhna elektronska naprava, na kateri je pomnilnik in
memory, and possibly an embedded integrated včasih tudi vgrajeno integrirano vezje.
circuit. Opomba: Pametne kartice je mogoče uporabljati v več
Scope Note: Smart cards can be used for a number of namenov, vključno s shranjevanjem digitalnih potrdil
purposes including the storage of digital certificates ali digitalnega denarja, lahko se uporabljajo tudi kot
or digital cash, or they can be used as a token to žetoni za overjanje identitete uporabnikov.
authenticate users.
Sniff Vohljaj The act of capturing network packets, including those Dejanje zajema omrežnih paketov, vključno s tistimi,
not necessarily destined for the computer running the ki morda niso namenjeni računalniku, na katerem
sniffing software teče programska oprema za vohljanje.
Sniffing Vohljanje The process by which data traversing a network are Postopek, s katerim se zajemajo ali nadzorujejo
captured or monitored podatki, ki potujejo prek omrežja.
Social engineering Socialni inženiring An attack based on deceiving users or administrators Napad, ki temelji na tem, da uporabnike ali skrbnike
at the target site into revealing confidential or tarče prepriča v razkritje zaupnih ali občutljivih
sensitive information informacij.
Software Programska oprema Programs and supporting documentation that enable Programi in podporna dokumentacija, ki omogoča in
and facilitate use of the computer. olajša uporabo računalnika.
Scope Note: Software controls the operation of the Opomba: Programska oprema nadzoruje delovanje
hardware and the processing of data. strojne opreme in obdelovanje podatkov.

Software as a service Programska oprema kot Offers the capability to use the provider’s applications Ponuja možnost uporabe ponudnikovih aplikacij v
(SaaS) storitev (SaaS) running on cloud infrastructure. The applications are oblačni strukturi. Aplikacije so dostopne z različnih
accessible from various client devices through a thin odjemalskih naprav prek vmesnika tankega
client interface such as a web browser (e.g., odjemalca, kot je spletni brskalnik (npr. spletna e-
web‐based e‐mail). pošta).
Software as a service, Programska oprema kot The acronym used to refer to the three cloud delivery Kratica, ki se uporablja za tri modele dobave v oblaku.
platform as a service and storitev, platforma kot models
infrastructure as a service storitev in infrastruktura
(SPI) kot storitev (SPI)
Source code Izvorna koda The language in which a program is written. Jezik, v katerem je napisan program.
Scope Note: Source code is translated into object Opomba: Izvorno kodo zbirniki in prevajalniki
code by assemblers and compilers. In some cases, prevedejo v objektno kodo. V nekaterih primerih je
source code may be converted automatically into mogoče izvorno kodo samodejno pretvoriti v drug
another language by a conversion program. Source jezik s pretvorbenim programom. Računalnik izvorne
code is not executable by the computer directly. It kode ne more izvršiti neposredno. Najprej jo je treba
must first be converted into a machine language. pretvoriti v strojni jezik.
Source code compare Program za primerjanje Provides assurance that the software being audited is Daje zagotovilo, da je programska oprema, ki jo
program izvorne kode the correct version of the software, by providing a pregledujemo, prava različica programske opreme,
meaningful listing of any discrepancies between the tako da priskrbi pomemben seznam vseh razlik med
two versions of the program obema različicama programa.
Source document Izvorni dokument The form used to record data that have been Obrazec za beleženje zajetih podatkov.
captured. Opomba: Izvorni dokument je lahko kos papirja,
Scope Note: A source document may be a piece of obravnavani dokument ali slika, prikazana za spletni
paper, a turnaround document or an image displayed vnos podatkov.
for online data input.
Source lines of code Vrstice izvorne kode Often used in deriving single‐point software‐size Pogosto se uporablja za pridobivanje ocene o
(SLOC) (SLOC) estimations obsežnosti programske opreme.
Spanning port Vpeta vrata A port configured on a network switch to receive Vrata, ki so na omrežnem usmerjevalniku nastavljena
copies of traffic from one or more other ports on the tako, da sprejemajo kopije prometa z enih ali več vrat
switch na usmerjevalniku.

Split data systems Sistemi deljenih podatkov A condition in which each of an enterprise’s regional Situacija, v kateri vsaka od regionalnih lokacij podjetja
locations maintains its own financial and operational vzdržuje svoje finančne in operativne podatke,
data while sharing processing with an enterprisewide, medtem ko si obdelavo deli s centralizirano zbirko
centralized database. podatkov celotnega podjetja.
Scope Note: Split data systems permit easy sharing of Opomba: Sistem deljenih podatkov omogoča
data while maintaining a certain level of autonomy. preprosto deljenje podatkov in dovoljuje določeno
stopnjo samostojnosti.
Split domain name system Deljeno domensko ime An implementation of DNS that is intended to secure Namestitev DNS-ja, namenjena zaščiti odgovorov, ki
(DNS) (DNS) responses provided by the server such that different jih zagotavlja strežnika, tako da so notranjim
responses are given to internal vs. external users uporabnikom dani drugačni odgovori kakor zunanjim.
Split knowledge/ split key Deljeno znanje/ deljeni A security technique in which two or more entities Varnostna tehnika, pri kateri dve ali več entitet ločeno
ključ separately hold data items that individually convey no hrani podatkovne elemente, ki posamič ne podajajo
knowledge of the information that results from znanja o informacijah, ki so posledica kombiniranja
combining the items; a condition under which two or elementov; stanje, v katerem imata dve ali več entitet
more entities separately have key components that ločene ključne komponente, ki posamič ne podajajo
individually convey no knowledge of the plain text key znanja o ključu v golem besedilu, ki bo izdelan, ko
that will be produced when the key components are bodo vse ključne komponente združene v šifrirnem
combined in the cryptographic module modulu.
Spoofing Lažno predstavljanje Faking the sending address of a transmission in order Ponarejanje pošiljateljevega naslova prenosa, da bi
to gain illegal entry into a secure system pridobili nezakonit dostop do varovanega sistema.
SPOOL (simultaneous SPOOL - čakalna vrsta ( An automated function that can be based on an Avtomatizirana funkcija, ki lahko temelji na
peripheral operations sočasna povezana zunanja operating system or application in which electronic operacijskem sistemu ali aplikaciji, pri kateri se
online) opravila) data being transmitted between storage areas are elektronski podatki, ki se prenašajo med območji
spooled or stored until the receiving device or storage shranjevanja, postavijo v čakalno vrsto ali shranijo,
area is prepared and able to receive the information. dokler ni sprejemnik ali območje shranjevanja
Scope Note: Spool allows more efficient electronic pripravljeno in sposobno sprejeti informacije.
data transfers from one device to another by Opomba: »Spool« omogoča učinkovitejši prenos
permitting higher speed sending functions, such as elektronskih podatkov z ene naprave na drugo, tako
internal memory, to continue on with other da dovoljuje hitrejše funkcije prenosa, na primer
operations instead of waiting on the slower speed notranjemu pomnilniku, kar omogoča nadaljevati z
receiving device, such as a printer. drugim delovanjem, namesto da čaka na počasnejši
sprejemnik, na primer tiskalnik.

