Parallel processing
The simultaneous performance of multiple operations,
usually in reference to computer systems.
Parallel simulation
Parallel simulation involves the information system auditor writing
a program to replicate those application processes that are critical
to an audit opinion and using this program to reprocess application
system data. The results produced are compared with the results generated
by the application system and any discrepancies identified.
Parallel testing
The process of feeding test data into two systems, the modified system
and an alternative system (possibly the original system) and comparing
results.
Password
A sequence of characters required to gain access to a computer system.
Passwords are used to restrict computer system access to only authorized
persons.
Password cracker
Specialized security checker that tests user's passwords, searching
for passwords that are easy to guess by repeatedly trying words from
specially crafted dictionaries. Failing that, many password crackers
can brute force all possible combinations in a relatively short period
of time with current desktop computer hardware.
Peer review
A practice monitoring program in which the audit documentation
from one auditor is periodically reviewed by independent auditors
from other firms to determine that it conforms to the standards of
the profession.
Per diem
An allowance for daily expenses. Often used to reimburse
employees for estimated expenses as opposed to accounting for each
small component of the expenses.
Performance indicators
A set of metrics designed to measure the extent to which performance
objectives are being achieved on an on-going basis. They can include
service level agreements, critical success factors, customer satisfaction
ratings, internal or external benchmarks, industry best practices
and international standards.
Performance testing
Comparing the system's performance to other equivalent systems using
well defined benchmarks.
Peripherals
Auxiliary computer hardware equipment used for input, output and data
storage. Examples include disk drives and printers.
Personal identification number (PIN)
A type of password (i.e., a secret number assigned to an individual)
that, in conjunction with some means of identifying the individual,
serves to verify the authenticity of the individual. PINs have been
adopted by financial institutions as the primary means of verifying
customers in an electronic funds transfer system.
Persuasive
Having the power to influence.Most audit evidence is persuasive,
but not conclusive.
Phishing
The act of sending an e-mail to a user falsely claiming to be an established legitimate enterprise in an attempt to scam the user into surrendering private information that will be used for identity theft.
Plaintext
Digital information, such as clear-text, that is intelligible to the
reader.
Planning
Audit planning is developing an overall strategy for conduct
and scope of the audit. The nature, extent, and timing of planning
vary with size and complexity of the entity, experience with the entity,
and knowledge of the business. In planning the audit, the auditor
considers the entity's business and its industry, its accounting policies
and procedures, methods used to process accounting information, the
planned assessed level of control risk, and the auditor's preliminary
judgment about audit materiality.
Pledge
Something given as security to guarantee payment of a debt.
Point-of-sale systems (POS)
Point-of-sale systems enable capture of data at the time and place
of transaction. POS terminals may include use of optical scanners
for use with bar codes or magnetic card readers for use with credit
cards. POS systems may be online to a central computer or may use
stand-alone terminals or microcomputers that hold the transactions
until the end of a specified period when they are sent to the main
computer for batch processing.
Population
The entire set of data from which a sample is selected and about which
the auditor wishes to draw conclusions.
Population size
The number of items in the population from which a sample
is drawn.
Port
An interface point between the CPU and a peripheral device.
Positive assurance
A statement as to what the auditor believes. An example is
an opinion that the financial statements are presented fairly in conformity
with U.S. generally accepted accounting principles. The opposite is
negative assurance.
Posting
The process of actually entering transactions into computerized or
manual files. Such transactions might immediately update the master
files or may result in memo posting, in which the transactions are
accumulated over a period of time, then applied to master file updating.
Predecessor auditor
The auditor for a prior year who no longer audits the client.
Preventive controls
These controls are designed to prevent or restrict an error, omission
or unauthorized intrusion.
Principal auditor
The auditor responsible for the greater portion of financial
statements. The principal auditor may assume responsibility for the
work of the other auditor or divide responsibility with the other
auditor.
Privacy
Freedom from unauthorized intrusion.
Privilege
The level of trust with which a system object is imbued.
Probability proportional to size sampling
A sampling plan that bases the likelihood of selecting a
particular account on the relative size of that account, so larger
accounts have a greater probability of being selected for the sample
than smaller accounts.
Probable
A contingent loss is probable if it is uncertain but likely
to happen.
Procedure
The portion of a policy that states the general process that will
be performed to accomplish a goal.
Processing control
An internal control included in computer software designed
to assure that all transactions are handled as authorized and none
omitted or added.
Professional competence
Proven level of ability, often linked to qualifications issued by
relevant professional bodies and compliance with their codes of practice
and standards.
Program
An audit program is a listing of audit procedures to be performed
in completing the audit. A computer program (software) is a listing
of steps to be performed in processing the data.
Program evaluation and review technique
A project management technique used in the planning and control of
system projects.
Programmed controls
Built into computer software and include reasonableness tests,
control totals, and sequence checks.
Project sponsor
Considered for acquisition the person responsible for high-level decisions,
such as changes to the scope and/or budget of the project, and whether
or not to implement.
Project team
Group of people responsible for a project, whose terms of reference
may include the development, acquisition, implementation or maintenance
of an application system. The team members may include line management,
operational line staff, external contractors, and auditors.
Proxy server
A server that acts on behalf of a user. Typical proxies accept a connection
from a user, make a decision as to whether or not the user or client
IP address is permitted to use the proxy, perhaps perform additional
authentication, and complete a connection to a remote destination
on behalf of the user.
Purchase order
A document from a buyer to a seller placing an order and
listing quantities and specifications.
