DIR Glossary of Terms

State contracts may have definitions specific to a contract, and Texas statutes may provide other definitions for the same terms or phrases which apply to various scenarios and exceptions. While statutory definitions have the force of law, they don't always offer the best plain language definition.

When using this glossary, please consider the interrelation of these definitions, statutory definitions and contractual definitions. Where there is a perceived conflict or ambiguity, please consult your legal counsel.

If you have a suggestion or update click here

# |A | B | C | D | E | F | G | H | I | J | K | L | M | N | O | P | Q | R | S | T | U | V | W | X | Y | Z



/3GB switchThe /3GB switch for 32 bit architectures up through Windows 2003 changes the way the 4GB virtual address space is split up. Instead of splitting it as 2GB of user mode virtual address space and 2GB of kernel mode virtual address space, the split is 3GB of user mode virtual address space and 1GB of kernel mode virtual address space.
4g LTELTE, an abbreviation for Long-Term Evolution, commonly marketed as 4G LTE, is a standard for wireless communication of high-speed data for mobile phones and data terminals. It is based on the GSM/EDGE and UMTS/HSPA network technologies, increasing the capacity and speed using a different radio interface together with core network improvements.
A/B TestingA/B testing (also known as bucket tests or split-run testing) is a randomized experiment with two variants, A and B. A/B testing is a way to compare two versions of a single variable, typically by testing a subject's response to variant A against variant B, and determining which of the two variants is more effective.
AA-IPM & APMApplication-Aware Infrastructure Performance Monitoring & Application Performance Monitoring
AAAAuthentication, Authorization, and Accounting (AAA) is a term for a framework for intelligently controlling access to computer resources, enforcing policies, auditing usage, and providing the information necessary to bill for services. These combined processes are considered important for effective network management and security.
AAGRAverage Annual Growth Rate
ABACAttribute-based access control (ABAC) defines an access control paradigm whereby access rights are granted to users through the use of policies which combine attributes together. The policies can use any type of attributes (user attributes, resource attributes, environment attribute etc.).
ABESTAutomated Budget and Evaluation System of Texas (ABEST) is a web-based application. Legislative Budget Board (LBB) staff use ABEST to track agency requests for appropriations through the stages of the legislative appropriations process, and agency performance through the biennial budget cycle
ACCESSThe physical or logical capability to view, interact with, or otherwise make use of information resources
ACICisco Application Centric Infrastructure (ACI) reduces Total Cost of Ownership (TCO), automates IT tasks, and accelerates data center application deployments by using a business-relevant software defined networking (SDN) policy model across networks, servers, storage, security, and services.
ACIDAtomicity, Consistency, Isolation, Durability (ACID ) is a set of properties that guarantee that database transactions are processed reliably.
ACLAn Access Control List (ACL), with respect to a computer file system, is a list of permissions attached to an object. An ACL specifies which users or system processes are granted access to objects, as well as what operations are allowed on given objects. (Wikipedia)
ACMAssociation for Computing Machinery (https://www.acm.org/)
ActorAn actor in the Unified Modeling Language (UML) "specifies a role played by a user or any other system that interacts with the subject." 
"An Actor models a type of role played by an entity that interacts with the subject (e.g., by exchanging signals and data), but which is external to the subject." 
"Actors may represent roles played by human users, external hardware, or other subjects. Actors do not necessarily represent specific physical entities but merely particular facets (i.e., “roles”) of some entities that are relevant to the specification of its associated use cases. A single physical instance may play the role of several different actors and a given actor may be played by multiple different instances." 
Actors interact with use cases. (wikipedia)
ActorIn the context of the use of a process, procedure, or application software, an actor is a general term that could be any person that manually triggers a process, provides content or data, provides approvals for the completion of stages, or causes the process to stop before completion of said processes or procedures.  It does not generally differentiate between levels of authority or job title. This does not include any automation of a process that involves performing any of these types of tasks through rules, timing, or predetermined data values that may be applied to move a process along in an application.
ACVThe Cisco Application Visibility and Control (AVC) solution is a suite of services in Cisco network devices that provides application-level classification, monitoring, and traffic control, with the intent to: improve business-critical application performance; support capacity management and planning; and reduce network operating costs.
ADActive Directory (AD) is a directory service that Microsoft developed for Windows domain networks and is included in most Windows Server operating systems as a set of processes and services.  In STS and the state of Texas also supported in the Unix and other environments and is the default authentication mechanism.
AD LDSActive Directory LDAP Directory Service (AD LDS) is a Microsoft Lightweight Directory Access Protocol (LDAP) directory service role that provides flexible support for directory-enabled applications, without the dependencies that are required for Active Directory Domain Services (AD DS). AD LDS provides much of the same functionality as AD DS, but it does not require the deployment of domains or domain controllers. You can run multiple instances of AD LDS concurrently on a single computer, with an independently managed schema for each AD LDS instance. AD LDS can store “private” directory data, which is relevant only to the application, in a local directory service—possibly on the same server as the application—without requiring any additional configuration to the server operating system directory. This data, which is relevant only to the application and which does not have to be widely replicated, is stored solely in the AD LDS directory that is associated with the application. This solution reduces replication traffic on the network between domain controllers that serve the server operating system directory. However, if necessary you can configure this data to be replicated between multiple AD LDS instances.  Enterprise applications must often store personalization data that is associated with authenticated users in AD DS. Storing this personalization data in AD DS would require AD DS schema changes. In this scenario, an application can use AD LDS to store application-specific data, such as policy and management information, while it uses the user principals in AD DS for authentication and for controlling access to objects in AD LDS. Such a solution makes it unnecessary for each AD LDS directory to have its own user database. Therefore, this solution prevents a proliferation of user IDs and passwords for end users every time a new directory-enabled application is introduced to the network.
ADAThe Americans with Disabilities Act of 1990 (42 U.S.C. § 12101) is a civil rights law that prohibits discrimination based on disability. (wikipedia)
ADCAustin Data Center (ADC) The facility located in Austin, Texas that hosts servers and supporting infrastructure that supports agencies business applications for agencies participating in the STS contract.
ADDFThe Application Development Decision Framework (ADDF) created by DIR for guidance in application development performed by state agencies. Hosted by DIR at http://www.dir.texas.gov/addf-request. Scope ranges from business alignment to process improvement, and development styles to application architecture innovation. Each topic area is comprised of individual topics, with actionable recommendations to elevate agencies' current approaches to application development.
ADDMBMC Application Discovery and Dependency Mapping (ADDM) for automated asset discovery and application dependency mapping
ADFSActive Directory Federation Services (ADFS) is a software component developed by Microsoft that can be installed on Windows Server operating systems to provide users with single sign-on access to systems and applications located across organizational boundaries. It uses a claims-based access control authorization model to maintain application security and implement federated identity.
AFPAFP (Apple Filing Protocol) for network file sharing and folder synchronization
AFRSAnnual Facilitated Risk Session
Agency AcronymsLists of common state agency abbreviations may be found at:
Texas Comptroller - https://fmx.cpa.texas.gov/fm/contacts/agynum/index.php
Secretary of State -  http://www.sos.state.tx.us/texreg/abbrev.shtml
TSLAC TRAILS list of agency websites - https://www.tsl.texas.gov/apps/lrs/agencies/index.html
Agency HeadThe top-most senior executive with operational accountability for an agency, department, commission, board, office, council, authority, or other agency in the executive or judicial branch of state government, that is created by the constitution or a statute of the state; or institutions of higher education, as defined in §61.003, Education Code.
AHTAverage handle time (AHT) is a call center metric for the average duration of one transaction, typically measured from the customer's initiation of the call and including any hold time, talk time and related tasks that follow the transaction. AHT is a prime factor when deciding call center staffing levels.
AIArtificial Intelligence (AI) is the use of computer programs that have some of the qualities of the human mind, such as the ability to understand language, recognize pictures, and learn from experience. (Dictionary.com)
ALMApplication Lifecycle Management (ALM) is the product lifecycle management of computer programs. It encompasses requirements management, software architecture, computer programming, software testing, software maintenance, change management, continuous integration, project management, and release management. Wikipedia
AOTRemedy Application Object Templates (AOT). In STS we use these to note availability outages for SLA measurements attached to a PBI
aPaasapplication Platform as a Service (aPaaS) is a cloud service that offers enhanced development mechanisms to the cloud platform as a service provisioning and deployment environments
APARAn Authorized Program Analysis Report (APAR) is a formal report from IBM development to customers that have notified IBM of a problem or suspected defect. If IBM development is able to confirm the existence of the issue they will create an APAR with any known workarounds and perhaps an indication of which future release, if any, of the IBM program they intend to target for a formal fix to the defect and whether or not a Program Temporary Fix (PTF) is planned. The APAR will then be published so that it is visible to supported customers.
APIApplication Programming Interface
APMApplication Performance Management (APM) is the monitoring and management of performance and availability of software applications. APM strives to detect and diagnose application performance problems to maintain an expected level of service (SLA). APM is the translation of IT metrics into business meaning (i.e., value).  APM measures OSI layers 4 through 7 while network monitoring measures layers 1 to 3.
APMApplication Portfolio Management (APM) is a framework for managing enterprise IT software applications and software-based services. APM provides managers with an inventory of the company's software applications and metrics to illustrate the business benefits of each application.
App/DevApplication Development
APQCAmerican Productivity & Quality Center (APQC) helps organizations work smarter, faster, and with greater confidence. It is the world’s foremost authority in benchmarking, best practices, process and performance improvement, and knowledge management (APQC).
APQC PCFAPQC's Process Classification Framework (PCF)® is the most used process framework in the world. It creates a common language for organizations to communicate and define work processes comprehensively and without redundancies. Organizations are using it to support benchmarking, manage content, and perform other important performance management activities (APQC).
APTAdvanced Persistent Threat (APT) is a set of stealthy and continuous computer hacking processes, often orchestrated by human(s) targeting a specific entity.
ARC/RRCAdditional Resource Charges (ARCs) or Reduced Resource Credits (RRCs) are incremental charges/credits for volumes above or below the Monthly Resource Baselines but within the resource unit pricing bands.

These terms are used in the DIR Data Center Services contract.