Spyware Vohunska programska Software whose purpose is to monitor a computer Programska oprema, katere namen je nadzor dejanj
oprema user’s actions (e.g., web sites visited) and report these uporabnika računalnika (npr. obiskanih spletnih
actions to a third party, without the informed consent strani) in poročanje o teh dejanjih tretji osebi, ne da bi
of that machine’s owner or legitimate user. lastnik računalnika ali zakoniti uporabnik za to vedela.
Scope Note: A particularly malicious form of spyware Opomba: Še posebej zlonamerna oblika vohunske
is software that monitors keystrokes to obtain programske opreme je tista, ki nadzoruje pritiske na
passwords or otherwise gathers sensitive information tipke za pridobivanje gesel ali drugih občutljivih
such as credit card numbers, which it then transmits informacij, na primer številk kreditnih kartic, ki jih
to a malicious third party. The term has also come to nato pošlje zlonamerni tretji osebi. Izraz se širše
refer more broadly to software that subverts the nanaša tudi na vso programsko opremo, ki spreminja
computer’s operation for the benefit of a third party. delovanje računalnika v korist tretje osebe.
Stage‐gate Fazna vrata A point in time when a program is reviewed and a Točka, na kateri se program pregleda in se odločai o
decision is made to commit expenditures to the next odobritvi stroškov za naslednji niz dejavnosti v
set of activities on a program or project, to stop the programu ali projektu, o morebitni zaustavitvi del ali o
work altogether, or to put a hold on execution of zadržanju izvajanja nadaljnjega dela.
further work
Stakeholder Deležnik Anyone who has a responsibility for, an expectation Kdor koli, ki ima odgovornost, pričakovanja ali drug
from or some other interest in the enterprise. interes v podjetju.
Examples: shareholders, users, government, Primeri: delničarji, uporabniki, vlada, dobavitelji,
suppliers, customers and the public stranke in javnost.
Standard Standard A mandatory requirement, code of practice or Obvezna zahteva, kodeks ravnanja ali specifikacija, ki
specification approved by a recognized external jo je potrdila priznana organizacija za izdajo zunanjih
standards organization, such as International standardov, na primer Mednarodna organizacija za
Organization for Standardization (ISO) standardizacijo (ISO).
Standing data Trajni podatki Permanent reference data used in transaction Trajni referenčni podatki, ki se uporabljajo v obdelavi
processing. transakcij.
Scope Note: These data are changed infrequently, Opomba: Ti podatki se redko spreminjajo. Mednje
such as a product price file or a name and address file. npr. sodi datoteka s cenami izdelkov ali datoteka z
naslovi.

Star topology Zvezdasta topologija A type of local area network (LAN) architecture that Vrsta arhitekture lokalnega omrežja (LAN), ki
utilizes a central controller to which all nodes are uporablja osrednji krmilnik, na katerega so
directly connected. neposredno povezana vozlišča.
Scope Note: With star topology, all transmissions Opomba: V zvezdasti topologiji potujejo vsi prenosi z
from one station to another pass through the central ene postaje na drugo skozi osrednji krmilnik, ki je
controller which is responsible for managing and odgovoren za upravljanje in nadzor nad vso
controlling all communication. The central controller komunikacijo. Osrednji krmilnik pogosto deluje kot
often acts as a switching device. preklopno stikalo.
Static analysis Statična analiza Analysis of information that occurs on a Analiza informacij, ki se ne dogaja neprestano; znana
non‐continuous basis; also known as interval‐based tudi kot intervalna analiza.
analysis
Statistical sampling Statistično vzorčenje A method of selecting a portion of a population, by Način izbiranja dela populacije z matematičnimi
means of mathematical calculations and probabilities, izračuni in verjetnostjo, za namen znanstvenih in
for the purpose of making scientifically and matematično vzdržnih sklepov o lastnostih celotne
mathematically sound inferences regarding the populacije.
characteristics of the entire population
Storage area networks Omrežje za shranjevanje A variation of a local area network (LAN) that is Različica lokalnega omrežja (LAN), namenjena izrecno
(SANs) podatkov (SAN) dedicated for the express purpose of connecting za povezovanje pomnilniških naprav na strežnike in
storage devices to servers and other computing druge računalniške naprave.
devices. Opomba: SAN centralizira proces shranjevanja in
Scope Note: SANs centralize the process for the upravljanja podatkov.
storage and administration of data.
Strategic planning Strateško načrtovanje The process of deciding on the enterprise’s Proces odločanja o ciljih podjetja, o spremembah teh
objectives, on changes in these objectives, and the ciljev in o politikah za vodenje njihovega pridobivanja
policies to govern their acquisition and use in uporabe.
Strengths, weaknesses, Prednosti, slabosti, A combination of an organizational audit listing the Kombinacija organizacijske presoje, ki navede močne
opportunities and threats priložnosti in grožnje enterprise’s strengths and weaknesses and an in šibke plati podjetja, ter pregleda okolja ali analize
(SWOT) (SWOT) environmental scan or analysis of external zunanjih priložnosti in groženj.
opportunities and threats
Structured programming Strukturirano A top‐down technique of designing programs and Način načrtovanja programov in sistemov od zgoraj
programiranje systems that makes programs more readable, more navzdol, zaradi katerega so programi berljivejši,
reliable and more easily maintained zanesljivejši in jih je lažje vzdrževati.

Structured Query Strukturirani poizvedbeni The primary language used by both application Primaren jezik, ki ga uporabljajo programerji aplikacij
Language (SQL) jezik (SQL) programmers and end users in accessing relational in uporabniki pri dostopanju do relacijskih
databases podatkovnih zbirk.
Subject matter Zadeva The specific information subject to an IS auditor’s Posebna tematika, ki je predmet poročila revizorja IS
report and related procedures, which can include in povezanih postopkov, ki lahko vključujejo npr.
things such as the design or operation of internal načrtovanje ali delovanje notranjih kontrol ter
controls and compliance with privacy practices or skladnosti glede zasebnosti ali standardi ali posebno
standards or specified laws and regulations (area of zakonodajo in predpisi (območje dejavnosti).
activity)
Substantive testing Vsebinsko preizkušanje Obtaining audit evidence on the completeness, Pridobivanje revizijskih dokazov o celovitosti,
accuracy or existence of activities or transactions natančnosti ali obstoju aktivnosti ali transakcij v
during the audit period revizijskem obdobju.
Sufficient audit evidence Zadosten revizijski dokaz Audit evidence is sufficient if it is adequate, Revizijski dokaz je zadosten, če je primeren, prepričljiv
convincing and would lead another IS auditor to form in bi privedel drugega revizorja IS do enakega sklepa.
the same conclusions.
Supply chain management Upravljanje oskrbovalne A concept that allows an enterprise to more Koncept, ki podjetju omogoča učinkovitejše
(SCM) verige (SCM) effectively and efficiently manage the activities of upravljanje dejavnosti načrtovanja, proizvodnje,
design, manufacturing, distribution, service and distribucije, servisiranja in recikliranja izdelkov ter
recycling of products and service its customers podpore strankam.
Surge suppressor Prenapetostna zaščita Filters out electrical surges and spikes Filtrira električne sunke in konice.
Suspense file Začasna datoteka A computer file used to maintain information Računalniška datoteka, ki se uporablja za vzdrževanje
(transactions, payments or other events) until the informacij (transakcij, plačil ali drugih dogodkov),
proper disposition of that information can be dokler ni mogoče določiti, kaj naj se zgodi s temi
determined. informacijami.
Scope Note: Once the proper disposition of the item Opomba: Ko je določeno, kaj se bo zgodilo z
is determined, it should be removed from the informacijami, bi te morale biti odstranjene iz začasne
suspense file and processed in accordance with the datoteke in obdelane v skladu z ustreznimi postopki
proper procedures for that particular transaction. za določeno transakcijo. Dva primera elementov, ki so
Two examples of items that may be included in a lahko vključeni v začasno datoteko, sta prejetje plačila
suspense file are receipt of a payment from a source iz vira, ki ga ni mogoče takoj prepoznati, ali podatki, ki
that is not readily identified or data that do not yet še nimajo prepoznanih povezav med prenosom v
have an identified match during migration to a new novo aplikacijo.
application.

