Credit receipt
A receipt that documents a refund or price adjustment a merchant has made or is making to a cardholder's account; also called credit voucher. [VISA Glossary of Terms]
G
Gap analysis
A gap analysis is the study of the differences between two different systems, or states of the systems, for determining how to get from the present state to the desired state. [de facto]
Gateway
In a communications network, a network node equipped to interface with another network that uses different protocols. A computer that connects two dissimilar local area networks or connects a local area network to a wide area network, minicomputer, or mainframe. A gateway may perform network protocol conversion and bandwidth conversion. See also router. [FISCAM, ISACA, Centers for Medicare & Medicaid Services (CMS), US National Information Assurance (IA) Glossary]
General controls or general computer controls
Controls, other than application controls, which relate to the environment within which computer-based application systems are developed, maintained, and operated, and which are therefore applicable to all applications. General controls are the structure, policies, and procedures that apply to an entity’s overall computer operations. They include an organization wide security program, access controls, application development and change controls, segregation of duties, system software controls, and service continuity controls. The objectives of general controls are to ensure the proper development and implementation of applications, the integrity of program, and data files and of computer operations. Like application controls, general controls may be either manual or programmed. Examples of general controls include the development and implementation of an IS strategy and an IS security policy, the organization of IS staff to separate conflicting duties, and planning for disaster prevention and recovery. [FISCAM, GAO/PCIE Financial Audit Manual, ISACA, Centers for Medicare & Medicaid Services (CMS), CobiT]
General Ledger (G/L)
[GAO/PCIE Financial Audit Manual]
General Packet Radio Service (GPRS)
Mobile data service available to users of GSM mobile phones. Recognized for efficient use of limited bandwidth. Particularly suited for sending and receiving small bursts of data, such as e-mail and web browsing. [PCI-DSS]
General Risk Analysis (GRA)
[GAO/PCIE Financial Audit Manual]
General support system (GSS)
An interconnected set of information resources under the same direct management control that shares common functionality. An interconnected information resource under the same direct management control that shares common functionality. It normally includes hardware, software, information, data, applications, communications, facilities, and people. It provides support for a variety of users and/or applications. Individual applications supporting different business-related functions may run on a single GSS. Users may be from the same or different organizations. Normally, the purpose of a general support system is to provide processing or communication support. A general support system can be, for example, a LAN including smart terminals that supports a branch office, an agency-wide backbone, or a communications network. A departmental data processing center including its operating system and utilities, a tactical radio network, or shared information processing service organization can also act as a general support system. [Centers for Medicare & Medicaid Services (CMS), NIST 800 series, FIPS Pubs, Clinger-Cohen Act, OMB Circular A-130]
Generalized audit software
A computer program or series of programs designed to perform certain automated functions. These functions include reading computer files, selecting data, manipulating data, sorting data, summarizing data, performing calculations, selecting samples and printing reports or letters in a format specified by the IS auditor. This technique includes software acquired or written for audit purposes and software embedded in production systems. [ISACA]
Generally Accepted Accounting Principles (GAAP)
The accounting principles that the entity should use. For federal executive agencies, these are federal accounting standards following the hierarchy listed in SAS 91. The standards issued by FASB are the first level of the hierarchy. For government corporations, generally accepted accounting principles are commercial generally accepted accounting principles issued by FASB. [GAO/PCIE Financial Audit Manual]
Generally Accepted Auditing Standards (GAAS)
[GAO/PCIE Financial Audit Manual]
Generally Accepted Internet Security Principles (GAISP)
The GAISP provides a means to unify and harmonize information security efforts and measure their success. It offers a translation of existing regulations, standards, and accepted practices into logical strategy and detailed tactics that can be implemented by any organization. [Information Systems Security Association]
Generally Accepted Internet Security Principles Committee
Originally carried by the International Information Security Foundation (IISF), the GAISP has drawn from a wide array of existing guidelines, such as those created by the Organization for Economic Cooperation and Development (OECD) and the United Kingdom Department of Trade and Industry. As a global initiative, participation and support have been gained from respected groups like the International Information Systems Security Certification Consortium (ISC2), the International Standards Organization (ISO), the Institute of Internal Auditors (IIA) and the international Common Criteria effort. See also http://www.issa.org/gaisp for more information. [de facto]
Generator
An independent source of electrical power usually fueled by diesel or natural gas. [Centers for Medicare & Medicaid Services (CMS)]
Geographical disk mirroring
