Appendix B: Glossary
A |
||
| Term | Definition | Source |
| Acceptance Criteria | Pre-established standards or requirements a product or project must meet. | |
| Application | A system for collecting, saving, processing, and presenting data by means of a computer. The term application is generally used when referring to a component of software that can be executed. The terms application and software application are often used synonymously. | NIST Glossary |
| Automated Controls | Software routines designed into programs to ensure the validity, accuracy, completeness, and availability of input, processed, and stored data. | |
B |
||
| Term | Definition | Source |
| Baseline | A documented version of a hardware component, software program, configuration, standard, procedure, or project management plan. Baseline versions are placed under formal change controls and should not be modified unless the changes are approved and documented. | |
C |
||
| Term | Definition | Source |
| Code | Software program instructions. | |
D |
||
| Term | Definition | Source |
| Database | A repository of information or data, which may or may not be a traditional relational database system. | NIST Glossary |
| A repository of information or data organized to be accessed, managed, and updated. | FFIEC Adapted for Supervisory Purposes | |
| Deliverable | A project goal or expectation. Deliverables include broadly-defined, project or phase requirements and specifically-defined tasks within project phases. | |
| Distributed environment | A computer system with data and program components physically distributed across more than one computer. | |
E |
||
| Term | Definition | Source |
| End user | An individual who will utilize a product or program. | |
| Enterprise architecture | The description of an enterprise’s entire set of information systems: how they are configured, how they are integrated, how they interface to the external environment at the enterprise’s boundary, how they are operated to support the enterprise mission, and how they contribute to the enterprise’s overall security posture. | NIST Glossary |
F |
||
| Term | Definition | Source |
| Flowcharts | Traditional flowcharts involve the use of geometric symbols, such as diamonds, ovals, and rectangles to represent the sequencing of program logic. Software packages are available that automatically chart programs or enable a programmer to chart a program without the need to draw it manually. | |
| Functional requirements | The business, operational, and security features an organization wants included in a program. | |
I |
||
| Term | Definition | Source |
| Iterative | Repetitive or cyclical. Iterative software development involves the completion of project tasks or phases in repetitive cycles. Tasks and phase activities are repeated until a desired result is achieved. | |
L |
||
| Term | Definition | Source |
| Local area network (LAN) | A group of computers and other devices dispersed over a relatively limited area and connected by a communications link that enables any device to interact with any other on the network. | NIST Glossary |
M |
||
| Term | Definition | Source |
| Metric | A quantitative measurement. | |
| Milestone | A major project event. | |
N |
||
| Term | Definition | Source |
| Network | A system implemented with a collection of interconnected components. Such components may include routers, hubs, cabling, telecommunications controllers, key distribution centers, and technical control devices. | NIST Glossary |
O |
||
| Term | Definition | Source |
| Object code | Software program instructions compiled (translated) from source code into machine-readable formats. | |
| Operating system (OS) | The software “master control application” that runs the computer. It is the first program loaded when the computer is turned on, and its main component, the kernel, resides in memory at all times. The operating system sets the standards for all application programs (such as the Web server) that run in the computer. The applications communicate with the operating system for most user interface and file management operations. | NIST Glossary |
| Outsourcing | The practice of contracting through a formal agreement with a third-party(ies) to perform services, functions, or support that might otherwise be conducted in-house. | FFIEC Developed for Supervisory Purposes |
P |
||
| Term | Definition | Source |
| Phase | A project segment. | |
| Project | A task involving the acquisition, development, or maintenance of a technology product. | |
| Project management | Planning, monitoring, and controlling an activity. | |
S |
||
| Term | Definition | Source |
| Script | A file containing active content; for example, commands or instructions to be executed by the computer. | |
| Source code | Software program instructions written in a format (language) readable by humans. | |
| Spiral development | An iterative project management model that focuses on the identification of project and product risks and the selection of project management techniques that best control the identified risks. | |
| System development life cycle (SDLC) | The scope of activities associated with a system, encompassing the system’s initiation, development and acquisition, implementation, operation and maintenance, and ultimately its disposal that instigates another system initiation. | NIST Glossary |
| Previous Section Appendix A: Examination Procedures |