Base/Variable is an Exhibit 4B term meaning the costs for the certain items (like infrastructure SW) in part of the monthly base charge + variable ARC/RRC methodology vs charged separately like (HSC/SSC). 

Additional Resource Charges (ARCs) are the incremental charges set forth in Exhibit 4 for the use of the Services above the Monthly Resource Baselines for such Services.
Reduced Resource Charges (RRCs) are the incremental credits set forth in Exhibit 4 to the Agreement for the use of Services below the Monthly Resource Baselines for such Services.
ARPAddress Resolution Protocol (ARP) is a protocol for mapping an Internet Protocol address (IP address) to a physical machine address that is recognized in the local network
ASACisco Adaptive Security Appliance (ASA) combines firewall, antivirus, intrusion prevention, and virtual private network (VPN) capabilities.  It provides proactive threat defense that stops attacks before they spread through the network
ASAAverage Speed to Answer (ASA) - measurement relative to the Service/Help Desk
ASEAccelerated Solution Environment (annual meeting).  A facilitation structure used by Capgemini to bring together the right people with the right content, underpinned by a rigorous method and process.  Events of one to three days are organized in ASE Design Sessions.  A dedicated team scopes, designs, and facilitates multiple ASE DesignSessions over a project lifecycle to help key stakeholders and project members align and implement change successfully. (Capgemini - https://www.capgemini.com/how-we-work/accelerated-solutions-environment-ase)
AST/DAST/SASTApplication Security Testing (DAST - dynamic, SAST - static)
ATIPATIP blades (Application and Threat Intelligence Processor) – these blades provide the NTO with NetFlow capabilities
ATPAdvanced Threat Protection (ATP)
ATSA transfer switch is an electrical switch that switches a load between two sources. Some transfer switches are manual, in that an operator effects the transfer by throwing a switch, while others are automatic and switch when they sense one of the sources has lost or gained power. An Automatic Transfer Switch (ATS) is often installed where a backup generator is located, so that the generator may provide temporary electrical power if the utility source fails.
AU(s)Authorized User(s)
AvailabilityThe security objective of ensuring timely and reliable access to and use of information
AVTApplication Verification Testing
AWSAmazon Web Services (AWS) is a collection of remote computing services (also called web services) that together make up a cloud computing platform, offered over the Internet by Amazon.com. The most central and well-known of these services are Amazon EC2 (elastic compute cloud) and Amazon S3 (simple storage service).
AWS Availability ZoneAn AWS Availability Zone is a logical data center in a region available for use by any AWS customer. Each zone in a region has redundant and separate power, networking and connectivity to reduce the likelihood of two zones failing simultaneously. A common misconception is that a single zone equals a single data center. In fact, each zone is backed by one or more physical data centers, with the largest backed by five (Rackspace).
AWS RegionAn AWS Region is a geographical location with a collection of availability zones mapped to physical data centers in that region. Every region is physically isolated from and independent of every other region in terms of location, power, water supply, etc. (Rackspace)
B2BBusiness to Business
BAFOBest and Final Offer (BAFO)
BAUBusiness As Usual
BCPThe Border Gateway Protocol (BGP) is the protocol used throughout the Internet to exchange routing information between networks.  It is the language spoken by routers on the Internet to determine how packets can be sent from one router to another to reach their final destination.  BGP has worked extremely well and continues to the be protocol that makes the Internet work.
BCP/BC PlanningBusiness Continuity Planning (BCP) identifies an organization's exposure to internal and external threats and synthesizes hard and soft assets to provide effective prevention and recovery for the organization, while maintaining competitive advantage and value system integrity
BECBusiness Email Compromise (BEC), also referred to as a ‘Man in the email’ or ‘Man in the middle’ attack, is a specific form of phishing where cyber criminals spoof the email addresses of an organization’s executive (most of the times C-level) to defraud the organization’s employees, partners, etc. Cyber criminals can spoof the email address of an organization’s executive to increase the credibility of an email. The attack is usually targeted at specific individuals in order to obtain money or confidential information. The methods usually used are wire transfers but check payments can also be requested (DMARC Analyzer).
BELCBusiness Executive Leadership Council (BELC) is a Governance committee comprised of agency executive leadership that provides direction and guidance to the STS Program.
BIAA Business Impact Analysis (BIA) differentiates critical (urgent) and non-critical (non-urgent) organization functions/activities. Critical functions are those whose disruption is regarded as unacceptable. Perceptions of acceptability are affected by the cost of recovery solutions. A function may also be considered critical if dictated by law. For each critical (in scope) function, two values are then assigned:
 • Recovery Point Objective (RPO) 
 • Recovery Time Objective (RTO) (Wikipedia).
BICCBusiness Intelligence Competency Center (BICC) is a cross-functional organizational team that has defined tasks, roles, responsibilities and processes for supporting and promoting the effective use of Business Intelligence (BI) across an organization.
BINDBerkeley Internet Name Domain (BIND) is open source software that implements the Domain Name System (DNS) protocols for the Internet. It is a reference implementation of those protocols, but it is also production-grade software, suitable for use in high-volume and high-reliability applications.  The name BIND stands for “Berkeley Internet Name Domain”, because the software originated in the early 1980s at the University of California at Berkeley.
BlockchainA blockchain, originally block chain, is a growing list of records, called blocks, which are linked using cryptography. Each block contains a cryptographic hash of the previous block, a timestamp, and transaction data. By design, a blockchain is resistant to modification of the data. (Wikipedia)
BMRBare-Metal Restore (BMR), bringing up a server fully starting with just the hardware platform and backups.
BMSBuilding Management System (BMS)
BOSHybrid Cloud Services (HCS) Business Orchestration Suite (BOS) to provide workflow to the Enterprise Service Bus (ESB)
BOSHBOSH is a recursive acronym for Bosh Outer SHell.  BOSH is a project that unifies release engineering, deployment, and lifecycle management of small and large-scale cloud software. BOSH can provision and deploy software over hundreds of VMs. It also performs monitoring, failure recovery, and software updates with zero-to-minimal downtime.
While BOSH was developed to deploy Cloud Foundry PaaS, it can also be used to deploy almost any other software (Hadoop, for instance). BOSH is particularly well-suited for large distributed systems. In addition, BOSH supports multiple Infrastructure as a Service (IaaS) providers like VMware vSphere, vCloud Director, Amazon Web Services EC2, and OpenStack. There is a Cloud Provider Interface (CPI) that enables users to extend BOSH to support additional IaaS providers such as Google Compute Engine and Apache Cloud Stack.
BotBot is a device or piece of software that can execute commands, reply to messages, or perform routine tasks, as online searches, either automatically or with minimal human intervention (often used in combination, eg. Chatbot). (Dictionary.com)
BPABest Practice Assessment/Analyzer
BPABusiness Process Automation (BPA), is the strategy a business uses to automate processes in order to contain costs. It consists of integrating applications, restructuring labor resources and using software applications throughout the organization. (Wikipedia)
BPMNA standard Business Process Model and Notation (BPMN) will provide businesses with the capability of understanding their internal business procedures in a graphical notation and will give organizations the ability to communicate these procedures in a standard manner. Furthermore, the graphical notation will facilitate the understanding of the performance collaborations and business transactions between the organizations. This will ensure that businesses will understand themselves and participants in their business and will enable organizations to adjust to new internal and B2B business circumstances quickly.
BPMS or BPM(s)Business Process Management Suite or
Business Process Management (suite)
BPOBusiness Process Outsourcing
BREBusiness Rule Engine
BTDBuild, Test, Deploy (BTD)
BUR BWSBackup Recovery Billing Work Stream milestones
Business ApplicationA Business Application name is the high-level label used by an agency business and IT organization to easily identify a group of functions provided by one or more systems to accomplish the specific business needs of the agency.  A Business Application is typically a combination of integrated hardware and software (including data and applications), internally developed custom systems, commercial off the shelf (COTS) applications, and/or customized third-party systems.
BVBase Variable software (BV) – STS term used for Infrastructure software purchased by STS Service Component Provider (SCP) – Require SCP approval by the Business Unit
BVDBusiness Value Dashboard(s) as a way to visually align technology and business metric/outcomes (i.e., revenue, I&O organizations)
BYODBring Your Own Device
BYOLBring Your Own License to the cloud for software usage
C1R/Class 1RClass 1 Risk (C1R) is a Class 1-eligible application that has not received either a Proof of Concept (PoC) or a DR exercise. 
C2 SitesCommand-and-Control servers, also called C&C or C2, are used by attackers to maintain communications with compromised systems within a target network. The terms "command" and "control" are often bandied about without a clear understanding, even among some security professionals, of how these communications techniques work to govern malware. 91% of traffic to known C2 sites leverage DNS layer.
C3Community Cloud Computing (ACM) / STS Catalog Community Cloud
CAIn cryptography, a certificate authority or certification authority (CA) is an entity that issues digital certificates. A digital certificate certifies the ownership of a public key by the named subject of the certificate. This allows others (relying parties) to rely upon signatures or on assertions made about the private key that corresponds to the certified public key. A CA acts as a trusted third party—trusted both by the subject (owner) of the certificate and by the party relying upon the certificate. The format of these certificates is specified by the X.509 standard.  (Wikipedia)
CaasContainers as a Service (CaaS) is a form of container-based virtualization in which container enginesorchestration and the underlying compute resources are delivered to users as a service from a cloud provider. In some cases, CaaS is also used to describe a cloud provider's container support services. (http://searchitoperations.techtarget.com/definition/Containers-as-a-Service-CaaS)
(Context from Docker Blog)
CABChange Approval Board (CAB)  A regularly scheduled weekly meeting between the STS MSI Change Managers, SCP Sys Admins and agency's meet to obtain agency approval to move forward with requested changes to the agency's environment.
CABChange Advisory Board (CAB)  STS SCP Architect Board that approves Solution Designs
CAFRComprehensive Annual Financial Report (CAFR) is a set of U.S. government financial statements comprising the financial report of a state, municipal or other governmental entity that complies with the accounting requirements promulgated by the Governmental Accounting Standards Board (GASB) (wikipedia)
CAGRThe year-over-year growth rate of an investment over a specified period of time. The Compound Annual Growth Rate (CAGR) is calculated by taking the nth root of the total percentage growth rate, where n is the number of years in the period being considered.
