Home LinkBooklets LinkResources LinkPresentations LinkBackground Image
Background Image
Background Image
Background Image
FFIEC Information Technology
Examination Handbook
Glossary

 

 Go to top of page
Start of I Words
  

I/O
Acronym for Input/Output.

IDS
Acronym for Intrusion Detection System.

Independence
Self-governance, freedom from conflict of interest and undue influence. The IT auditor should be free to make his or her own decisions, not influenced by the organization being audited, or by its managers and employees.

Independent Sales Organizations (ISO)
A nonfinancial institution organization that provides a variety of merchant processing functions on behalf of the acquirer. These functions include soliciting new merchant accounts, arranging for terminal purchases or leases, and providing backroom services. An ISO is also referred to as a member service provider (MSP). The acquirer must register all ISO/MSPs with the bankcard associations.

Industry Testing
A test designed to validate that business processes, integrated across firms and within the financial industry, which supports the business continuity objectives of the firms, both individually and collectively.

Instruction
Means (i) any instruction submitted by a Member through the submission process directing CLS Bank to settle certain payment entitlements and obligations arising pursuant to an FX transaction eligible for settlement in CLS Bank and (ii) any instructions resulting from the split of Settlement Eligible Instructions.

Integrated Services Digital Network (ISDN)
A type of all-digital telephone service that can transmit computer data as well as voice, with a maximum speed of 128 kilobytes per second.

Integrated Test/Exercise
This integrated test/exercise incorporates more than one component or module, as well as external dependencies, to test the effectiveness of the continuity plans for a business line or major function.

Interbank Checks
Checks that are not “on-us.” They are cleared and settled either by direct presentment, a clearinghouse association, a correspondent bank, or a Federal Reserve Bank.

Interchange
Exchange of transactions between financial institutions participating in a bank card network, based on a common set of rules. Card interchange allows a financial institution’s customers to use a bank credit card at any card honoring merchant and to gain access to multiple ATM systems from a single ATM.

Interchange (fees)
Fees paid by one financial institution to another to cover handling costs and credit risk in a bankcard transaction. Interchange fees generally flow toward the institution funding the transaction and assuming risk in the process. In a credit card transaction, the interchange fee is paid by the merchant acquirer accepting the merchant’s sales draft to the card-issuing institution, and in turn passes the fee to its merchants. In EFT/POS transactions, interchange flows in the opposite direction: the card-issuing institution (or customer) pays the fee to the terminal-owning institution. When a transaction is an off-line debit sale, the card-issuing institution collects an interchange fee from the merchant, rather than from the customer, unlike in an EFT/POS transaction, where the customer pays the interchange fee. Interchange revenue is derived from fees set by the card associations. Depending on the card association, fees can range from 1.0 to 3.0 percent of the value of the transaction. Interchange revenue is recognized as a card issuer’s second largest revenue line item.

Interdependencies
Where two or more departments, processes, functions, and/or third parties support one another in some fashion.

Interface
Computer programs that translate information from one system or application into a format required for use by another system or application.

Internet
1) A cooperative message-forwarding system linking computer networks all over the world. 2) A worldwide network of computer networks, governed by standards and protocols developed by the Internet Engineering Task Force (IETF).

Internet Protocol (IP)
IP is a standard format for routing data packets between computers. IP is efficient, flexible, routable, and widely used with many applications, and is gaining acceptance as the preferred communication protocol.

Internet Service Provider (ISP)
A company that provides its customers with access to the Internet.

Interoperability Standards/Protocols
Commonly agreed on standards that enable different computers or programs to share information. Example: HTTP (Hypertext Transfer Protocol) is a standard method of publishing information as hypertext in HTML format on the Internet.

Intrusion Detection System (IDS)
Software/hardware that detects and logs inappropriate, incorrect, or anomalous activity. IDS are typically characterized based on the source of the data they monitor: host or network. A host-based IDS uses system log files and other electronic audit data to identify suspicious activity. A network-based IDS uses a sensor to monitor packets on the network to which it is attached.

IPS
Acronym for Intrusion Prevention System

IPv6
Version 6 of the Internet Protocol

ISAC
Acronym for Information Sharing and Analysis Center

iSCSI
Internet small computer system interface. An Internet protocol based storage networking standard for linking data storage facilities, used to facilitate. iSCSI is data transfers over intranets and to manage storage over long distances.

ISDN
Integrated systems digital networking. A hierarchy of digital switching and transmission systems that provides voice, data, and image in a unified manner. ISDN is synchronized so that all digital elements communicate in the same protocol at the same speed.

