IT Management

Career paths and IT certifications

• Certified Information Security Manager (CISM)

  Certified Information Security Manager (CISM) is an advanced certification which indicates that an individual possesses the knowledge and experience required to develop and manage an enterprise information security (infosec) program.

• liaison officer

  A liaison officer is an employee who is responsible for establishing a positive working relationship between two or more people, organizations or agencies, typically with the goal of working through a mutual problem or concern.

• microlearning (microtraining)

  Microlearning is an educational strategy that breaks complex topics down into short-form, stand-alone units of study that can be viewed as many times as necessary, whenever and wherever the learner needs them. Microlearning instructional modules are designed to address one specific skill or knowledge gap.

Compliance, risk and governance

This glossary contains definitions related to compliance. Some definitions explain the meaning of words used in compliance regulations. Other definitions are related to the strategies that compliance officers use to mitigate risk and create a manageable compliance infrastructure.

• compliance framework

  A compliance framework is a structured set of guidelines that details an organization's processes for maintaining accordance with established regulations, specifications or legislation.

• What is cybersecurity? Everything you need to know

  Cybersecurity is the protection of internet-connected systems -- including hardware, software and data -- from cyberattacks.

• regulatory compliance

  Regulatory compliance is an organization's adherence to laws, regulations, guidelines and specifications relevant to its business processes.

CRM

The goal of customer experience management (CEM) is to optimize customer satisfaction at each touchpoint of the customer journey. Definitions in this glossary include terms about marketing and creating a customer-centric view of business, the use of AI and RPA in martech, capturing and analyzing customer feedback and contact center automation.

• Direct-to-Consumer (D2C or DTC)

  D2C (Direct-to-consumer, or Direct2Consumer) is a type of business-to-consumer (B2C) retail sales strategy where a business will build, market, sell and ship a product directly to the customer.

• virtual agent

  A virtual agent (sometimes called an intelligent virtual agent, virtual rep or chatbot) is a software program that uses scripted rules and, increasingly, artificial intelligence applications to provide automated service or guidance to humans.

• behavioral targeting

  Behavioral targeting is the presentation of content and marketing based on the previous choices of users across websites.

ERP

Terms related to business, including definitions about project management and words and phrases about human resources, finance and vertical industries.

• RFI (request for information)

  An RFI (request for information) is a formal process for gathering information from potential suppliers of a good or service.

• Kaizen (continuous improvement)

  Kaizen is an approach to creating continuous improvement based on the idea that small, ongoing positive changes can reap significant improvements.

• project scope

  Project scope is the part of project planning that involves determining and documenting a list of specific project goals, deliverables, tasks, costs and deadlines.

Government IT

Terms related to government IT, including definitions about specific federal, state and local government programs as well as words and phrases about policy and compliance.

• Presidential Policy Directive 21 (PPD-21)

  Presidential Policy Directive 21 (PPD-21) is an infrastructure protection and resilience directive in the United States that aims to strengthen and secure the country's critical infrastructure.

• Advanced Encryption Standard (AES)

  The Advanced Encryption Standard (AES) is a symmetric block cipher chosen by the U.S. government to protect classified information.

• What is cybersecurity? Everything you need to know

  Cybersecurity is the protection of internet-connected systems -- including hardware, software and data -- from cyberattacks.

Healthcare IT

Terms related to healthcare IT, including definitions about healthcare information and management systems and words and phrases about electronic health records, meaningful use, government regulations and medical technology.

• What is cybersecurity? Everything you need to know

  Cybersecurity is the protection of internet-connected systems -- including hardware, software and data -- from cyberattacks.

• emergent medical data (EMD)

  Emergent medical data (EMD) is health information gathered about an individual from seemingly unrelated user behavior data.

• polygenic risk score (PRS)

  A polygenic risk score (PRS) is an expression of someone's likelihood of having or developing a particular medical condition.

HR management

• continuous learning

  Continuous learning is the ongoing expansion of knowledge and skill sets.

• employee life cycle

  Employee life cycle -- also spelled employee lifecycle -- is an HR model that identifies the different stages a worker advances through in an organization in, as well as the role HR plays in optimizing that progress.