CAL(s) / ML(s)Client Access Licenses and Management Licenses
If the workstations in your organization are networked, you likely depend on network server software to perform certain functions, such as file and print sharing. To access this server software legally, a Client Access License (CAL) may be required. A CAL is not a software product; rather, it is a license that gives a user the right to access the services of the server.
Likewise, if you manage the devices on your network by using management software such as Microsoft System Center, a Management License (ML) may be required for the device being managed.
Licensing software with CALs and MLs can be complicated due to the technical nature of server products and networks. For example, Microsoft offers a device-based CAL (Device CAL) or a user-based CAL (User CAL) for purchase. In addition, an External Connector (EC) license is offered for some products as an optional alternative to address specific customer scenarios.
CAPCapgemini America, Inc
CAPCorrective Action Plan
CapExTraditional Capital Expenditure Model
CapNetCapitol Area Network
CAPPSCentralized Accounting and Payroll/Personnel System (CAPPS) established as a shared service and coordinated by the Texas Comptroller of Public Accounts
CASBCloud Access Security Brokers (e.g., common defense infrastructure and tools across all SaaS deployments)
CASEComputer-Aided Software Engineering

The Contract Advisory Team (CAT) was created to assist state agencies in improving contract management practices by reviewing the solicitation of contracts with a monetary value of $5 million or more. Section §2262.102 of the Texas Government Code lists the following members for the CAT:

  • one member from the Comptroller of Public Accounts (CPA);
  • one member from the Department of Information Resources (DIR);
  • one member from the Health and Human Services Commission (HHSC);
  • one member from the Office of the Governor (OOG);
  • one member from the Texas Facilities Commission (TFC) (CPA)
CATRADCPA’s Contract Advisory Team Review and Delegation Application used by the CAT to submit solicitation information.
CBUContingency Capacity Backup - expanding IBM mainframe MIPS and storage to larger machine for Disaster Recovery
CCBChange Control Board (CCB) is the group of stakeholders responsible for evaluating and approving proposed changes to project baselines such as project scope, schedules, resources and budgets.
CCMCustomer Communications Management (CCM) is a term highlighted by research companies such as Gartner Group, Forrester Research, InfoTrends, and Madison Advisors to define a convergent set of Information Technology solutions that together provide organizations with the ability to advance the way that they communicate with their customers.
CCRContract Change Request
CCTSDIR’s Capitol Complex Telephone System
CCTVClosed-Circuit Television (CCTV)
CDCConsolidated Data Center (A facility housing/hosting servers and supporting infrastructure in support of DCS agencies business applications).
CDNContent Delivery Network (CDN) takes binary blobs within storage and caches them to the nearest data center to where the content is being requested.
CDPG / CEGCloud Data Security & Protection Gateway (CDPG) with out-of-band API / Cloud Encryption Gateways (CEG) by tokenizing data
CDRCentralized Document Repository
CEMCustomer Experience Management (CEM) is the collection of processes a company uses to track, oversee and organize every interaction between a customer and the organization throughout the customer lifecycle. The goal of CEM is to optimize interactions from the customer's perspective and, as a result, foster customer loyalty
CERTCommunity Emergency Response Team (e.g., FEMA)
CERTComputer Emergency Response Team (monitors threats and issues patches and fixes)
CETCost Estimating Tool  A tool  (ITFM) that includes the various rate charges for components that comprise server costs. The estimating tool calculates costs for various assets to be procured for use in the STS program. This enables agencies to anticipate costs associated with various server configurations.
CEUCustomer / End-User
CFSGContracts and Finance Solution Group (Governance)
ChatbotA chatbot is an artificial intelligence (AI) program that simulates interactive human conversation by using key pre-calculated user phrases and auditory or text-based signals. Chatbots are frequently used for basic customer service and marketing systems that frequent social networking hubs and instant messaging (IM) clients. They are also often included in operating systems as intelligent virtual assistants. (Techopedia)
CI(s)Configuration Item(s)/Instance(s) Typically used in reference to Server Names but is also used to identify other hardware and software components associated with the STS contract. The CI names are one of the primary flags to identify an asset.
CICSCustomer Information Control System (CICS) is a transaction server that runs primarily on IBM mainframe systems under z/OS and z/VSE.  CICS is middleware designed to support rapid, high-volume online transaction processing. A CICS transaction is a unit of processing initiated by a single request that may affect one or more objects. This processing is usually interactive (screen-oriented), but background transactions are possible
CIFSThe Common Internet File System (CIFS) is the standard way that computer users share files across corporate intranets and the Internet. An enhanced version of the Microsoft open, cross-platform Server Message Block (SMB) protocol, CIFS is a native file-sharing protocol in Windows 2000.
CIMCommon Information Model (CIM) is an open standard that defines how managed elements in an IT environment are represented as a common set of objects and relationships between them.  (Wikipedia)
Cisco ACECisco ACE 4700 Application Control Engine (ACE) appliances are used to:
  • Help ensure business continuity by increasing application availability
  • Improve business productivity by accelerating server and application performance
  • Reduce data center power and cooling needs through a virtualized architecture
  • Help lower operational costs for provisioning and scaling of applications
Cisco ASACisco Adaptive Security Appliance (ASA) Software
Proven Firewall and Network Security Platform
The Cisco ASA Family of security devices protects corporate networks and data centers of all sizes. It provides users with highly secure access to data and network resources - anytime, anywhere, using any device. Cisco ASA devices represent more than 15 years of proven firewall and network security engineering and leadership, with more than 1 million security appliances deployed throughout the world.
CISMCertified Information Security Manager (CISM) is a certification offered by ISACA, a nonprofit, independent association that advocates for professionals involved in information security, assurance, risk management and governance (SearchSecurity).
CISOChief Information Security Officer
CISSPCertified Information Systems Security Professional (CISSP) is an information security certification developed by the International Information Systems Security Certification Consortium, also known as (ISC)². The CISSP designation is a globally recognized, vendor-neutral standard attesting to an IT security professional's technical skills and hands-on experience implementing and managing a security program (SearchSecurity).
CJISA joint program of the FBI, State Identification Bureaus, and CJIS Systems Agency, the Criminal Justice Information Services (CJIS) Security Policy outlines the security precautions that must be taken to protect sensitive information like fingerprints and criminal backgrounds gathered by local, state, and federal criminal justice and law enforcement agencies.
The CJIS Security Policy contains specific requirements for wireless networking, remote access, encryption, certification of cryptographic modules, and minimum key lengths.
Class 1After a Class 1R-designated application has been exercised or a POC performed, the CMDB designation is changed from Class 1R to Class 1.  These are DCS contractual definitions for DR categories.  Class 1 is the highest and most expensive level with 24-hour RTO in the case of complete disaster such as a data center goes away.  It is marked 1R until it is tested and proven it can perform as a Class.
Cloud ComputingHas the same meaning as "Advanced Internet-Based Computing Service" as defined in §2157.007(a), Texas Government Code.
CloudSOCCloud Service Organization Control (CloudSOC) is a Cloud  Access Security Broker (CASB) that enables organizations to securely adopt cloud apps and IaaS to meet their regulatory compliance requirements with an industry-leading solution that integrates with the rest of their enterprise security. This cloud-based service provides visibility, data security and threat protection for today’s cloud generation of users across a wide range of sanctioned and unsanctioned apps. CloudSOC enables safe usage of any cloud app on managed or unmanaged devices, even deep within Office 365, G Suite, and more, with unparalleled DLP and threat protection.
CMContracts Module in the STS ITSM System for software licensing, subscriptions and purchases
CMB(s)Change Management Board(s)
CMDbConfiguration Management Database (Hardware/software infrastructure asset database)
CMISCapacity Management Information System
CMPCloud Management Platform
CMSConfiguration/Content Management System
CNChange Notification/Notice
COBITControl Objectives for Information and Related Technology (COBIT) is a framework created by ISACA for information technology (IT) management and IT governance. It is a supporting toolset that allows managers to bridge the gap between control requirements, technical issues and business risks. COBIT 5 is the current version as 6/23/2017  http://www.isaca.org/COBIT/Pages/default.aspx  
CoEA Center of Excellence (CoE) is a team of skilled knowledge workers whose mission is to provide the organization they work for with best practices around a particular area of interest. The concept of creating special-interest groups for thought leadership originated in lean manufacturing. (TechTarget)
COEPComplex Operations Event Processing (COEP)
Confidential InformationInformation that must be protected from unauthorized disclosure or public release based on state or federal law or other legal agreement
ConfidentialityThe security objective of preserving authorized restrictions on information access and disclosure, including means for protecting personal privacy and proprietary information.
ControlA safeguard or protective action, device, policy, procedure, technique, or other measure prescribed to meet security requirements (i.e., confidentiality, integrity, and availability) that may be specified for a set of information resources. Controls may include security features, management constraints, personnel security, and security of physical structures, areas, and devices.
Control Standards CatalogThe document that provides state agencies and higher education institutions state specific implementation guidance for alignment with the National Institute of Standards and Technology (NIST) SP (Special Publication) 800-53 security controls
COOPContinuity of Operations (COOP)
COPECorporately Owned, Personally Enabled (COPE) devices. BYOD vs COPE: The biggest difference between BYOD and COPE is the management of personal data on the device.
COTSCommercial Off-The-Shelf software packages
CPSA Cyber-Physical System (CPS) is a system of collaborating computational elements controlling physical entities.
CPTControlled Penetration Testing (white hat cyber attacking)
CPUCentral Processing Unit
CRACComputer Room Air Conditioning Unit
CRLEntrust SSL Certificate Revocation List (CRL) is a list of every Entrust SSL Certificate that has been revoked. Revoked certificates are no longer trusted for a variety of reasons (for example, the private key has been lost or compromised). To view the list of revoked Entrust SSL certificates, you must first agree to the Entrust Relying Party Agreement.
cron/crontabThe software utility Cron is a time-based job scheduler in Unix-like computer operating systems. People who set up and maintain software environments use cron to schedule jobs (commands or shell scripts) in a "crontab" file (cron table) to run periodically at fixed times, dates, or intervals. It typically automates system maintenance or administration—though its general-purpose nature makes it useful for things like downloading files from the Internet and downloading email at regular intervals. The origin of the name cron is from the Greek word for time, χρόνος (chronos).