Switches Stikala Typically associated as a data link layer device, Navadno povezana kot naprava za podatkovno
switches enable local area network (LAN) segments to povezavo, stikala omogočajo ustvarjanje in
be created and interconnected, which has the added povezovanje segmentov lokalnega omrežja (LAN), kar
benefit of reducing collision domains in je v dodatno pomoč pri zmanjšanju pojava sovpadanja
Ethernet‐based networks. domen v omrežju, ki temelji na ethernetni povezavi.
Symmetric key encryption Šifriranje s simetričnim System in which a different key (or set of keys) is used Sistem, pri katerem vsak par partnerjev za izmenjavo
ključem by each pair of trading partners to ensure that no one uporabi drug ključ (ali komplet ključev), s čimer
else can read their messages The same key is used for zagotovimo, da nihče drug ne more prebrati njunih
encryption and decryption. See also Private Key sporočil. Isti ključ se uporabi za šifriranje in
Cryptosystem. dešifriranje. Glejte tudi Šifrirni sistem zasebnih
ključev.
Synchronize (SYN) Sinhroniziraj (SYN) A flag set in the initial setup packets to indicate that Zastavica, nastavljena v začetnem paketu nastavitev, s
the communicating parties are synchronizing the katero določimo, da strani, ki medsebojno
sequence numbers used for the data transmission komunicirajo, sinhronizirajo zaporedje številk, ki se
uporabljajo za prenos podatkov.
Synchronous transmission Sinhroni prenos Block‐at‐a‐time data transmission Blokovni prenos podatkov.
System development life Življenjski cikel razvoja The phases deployed in the development or Faze, uporabljene pri razvoju ali nabavi sistema
cycle (SDLC) sistema (SDLC) acquisition of a software system. programske opreme.
Scope Note: SDLC is an approach used to plan, design, Opomba: SDLC je pristop, ki se uporablja za
develop, test and implement an application system or načrtovanje, dizajniranje, razvoj, testiranje in uvajanje
a major modification to an application system. Typical aplikacijskega sistema ali večje spremembe v
phases of SDLC include the feasibility study, aplikacijskem sistemu. Faze SDLC-ja navadno
requirements study, requirements definition, detailed zajemajo: študijo izvedljivosti, študijo zahtev,
design, programming, testing, installation and definiranje zahtev, podroben dizajn, programiranje,
post‐implementation review, but not the service testiranje, nameščanje in pregled po nameščanju, ne
delivery or benefits realization activities. pa dobave storitev ali dejavnosti za uresničitev
prednosti.
System exit Sistemski izhod Special system software features and utilities that Posebna lastnost sistemske programske opreme, ki
allow the user to perform complex system uporabniku omogoča izvajanje zapletenega
maintenance. sistemskega vzdrževanja.
Scope Note: Use of system exits often permits the Opomba: Uporaba sistemskih izhodov uporabniku
user to operate outside of the security access control pogosto omogoča delovanje zunaj varnostnih in
system. nadzornih sistemov za dostop.

System flowchart Sistemski diagram poteka Graphic representations of the sequence of Grafična predstavitev zaporedij operacij v
operations in an information system or program. informacijskem sistemu ali programu.
Scope Note: Information system flowcharts show how Opomba: diagrami poteka informacijskega sistema
data from source documents flow through the prikazujejo, kako potekajo podatki iz izvornih
computer to final distribution to users. Symbols used dokumentov skozi računalnik do končne distribucije
should be the internationally accepted standard. uporabnikom. Uporabljeni simboli bi morali biti
System flowcharts should be updated when mednarodno sprejet standard. Sistemske diagrame
necessary. poteka je treba po potrebi osveževati.
System narrative Oris sistema Provides an overview explanation of system Ustvari splošno razlago sistemskih diagramov poteka z
flowcharts, with explanation of key control points and razlago ključnih točk kontrole in sistemskih
system interfaces vmesnikov.
System of internal control Sistem notranjega nadzora The policies, standards, plans and procedures, and Politike, standardi, načrti in postopki ter
organizational structures designed to provide organizacijska struktura, načrtovani tako, da
reasonable assurance that enterprise objectives will omogočajo razumno zagotovilo, da bodo cilji podjetja
be achieved and undesired events will be prevented doseženi in da bodo nezaželeni dogodki preprečeni ali
or detected and corrected zaznani in odpravljeni.
System software Sistemska programska A collection of computer programs used in the design, Zbirka računalniških programov, ki se uporabljajo pri
oprema processing and control of all applications. načrtovanju, obdelavi in nadzoru vseh aplikacij.
Scope Note: The programs and processing routines Opomba: Programi in procesne rutine, ki nadzorujejo
that control the computer hardware, including the strojno opremo, vključno z operacijskim sistemom in
operating system and utility programs uporabniškimi programi.
System testing Sistemsko testiranje Testing conducted on a complete, integrated system Preizkušanje, ki se izvaja na zaključenem, celovitem
to evaluate the system's compliance with its specified sistemu, katerega namen je ocena skladnosti sistema
requirements. z določenimi zahtevami.
Scope Note: System test procedures typically are Opomba: Postopke sistemskega preizkušanja navadno
performed by the system maintenance staff in their izvaja osebje za sistemsko vzdrževanje v svojem
development library. razvojnem okolju.
Systems acquisition Postopek nabave sistemov Procedures established to purchase application Postopki, vzpostavljeni za nakup aplikativne
process software, or an upgrade, including evaluation of the programske opreme ali nadgradnje, vključno z oceno
supplier's financial stability, track record, resources dobaviteljeve finančne stabilnosti, beleženjem
and references from existing customers postopkov, virov in referenc obstoječih strank.
Systems analysis Sistemska analiza The systems development phase in which systems Razvojna faza sistema, v kateri se razvijajo sistemske
specifications and conceptual designs are developed specifikacije in konceptualni načrti na temelju potreb
based on end‐user needs and requirements in zahtev uporabnika.

Table look‐up Iskalna tabela Used to ensure that input data agree with Uporablja se, da se zagotovi, da se vneseni podatki
predetermined criteria stored in a table skladajo z vnaprej določenimi merili, shranjenimi v
tabeli.
Tape management system Sistem za upravljanje A system software tool that logs, monitors and directs Sistemsko programsko orodje, ki beleži, nadzoruje in
(TMS) trakov (TMS) computer tape usage usmerja uporabo računalniških trakov.
Taps Prisluškovalna naprava Wiring devices that may be inserted into Prisluškovalna naprava, ki je lahko vstavljena na
communication links for use with analysis probes, komunikacijsko povezavo za uporabo z
local area network (LAN) analyzers and intrusion analizatorskimi sondami, analizatorji lokalnih omrežij
detection security systems (LAN) in varnostnimi sistemi za zaznavanje vdorov.
Tcpdump Izpis TCP-ja A network monitoring and data acquisition tool that Orodje za spremljanje delovanja omrežja in
performs filter translation, packet acquisition and pridobivanja podatkov, ki izvaja prevajanje filtrov,
packet display pridobivanje in prikaz paketov.
Technical infrastructure Varnost tehnične Refers to the security of the infrastructure that Nanaša se na varnost infrastrukture, ki podpira
security infrastrukture supports the enterprise resource planning (ERP) celovito programsko rešitev (ERP), omrežje in
networking and telecommunications, operating telekomunikacije, operacijske sisteme in zbirke
systems, and databases podatkov.
Technology infrastructure Tehnološka infrastruktura Technology, human resources (HR) and facilities that Tehnologija, človeški viri (HR) in oprema, ki
enable the processing and use of applications omogočajo izvajanje in uporabo aplikacij.
Technology infrastructure Načrt tehnološke A plan for the technology, human resources and Načrt za tehnologijo, človeške vire in opremo, ki
plan infrastrukture facilities that enable the current and future omogoča trenutno in prihodnje izvajanje in uporabo
processing and use of applications aplikacij.
Telecommunications Telekomunikacije Electronic communication by special devices over Elektronska komunikacija prek posebnih naprav na
distances or around devices that preclude direct razdalje ali mimo naprav, ki onemogočajo neposredno
interpersonal exchange medsebojno izmenjavo.
Teleprocessing Teleobdelava Using telecommunications facilities for handling and Uporaba telekomunikacijske opreme za obravnavanje
processing of computerized information in obdelavo računalniških informacij.
Telnet Telnet Network protocol used to enable remote access to a Omrežni protokol, ki se uporablja za oddaljeni dostop
server computer. do strežnika.
Scope Note: Commands typed are run on the remote Opomba: Vtipkani ukazi se izvajajo na oddaljenem
server. strežniku.
Terminal Access Controller TACACS+ An authentication protocol, often used by Overitveni protokol, ki ga pogosto uporabljajo
Access Control System Plus remote‐access servers strežniki za oddaljeni dostop.
(TACACS+ )