• employee privacy policy

  An employee privacy policy is documentation specifying an organization's rules and procedures for gathering, using and disclosing the personal information of former, current or prospective employees.

IT procurement

Terms related to the activities and procedures necessary to acquire information technology (IT) products and services.

• RFI (request for information)

  An RFI (request for information) is a formal process for gathering information from potential suppliers of a good or service.

• request for proposal (RFP)

  A request for proposal (RFP) is a document that an organization, often a government agency or large enterprise, posts to elicit a response -- a formal bid -- from potential vendors for a desired IT solution.

• procurement plan

  A procurement plan -- also called a procurement management plan -- is a document that is used to manage the process of finding and selecting a vendor.

Network management

Terms related to managing computer networks, including definitions about LANS or WANS and words and phrases about network design, troubleshooting, security and backups.

• Secure Access Service Edge (SASE)

  Secure Access Service Edge, also known as SASE -- pronounced 'sassy' -- is a cloud architecture model that bundles network and security solutions together, delivering them as a unified cloud service.

• cloud disaster recovery (cloud DR)

  Cloud disaster recovery (cloud DR) is a combination of strategies and services intended to back up data, applications and other resources to public cloud or dedicated service providers.

• Software as a Service (SaaS)

  Software as a service (SaaS) is a software distribution model in which a third-party provider hosts applications and makes them available to customers over the Internet.

Project management

Terms related to project management, including definitions about project management methodologies and tools.

• MoSCoW method

  The MoSCoW method is a four-step approach to prioritizing which project requirements will provide the best return on investment (ROI).

• project scope

  Project scope is the part of project planning that involves determining and documenting a list of specific project goals, deliverables, tasks, costs and deadlines.

• crisis management

  Crisis management is the application of strategies designed to help an organization deal with a sudden and significant negative event.

Security management

Terms related to security management, including definitions about intrusion detection systems (IDS) and words and phrases about asset management, security policies, security monitoring, authorization and authentication.

• PCI DSS (Payment Card Industry Data Security Standard)

  The Payment Card Industry Data Security Standard (PCI DSS) is a widely accepted set of policies and procedures intended to optimize the security of credit, debit and cash card transactions and protect cardholders against misuse of their personal information.

• MITRE ATT&CK framework

  The MITRE ATT&CK (pronounced 'miter attack') framework is a free, globally accessible service that provides comprehensive and up-to-date cyberthreat information to organizations looking to strengthen their cybersecurity strategies.

• phishing

  Phishing is a form of fraud in which an attacker masquerades as a reputable entity or person in email or other communication channels.

SEO

Definitions related to search engine optimization, including definitions about SEO and words and phrases about bots, spiders, organic traffic and all areas of search engine marketing (SEM).

• metadata

  Metadata is data that describes other data. 

• microdata

  Microdata is a type of specification language that is embedded within HTML content to improve machine readability, annotate elements and analyze web pages.

• Click to Tweet

  Click to Tweet is a website that automatically generates links for users to share content through their own Twitter accounts.

Software asset management

Terms related to software management, including definitions about licensing and words and phrases about software lifecycle management and software asset management.

• Mobile Threat Defense (MTD)

  Mobile Threat Defense (MTD) is a security software meant to protect organizations and individual users from security threats on mobile platforms.

• Software as a Service (SaaS)

  Software as a service (SaaS) is a software distribution model in which a third-party provider hosts applications and makes them available to customers over the Internet.

• Platform as a Service (PaaS)

  Platform as a service (PaaS) is a cloud computing model in which a third-party provider delivers hardware and software tools -- usually those needed for application development -- to users over the internet.

Storage management

Terms related to data storage management, including definitions about enterprise storage and words and phrases about storage infrastructure, storage capacity and hierarchical storage management (HSM).

• cloud disaster recovery (cloud DR)

  Cloud disaster recovery (cloud DR) is a combination of strategies and services intended to back up data, applications and other resources to public cloud or dedicated service providers.

• cloud computing

  Cloud computing is a general term for anything that involves delivering hosted services over the internet.

• cloud storage

  Cloud storage is a service model in which data is transmitted and stored on remote storage systems, where it is maintained, managed, backed up and made available to users over a network (typically the internet).