IT Management

Compliance, risk and governance

This glossary contains definitions related to compliance. Some definitions explain the meaning of words used in compliance regulations. Other definitions are related to the strategies that compliance officers use to mitigate risk and create a manageable compliance infrastructure.

• enterprise content management (ECM)

  Enterprise content management (ECM) is a set of defined processes, strategies and tools that allow a business to effectively obtain, organize, store and deliver critical information to its employees, business stakeholders and customers. To differentiate themselves from competitors, some ECM vendors are beginning to market their products as content management services or content management platforms.

• business continuity policy

  Business continuity policy is the set of standards and guidelines an organization enforces to ensure resilience and proper risk management.

• business continuity and disaster recovery (BCDR)

  Business continuity and disaster recovery (BCDR) are closely related practices that describe an organization's preparation for unforeseen risks to continued operations.

CRM

Terms related to customer relationship management (CRM), including definitions about call centers and contact centers.

• vanity metrics

  A vanity metric is a unit of measurement that looks positive but fails to provide the viewer with any information that can be used to drive future actions.

• digital experience (DX)

  Digital experience (DX) is the combination of interactions and overall sentiment that consumers have with an organization's digital touchpoints.

• customer base

  Customer base is the group of clients to whom a business markets and sells their goods or services.

ERP

Terms related to business, including definitions about project management and words and phrases about human resources, finance and vertical industries.

• SWOT analysis (strengths, weaknesses, opportunities and threats analysis)

  SWOT analysis (strengths, weaknesses, opportunities and threats analysis) is a framework for identifying and analyzing the internal and external factors that can have an impact on the viability of a project, product, place or person.

• cloud computing

  Cloud computing is a general term for the delivery of hosted services over the internet.

• digital workplace

  The digital workplace is a concept that describes how technology is increasingly creating a virtual equivalent of the physical workplace and how that trend allows businesses to rethink traditional processes and increase efficiency.

Government IT

Terms related to government IT, including definitions about specific federal, state and local government programs as well as words and phrases about policy and compliance.

• U.S. Department of Justice (DOJ)

  U.S. Department of Justice (DOJ) is a United States federal government agency tasked with the enforcing of justice and law.

• Joint Enterprise Defense Infrastructure (JEDI)

  Joint Enterprise Defense Infrastructure (JEDI) is the proposed Department of Defense (DoD) cloud infrastructure network.

• compliance audit

  A compliance audit is a comprehensive review of an organization's adherence to regulatory guidelines.

Healthcare IT

Terms related to healthcare IT, including definitions about healthcare information and management systems and words and phrases about electronic health records, meaningful use, government regulations and medical technology.

• HIPAA (Health Insurance Portability and Accountability Act)

  HIPAA (Health Insurance Portability and Accountability Act of 1996) is United States legislation that provides data privacy and security provisions for safeguarding medical information.

• electronic protected health information (ePHI)

  Electronic protected health information (ePHI) is protected health information (PHI) that is produced, saved, transferred or received in an electronic form. In the United States, ePHI management is covered under the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Security Rule.

• point of care (POC) testing

  Point of care (POC) testing is medical testing that is performed outside of a laboratory setting. Common examples of POC test tools include blood glucose monitors, thermometers, home pregnancy tests and rapid strep tests.

HR management

• culture hacking

  Culture hacking is the gradual process of implementing numerous small, positive changes in an organization.

• digital workplace

  The digital workplace is a concept that describes how technology is increasingly creating a virtual equivalent of the physical workplace and how that trend allows businesses to rethink traditional processes and increase efficiency.

• social loafing

  Social loafing is a reduction of individual effort that tends to occur when people work in groups.

IT procurement

Terms related to the activities and procedures necessary to acquire information technology (IT) products and services.

• paradox of choice

  The paradox of choice is an observation that having many options to choose from, rather than making people happy and ensuring they get what they want, can cause them stress and problematize decision-making.

• Linkerd

  Linkerd is an open-source network proxy developed by Buoyant to be installed as a service mesh. Linkerd is one of the first products to be associated with the term service mesh and supports platforms such as Docker and Kubernetes.

• clickwrap agreement (clickthrough agreement)

  A clickwrap agreement, also known as a clickthrough agreement, is an online contract that confirms a user's consent to a company's terms and conditions.

Network management

Terms related to managing computer networks, including definitions about LANS or WANS and words and phrases about network design, troubleshooting, security and backups.

• Software as a Service (SaaS)

  Software as a service (SaaS) is a software distribution model in which a third-party provider hosts applications and makes them available to customers over the Internet.

• HashiCorp

  HashiCorp is a software company that provides a suite of modular DevOps infrastructure provisioning and management products.

• service mesh

  A service mesh is a dedicated infrastructure layer that controls service-to-service communication over a network.

Project management

Terms related to project management, including definitions about project management methodologies and tools.

• white box testing

  White box testing is a software testing methodology which uses the program source code as a test basis for designing tests and test cases.

• team collaboration

  Team collaboration is a communication and project management approach that emphasizes teamwork, innovative thinking and equal participation to achieve objectives.

• Ringelmann effect

  The Ringelmann effect is a reduction in productivity per individual that tends to occur as the numbers of people involved in a work group increase.

Security management

Terms related to security management, including definitions about intrusion detection systems (IDS) and words and phrases about asset management, security policies, security monitoring, authorization and authentication.

• SOAR (Security Orchestration, Automation and Response)

  SOAR (Security Orchestration, Automation and Response) is a technology stack of compatible software programs that allow an organization to collect data about security threats and alerts from multiple sources and respond to low-level security events without human assistance.

• COBIT

  COBIT is a framework for developing, implementing, monitoring and improving information technology (IT) governance and management practices.

• SecOps

  SecOps is a management approach that connects security and operations teams, similar to how DevOps unifies software developers and operations professionals to increase efficiency and eliminate priority conflicts.

SEO

Definitions related to search engine optimization, including definitions about SEO and words and phrases about bots, spiders, organic traffic and all areas of search engine marketing (SEM).

• microdata

  Microdata is a type of specification language that is embedded within HTML content to improve machine readability, annotate elements and analyze web pages.

• Click to Tweet

  Click to Tweet is a website that automatically generates links for users to share content through their own Twitter accounts.

• Google My Business

  Google My Business is a free online business listing service that is integrated with the Google search engine.

Software asset management

Terms related to software management, including definitions about licensing and words and phrases about software lifecycle management and software asset management.

• Software as a Service (SaaS)

  Software as a service (SaaS) is a software distribution model in which a third-party provider hosts applications and makes them available to customers over the Internet.

• enterprise content management (ECM)

  Enterprise content management (ECM) is a set of defined processes, strategies and tools that allow a business to effectively obtain, organize, store and deliver critical information to its employees, business stakeholders and customers. To differentiate themselves from competitors, some ECM vendors are beginning to market their products as content management services or content management platforms.

• systems integrator

  A systems integrator is an individual or business that builds computing systems for clients by combining hardware, software, networking and storage products from multiple vendors.

Storage management

Terms related to data storage management, including definitions about enterprise storage and words and phrases about storage infrastructure, storage capacity and hierarchical storage management (HSM).

• cloud computing

  Cloud computing is a general term for the delivery of hosted services over the internet.

• data retention policy

  A data retention policy dictates the types of data to be retained and the duration for which that data must be stored in accordance with operational or regulatory requirements.

• data reduction

  Data reduction is the process of reducing the amount of capacity required to store data.