Terms of reference Obseg nalog/ pooblastil A document that confirms a client's and an IS Dokument, ki potrjuje, da sta stranka in revizor IS
auditor's acceptance of a review assignment sprejela revizijsko nalogo.
Test data Preizkusni podatki Simulated transactions that can be used to test Simulirane transakcije, ki se lahko uporabljajo za
processing logic, computations and controls actually preizkušanje logike obdelav, izračunov in kontrol, ki so
programmed in computer applications Individual sprogramirane v računalniških aplikacijah. Preizkušati
programs or an entire system can be tested. je mogoče individualne programe ali celoten sistem.
Scope Note: This technique includes Integrated Test Opomba: Ta tehnika vključuje vgrajene pripomočke za
Facilities (ITFs) and Base Case System Evaluations testiranje (ITF) in ovrednotenje temeljnih primerov v
(BCSEs). sistemu (BCSE).
Test generators Generatorji Software used to create data to be used in the testing Programska oprema, ki se uporablja za ustvarjanje
preizkusov/testov of computer programs podatkov za uporabo pri preizkušanju/testiranju
računalniških programov.
Test programs Preizkusni/testni programi Programs that are tested and evaluated before Programi, ki se preizkušajo in ovrednotijo pred
approval into the production environment. odobritvijo prenosa v produkcijsko okolje.
Scope Note: Test programs, through a series of Opomba: Preizkusni programi so prek vrste potez za
change control moves, migrate from the test kontrolosprememb prenesejo iz testnega okolja v
environment to the production environment and produkcijsko okolje in postanejo produkcijski
become production programs. programi.
Test types Tipi testov Test types include: ‐Checklist test‐‐Copies of the Tipi testov vključujejo: ‐ Test s seznamom preverjanja
business continuity plan (BCP) are distributed to ‐- Kopije načrtov neprekinjenega poslovanja (BCP) se v
appropriate personnel for review ‐Structured walk pregled razdelijo ustreznemu osebju - Strukturiran
through‐‐Identified key personnel walk through the prehod -- Določeno ključno osebje po korakih
plan to ensure that the plan accurately reflects the pregleda načrta, da zagotovi, da ta natančno odraža
enterprise's ability to recover successfully ‐Simulation zmožnost podjetja, da znova vzpostavi delovanje ‐
test‐‐All operational and support personnel are Simulacija ‐- Od vsega operativnega in podpornega
expected to perform a simulated emergency as a osebja se pričakuje, da bo za vajo izvajalo delovanje v
practice session ‐Parallel Test‐‐Critical systems are run simuliranem zasilnem okolju - Vzporedno
at alternate site (hot, cold, warm or reciprocal) preizkušanje -- Kritični sistemi se izvajajo na
‐Complete interruption test‐‐Disaster is replicated, alternativni lokaciji (vroči, hladni, topli ali vzajemni) -
normal production is shut down with real time Preizkus s popolno prekinitvijo - - Poustvari se
recovery process katastrofa, običajna produkcija se prekine, ponovna
vzpostavitev sistema se izvede v dejanskem času
Testing Preizkušanje/ Testiranje The examination of a sample from a population to Pregled vzorca populacije, na katerem se oceni
estimate characteristics of the population lastnosti populacije.

Third‐party rewiew Pregled neodvisne osebe An independent audit of the control structure of a Neodvisen pregled nadzorne strukture storitvene
service organization, such as a service bureau, with organizacije, na primer storitvene pisarne za to, da se
the objective of providing assurance to the users of priskrbi zagotovilo uporabnikom storitvene
the service organization that the internal control organizacije, da je notranja nadzorna struktura
structure is adequate, effective and sound primerna, učinkovita in zdrava.
Threat Grožnja Anything (e.g., object, substance, human) that is Kar koli (npr. objekt, snov, človek), kar lahko deluje
capable of acting against an asset in a manner that proti sredstvu in na način, ki lahko povzroči škodo.
can result in harm. Opomba: Morebiten vzrok neželenega incidenta
Scope Note: A potential cause of an unwanted (ISO/IEC 13335).
incident (ISO/IEC 13335)
Threat agent Dejavnik grožnje Methods and things used to exploit a vulnerability. Načini in stvari, ki se uporabljajo za izkoriščanje
Scope Note: Examples include determination, ranljivosti.
capability, motive and resources. Opomba: Primeri so: ugotavljanje, zmožnost, motiv in
sredstva.
Threat analysis Analiza grožnje An evaluation of the type, scope and nature of events Ovrednotenje tipa, obsega in narave dogodka ali
or actions that can result in adverse consequences; dejanj, ki imajo lahko negativne posledice;
identification of the threats that exist against prepoznavanje obstajajočih groženj za premoženje
enterprise assets. podjetja.
Scope Note: The threat analysis usually defines the Opomba: Analiza grožnje navadno opredeljuje
level of threat and the likelihood of it materializing. stopnjo grožnje in verjetnost, da se bo uresničila.
Threat event Dogodek grožnje Any event during which a threat element/actor acts Kateri koli dogodek, med katerim element/dejavnik
against an asset in a manner that has the potential to grožnje proti sredstvu tako, da mu lahko škodi.
directly result in harm
Throughput Prepustnost The quantity of useful work made by the system per Količina uporabnega dela, ki ga sistem izvede na
unit of time. Throughput can be measured in časovno enoto. Prepustnost je mogoče izmeriti z ukazi
instructions per second or some other unit of na sekundo ali kakšnim drugim kazalnikom
performance. When referring to a data transfer učinkovitosti. Ko se nanaša na prenos podatkov, je
operation, throughput measures the useful data merilo hitrosti prenosa podatkov izraženo v Kb/s,
transfer rate and is expressed in kbps, Mbps and Mb/s in Gb/s.
Gbps.

Token Žeton A device that is used to authenticate a user, typically Naprava, ki se uporablja za overjanje uporabnika,
in addition to a username and password. navadno poleg uporabniškega imena in gesla.
Scope Note: A token is usually a device the size of a Opomba: Žeton je navadno naprava v velikosti
credit card that displays a pseudo random number kreditne kartice, ki prikazuje psevdonaključno
that changes every few minutes. številko, ki se spremeni vsakih nekaj minut.
Token ring topology Topologija obroča z A type of local area network (LAN) ring topology in Vrsta lokalnega omrežja (LAN) s topologijo obroča, v
žetonom which a frame containing a specific format, called the katerem se okvir, ki vsebuje poseben zapis, imenovan
token, is passed from one station to the next around žeton, predaja z ene postaje na naslednjo v obroču.
the ring. Opomba: Ko postaja sprejme žeton, ji je dovoljeno
Scope Note: When a station receives the token, it is oddajati. Postaja lahko pošlje toliko okvirjev, kolikor
allowed to transmit. The station can send as many želi, dokler ne doseže vnaprej določene časovne
frames as desired until a predefined time limit is omejitve. Ko postaja nima več okvirjev, ki jih želi
reached. When a station either has no more frames to poslati, ali doseže časovno omejitev, pošlje žeton.
send or reaches the time limit, it transmits the token. Žeton, ki prehaja skozi postaje, preprečuje navzkrižje
Token passing prevents data collisions that can occur podatkov, do katerega lahko pride, če začneta dva
when two computers begin transmitting at the same računalnika oddajati sočasno.
time.
Top‐level management Upravljanje zgornje ravni The highest level of management in the enterprise, Najvišja raven upravljanja v podjetju, odgovorna za
responsible for direction and control of the enterprise usmerjanje in nadzor podjetja kot celote (na primer
as a whole (such as director, general manager, direktor, glavni direktor, partner, načelnik enote in
partner, chief officer and executive manager) izvršni direktor).
Topology Topologija The physical layout of how computers are linked Fizična razporeditev računalnikov in njihovih povezav.
together. Opomba: Zgledi topologij: obroč, zvezda in vodilo.
Scope Note: Examples of topology include ring, star
and bus.
Total cost of ownership Skupni stroški lastništva Includes the original cost of the computer plus the Vključujejoizvorne stroške računalnikov plus stroške:
(TCO) (TCO) cost of: software, hardware and software upgrades, programske opreme, nadgradnje strojne in
maintenance, technical support, training, and certain programskeopreme, vzdrževanja, tehnične podpore,
activities performed by users izobraževanja in določenih dejavnosti, ki jih izvajajo
uporabniki.