CRUDCreate, Read, Update, Delete operations
CSGCloud Storage Gateways
CSICloud Service Integration
CSIRTA Computer Security Incident Response Team (CSIRT) is a team that responds to computer security incidents when they occur. An incident could be a denial of service or the discovering of unauthorized access to a computer system (techopedia).
CSLCritical Service Level
CSMCustomer Service Manager (CSM) an STS service component provider staff member assigned as the primary interface to agencies for operational coordination, issue resolution and overall management.
CSPA Cloud Service Provider (CSP) is a company that offers some component of cloud computing – typically Infrastructure as a Service (IaaS)Software as a Service (SaaS) or Platform as a Service (PaaS) – to other businesses or individuals (TechTarget)
CSSCascading Style Sheets
CT (or RFC)Change Ticket or Request for Change – the formal method of communicating the need for a software update or security patches.
CTSCommunications Technology Services (CTS) Voice and Data Solutions for the state of Texas
CVECommon Vulnerabilities and Exposures (CVE®) is a dictionary of common names (i.e., CVE Identifiers) for publicly known cybersecurity vulnerabilities. CVE's common identifiers make it easier to share data across separate network security databases and tools and provide a baseline for evaluating the coverage of an organization’s security tools. If a report from one of your security tools incorporates CVE Identifiers, you may then quickly and accurately access fix information in one or more separate CVE-compatible databases to remediate the problem. https://cve.mitre.org/
CVSSThe Common Vulnerability Scoring System (CVSS) is a free and open industry standard for assessing the severity of computer system security vulnerabilities. CVSS attempts to assign severity scores to vulnerabilities, allowing responders to prioritize responses and resources according to threat. Scores are calculated based on a formula that depends on several metrics that approximate ease of exploit and the impact of exploit. Scores range from 0 to 10, with 10 being the most severe. While many utilize only the CVSS Base score for determining severity, Temporal and Environmental scores also exist, to factor in availability of mitigations and how widespread vulnerable systems are within an organization, respectively.
CWECommon Weakness Enumeration (CWE) International standard for software assurance http://cwe.mitre.org/
DADDeliverable Acceptance Document (DAD) used to ensure vendor has met certain acceptance criteria
DAMDigital Asset Management (DAM) is a system that enables the creation of a process for archiving, organizing, and accessing files. Files are saved to shared locations, organized in meaningful hierarchies, and discoverable through search. DAM often involves rich content such as videos, music, photos, animations, or multimedia assets. Marketing, entertainment, and enterprise-level organizations frequently use DAM software to manage such assets. (https://www.box.com/content-management )
DAPPDisaster Assistance Payment Program (DAPP) receives information from FEMA and creates payment transactions to assist disaster victims.
DARData at Rest
DASDDirect Access Storage Device
DATA ActOn May 9, 2014, President Barack Obama signed the Digital Accountability and Transparency Act (DATA Act), It requires the Department of the Treasury and the White House Office of Management and Budget to transform U.S. federal spending from disconnected documents into open, standardized data, and to publish that data online. The Data Transparency Coalition is committed to working with the executive branch and encouraging Congressional oversight to ensure that the DATA Act is fully implemented.  Stakeholders from among the tech industry, non-profit sector, executive and legislative branches of government will convene on June 9th and 10th, 2015 for the DATA Act Summit to build a shared vision for making the DATA Act a success. Coalition members are working to assist agencies, grantees and contractors to take advantage of the DATA Act’s first-ever government-wide data standards for federal spending, which were announced on May 8, 2015.
Data LakeA Data Lake is a centralized repository that allows an organization to store all structured and unstructured data at any scale.
DBADatabase Administrator/Administration (DBA) In the DIR STS environment, Physical DBA functions are typically performed by the STS vendor and Logical DBA functions are performed by the DIR Customers.
DBaaSDatabase-as-a-Service (DBaaS) refers to software that enables users to provision, manage, consume, configure, and operate database software using a common set of abstractions (primitives), without having to either know nor care about the exact implementations of those abstractions for the specific database software. (Stratoscale)
STS offers a Database as a Service (DBaaS) Oracle program that features full management and maintenance of the underlying Oracle Exadata platform.
DBEDisadvantaged Business Enterprise (DBE) is a business entity so certified in the United States by the government of the State in which it is located. SAFETEA provides that the Secretary of Transportation will provide uniform criteria for certification, and that at least ten percent of the amounts made available for any Federal-aid highway, mass transit, and transportation research and technology program be expended with certified DBEs (Wikipedia)
DBITSDeliverables-Based Information Technology Services (DBITS) - DBITS contracts provide deliverables-based, outsourced systems integration or application development projects, requiring acceptance of Statement of Work (SOW) and authorization for payment of milestone tasks.
dbPaaSDatabase Platform as a Service (dbPaas) A database platform as a service (dbPaaS) is any database management system (DBMS) or data store engineered as a scalable, elastic, multitenant subscription service with a degree of self-service. It is offered and supported by a cloud service provider (CSP) or a third-party software vendor on CSP infrastructure. Direct access to system services, such as the operating system and storage software, is not allowed. (Gartner)
DCCDigital Content Creation (DCC) refers to the category of applications in the market that are used to create creative content, from pictures to the web, from signs to 3D movies.  (Cineversity)
DCIMData Center Infrastructure Management (DCIM) is a category of solutions which were created to extend the traditional data center management function to include all of the physical assets and resources found in the Facilities and IT domains.
DCPIData Center Physical Infrastructure (DCPI)
DCSData Center Services (The term used to identify the DIR managed program that supports  Texas agencies consolidating their computing environment into consolidated data centers).
DDODistricts, Divisions and Offices (DDO); the main TxDOT groupings
DDoSA Distributed Denial of Service (DDoS) attack attempts to make service unavailable by overwhelming it with traffic from multiple sources.
DEDDeliverable Expectation Document (DED)  A DED presents pertinent information (e.g., deliverable description, applicable industry standards, SOW reference, acceptance criteria and schedule) specifying the expectations of a deliverable. The DED is reviewed and approved by a state manager to ensure agreed-upon expectations are clearly defined before the deliverable is actually developed (BPM Glossary).
DEM A VMware Distributed Execution Manager (DEM) executes the business logic of custom models, interacting with the database and with external databases and systems as required. DEMs also manage cloud and physical machines. 
Each DEM instance performs one of two roles: Worker or Orchestrator. The Worker role is responsible for executing workflows. The Orchestrator role is responsible for monitoring DEM Worker instances, pre-processing workflows for execution, and scheduling workflows.  (VMware)
DestructionThe result of actions taken to ensure that media cannot be reused as originally intended and that information is technologically infeasible to recover or prohibitively expensive.
DevOpsBroadly, Development/Operations (DevOps) is the practice of operations and development engineers participating together in the entire service lifecycle, from design through the development process to production support. DevOps is also characterized by operations staff making use many of the same techniques as developers for their systems work. Those techniques can range from using source control to testing to participating in an Agile development process. 
DFSRDistributed File System Replication (DFSR) Microsoft’s method of replication that is used to keep folders synchronized on multiple servers.
DHCPThe Dynamic Host Configuration Protocol (DHCP) is a standardized network protocol used on Internet Protocol (IP) networks. The DHCP is controlled by a DHCP server that dynamically distributes network configuration parameters, such as IP addresses, for interfaces and services.
DHSDefinitive Hardware Store (DHS) A location, or a number of locations, set aside for the secure storage of definitive hardware spares maintained at the same level as the equivalent hardware Configuration Items (CIs) in the live environment. Only authorized hardware should be accepted into the DHS, strictly controlled by Change and Release Management.
Digital TwinsA Digital Twin refers to the digital representation of a real-world entity or system. Digital twins are software representations of assets and processes that are used to understand, predict, and optimize performance in order to achieve improved business outcomes. Digital twins consist of three components: a data model, a set of analytics or algorithms, and knowledge.
DIMData in Motion and classification labelling. Data in motion refers to a stream of data moving through any kind of network. It is one of the two major states of data, the other being data at rest. It can be considered the opposite of data at rest as it represents data which is being transferred or moved, while data at rest is data which is static and is not moving anywhere. For example, an email being sent is an example of data in motion. However, when it arrives in the recipient's inbox, it would then become data at rest. Data in motion is also known as data in transit or data in flight. (Techopedia)
DIRTexas Department of Information Resources
DLPData Loss Prevention (DLP) software detects potential data breaches/data ex-filtration transmissions and prevents them by monitoring, detecting and blocking sensitive data while in-use (endpoint actions), in-motion (network traffic), and at-rest (data storage). In data leakage incidents, sensitive data is disclosed to unauthorized parties by either malicious intent or an inadvertent mistake. Sensitive data includes private or company information, intellectual property (IP), financial or patient information, credit-card data and other information (Wikipedia)
DLTDistributed Ledger Technology (DLT) is a digital system for recording the transaction of assets in which the transactions and their details are recorded in multiple places at the same time. Unlike traditional databases, distributed ledgers have no central data store or administration functionality. One form of distributed ledger design is the blockchain system.
DMLDefinitive Media Library (DML) - physical media, perhaps downloaded copies, license certificates & keys
DMTFDistributed Management Task Force (DMTF) is an organization devoted to the development, unification and implementation of standards, initiatives and technologies for the Internet. The DMTF consists of hardware and application developers, device and system manufacturers and distributors, systems integrators, government agencies and computer end users. The organization was founded in the early 1990s and is headquartered in Portland, Oregon. (TechTarget)
DMZDemilitarized Zone. In network security, a network that is isolated from, and serves as a neutral zone between, a trusted network (for example, a private intranet) and an untrusted network (for example, the Internet). One or more secure gateways usually control access to the DMZ from the trusted or the untrusted network
DNDDo Not Destroy/Destruct
DNSThe Domain Name System (DNS) is a hierarchical decentralized naming system for computers, services, or other resources connected to the Internet or a private network. It associates various information with domain names assigned to each of the participating entities. Most prominently, it translates more readily memorized domain names to the numerical IP addresses needed for locating and identifying computer services and devices with the underlying network protocols. By providing a worldwide, distributed directory service, the Domain Name System is an essential component of the functionality on the Internet, that has been in use since 1985. (Wikipedia)
DOMThe Document Object Model (DOM) is a cross-platform and language-independent application programming interface that treats an HTMLXHTML, or XML document as a tree structure wherein each node is an object representing a part of the document. The objects can be manipulated programmatically and any visible changes occurring as a result may then be reflected in the display of the document. (Wikipedia)
DP – D4DCS Disaster Recovery Performance Levels & Options
DPAData Protection Advisor (DPA) from EMC. This tool replaced the Bocada tool that was used previously for reporting backup success/failure in the STS environment - sometimes incorrectly called the Avamar reporting tool.
