Data communications
The transfer of data between separate computer processing sites/devices
using telephone lines, microwave and/or satellite links.
Data custodian
Individuals and departments responsible for the storage and safeguarding
of computerized information. This typically is within the IS organization.
Data diddling
Changing data with malicious intent before or during input into the
system.
Database
A stored collection of related data needed by organizations and individuals
to meet their information processing and retrieval requirements.
Database administrator (DBA)
An individual or department responsible for the security and information
classification of the shared data stored on a database system. This
responsibility includes the design, definition and maintenance of
the database.
Deficiency
An internal control shortcoming or opportunity to strengthen
internal controls.
Detection risk
The risk audit procedures will lead to a conclusion that material
error does not exist when in fact such error does exist.
Deviation
Departure from prescribed internal control. Often expressed
as a rate at which the departure occurs.
Digital certificate
A certificate identifying a public key to its subscriber, corresponding
to a private key held by that subscriber. It is a unique code that
typically is used to allow the authenticity and integrity of communicated
data to be verified.
Digital signature
A piece of information, a digitized form of signature, that provides
sender authenticity, message integrity and nonrepudiation. A digital
signature is generated using the sender's private key or applying
a one-way hash function.
Direct reporting engagement
An engagement where management does not make a written assertion about
the effectiveness of their control procedures, and the auditor provides
an opinion about subject matter directly, such as the effectiveness
of the control procedures.
Disclaimer
A statement that the auditor is unable to express an opinion
as to the presentation of financial statements in conformity with
U.S. GAAP.
Disclosure
Revealing information. Financial statement footnotes are
one way of providing necessary disclosures.
Disclosure of sensitive non public
information
Unlawful and unauthorized disclosure or use of sensitive
information, not to be used other than for specifically identified
purposes, to unauthorized individuals or for personal gain or advantage.
Discovery sampling
Acceptance sampling (sampling to determine whether internal
control compliance is greater than or less than the tolerable deviation
rate) when the expected attribute occurrence rate is zero.
Discrimination
Behavior that shows prejudice. Failure to treat people equally
because of a bias based on characteristic such as race, religion,
sex, gender, national origin, sexual orientation, and disability.
Document (documentation)
Written or printed paper that bears information that can
be used to furnish decisive evidence. Could also be a recording, computer
readable information, or a photograph.
Downloading
The act of transferring computerized information from one computer
to another computer.
Downtime report
A report that identifies the elapsed time when a computer is not operating
correctly because of machine failure.
Drug abuse
Improper use of prescription drugs, over-the-counter drugs, and controlled
substances.
Dual date
If a major event comes to the auditor's attention between
the report date and issuance of the report, the financial statements
may include the event as an adjustment or disclosure. The auditor
dual dates the audit report (as of the end of fieldwork, except footnote
XX, which is dated later).
Dual-purpose test
Audit procedures are classified as substantive tests or tests
of controls. If a procedure provides both types of evidence it is
a dual-purpose test.
Due care
Diligence which a person would exercise under a given set of circumstances.
Due professional care
Diligence which a person, who possesses a special skill, would exercise
under a given set of circumstances.