Transaction Transakcija Business events or information grouped together Poslovni dogodki ali informacije, združeni v skupine,
because they have a single or similar purpose. ker imajo enak ali podoben namen.
Scope Note: Typically, a transaction is applied to a Opomba: Navadno se transakcija nanaša na izračun ali
calculation or event that then results in the updating dogodek, katerega rezultat je nato posodobitev zalog
of a holding or master file. oz. številčnih stanj ali glavne datoteke.
Transaction log Transakcijski dnevnik A manual or automated log of all updates to data files Ročni ali samodejni dnevnik vseh posodobitev
and databases podatkovnih datotek in podatkovnih zbirk.
Transaction protection Zaščita transakcije Also known as "automated remote journaling of redo Znana tudi kot "avtomatizirano oddaljeno vodenje
logs," a data recovery strategy that is similar to dnevnika ponovitvenih dnevnikov", strategija za
electronic vaulting except that instead of transmitting obnovitev podatkov, podobna elektronskemu
several transaction batches daily, the archive logs are trezorju, le da se namesto vsakodnevnega prenosa
shipped as they are created več transakcijskih paketov arhivski dnevniki pošljejo,
čim se ustvarijo.
Transmission Control Protokol za nadzor A connection‐based Internet protocol that supports Internetni protokol, ki temelji na povezavah, ki
Protocol (TCP) prenosa (TCP) reliable data transfer connections. podpira zanesljive povezave za prenos podatkov.
Scope Note: Packet data are verified using checksums Opomba: Paketni podatki se preverjajo s kontrolnimi
and retransmitted if they are missing or corrupted. vsotami in se spet pošljejo, če manjkajo ali so
The application plays no part in validating the pokvarjeni. Aplikacija pri vrednotenju prenosa ne igra
transfer. nobene vloge.
Transmission Control Protokol za nadzor Provides the basis for the Internet; a set of Je podlaga za internet; nabor komunikacijskih
Protocol/Internet Protocol prenosa/Internetni communication protocols that encompass media protokolov, ki vključuje dostop do nosilcev, paketni
(TCP/IP) protokol (TCP/IP) access, packet transport, session communication, file prenos, sejo komunikacije, prenos datotek,
transfer, electronic mail (e‐mail), terminal emulation, elektronsko pošto (e-pošto), emulacijo terminala,
remote file access and network management dostop do oddaljenih datotek in omrežno upravljanje.

Transparency Transparentnost Refers to an enterprise’s openness about its activities Nanaša se na odprtost podjetja o njegovih
and is based on the following concepts: ‐ How the dejavnostih in temelji na naslednjih konceptih: - Kako
mechanism functions is clear to those who are mehanizem deluje, je jasno tistim, na katere vpliva ali
affected by or want to challenge governance ki želijo nasprotovati odločitvam poslovodstva. -
decisions. ‐ A common vocabulary has been Vzpostavljen je bil splošen besednjak. - Pomembne
established. ‐ Relevant information is readily informacije so zlahka na voljo.
available. Opomba: Transparentnost in zaupanje delničarjev sta
Scope Note: Transparency and stakeholder trust are neposredno povezana; večja je transparentnost v
directly related; the more transparency in the postopku vodenja, večje je zaupanje v vodstvo.
governance process, the more confidence in the
governance.
Trap door Stranska vrata Unauthorized electronic exit, or doorway, out of an Nepooblaščen elektronski izhod ali vrata iz
authorized computer program into a set of malicious pooblaščenega računalniškega programa v nabor
instructions or programs zlonamernih ukazov ali programov.
Trojan horse Trojanski konj, trojanec Purposefully hidden malicious or damaging code Namerno skrita zlonamerna ali škodljiva koda znotraj
within an authorized computer program. pooblaščenega računalniškega programa.
Scope Note: Unlike viruses, they do not replicate Opomba: Nasprotno od virusov se trojanci ne
themselves, but they can be just as destructive to a razmnožujejo sami od sebe, vendar so za posamezni
single computer. računalnik lahko enako uničujoči.
Trusted process Zaupanja vreden proces A process certified as supporting a security goal Proces, certificiran kot proces, ki podpira varnostni
cilj.
Trusted system Zaupanja vreden sistem A system that employs sufficient hardware and Sistem, ki uporablja dovolj strojnih in programskih
software assurance measures to allow their use for ukrepov za zagotovilo, da omogoči njihovo uporabo
processing a range of sensitive or classified za obdelavo občutljivih ali zaupnih informacij.
information
Tunnel Tunel The paths that the encapsulated packets follow in an Poti, katerim sledijo paketi v ovojnici po zasebnem
Internet virtual private network (VPN) navideznem internetnem omrežju (VPN).

Tunneling Tuneliranje Commonly used to bridge between incompatible Navadno se uporablja za premostitev med
hosts/routers or to provide encryption, a method by nezdružljivimi gostitelji/usmerjevalniki ali za šifriranje.
which one network protocol encapsulates another Je način, na katerega en omrežni protokol ovije
protocol within itself. drugega znotraj samega sebe.
Scope Note: When protocol A encapsulates protocol Opomba: Ko protokol A ovije protokol B, se
B, a protocol A header and optional tunneling headers originalnemu paketu po protokolu B pripne glava
are appended to the original protocol B packet. protokola A in morebitni protokoli tuneliranja.
Protocol A then becomes the data link layer of Protokol A nato postane podatkovna plast povezav
protocol B. Examples of tunneling protocols include protokola B. Zgledi protokolov za tuneliranje
IPSec, Point‐to‐point Protocol Over Ethernet (PPPoE) vključujejo IPSec, protokol PPPoE in protokol L2TP.
and Layer 2 Tunneling Protocol (L2TP).
Tuple n-terica A row or record consisting of a set of attribute value Vrstica ali zapis, ki sestoji iz nabora parov vrednosti
pairs (column or field) in a relational data structure lastnosti (stolpec ali polje) v relacijski podatkovni
strukturi.
Twisted pair (Sukana) parica A low‐capacity transmission medium; a pair of small, Nizko zmogljiv nosilec; par tenkih, izoliranih žic, ki sta
insulated wires that are twisted around each other to oviti ena okoli druge, da karseda zmanjšata vplive
minimize interference from other wires in the cable drugih žic v kablu.
Two‐factor authentication Dvofaktorsko overjanje The use of two independent mechanisms for Uporaba dveh neodvisnih mehanizmov za overjanje
authentication, (e.g., requiring a smart card and a (ki npr. zahteva pametno kartico in geslo), tipično
password) typically the combination of something you kombinacija nečesa, kar uporabnik pozna, je ali ima.
know, are or have
Unicode Unicode A standard for representing characters as integers. Standard za predstavitev znakov kot cela števila.
Scope Note: Unicode uses 16 bits, which means that it Opomba: Unicode uporablja 16 bitov, kar pomeni, da
can represent more than 65,000 unique characters; lahko predstavlja 65.000 edinstvenih znakov; to je
this is necessary for languages such as Chinese and potrebno za jezike, kot sta kitajščina in japonščina.
Japanese.
Uninterruptible power Brezprekinitveno Provides short‐term backup power from batteries for Omogoča kratkotrajno rezervno napajanje za
supply (UPS) napajanje (UPS) a computer system when the electrical power fails or računalniški sistem iz akumulatorjev, ko je prekinjeno
drops to an unacceptable voltage level napajanje iz električnega omrežja ali ko to pade na
nesprejemljivo napetostno raven.

Unit testing Testiranje enote A testing technique that is used to test program logic Način testiranja, ki se uporablja za preizkušanje
within a particular program or module. programske logike znotraj določenega programa ali
Scope Note: The purpose of the test is to ensure that modula.
the internal operation of the program performs Opomba: Namen testa je zagotoviti, da notranje
according to specification. It uses a set of test cases delovanje programa deluje v skladu s specifikacijo.
that focus on the control structure of the procedural Uporablja nabor testnih primerov, ki se osredotočajo
design. na kontrole pri načrtovanju procedur.
Universal description, Univerzalen opis, razkritje A web‐based version of the traditional telephone Spletna različica rumenih in belih strani telefonskega
discovery and integration in integracija (UDDI) book's yellow and white pages enabling businesses to imenika, ki podjetjem omogoča javno objavo pri
(UDDI) be publicly listed in promoting greater e‐commerce spodbujanju več dejavnosti e-trgovanja.
activities
Universal Serial BUS (USB) Univerzalno serijsko vodilo An external bus standard that provides capabilities to Zunanje standardno vodilo, ki omogoča prenos
(USB) transfer data at a rate of 12 Mbps. podatkov s hitrosjo do 12 Mb/s.
Scope Note: A USB port can connect up to 127 Opomba: Na USB vrata je mogoče pripeti do 127
peripheral devices. perifernih naprav.
UNIX UNIX A multi‐user, multitasking operating system that is Večuporabniški, večopravilni operacijski sistem, ki se
used widely as the master control program in veliko uporablja kot glavni nadzorni program na
workstations and especially servers delovnih postajah in še posebej strežnikih.
Untrustworthy host Gostitelj, ki ni vreden A host is referred to as untrustworthy because it Gostitelj je obravnavan kot nevreden zaupanja, ker ga
zaupanja cannot be protected by the firewall; therefore, hosts ni mogoče zaščititi s požarnim zidom; zato mu lahko
on trusted networks can place only limited trust in it. gostitelji v zaupanja vrednih omrežjih le deloma
Scope Note: To the basic border firewall, add a host zaupajo.
that resides on an untrusted network where the Opomba: Osnovnim mejnim požarnim zidovom doda
firewall cannot protect it. That host is minimally gostitelja, ki se nahaja v omrežju, ki ni vredno
configured and carefully managed to be as secure as zaupanja, kjer ga požarni zid ne more zavarovati.
possible. The firewall is configured to require Gostitelj je opremljen z minimalnimi nastavitvami in
incoming and outgoing traffic to go through the ga je treba upravljati kolikor varno mogoče. Požarni
untrustworthy host. zid je nastavljen za dohodni in odhodni promet tako,
da potekata prek gostitelja, ki ni vreden zaupanja.
Uploading Nalaganje The process of electronically sending computerized Prenos elektronskega pošiljanja računalniških
information from one computer to another computer. informacij iz enega v drug računalnik.
Scope Note: When uploading, most often the transfer Opomba: Pri nalaganju gre največkrat za prenos iz
is from a smaller computer to a larger one. manjšega v večji računalnik.