DPVDelivery Point Validation
DRDisaster Recovery (DR) involves a set of policies, tools and procedures to enable the recovery or continuation of vital technology infrastructure and systems following a natural or human-induced disaster. Disaster recovery focuses on the IT or technology systems supporting critical business functions, as opposed to business continuity, which involves keeping all essential aspects of a business functioning despite significant disruptive events. Disaster recovery can therefore be considered as a subset of business continuity (Wikipedia).
DREDisaster Recovery Exercise
DRLDisaster Recovery Level
DRPDisaster Recovery Plan
DSLDigital Subscriber Line (DSL) is a technology for bringing high- bandwidth information to homes and small businesses over ordinary copper telephone lines. xDSL refers to different variations of DSL, such as ADSL, HDSL, and RADSL
DSLDefinitive Software Library (DSL) is the location where all authorized versions of all Software, in physical or electronic form as applicable, are stored.
DTFSTS Service Provider Deliverable Transmittal Form (DTF) used by DIR Enterprise Contract Managers, to submit formal entries into DIR’s Salesforce system.
DVSDell’s Desktop Virtualization Solutions (DVS) Simplified Appliance implements a Virtual Desktop Infrastructure (VDI) by coming preconfigured with Citrix VDI-in-a-Box software and a choice of hypervisors for fast deployment and provisioning of virtual desktops.
DWData Warehouse (DW) A data warehouse (DW or DWH), also known as an enterprise data warehouse (EDW), is a system used for reporting and data analysis, and is considered a core component of business intelligence. DWs are central repositories of integrated data from one or more disparate sources. They store current and historical data in one single place and are used for creating analytical reports for knowledge workers throughout the enterprise.  (Wikipedia)
DXLIntel Security Data Exchange Layer (DXL) A hardware/software end-to-end threat detection and prevention bus, allows for isolation at the chip hardware layer before the spread of a bad actor.
EAEnterprise Architecture (EA) Map of an organization's production capabilities, where they interact, and where there may be redundancies.
EAIEnterprise Application Integration (EAI) is the use of software and computer systems architectural principles to integrate a set of enterprise computer applications.
EBTElectronic Benefit Transfer (EBT) is an electronic system that allows state welfare departments to issue benefits via a magnetically encoded payment card.  Common benefits provided (in the United States) via EBT are typically of two general categories: food and cash benefits.
EC2Amazon Elastic Compute Cloud (EC2) forms a central part of Amazon.com's cloud-computing platform, Amazon Web Services (AWS), by allowing users to rent virtual computers on which to run their own computer applications. EC2 encourages scalable deployment of applications by providing a web service through which a user can boot an Amazon Machine Image (AMI) to configure a virtual machine, which Amazon calls an "instance", containing any software desired. A user can create, launch, and terminate server-instances as needed, paying by the hour for active servers – hence the term "elastic". EC2 provides users with control over the geographical location of instances that allows for latency optimization and high levels of redundancy.  (Wikipedia)
ECAEconomic Change Adjustment (ECA) DIR STS contractual inflation factor
ECMEnterprise Content Management (ECM) is a formalized means of organizing and storing an organization's documents, and other content, that relate to the organization's processes. The term encompasses strategies, methods, and tools used throughout the lifecycle of the content.  (Wikipedia)
ECSDell EMC® Elastic Cloud Storage (ECS™) provides a complete software-defined object storage platform designed for today’s cloud-scale storage requirements.  ECS provides the simplicity and low cost benefits of the public cloud without the risk, compliance, and data sovereignty concerns.
EDHEnterprise Data Hub (EDH) An enterprise data hub is a big data management model that uses a Hadoop platform as the central data repository.  The goal of an enterprise data hub is to provide an organization with a centralized, unified data source that can quickly provide diverse business users with the information they need to do their jobs.  (TechTarget)
EDIElectronic Data Interchange
eDiscoveryAlso known as ‘e-discovery’ or ‘eDiscovery’ and refers to discovery in civil litigation or government investigations which deals with the exchange of information in electronic format (often referred to as electronically stored information or ESI).  These data are subject to local rules and agreed-upon processes and are often reviewed for privilege and relevance before being released.
EDREndpoint Detection and Response (EDR) capabilities. Endpoint detection and response (EDR) platforms are a category of endpoint security tools, built to provide endpoint visibility, and are used to detect and respond to cyber threats and exploits. (Cybereason)
EDWData Warehouse (DW) A data warehouse (DW or DWH), also known as an enterprise data warehouse (EDW), is a system used for reporting and data analysis, and is considered a core component of business intelligence. DWs are central repositories of integrated data from one or more disparate sources. They store current and historical data in one single place and are used for creating analytical reports for knowledge workers throughout the enterprise.  (Wikipedia)
EEOEqual Employment Opportunity
EFSEnterprise File System (EFS) a.k.a. Remote File.  This is an STS storage solution
EFSMicrosoft Encrypting File System
EFSSAccording to Gartner, “Enterprise File Synchronization and Sharing (EFSS) refers to a range of on-premises or cloud-based capabilities that enable individuals to synchronize and share documents, photos, videos and files across multiple devices, such as smartphones, tablets and PCs. File sharing can be within the organization, as well as externally (e.g., with partners and customers) or on a mobile device as data sharing among apps. Security and collaboration support are critical capabilities of EFSS to address enterprise priorities.”
EHRElectronic Health Record (medical record)
EIRElectronic and Information Resources
EIR Accessibility

Electronic and Information Resources (EIR) Accessibility --Includes information technology and any equipment or interconnected system or subsystem of equipment used to create, convert, duplicate, or deliver data or information. EIR Accessibility includes telecommunications products (such as telephones), information kiosks and transaction machines, web sites, multimedia, and office equipment such as copiers and fax machines. The term does not include any equipment that contains embedded information technology that is used as an integral part of the product, but the principal function of which is not the acquisition, storage, manipulation, management, movement, control, display, switching, interchange, transmission, or reception of data or information. For example, thermostats or temperature control devices, and medical equipment that contain information technology that is integral to its operation, are not information technology. If the embedded information technology has an externally available web or computer interface, that interface is considered EIR. Other terms such as, but not limited to, Information and Communications Technology (ICT), Electronic Information Technology (EIT), etc. can be considered interchangeable terms with EIR for purposes of applicability or compliance with this chapter.

Electronic CommunicationA process used to convey a message or exchange information via electronic media. It includes the use of electronic mail (email), Internet access, Instant Messaging (IM), Short Message Service (SMS), facsimile transmission, and other paperless means of communication.
Electronic state recordInformation that meets the definition of a state record in the Government Code, §441.180, and is maintained in electronic format for computer processing, including the product of computer processing of the information. 
ELRElectronic Life Record (ELR) The life cycle of electronic records includes creation, use, storage and disposition for most business and government entities. (Bizfluent)
ELTThe Department of Information Resources’ (DIR) Executive Leadership Team (ELT) is comprised of upper level management, designated by the agency’s Executive Director, and establishes agency strategy and governs agency activities.
EMC SRDFEMC’s Symmetrix Remote Data Facility (SRDF). Built for the VMAX architecture.
EMMEnterprise Mobility Management (EMM) is the set of people, processes and technology focused on managing the increasing array of mobile devices, wireless networks, and related services to enable broad use of mobile computing in a business context.
EMSSTS Enterprise Management Systems (EMS) networks
Encryption (encrypt or encipher)The conversion of plaintext information into a code or cipher text using a variable called a "key" and processing those items through a fixed algorithm to create the encrypted text that conceals the data's original meaning.
EOIEvidence of Insurability
EOLEnd of Life (EOL) is a term used with respect to a product supplied to customers, indicating that the product is in the end of its useful life (from the vendor's point of view), and a vendor stops marketing, selling, or rework sustaining it. (The vendor may simply intend to limit or end support for the product.)  (Wikipedia)
EOSLEnd of Service Life (EOSL) Refers to an STS asset which may still be Deployed and supported by the STS Service Component Provider (SCP) but the manufacturer is no longer providing support or patches for the component. Essentially,  all support, including both primary and extended, will no longer be offered by the vendor.
EPOEmergency Power Off (EPO) controls
ePOMcAfee ePolicy Orchestrator (ePO) is an advanced, extensible, and scalable centralized security management software.
EPSSEmergency Power Supply System (i.e., data center generator)
ERBEngineering Review Board (ERB) used internally by STS SCP to review and approve system builds and changes.
ERPEmergency Response Plan (ERP) The purpose of an Emergency Response Plan is to outline the roles and responsibilities for managing an emergency event resulting from an unresolved major incident, and to facilitate communications and decision-making by the Emergency Response Team members.
ERPMLieberman's Enterprise Random Password Manager™ (ERPM) provides a web interface for the remote recovery of passwords. Passwords for accounts that have been changed through ERPM can be displayed through the web application. Users with appropriate access controls have the right to use the application as well as the right to recover passwords for accounts managed by ERPM. Permissions can be delegated out to users of the web application. These permissions apply to users, global groups, or roles (RBAC) and control access to the features of the web interface as well as system and account information exposed through the web interface
ERSEmployees Retirement System of Texas
ESBAn Enterprise Service Bus (ESB) is a software architecture model used for designing and implementing communication between mutually interacting software applications in a Service-oriented Architecture (SOA).
ESCExadata Service Charges (ESC) Charges for the Oracle Exadata database appliance provided in the DCS program.
ESIElectronically Stored Information
ESLExpected Service Level
ESNEnterprise Social Networking (ESN) focuses on the use of online social networks or social relations among people who share business interests and/or activities.
ESRSEMC Secure Remote Support (ESRS) - IP Solution to communicate with EMC VNX Storage arrays, etc.
ESSExtended Software Support
ESSDIR Enterprise Solution Services
ESX HostVMware ESX is an enterprise-level computer virtualization product.  The name ESX originated as an abbreviation of Elastic Sky X.