ISO
Acronym for International Organization for Standards.

Iterative
Repetitive or cyclical. Iterative software development involves the completion of project tasks or phases in repetitive cycles. Tasks and phase activities are repeated until a desired result is achieved.

 Go to top of page
Start of J Words
  

There are no words starting with "J" at this time.

 Go to top of page
Start of K Words
  

Kiosk
A publicly accessible computer terminal that permits customers to directly communicate with the financial institution via a network.

 Go to top of page
Start of L Words
  

LAN
Local Area Network

LAR
Legal amount recognition. The handwritten dollar amount of the check.

Large-value Transfer System
A wholesale payment system used primarily by financial institutions in which large values of funds are transferred between parties. Fedwire® and CHIPS are the two large-value transfer systems in the United States.

Legacy Systems
A term commonly used to refer to existing computers systems and applications with which new systems or applications must exchange information.

Lockbox
Deposit mechanism used by commercial firms and businesses to facilitate their deposit transaction volume. Typically, commercial firms and businesses direct customers to send payments directly to a financial institution address or post office box controlled by the institution. Financial institution personnel record payments received and prepare deposit slips, and subsequent processing proceeds as with other deposit taking activities.

Lockout
The action of temporarily revoking network or application access privileges, normally due to repeated unsuccessful logon attempts.

Long Position
In respect of a currency balance that is greater than zero, the amount by which such currency balance is greater than zero. A position that appreciates in value if market prices increase. When one buys a currency, their position is long.

 Go to top of page
Start of M Words
  

Magnetic Ink Character Recognition (MICR)
Magnetic codes found on the bottom of checks, deposit slips, and general ledger debit and credit tickets that allow a machine to scan (capture) the information. MICR encoding on a check includes the account number, the routing number, the serial number of the check, and the amount of the check. The amount of the check is encoded when the proof department processes the check.

Mainframe
An industry term for a large computer, typically used for the commercial applications of businesses and other large-scale computing purposes. Generally, a mainframe is associated with centralized rather than distributed computing.

Man-in-the-middle Attack
A man-in-the-middle attack places the attacker’s computer in the communication line between the server and the client.  The attacker’s machine can monitor and change communications.

Market-Wide Tests
Market-wide tests are also called cross-market tests or “street tests” that are sponsored by the Securities Industry Association, Bond Market Association, and Futures Industry Association. These tests validate the connectivity from alternate sites and include transaction, settlement, and payment processes, to the extent practical.

Matched Instructions
Two Instructions in which the information set forth in a specific CLS Bank Rule is matched in accordance with the parameters and procedures set forth in the CLS Bank Rules

Matching
With respect to compared and non-compared transactions, the process of comparing the trade or settlement details provided by counterparties to ensure they agree with respect to the terms of the transaction. Also called comparison checking.

Media
1) Physical objects that store data, such as paper, hard disk drives, tapes, and compact disks (CDs). 2) Material used for storage of information. Includes paper, magnetic disks, tapes, and optical disks.

Merchant Acquirer
Bankcard association members that initiate and maintain contractual agreements with merchants for the purpose of accepting and processing bankcard transactions.

Merchant Processing
Activity for the acceptance and settlement of bankcard products and transactions from merchants through the payment system.

Metrics
A quantitative measurement.

MICR
Magnetic ink character recognition. Magnetic codes found on the bottom of checks, deposit slips, and general ledger debit and credit tickets that allow a machine to scan (capture) the information. MICR encoding on a check includes the account number, the routing number, the serial number of the check and the amount of the check. The amount of the check is encoded when the proof department processes the check.

MICR-line Information
Refers to data characters at the bottom of a check. The magnetic ink character recognition (MICR) line includes the routing number of the payer bank, the amount of the check, the number of the check, and the account number of the customer.

Microwave Technology
Narrowband technology that requires a direct line-of-sight to transmit voice and data communications and is used to integrate a broad range of fixed and mobile communication networks.

Midrange
Computers that are more powerful and capable than personal computers but less powerful and capable than mainframe computers.

Milestone
Major project event.

MIPS
Millions of instructions per second. A general measure of computing performance and, by implication, the amount of work a larger computer can do.

Mirroring
A process that copies data to multiple disks over a computer network in real time or close to real time. Mirroring reduces network traffic, ensures better availability of the website or files, or enables the site or downloaded files to arrive more quickly for users close to the mirror site.

MIS
Management information systems. A general term for the computer systems in an enterprise that provide information about its business operations.