User awareness Uporabniška osveščenost A training process in security‐specific issues to reduce Postopek izobraževanja glede varnostnih zadev,
security problems; users are often the weakest link in katerega cilj je zmanjševanje varnostnih problemov;
the security chain. uporabniki so pogosto najšibkejši člen v varnostni
verigi,
User Datagram Protocol Uporabniški datagramski A connectionless Internet protocol that is designed Nepovezavni protokol za internet, ki je načrtovan za
(UDP) protokol (UDP) for network efficiency and speed at the expense of omrežno učinkovitost in hitrost na račun zanesljivosti.
reliability. Opomba: Strankini zahtevi po podatkih se ugodi s
Scope Note: A data request by the client is served by pošiljanjem paketov brez preverjanja, ali dejansko
sending packets without testing to verify whether pridejo na cilj, niti ali so bili poškodovani med
they actually arrive at the destination, not whether prenosom. Aplikacija je tista, ki mora ugotoviti te
they were corrupted in transit. It is up to the faktorje in zahtevati vnovičen prenos.
application to determine these factors and request
retransmissions.
Utility programs Pripomočki, orodja Specialized system software used to perform Specializirana sistemska programska oprema, ki se
particular computerized functions and routines that uporablja za izvajanje posebnih računalniških funkcij
are frequently required during normal processing. in rutin, ki so pogosto zahtevane med običajnimi
Scope Note: Examples of utility programs include obdelavami.
sorting, backing up and erasing data. Opomba: Med orodja štejemo razvrščanje, varnostno
kopiranje in brisanje podatkov.
Utility script Skripta pripomočkov A sequence of commands input into a single file to V eno samo datoteko vneseno zaporedje ukazov, ki
automate a repetitive and specific task. avtomatizira ponavljajoče se posebno opravilo.
Scope Note: The utility script is executed, either Opomba: Skripta pripomočka se požene samodejno
automatically or manually, to perform the task. In ali ročno, da izvede opravilo. V UNIX-u jih poznamo
UNIX, these are known as shell scripts. kot skripte ukazne lupine.
Utility software Pomožna programska Computer programs provided by a computer Računalniški programi, ki jih izdajo proizvajalci strojne
oprema hardware manufacturer or software vendor and used ali programske opreme in se uporabljajo za
in running the system. poganjanje sistema.
Scope Note: This technique can be used to examine Opomba: To tehniko je mogoče uporabljati za
processing activities; to test programs, system pregledovanje obdelovalnih aktivnosti; za
activities and operational procedures; to evaluate preizkušanje programov, sistemskih aktivnosti in
data file activity; and, to analyze job accounting data. operativnih postopkov; za vrednotenje aktivnosti
podatkovnih datotek; in za analizo računovodskih
podatkov.

Vaccine Cepivo A program designed to detect computer viruses Program, načrtovan za zaznavanje računalniških
virusov.
Val IT Val IT The standard framework for enterprises to select and V podjetjih standardni okvir za izbiro in upravljanje z
manage IT‐related business investments and ITassets IT povezanim vlaganjem in sredstvi prek investicijskih
by means of investment programs such that they programov, tako da ti dodajo optimalno vrednost
deliver the optimal value to the enterprise Based on podjetju. Temelji na COBIT-u.
COBIT.
Validity check Preverjanje veljavnosti Programmed checking of data validity in accordance Programsko preverjanje veljavnosti podatkov v skladu
with predetermined criteria z vnaprej določenimi merili.
Value Vrednost The relative worth or importance of an investment for Relativni pomen ali pomembnost investicije za
an enterprise, as perceived by its key stakeholders, podjetje, kot ga dojemajo ključni delničarji, izražen v
expressed as total life cycle benefits net of related skupni koristi življenjske dobe z odštetimi povezanimi
costs, adjusted for risk and (in the case of financial stroški, obtežen s tveganjem in (v primeru finančne
value) the time value of money vrednosti) časovno vrednostjo denarja.
Value‐added network Omrežje z dodano A data communication network that adds processing Omrežje za podatkovno komunikacijo, ki doda
(VAN) vrednostjo (VAN) services such as error correction, data translation osnovni funkciji prenosa podatkov storitve za
and/or storage to the basic function of transporting obdelavo, npr. funkcijo popravljanja, prevod podatkov
data in/ali shranjevanje.
Value creation Ustvarjanje vrednosti The main governance objective of an enterprise, Glavni cilj vodenja podjetja, ki se doseže, ko so
achieved when the three underlying objectives izravnani trije podrejeni cilji (udejanjenje koristi,
(benefits realization, risk optimization and resource optimizacija tveganja in optimizacija virov).
optimization) are all balanced
Variable sampling Spremenljivo vzorčenje A sampling technique used to estimate the average or Način vzorčenja, ki se uporablja za ocenjevanje
total value of a population based on a sample; a povprečja ali skupne vrednosti populacije na poslagi
statistical model used to project a quantitative vzorca; statistični model, ki se uporablja za
characteristic, such as a monetary amount projiciranje količinske lastnosti, npr. količine denarja.
Verification Preverjanje Checks that data are entered correctly Preverjanja, ali so podatki pravilno vneseni.
Virtual organizations Virtualne organizacije Organization that has no official physical site presence Organizacija, ki nima uradne fizične prisotnosti in je
and is made up of diverse, geographically dispersed or sestavljena iz raznolikih, geografsko razpršenih ali
mobile employees mobilnih zaposlenih.

Virtual private network Navidezno zasebno A secure private network that uses the public Varno zasebno omrežje, ki uporablja javno
(VPN) omrežje (VPN) telecommunications infrastructure to transmit data. telekomunikacijsko infrastrukturo za prenos
Scope Note: In contrast to a much more expensive podatkov.
system of owned or leased lines that can only be used Opomba: V nasprotju z veliko dražjim sistemom
by one company, VPNs are used by enterprises for lastniških ali zakupljenih vodov, ki jih lahko uporablja
both extranets and wide areas of intranets. Using le eno podjetje, VPN-je uporabljajo podjetja za
encryption and authentication, a VPN encrypts all zunanja omrežja in notranja omrežja. Z uporabo
data that pass between two Internet points, šifriranja in overjanja VPN šifrira vse podatke, ki se
maintaining privacy and security. prenašajo med dvema internetnima točkama, pri
čemer ohranja zasebnost in varnost.
Virtualization Virtualizacija The process of adding a "guest application" and data Postopek dodajanja "gostujočih aplikacij" in podatkov
onto a "virtual server," recognizing that the guest na "navidezni strežnik", pri čemer je jasno, da bo
application will ultimately part company from this gostujoča aplikacija na neki točki zapustila fizični
physical server strežnik.
Virus Virus A program with the ability to reproduce by modifying Program z zmožnotjo razmnoževanja s spreminjanjem
other programs to include a copy of itself. drugih programov tako, da vanje vgradi kopijo samega
Scope Note: A virus may contain destructive code that sebe.
can move into multiple programs, data files or devices Opomba: Virus lahko vsebuje zlonamerno kodo, ki se
on a system and spread through multiple systems in a premika v več programov, podatkovnih datotek ali
network. naprav v sistemu in se širi po več sistemih v omrežju.
Virus signature file Datoteka virusnih The file of virus patterns that are compared with Datoteka virusnih vzorcev, ki se primerja z obstoječimi
vzorcev/podpisov existing files to determine whether they are infected datotekami, da se ugotovi, ali so te okužene z virusom
with a virus or worm ali črvom.
Voice mail Glasovna pošta A system of storing messages in a private recording Sistem za shranjevanje sporočil na zasebnem
medium which allows the called party to later retrieve snemalnem nosilcu, ki omogoča, da klicani prejme
the messages svoja sporočila pozneje.
Voice‐over Internet VoIP Also called IP Telephony, Internet Telephony and Imenujemo jo tudi telefonija IP, internetna telefonija
Broadband Phone, a technology that makes it in širokopasovni telefon.
Protocol (VoIP) Protokol (VoIP) possible to have a voice conversation over the Tehnologija, ki omogoča glasovni pogovor po
Internet or over any dedicated Internet Protocol (IP) internetnem omrežju ali prek katerega koli omrežja z
network instead of over dedicated voice transmission internetnim protokolom, namesto po namenskih
lines vodih za prenos glasu.