A data recovery strategy that takes a set of physically disparate discs and synchronously mirrors them over high performance communication lines. Any write to a disk on one side will result in a write on the other. The local write will not return until the acknowledgment of the remote write is successful. [ISACA]
Ghost
See Bit stream back up. [Sedona Conference]
Gigabyte (GB)
A unit of consisting of either 1,000 or 1,024 megabytes. In terms of image storage capacity, one gigabyte equals approximately 17,000 81/2” x 11” pages scanned at 300 dpi, stored as TIFF Group IV images. See also Byte. [Sedona Conference]
Global Address List (GAL)
Directory of all Microsoft Exchange users and distribution lists to whom messages can be addressed. The administrator creates and maintains this list. The global address list may also contain public folder names. Entries from this list can be added to a user’s personal address book. [Sedona Conference]
Global Information Grid
The globally interconnected, end-to-end set of information capabilities, associated processes, and personnel for collecting, processing, storing, disseminating, and managing information on demand to war fighters, policy makers, and support personnel. (DoD Directive 8100.1, 19 Sept. 2002) [US National Information Assurance (IA) Glossary]
Global Information Infrastructure (GII)
Worldwide interconnections of the information systems of all countries, international and multinational organizations, and international commercial communications. [US National Information Assurance (IA) Glossary]
Global Positioning System (GPS)
[de facto]
Global System for Mobile Communications (GSM)
Popular standard for mobile phones Ubiquity of GSM standard makes international roaming very common between mobile phone operators, enabling subscribers to use their phones in many parts of the world. [PCI-DSS]
GMT Timestamp
Identification of a file using Greenwich Mean Time as the central time authentication method. [Sedona Conference]
Going rate
A charging policy in which charges are the same as those charged by other internal departments or internal departments of similar organizations. [ITIL]
Good Thru date
The date after which a bankcard is no longer valid, embossed on the front of all valid Visa cards. The Good Thru date is one of the card security features that should be checked by merchants to ensure that a card-present transaction is valid. See also: Card expiration date. [VISA Glossary of Terms]
Governance
The method by which an organization is directed, administered, or controlled. [CobiT]
Government Accountability Office (GAO)
Effective July 7, 2004, the GAO's legal name became the Government Accountability Office. The change, which better reflects the modern professional services organization GAO has become, is the most visible provision of the GAO Human Capital Reform Act of 2004, Pub. L. 108-271, 118 Stat. 811 (2004). See also http://www.gao.gov for more information. [GAO/PCIE Financial Audit Manual]
GPS Generated Timestamp
Timestamp identifying time as a function of its relationship to Greenwich Mean Time. [Sedona Conference]
Gradual recovery
A recovery option which is also known as cold standby. Provision is made to recover the IT service in a period of time greater than 72 hours. Gradual recovery typically uses a portable or fixed facility that has environmental support and network cabling but no computer systems. The hardware and software are installed as part of the IT service continuity plan. [ITIL]
Graduated security
A security system that provides several levels (e.g., low, moderate, high) of protection based on threats, risks, available technology, support services, time, human concerns, and economics. [NIST 800 series, FIPS Pubs]
Graphical User Interface (GUI)
Pronounced “gooey.” Presenting an interface to the computer user comprised of pictures and icons, rather than words and numbers. [Sedona Conference]
Graphics Interchange Format (GIF)
CompuServe’s native file format for storing images. Limited to 256 colors. [Sedona Conference]
Gray scale
The use of many shades of gray to represent an image. Continuous-tone images, such as black-and-white photographs, use an almost unlimited number of shades of gray. Conventional computer hardware and software, however, can only represent a limited number of shades of gray (typically 16 or 256). [Sedona Conference]
Greenwich Mean Time (GMT)
[de facto]
Groupware
Software designed to operate on a network and allow several people to work together on the same documents and files. [Sedona Conference]
Guard
Mechanism limiting the exchange of information between systems. [US National Information Assurance (IA) Glossary, NIST 800 Series]
Guessing entropy
A measure of the difficulty that an attacker has to guess the average password used in a system. In this document, entropy is stated in bits. When a password has n-bits of guessing entropy then an attacker has as much difficulty guessing the average password as in guessing an n-bit random quantity. The attacker is assumed to know the actual password frequency distribution. [NIST 800 series]
Guided media
Those media in which a message flows through a physical media (e.g., twisted pair wire, coaxial cable, fiber optical cable). Guided media provides a closed path between sender and receiver. [Centers for Medicare & Medicaid Services (CMS)]
Guideline
Recommended configurations, policies, or actions developed to provide assistance in complying with one or more policies or standards. A description of a particular way of accomplishing something that is less prescriptive than a procedure. The hallmark of a guideline is that it will have a set of general principles followed by a set of procedures that guide the user through the necessary steps that should be followed with respect to the given topic under consideration. See also regulation, standard, best practice, policy, procedure. [Centers for Medicare & Medicaid Services (CMS), CobiT, ITIL]
Site and content © Copyright 2003-2009 Network Frontiers, LLC. All rights reserved.