Mnemonic
A symbol or expression that can help someone remember something. For example, the phrase “Hello! My name is Bill. I'm 9 years old.” might help an individual remember a secure 10- character password of “H!MniBI9yo.”

Modeling
The process of abstracting information from tangible processes, systems and/or components to create a paper or computer-based representation of an enterprise-wide or business line activity.

Module
A combination of various components of a business process or supporting system.

Module Test/Exercise
A test designed to verify the functionality of multiple components of a business line or supporting function at the same time.

Multi-factor Authentication
Strong authentication mechanism relying on more than one type of authentication. A PIN or password alone is representative of single factor authentication. Adding additional authentication mechanisms would result in multi-factor authentication.

Multilateral Netting Settlement System
Multilateral netting is an arrangement among three or more parties to net their obligations. In these settlement systems transfers are irrevocable but are only final after the completion of end-of-day-settlement.

Multiplexer
A device that encodes or multiplexes information from two or more data sources into a single channel. They are used in situations where the cost of implementing separate channels for each data source is more expensive than the cost and inconvenience of providing the multiplexing/de-multiplexing functions.

 Go to top of page
Start of N Words
  

NAS
Network attached storage. Hard disk storage set up with its own network address rather than being attached to the department computer that is serving applications to a network's workstation users. By removing storage access and its management from the department server, both application programming and files can be served faster because they are not competing for the same processor resources. The network-attached storage device is attached to a local area network (typically, an Ethernet network) and assigned an IP address. File requests are mapped by the main server to the NAS file server.

National Automated Clearing House Association (NACHA)
The national association that establishes the rules and procedures governing the exchange of automated clearinghouse payments.

National Settlement Service (NSS)
The Federal Reserve Banks' multilateral settlement service (also referred to as deferred net settlement). NSS is offered to depository institutions that settle for participants in clearinghouses, financial exchanges, and other clearing and settlement groups. Settlement agents acting on behalf of those depository institutions electronically submit settlement files to the Federal Reserve Banks. Files are processed on receipt, and entries are automatically posted to the depository institutions' Reserve Bank accounts. Entries are final when posted.

Net Debit Cap
The maximum dollar amount of uncollateralized daylight overdrafts that an institution is authorized to incur in its Federal Reserve account. The net debit cap is generally equal to an institution’s capital times the cap multiple for its cap category.

Network
Two or more computer systems that are grouped together to share information, software, and hardware.

Network Administrator
The individual responsible for the installation, management, and control of a network.

Network Attached Storage (NAS)
NAS systems usually contain one or more hard disks that are arranged into logical, redundant storage containers much like traditional file servers. NAS provides readily available storage resources and helps alleviate the bottlenecks associated with access to storage devices.

Non-repudiation
Ensuring that a transferred message has been sent and received by the parties claiming to have sent and received the message. Non-repudiation is a way to guarantee that the sender of a message cannot later deny having sent the message and that the recipient cannot deny having received the message.

 Go to top of page
Start of O Words
  

Object Code
Software program instructions compiled (translated) from source code into machine-readable formats.

Object program
A program that has been translated into machine language and is ready to be run (i.e., executed) by the computer.

OFAC
The Office of Foreign Assets Control (OFAC), within the U.S. Department of the Treasury, administers and enforces economic and trade sanctions against targeted foreign countries, terrorism-sponsoring organizations, and international narcotics traffickers based on U.S. foreign policy and national security goals.

Office of Foreign Asset Control (OFAC)
The Office of Foreign Assets Control, United States Department of the Treasury, administers and enforces economic sanctions programs primarily against countries and groups of individuals such as terrorists and narcotics traffickers. The sanctions can be either comprehensive or selective, using the blocking of assets and trade restrictions to accomplish foreign policy and national security goals.

On-us Checks
Checks that are deposited into the same institution on which they are drawn.

Open Market Operations
The buying and selling of government securities in the open market in order to expand or contract the amount of money in the banking system.

Operating System
1) Programs that collectively manage application programs. Operating systems allocate system resources, provide access and security controls, maintain file systems, and manage communications between end users and hardware devices. 2) The program that manages all the basic functions and programs on a computer.

Originating Depository Financial Institution (ODFI)
A participating financial institution that originates entries at the request of and by agreement with its originators in accordance with the provisions of the NACHA rules.

Originator
A person that has authorized an ODFI to transmit a credit or debit entry to the deposit account of a receiver at an RDFI.

Outsourcing
(1) The practice of contracting with another entity to perform services that might otherwise be conducted in-house. (2) Contracting with third parties to perform activities, duties, or functions.

 

 

 

Glossary