Vulnerability Ranljivost A weakness in the design, implementation, operation Šibkost v načrtu, uvajanju, delovanju ali notranjei
or internal control of a process that could expose the kontroli procesa, ki lahko izpostavi sistem neželenim
system to adverse threats from threat events grožnjam.
Vulnerability analysis Analiza ranljivosti A process of identifying and classifying vulnerabilities Postopek prepoznavanja in razvrščanja ranljivosti.
Vulnerability event Dogodek ranljivosti Any event during which a material increase in Kateri koli dogodek, pri katerem pride do
vulnerability results Note that this increase in materialnega povečanja ranljivosti. Do tega lahko
vulnerability can result from changes in control pride zaradi sprememb v nadzoru ali sprememb v
conditions or from changes in threat capability/force. moči grožnje.
Scope Note: From Jones, J.; "FAIR Taxonomy," Risk Opomba: Iz Jones, J.; "FAIR Taxonomy," Risk
Management Insight, USA, 2008 Management Insight, ZDA, 2008.
Walk‐through Sprehod A thorough demonstration or explanation that details Podroben prikaz ali razlaga vsakega koraka v procesu.
each step of a process
War dialer Skener telefonskih številk Software packages that sequentially dial telephone Programski paketi, ki zaporedoma kličejo na
numbers, recording any numbers that answer telefonske številke in beležijo tiste, ki odgovorijo.
Warm site Topla lokacija Similar to a hot site but not fully equipped with all of Podobna vroči lokaciji, vendar ni opremljena z vso
the necessary hardware needed for recovery strojno opremo, potrebno za popolno vzpostavitev.
Waterfall development Kaskadni razvoj Also known as traditional development, a Znan tudi kot tradicionalen razvoj, razvojni cikel,
procedure‐focused development cycle with formal osredotočen na postopek z uradnim podpisom
sign‐off at the completion of each level predaje na koncu vsake stopnje.
Web hosting Spletno gostovanje The business of providing the equipment and services Področje poslovanja za dobavo opreme in storitev,
required to host and maintain files for one or more zahtevanih za gostovanje in vzdrževanje datotek za
web sites and provide fast Internet connections to eno ali več spletnih strani, ter dobavo hitre internetne
those sites. povezave do teh strani.
Scope Note: Most hosting is "shared," which means Opomba: Večina gostovanja se "deli", kar pomeni da
that web sites of multiple companies are on the same so na enem strežniku spletišča več podjetij, tako da se
server to share/reduce costs. stroški delijo/zmanjšajo.

Web page Spletna stran A viewable screen displaying information, presented Viden zaslon, ki prikazuje informacije, predstavljene
through a web browser in a single view, sometimes skozi spletni brskalnik v enem samem pogledu; Včasih
requiring the user to scroll to review the entire page. za pregled cele strani od uporabnika zahteva drsenje
Scope Note: An enterprise's web page may display the po strani.
enterprise’s logo, provide information about the Opomba: Na strani podjetja so lahko logotip podjetja,
enterprise's products and services, or allow a informacije o proizvodih in storitvah podjetja, ali pa
customer to interact with the enterprise or third možnost interakcije strank s podjetjem ali drugimi
parties that have contracted with the enterprise. osebami, ki so s podjetjem sklenile pogodbe.
Web server Spletni strežnik Using the client‐server model and the World Wide Spletni strežnik (Web Server) je programska oprema,
Web's HyperText Transfer Protocol (HTTP), Web ki podaja spletne strani uporabnikom na podlagi
Server is a software program that serves web pages to modela odjemalec-strežnik in protokola za prenos
users. hiperteksta (HTTP) na svetovnem spletu.
Web Services Description Opisni jezik spletnih A language formatted with extensible markup Jezik, oblikovan z razširljivim označevalnim jezikom
Language (WSDL) storitev (WSDL) language (XML) (XML).
Used to describe the capabilities of a web service as Uporablja se za opis zmožnosti spletne storitve kot
collections of communication endpoints capable of zbirke komunikacijskih točk, ki si lahko izmenjujejo
exchanging messages; WSDL is the language used by sporočila; WSDL je jezik, ki ga uporablja univerzalen
Universal Description, Discovery and Integration opis, razkritje in integracija (UDDI). Glejte tudi
(UDDI). See also Universal Description, Discovery and Univerzalen opis, razkritje in integracija (UDDI).
Integration (UDDI).
Web site Spletno mesto Consists of one or more web pages that may originate Sestoji iz ene ali več spletnih strani, ki lahko domujejo
at one or more web server computers. na enem ali več spletnih strežnikih.
Scope Note: A person can view the pages of a web Opomba: Obiskovalec si lahko ogleda strani na
site in any order, as he/she would read a magazine. spletnem mestu v katerem koli vrstnem redu, kot bi
bral revijo.
White box testing Preizkušanje na način bele A testing approach that uses knowledge of a Pristop k preizkušanju, ki uporablja poznavanje
škatle program/module’s underlying implementation and izvedbe programa/modula in kodnih intervalov za
code intervals to verify its expected behavior preverjanje pričakovanega delovanja.
Wide area network (WAN) Prostrano omrežje (WAN) A computer network connecting different remote Računalniško omrežje, ki povezuje več oddaljenih
locations that may range from short distances, such lokacij, od bližnjih, npr. v istem nadstropju ali v isti
as a floor or building, to extremely long transmissions stabi, do zelo oddaljenih, ki se raztezajo čez večje
that encompass a large region or several countries ozemlje ali nekaj držav.

Wide area network (WAN) Stikalo prostranega A data link layer device used for implementing various Naprava za povezovanje na podatkovni plasti, ki se
switch omrežja (WAN) WAN technologies such as asynchronous transfer uporablja za uvajanje več tehnologij WAN, npr.
mode, point‐to‐point frame relay solutions, and asinhronega načina prenosa, rešitev za povezavo od
integrated services digital network (ISDN). točke do točke z blokovnim preklapljanjem in
Scope Note: WAN switches are typically associated digitalnega omrežja z integriranimi storitvami (ISDN).
with carrier networks providing dedicated WAN Opomba: Stikala WAN so navadno povezana s
switching and router services to enterprises via T‐1 or prenosnimi omrežji, ki zagotavljajo namenska stikala
T‐3 connections. WAN in usmerjevalne storitve za podjetja prek
povezav T-1 ali T-3.
Wi‐Fi Protected Access Zaščiten dostop do A class of systems used to secure wireless (Wi‐Fi) Razred sistemov, ki se uporabljajo za zaščito
(WPA) brezžičnega omrežja computer networks. brezžičnih računalniških omrežij (Wi-Fi).
(WPA) Scope Note: WPA was created in response to several Opomba: WPA je bil ustvarjen kot odgovor na več
serious weaknesses that researchers found in the resnih pomankljivosti, ki so jih raziskovalci našli v
previous system, Wired Equivalent Privacy (WEP). prejšnjem sistemu, WEP (zasebnost kot v žičnem
WPA implements the majority of the IEEE 802.11i omrežju). WPA uporablja večino standarda IEEE
standard, and was intended as an intermediate 802.11i in je bil mišljen kot vmesna rešitev za
measure to take the place of WEP while 802.11i was nadomestek WEP, medtem ko je bil v pripravi 802.11i.
prepared. WPA is designed to work with all wireless WPA je načrtovan tako, da deluje z vsemi brezžičnimi
network interface cards, but not necessarily with first omrežnimi vmesniki, vendar ne nujno z brezžičnimi
generation wireless access points. WPA2 implements dostopnimi točkami prve generacije. WPA2 uporablja
the full standard, but will not work with some older celoten standard, vendar ne deluje z nekaterimi
network cards. Both provide good security with two starejšimi omrežnimi karticami. Oba pomenita dobro
significant issues. First, either WPA or WPA2 must be varnost kljub z dvema pomembnima
enabled and chosen in preference to WEP; WEP is pomanjkljivostma: Prvič, treba je izbrati WPA ali
usually presented as the first security choice in most WPA2 kot preferenčno pred WEP; WEP je navadno
installation instructions. Second, in the "personal" predstavljen kot prva možnost varovanja v večini
mode, the most likely choice for homes and small navodil za nameščanje. Drugič, v "osebnem" načinu, ki
offices, a pass phrase is required that, for full security, je najbolj verjetna izbira za uporabo doma in v
must be longer than the typical six to eight character manjših pisarnah, se zahteva kot geslo za dostop
passwords users are taught to employ. besedna zveza, ki mora biti zaradi varnosti daljša od
običajnih 6-8-znakovnih gesel, ki so se jih navadili
uporabljati uporabniki.
Windows NT Windows NT A version of the Windows operating system that Različica operacijskega sistema Windows, ki podpira
supports preemptive multitasking vnaprejšnjo večopravilnost.