ETCExpected Time to Completion (ETC) is a projection of the time and or effort required to complete a project activity. Estimated time to complete is a value that is expressed in hours of work required to complete a task or project (Tenrox)
ETIPDCS Enterprise Transformation Improvement Project revamp SCON/RFS/Refresh
EUCEnd User Computing (EUC) refers to systems in which non-programmers can create working applications.[1] EUC is a group of approaches to computing that aim to better integrate end users into the computing environment. These approaches attempt to realize the potential for high-end computing to perform problem-solving in a trustworthy manner. (Wikipedia)
EULAIn proprietary software, an End-User License Agreement (EULA) or software license agreement is the contract between the licensor and purchaser, establishing the purchaser's right to use the software.  The license may define ways under which the copy can be used, in addition to the automatic rights of the buyer including the first sale doctrine and 17 U.S.C. § 117 (freedom to use, archive, re-sale, and backup with legal restrictions) (Wikipedia).
FaaSFunctions-as-a-Service (FaaS) for event-driven computing
Functions-as-a-Service (FaaS) is a framework for building serverless functions on Docker with first class support for metrics. Any UNIX process can be packaged as a function enabling you to consume a range of web events without repetitive boiler-plate coding (Docker)
FAQFrequently Asked Questions
FARUS Section 508 Technical Standards - Part of the Federal Acquisition Regulation (FAR) and address access for people with physical, sensory, or cognitive disabilities.  They contain technical criteria specific to various types of technologies and performance-based requirements which focus on functional capabilities of covered products.  Specific criteria cover software applications and operating systems, web-based information and applications, computers, telecommunications products, video and multi-media, and self-contained closed products. 508 technical standards are incorporated by reference into Texas Administrative Code related to EIR Accessibility.
FCIP or FC/IPFiber Channel over IP (FCIP or FC/IP) - also known as Fiber Channel tunneling or storage tunneling is an Internet Protocol (IP)-based storage networking technology developed by the Internet Engineering Task Force (IETF). FCIP mechanisms enable the transmission of FiberChannel (FC) information by tunneling data between storage area network (SAN) facilities over IP networks; this capacity facilitates data sharing over a geographically distributed enterprise. One of two main approaches to storage data transmission over IP networks, FCIP is among the key technologies expected to help bring about rapid development of the storage area network market by increasing the capabilities and performance of storage data transmission.
FCRFirst Call Resolution within a helpdesk environment.
In customer relationship management (CRM), First Call Resolution (FCR) is properly addressing the customer's need the first time they call, thereby eliminating the need for the customer to follow up with a second call (TechTarget)
FDESelf-Encrypting Drive (SED) technology is the same as Hardware Full-Disk Encryption (FDE) technology
FedRAMPThe Federal Risk and Authorization Management Program (FedRAMP) is a government-wide program that provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud products and services. FedRAMP enables Agencies to rapidly adapt from old, insecure legacy IT to mission-enabling, secure, and cost-effective cloud-based IT. FedRAMP created and manages a core set of processes to ensure effective, repeatable cloud security for the government. FedRAMP established a mature marketplace to increase utilization and familiarity with cloud services while facilitating collaboration across government through open exchanges of lessons learned, use cases, and tactical solutions (FedRAMP).
FEMAThe Federal Emergency Management Agency (FEMA) is an agency of the United States Department of Homeland Security, initially created by Presidential Reorganization Plan No. 3 of 1978 and implemented by two Executive Orders on April 1, 1979. The agency's primary purpose is to coordinate the response to a disaster that has occurred in the United States and that overwhelms the resources of local and state authorities. The governor of the state in which the disaster occurs must declare a state of emergency and formally request from the president that FEMA and the federal government respond to the disaster. (Wikipedia)
FERPAFamily Educational Rights and Privacy Act (FERPA)
FEXCisco Fabric Extender (Adapter FEX) is a technology that provides infrastructure consolidation and architecture flexibility, while helping to ensure network separation and operational simplicity.  Concept is being called Software Defined Network (SDN).
FIMMicrosoft Forefront Identity Manager (FIM) is a state-based identity management software product, designed to manage users' digital identities, credentials and groupings throughout the lifecycle of their membership of an enterprise computer system. FIM integrates with Active Directory and Exchange Server to provide identity synchronization, certificate management, user password resets and user provisioning from a single interface.(Wikipedia)
FIPSFederal Information Processing Standards (FIPS) are publicly announced standardizations developed by the United States federal government for use in computer systems by all non-military government agencies and by government contractors, when properly invoked and tailored on a contract. The purpose of FIPS is to ensure that all federal government and agencies adhere to the same guidelines regarding security and communication.
FMOFuture Mode of Operations (FMO)
Future Method of Operation - An envisioned or possible set of procedures, processes, and methods that might be employed by a company, division, or organization to accomplish business objectives that is different than the present method of operation (PMO) (TechTraining)
FOIA requestFreedom of Information Act request
Since 1967, the Freedom of Information Act (FOIA) has provided the public the right to request access to records from any federal agency. It is often described as the law that keeps citizens in the know about their government. Federal agencies are required to disclose any information requested under the FOIA unless it falls under one of nine exemptions which protect interests such as personal privacy, national security, and law enforcement. (FOIA)
FQDNA Fully Qualified Domain Name (FQDN) is the complete domain name for a specific computer, or host, on the Internet. The FQDN consists of two parts: the hostname and the domain name. For example, an FQDN for a hypothetical mail server might be mymail.somecollege.edu. The hostname is mymail, and the host is located within the domain somecollege.edu.
FRCFirewall Rule Committee (FRC)
FRDThe Functional Requirements Document (FRD) is a formal statement of an application’s functional requirements. It serves the same purpose as a contract.
FRMDIR STS Financial Responsibility Matrix (FRM)
FSCForward Schedule of Changes (FSC) of planned approved Changes
FSKFrequency-shift keying (FSK) is a frequency modulation scheme in which digital information is transmitted through discrete frequency changes of a carrier signal. The technology is used for communication systems such as amateur radio, caller ID and emergency broadcasts. (Wikipedia)
FSSFixed-satellite service (FSS | also: fixed-satellite radiocommunication service) is – according to article 1.21 of the International Telecommunication Union´s (ITU) Radio Regulations (RR)[1] – defined as a radiocommunication service between earth stations at given positions, when one or more satellites are used; the given position may be a specified fixed point or any fixed point within specified areas; in some cases this service includes satellite-to-satellite links, which may also be operated in the inter-satellite service; the fixed-satellite service may also include feeder links for other space radiocommunication services (Wikipedia)
FTEFull Time Equivalent is a resource committed on an hourly basis and equivalent to the productive hours of one individual during a given timeframe
FTIFederal Tax Information
FTP/SFTPFile Transfer Protocol/Secure FTP
FYFiscal Year (State of Texas FY is Sept. 1 - August 31).
GAAPGenerally Accepted Accounting Principles (GAAP) – a common set of accounting principles, standards, and procedures for financial accounting and financial statement preparation.
GCPGoogle Cloud Platform (GCP), offered by Google, is a suite of cloud computing services that runs on the same infrastructure that Google uses internally for its end-user products, such as Google Search and YouTube. (Wikipedia)
GISA Geographic Information System (GIS) is a computer system for capturing, storing, checking, and displaying data related to positions on Earth’s surface. GIS can show many different kinds of data on one map, such as streets, buildings, and vegetation. This enables people to more easily see, analyze, and understand patterns and relationships (National Geographic). GIS are maintained by certain STS Customers like DIR, TWDB, TCEQ to store images of land, lakes, rivers, etc. (Large storage requirements)
GPFSIBM General Parallel File System (GPFS) to connect TS7700 mainframe continuous data protection appliances.
GPUGraphics Processing Unit: A Graphics Processing Unit (GPU) is a specialized electronic circuit designed to rapidly manipulate and alter memory to accelerate the creation of images in a frame buffer intended for output to a display device. 
GRCGovernance, Risk management, and Compliance or GRC is the umbrella term covering an organization's approach across these three areas: governance, risk management, and compliance.
GSAUnited States General Services Administration
GUIGraphical User Interface (GUI) - user interface that allows users to interact with electronic devices through graphical icons and visual indicators, instead of text-based user interfaces, typed command labels or text navigation.
HA LevelHigh Availability Level (% uptime)
HA/DRTechniques like High Availability/Disaster Recovery (HA/DR) provide durability by replicating data changes from a source database, called the primary database, to a target database, called the standby database.
HAVAThe Help America Vote Act (HAVA) of 2002 (Pub.  L. 107–252) is a United States federal law which passed in the House 357-48 and 92-2 in the Senate on October 29, 2002. Drafted (at least in part) in reaction to the controversy surrounding the 2000 U.S. presidential election.  Compliance is designated as “HAVA-compliant”.
HBHouse Bill (A government bill signed into law)
HB1516The 79th Texas Legislative mandate to merge the computing resources of 28 Texas state agencies into two consolidated data centers located in Austin and San Angelo (See Texas Government Code 2054 and HB 1516 for legislation information).  (HB1516)
HBAA Host Bus Adapter (HBA) is a circuit board and/or integrated circuit adapter that provides input/output (I/O) processing and physical connectivity between a server and a storage device.
HCDHardware Configuration Definition for IBM mainframe
HCIHybrid Cloud Service (HCS) a service provided by STS
HCMHardware Configuration Management for IBM mainframe
HCPHitachi Content Platform (HCP) – Object Storage Solution (Nodes, Storage)
HDAPHighly Available Directory Access Protocol (HDAP) - LDAP + Hadoop: The World’s First Super-Scalable LDAP Directory Driven by Big Data and Search Technology by Radiant Logic
HDIHitachi Data Ingestor (HDI) is a physical or virtual caching appliance that presents a NAS interface through which file data from remote and branch offices or other cloud storage users can be fed to Hitachi's Content Platform (HCP), a virtualized and scalable object store. (The Register)
HDLCHigh-level Data Link Control (HDLC) is a bit-oriented synchronous data link layer protocol used to ensure the error-free transmission of data to respective destinations and control the speed at which data is transmitted.
HFS checkCheckpoint validation, which is also called an Avamar Hash Filesystem check (HFS check), is an internal operation that validates the integrity of a specific checkpoint. Once a checkpoint has passed an HFS check, it can be considered reliable enough to be used for a system rollback.