Wired Equivalent Privacy Zasebnost kot v žičnem A scheme that is part of the IEEE 802.11 wireless Shema, ki je del standarda za brezžična omrežja IEEE
(WEP) omrežju (WEP) networking standard to secure IEEE 802.11 wireless 802.11 za varovanje brezžičnih omrežij IEEE 802.11
networks (also known as Wi‐Fi networks). (Wi-Fi).
Scope Note: Because a wireless network broadcasts Opomba: Ker brezžično omrežje oddaja po radijskih
messages using radio, it is particularly susceptible to valovih, je še posebej občutljivo za prisluškovanje.
eavesdropping. WEP was intended to provide WEP je bil načrtovan kot primerljivo varovalno
comparable confidentiality to a traditional wired sredstvo tradicionalnemu ožičenemu omrežju (in pri
network (in particular, it does not protect users of the tem ne varuje uporabnikov omrežja pred
network from each other), hence the name. Several souporabniki) in od tod prihaja tudi njegovo ime.
serious weaknesses were identified by cryptanalysts, Kriptoanalitiki so ugotovili več pomembnejših šibkih
and WEP was superseded by Wi‐Fi Protected Access točk, zato se od leta 2003 namesto WEP-a vse bolj
(WPA) in 2003, and then by the full IEEE 802.11i uporablja WPA, od leta 2004 pa WPA2. Kljub šibkim
standard (also known as WPA2) in 2004. Despite the točkam WEP omogoča stopnjo varnosti, ki lahko
weaknesses, WEP provides a level of security that can odvrne naključnega vohljača.
deter casual snooping.
Wireless computing Brezžično računalništvo The ability of computing devices to communicate in a Zmožnost računalniških naprav, da komunicirajo v taki
form to establish a local area network (LAN) without obliki, da se vzpostavi lokalno omrežje (LAN) brez
cabling infrastructure (wireless), and involves those kabelskih povezav (brezžično). Vključuje tehnologije,
technologies converging around IEEE 802.11 and ki se vrtijo okoli IEEE 802.11 in 802.11b ter radijskih
802.11b and radio band services used by mobile povezav, ki jih uporabljajo mobilne naprave.
devices
Wiretapping Prisluškovanje The practice of eavesdropping on information being Praksa prisluškovanja informacijam, ki se prenašajo
transmitted over telecommunications links po telekomunikacijskih vodih.
World Wide Web (WWW) Svetovni splet omrežij A sub network of the Internet through which Podomrežje interneta, prek katerega se informacije
(WWW) information is exchanged by text, graphics, audio and izmenjujejo v besedilni, grafični, zvočni in slikovni
video obliki.
World Wide Web Konzorcij za svetovni splet An international consortium founded in 1994 of Mednarodni konzorcij, ki so ga javne in zasebne
Consortium (W3C) (W3C) affiliates from public and private organizations organizacije, povezane z delovanjem interneta in
involved with the Internet and the web. spleta, ustanovile leta 1994.
Scope Note: The W3C's primary mission is to Opomba: Glavna naloga konzorcija W3C je širjenje
promulgate open standards to further enhance the odprtokodnih standardov za globalno povečevanje
economic growth of Internet web services globally. ekonomske rasti spletnih storitev interneta.

Worm Črv A programmed network attack in which a Sprogramiran omrežni napad, pri katerem se
self‐replicating program does not attach itself to samorazmnoževalni program ne pripenja drugim
programs, but rather spreads independently of users’ programom, ampak se širi neodvisno od dejanj
action uporabnika.
X.25 X.25 A protocol for packet‐switching networks Protokol za paketno komutirana omrežja.
X.25 Interface Vmesnik X.25 An interface between data terminal equipment (DTE) Vmesnik med podatkovno terminalsko opremo (DTE)
and data circuit‐terminating equipment (DCE) for in podatkovno terminalsko napravo (DCE) za
terminals operating in the packet mode on some terminalsko delovanje v paketnem načinu v nekaterih
public data networks javnih podatkovnih omrežjih.
X.500 X.500 A standard that defines how global directories should Standard, ki opredeljuje, kako morajo biti
be structured. strukturirani globalni imeniki.
Scope Note: X.500 directories are hierarchical with Opomba: Imeniki X.500 so hierarhični in imajo za
different levels for each category of information, such vsako kategorijo informacij, kot so država ali mesto,
as country, state and city. svojo raven.

ISACA Glossary English Slovenian

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

ISACA Glossary English Slovenian

Uploaded by

Copyright:

Available Formats

ISACA® Glossary of Terms

Term Izraz Definition Pomen

Term Izraz Definition Pomen

Term Izraz Definition Pomen

Term Izraz Definition Pomen

Term Izraz Definition Pomen

Term Izraz Definition Pomen

Term Izraz Definition Pomen

Term Izraz Definition Pomen

Term Izraz Definition Pomen

Term Izraz Definition Pomen

Term Izraz Definition Pomen

Term Izraz Definition Pomen

Term Izraz Definition Pomen

Term Izraz Definition Pomen

Term Izraz Definition Pomen

Term Izraz Definition Pomen

Term Izraz Definition Pomen

Term Izraz Definition Pomen

Term Izraz Definition Pomen

Term Izraz Definition Pomen

Term Izraz Definition Pomen

Term Izraz Definition Pomen

Term Izraz Definition Pomen

Term Izraz Definition Pomen

Term Izraz Definition Pomen

Term Izraz Definition Pomen

Term Izraz Definition Pomen

Term Izraz Definition Pomen

Term Izraz Definition Pomen

Term Izraz Definition Pomen

Term Izraz Definition Pomen

Term Izraz Definition Pomen

Term Izraz Definition Pomen

Term Izraz Definition Pomen

Term Izraz Definition Pomen

Term Izraz Definition Pomen

Term Izraz Definition Pomen

Term Izraz Definition Pomen

Term Izraz Definition Pomen

Term Izraz Definition Pomen

Term Izraz Definition Pomen

Term Izraz Definition Pomen

Term Izraz Definition Pomen

Term Izraz Definition Pomen

Term Izraz Definition Pomen

- strateški kontekst (strateški cilji podjetja).

Term Izraz Definition Pomen

Term Izraz Definition Pomen

Term Izraz Definition Pomen

Term Izraz Definition Pomen

Term Izraz Definition Pomen

Term Izraz Definition Pomen

Term Izraz Definition Pomen

Term Izraz Definition Pomen

Term Izraz Definition Pomen

Term Izraz Definition Pomen

Term Izraz Definition Pomen

Term Izraz Definition Pomen

Term Izraz Definition Pomen

Term Izraz Definition Pomen

Term Izraz Definition Pomen

Term Izraz Definition Pomen

Term Izraz Definition Pomen