HIDSHost Intrusion Detection Service
High Impact Information ResourcesInformation Resources whose loss of confidentiality, integrity, or availability could be expected to have a severe or catastrophic adverse effect on organizational operations, organizational assets, or individuals. Such an event could: (a) cause a severe degradation in or loss of mission capability to an extent and duration that the organization is not able to perform one or more of its primary functions; (b) result in major damage to organizational assets; (c) result in major financial loss; or (d) result in severe or catastrophic harm to individuals involving loss of life or serious life-threatening injuries.
HIPHybrid Integration Platform (HIP) is a framework of on-premises and cloud-based integration and governance capabilities that enables differently skilled personas (integration specialists and nonspecialists) to support a wide range of integration use cases. An organization's HIP is usually implemented by assembling a variety of technology building blocks, from one or more providers, which are managed as a cohesive, federated and integrated whole. Responsibility for HIP management is well-defined. (Gartner)
HIPAAHealth Insurance Portability and Accountability Act (HIPAA) includes security, privacy and confidentiality regulations that all health-related applications containing personal medical data must adhere to.
HIPSHIPS is an installed software package which monitors a single host for suspicious activity by analyzing events occurring within that host. In other words, a Host Intrusion Prevention System (HIPS) aims to stop malware by monitoring the behavior of code. This makes it possible to help keep your system secure without depending on a specific threat to be added to a detection update.
HL7Health Language 7 (HL7) Healthcare industry standards for the exchange of EHR/ELR data. http://www.hl7.org/implement/standards/(HL7)
HLA/ROMHigh Level Architecture/Rough Order of Magnitude (HLA/ROM) Terminology used in DIR STS to characterize Requests for Solution documents provided to agencies for approval to move forward with provisioning.
HMCHardware Management Console is a technology created by IBM to provide a standard interface for configuring and operating partitioned (also known as an LPAR or virtualized system) and SMP systems such as IBM System i, IBM System p, IBM System z, and IBM Power Systems.

Hardware Services Charge (HSC) DIR STS Application server hardware maintenance, software licenses and maintenance fees; A bundled charge invoiced to DIR Customers that includes but not limited to memory and OS.

HSMHierarchical Storage Management (HSM) is a data storage technique primarily on mainframes, which automatically moves data between high-cost and low-cost storage media. HSM systems exist because high-speed storage devices, such as hard disk drive arrays (DASD), are more expensive (per byte stored) than slower devices, such as optical discs, VTS (Virtual Tape Storage / EMC Data Domains) and magnetic tape drives. While it would be ideal to have all data available on high-speed devices all the time, this is prohibitively expensive for many organizations. Instead, HSM systems store the bulk of the enterprise's data on slower devices, and then copy data to faster disk drives when needed. In effect, HSM turns the fast disk drives into caches for the slower mass storage devices. The HSM system monitors the way data is used and makes best guesses as to which data can safely be moved to slower devices and which data should stay on the fast devices.
HSMA Hardware Security Module (HSM) is a physical computing device that safeguards and manages digital keys for strong authentication and provides crypto processing. These modules traditionally come in the form of a plug-in card or an external device that attaches directly to a computer or network server.
HSRPIn computer networking, the Hot Standby Router Protocol (HSRP) is a Cisco proprietary redundancy protocol for establishing a fault-tolerant default gateway. The protocol establishes a framework between network routers to achieve default gateway failover if the primary gateway becomes inaccessible, in close association with a rapid-converging routing protocol like EIGRP or OSPF. HSRP routers send multicast Hello messages to other routers to notify them of their priorities (which router is preferred) and current status (Active or Standby). The primary router with the highest configured priority will act as a virtual router with a pre-defined gateway IP address and will respond to the ARP / ND request from machines connected to the LAN with a virtual MAC address. If the primary router should fail, the router with the next-highest priority would take over the gateway IP address and answer ARP requests with the same MAC address, thus achieving transparent default gateway failover.
HTAPIn-Memory computing (IMC) have led to the emergence of Hybrid Transaction/Analytical Processing (HTAP), the enablement of transactional processing and analytics to operate on the same database.
HTMLHyper Text Markup Language (HTML) has become the standard language for creating web pages and web applications.
Hybrid AppA Hybrid App is one that is built using multiple technologies, most commonly a mixture of native code, often a client-side container, and HTML5
I&OInfrastructure & Operations (organization/leadership) - brings together people, process & technology (see also IM&O)
IaaSInfrastructure as a Service
IACInterAgency Contract - Agency's FY or Biennium Financial Commitment to DIR program areas, e.g. DCS, CCTS and TEX-AN.
IAMIdentity and Access Management is a broad administrative area that establishes a unique identity for individuals and associates their established identity with user rights and privileges. It is an enterprise business strategy that governs the definition, storage, use and management of identities.
IAM ServicesIdentity and Access Management Services
IANAThe Internet Assigned Numbers Authority (IANA) is responsible for the global coordination of the DNS Root, IP addressing, and other Internet protocol resources.
IBIntegration Broker (IB), also called an interface engine or a message broker, an IB is a third-party intermediary that facilitates interactions between applications. IBs minimally provide message transformation and routing services. They mostly communicate program to program; they integrate previously independent applications at the application-logic level of the software design. (Gartner)
IBM Tivoli SA MPIBM® Tivoli® System Automation for Multiplatforms (Tivoli SA MP) is cluster managing software that facilitates automatic switching of users, applications, and data from one database system to another in a cluster. Tivoli SA MP automates control of IT resources such as processes, file systems, and IP addresses. (IBM)
ICAPThe Internet Content Adaptation Protocol (ICAP) is a lightweight HTTP-like protocol specified in RFC 3507 which is used to extend transparent proxy servers, thereby freeing up resources and standardizing the way in which new features are implemented. ICAP is generally used to implement virus scanning and content filters (including censorware) in transparent HTTP proxy caches. Content Adaptation refers to performing the particular value-added service (content manipulation) for the associated client request/response.
ICCThe Integration Competency Center (ICC), sometimes referred to as an integration center of excellence (COE), is a shared service function within an organization, particularly large corporate enterprises as well as public sector institutions, for performing methodical data integration, system integration or enterprise application integration. (Wikipedia)
ICCSTS Intel Community Cloud (ICC), also formerly referred to as Big Intel (BI) or CC2 (community cloud 2)
ICFGartner Information Capabilities Framework
ICMPInternet Control Message Protocol sends error messages indicating, for example, that a requested service is not available or that a host or router could not be reached.
IDEAn Integrated Development Environment (IDE) is a software application that provides comprehensive facilities to computer programmers for software development. An IDE normally consists of a source code editor, build automation tools and a debugger. Most modern IDEs have intelligent code completion. (Wikipedia)
iDRACAn integrated Dell Remote Access Controller (iDRAC) with Lifecycle Controller is embedded in every Dell PowerEdge server. Because it is embedded within each server from the factory, the Dell iDRAC with Lifecycle Controller requires no operating system or hypervisor to work.
IDSIntrusion detection is the process of monitoring the events occurring in your network and analyzing them for signs of possible incidents, violations, or imminent threats to your security policies. Intrusion prevention is the process of performing intrusion detection and then stopping the detected incidents. These security measures are available as Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS), which become part of your network to detect and stop potential incidents (Juniper).
IEEEInstitute of Electrical and Electronics Engineers (IEEE) is an organization composed of engineers, scientists, and students. The IEEE is best known for developing standards for the computer and electronics industry. In particular, the IEEE 802 standards for local-area networks are widely followed. (Webopedia)
IEEE 802IEEE 802 is a family of IEEE standards dealing with local area networks and metropolitan area networks. More specifically, the IEEE 802 standards are restricted to networks carrying variable-size packets. By contrast, in cell relay networks data is transmitted in short, uniformly sized units called cells. (Wikipedia)
IEMIBM (Tivoli) Endpoint Manager,known as IBM BigFix, formerly IBM Endpoint Manager, Tivoli Endpoint Manager (TEM) and before that, BigFix, is a systems-management software product developed by IBM for managing large groups of computers running Windows, Mac OS X, VMware ESX, Linux or UNIX, as well as various mobile operating systems such as Windows Phone, Symbian, iOS and Android. (Wikipedia)
IETFThe Internet Engineering Task Force (IETF) develops and promotes voluntary Internet standards, in particular the standards that comprise the Internet protocol suite (TCP/IP). It is an open standards organization, with no formal membership or membership requirements. All participants and managers are volunteers, though their work is usually funded by their employers or sponsors.
IGAIdentity Governance and Administration
IHEsInstitutions of Higher Education (IHEs)
IISIntegrated Infrastructure Systems
IKEThe Internet Key Exchange (IKE) is an IPsec (Internet Protocol Security) standard protocol used to ensure security for virtual private network (VPN) negotiation and remote host or network access. Specified in IETF Request for Comments (RFC) 2409, IKE defines an automatic means of negotiation and authentication for IPsec security associations (SA). Security associations are security policies defined for communication between two or more entities; the relationship between the entities is represented by a key. The IKE protocol ensures security for SA communication without the pre-configuration that would otherwise be required.
ILCInter-local contracts (ILC) are contracts between public entities. An ILC might be referred to as an IAC when the agreement is between state agencies.
ILMTThe IBM License Metric Tool (ILMT) helps you maintain an inventory of the PVU based software deployed for your Full Capacity or Virtualization (Sub-) Capacity environment, and measures the PVU licenses required by software Product. It is intended to help you manage your IBM software licensing requirements, and help you maintain an audit ready posture.
ILOIntegrated Lights-Out, or iLO, is a proprietary embedded server management technology by Hewlett-Packard which provides out-of-band management facilities. The physical connection is an Ethernet port that can be found on most Proliant servers of the 300 and above series. iLO has similar functionality to the lights out management (LOM) technology offered by other vendors, for example Sun/Oracle's ILOM, Dell DRAC, the IBM Remote Supervisor Adapter and Cisco CIMC.
ILOMOracle Integrated Lights-Out Manager (ILOM) is the service processor embedded on all Oracle's SPARC Enterprise T-series and Sun Fire x86 servers, including all rack mounts and blades. Oracle ILOM enables full out-of-band management, providing a “Just like being there” remote management capability.
IM&OInfrastructure Management & Operations (IM&O).  Gartner uses this term for companies that manage data centers for others.  M&O is the more generic version and often refers to the business and financial oversight unit. IM&O is often used as IM&O, HHS IM&O and TIERS IM&O
IMACInstall, Moves, Adds, Changes
IMCIn-Memory computing (IMC) In-memory computing is the storage of information in the main random access memory (RAM) of dedicated servers rather than in complicated relational databases operating on comparatively slow disk drives. In-memory computing helps business customers, including retailers, banks and utilities, to quickly detect patterns, analyze massive data volumes on the fly, and perform their operations quickly. IMC systems have led to the emergence of hybrid transaction/analytical processing (HTAP). (Techopedia)
IMDBMSIn-Memory Database Management System (IMDBMS) An in-memory database (IMDB, also main memory database system or MMDB or memory resident database) is a database management system that primarily relies on main memory for computer data storage. It is contrasted with database management systems that employ a disk storage mechanism. In-memory databases are faster than disk-optimized databases because disk access is slower than memory access, the internal optimization algorithms are simpler and execute fewer CPU instructions. Accessing data in memory eliminates seek time when querying the data, which provides faster and more predictable performance than disk. (Wikipedia)
IMDGIn-Memory Data Grids is the base technology for Oracle GoldenGate HotCache
INCIncident (e.g. Helpdesk INC tickets)
InformationData as processed, stored, or transmitted by a computer.
Information CustodianA department, agency, or third-party service provider responsible for implementing the information owner-defined controls and access to an information resource.
Information Owner(s)A person(s) with statutory or operational authority for specified information or information resources.
Information ResourcesAs defined in §2054.003(7), Texas Government Code.
Information Resources ManagerAs defined in §2054.071, Texas Government Code.
Information Security ProgramThe policies, standards, procedures, elements, structure, strategies, objectives, plans, metrics, reports, services, and resources that establish an information resources security function within an institution of higher education or state agency.
Information SystemAn interconnected set of information resources under the same direct management control that shares common functionality. An Information System normally includes, but is not limited to, hardware, software, network Infrastructure, information, applications, communications and people.
IntegrityThe security objective of guarding against improper information modification or destruction, including ensuring information non-repudiation and authenticity.
IOCPInput Output Configuration Program
IODFThe client production Input/Output Definition File (IODF) is used as input to the Hardware Configuration Definition (HCD) to create a work IODF that becomes the base to new or upgrade configuration.
IOPSInput/Output Operations Per Second (IOPS), pronounced "eye-ops." This is unit of measurement used to describe the maximum number of reads and writes to a disk or storage area.
IOPSInput/Output Operations Per Second (pronounced "eye-ops") are a performance measurement typically used to characterize computer storage.
IoTThe Internet of Things (IoT) is a system of interrelated computing devices, mechanical and digital machines, objects, animals or people that are provided with unique identifiers and the ability to transfer data over a network without requiring human-to-human or human-to-computer interaction. (TechTarget)
IPThe Internet Protocol (IP) is the principal communications protocol in the Internet protocol suite for relaying datagrams across network boundaries. Its routing function enables internetworking, and essentially establishes the Internet. IP has the task of delivering packets from the source host to the destination host solely based on the IP addresses in the packet headers. For this purpose, IP defines packet structures that encapsulate the data to be delivered. It also defines addressing methods that are used to label the datagram with source and destination information.(Wikipedia)
IPIntellectual Property - a work or invention that is the result of creativity, such as a manuscript or a design, to which one has rights and for which one may apply for a patent, copyright, trademark, etc.
IPAAInternational Passport Advantage Agreement: Passport Advantage is IBM's program for combined software license acquisition, Software Subscription and Support, IBM Appliances and IBM SaaS subscriptions.
iPaaSintegration Platform as a Service (iPaaS) is a suite of cloud services enabling development, execution and governance of integration flows connecting any combination of on premises and cloud-based processes, services, applications and data within individual or across multiple organizations. (Gartner)
IPLInitial Program Load (IPL) is a mainframe term for the loading of the operating system into the computer's main memory. A mainframe operating system (such as OS/390) contains many megabytes of code that is customized by each installation, requiring some time to load the code into the memory. On a personal computer, booting or re-booting (re-starting) is the equivalent to IPLing (the term is also used as a verb).
IPMInfrastructure Performance Monitoring
IPSIntrusion detection is the process of monitoring the events occurring in your network and analyzing them for signs of possible incidents, violations, or imminent threats to your security policies. Intrusion prevention is the process of performing intrusion detection and then stopping the detected incidents. These security measures are available as Intrusion Prevention Systems (IPS) and Intrusion Detection Systems (IDS, which become part of your network to detect and stop potential incidents (Juniper).
IPsecInternet Protocol Security (IPsec) is a protocol suite for secure Internet Protocol (IP) communications by authenticating and encrypting each IP packet of a communication session. IPsec includes protocols for establishing mutual authentication between agents at the beginning of the session and negotiation of cryptographic keys to be used during the session. IPsec can be used in protecting data flows between a pair of hosts (host-to-host), between a pair of security gateways (network-to-network), or between a security gateway and a host (network-to-host).
IPv4Internet Protocol version 4 (IPv4) is the fourth version of the Internet Protocol (IP). It is one of the core protocols of standards-based internetworking methods in the Internet, and was the first version deployed for production in the ARPANET in 1983. It still routes most Internet traffic today, despite the ongoing deployment of a successor protocol, IPv6. IPv4 is described in IETF publication RFC 791 (September 1981), replacing an earlier definition (RFC 760, January 1980). (Wikipedia)
IPv6Internet Protocol version 6 (IPv6) is the most recent version of the Internet Protocol (IP), the communications protocol that provides an identification and location system for computers on networks and routes traffic across the Internet. IPv6 was developed by the Internet Engineering Task Force (IETF) to deal with the long-anticipated problem of IPv4 address space exhaustion. IPv6 is intended to replace IPv4.
IRMIT Director, Information Resource Manager
ISECIT Security Control (ISEC) document
ISMInformation Security Management
ISMSAn Information Security Management System (ISMS) is a set of policies and procedures for systematically managing an organization's sensitive data. The goal of an ISMS is to minimize risk and ensure business continuity by pro-actively limiting the impact of a security breach. (TechTarget)
ISOInformation Security Officer
ISO/IEC 20000ISO/IEC 20000-1:2011 is a service management system (SMS) standard. It specifies requirements for the service provider to plan, establish, implement, operate, monitor, review, maintain and improve an SMS. The requirements include the design, transition, delivery and improvement of services to fulfill agreed service requirements. (ISO.org)
ISO/IEC 27000/1The ISO/IEC 27000 family of standards helps organizations keep information assets secure. Using this family of standards will help your organization manage the security of assets such as financial information, intellectual property, employee details or information entrusted to you by third parties. ISO/IEC 27001 is the best-known standard in the family providing requirements for an information security management system (ISMS). (ISO.org)
ISPFInteractive System Productivity Facility (ISPF) primarily provides an IBM 3270 terminal interface with a set of panels. Each panel may include menus and dialogs to run tools on the underlying Time Sharing Option (TSO). Generally, these panels just provide a convenient interface to do tasks—most of them execute modules of IBM mainframe utility programs to do the actual work. ISPF is frequently used to manipulate z/OS data sets via its Program Development Facility named ISPF/PDF, where PDF refers to Program Development Facility.
ISPF/PDFInteractive System Productivity Facility (ISPF) and editor / Program Development Facility (PDF) on mainframes primary TSO programs such as batch
ISTQB® certificationInternational Software Testing Qualifications Board (ISTQB)
ITADDIR Information Technology Application Delivery Team
ITAMIT Asset Management (ITAM) is the set of business practices that join financial, contractual and inventory functions to support life cycle management and strategic decision making for the IT environment.
ITARITAR U.S. Department of State International Traffic in Arms Regulations promulgated pursuant to the United States Arms Export Control Act of 1976, as amended.
ITCIntent to Contract (ITC)
ITCHEInformation Technology Council for Higher Education (ITCHE) is a statutorily defined group of the CIOs of the six public Texas higher education systems plus a representative of the 4 public independent universities. It reviews proposed rules relating to higher education and makes recommendations and comments to the Department of Information Resources. The UT System CIO acts as the coordinator.
ITDTexas state agency's Information Technology Detail (ITD) yearly report to LBB
ITESDIR Information Technology Enterprise Services Team
ITFMInformation Technology Financial Management (ITFM) a Chargeback System and software component assessable thru the STS Portal that contains financials pertaining to STS.
ITIL (v3)Information Technology Infrastructure Library (version 3). The Information Technology Infrastructure Library (ITIL) is a collection of concepts and practices combined in a series of books to be applied in IT Service Management (ITSM), IT development and IT operations.
ITKMDIT Key Metrics Data
ITLIntegrated Test Laboratory (ITL) - a facility for safely simulating a Disaster Recovery scenario
ITLCInformation Technology Leadership Council (ITLC) a governance committee comprised of Agency IT leadership to provide direction to the STS Program
ITOInformation Technology Outsourcing
ITOAIn the fields of Information Technology (IT) and systems management, IT operations analytics (ITOA) is an approach or method to retrieve, analyze, and report data for IT operations. ITOA may apply big data analytics to large datasets to produce business insights. In 2014, Gartner predicted its use might increase revenue or reduce costs. By 2017, it predicted that 15% of enterprises will use IT operations analytics technologies. (Wikipedia)
ITOMIT Operations Management (ITOM) software is intended to represent all the tools needed to manage the provisioning, capacity, performance and availability of the computing, networking and application environment. Leaders: BMC, CA, IBM, HP, …
ITPSDIR Information Technology Production Services Team
ITSDIR’s Information Technology Services (ITS) Division
ITSACInformation Technology Staff Augmentation Contract
ITSCMIT Service Continuity Management (ITSCM) aims to manage risks that could seriously impact IT services. This ITIL process ensures that the IT service provider can always provide minimum agreed Service Levels, by reducing the risk from disaster events to an acceptable level and planning for the recovery of IT services. ITSCM should be designed to support Business Continuity Management. (Wikipedia)
ITSMIT Service Management (ITSM) is a process-based practice intended to align the delivery of information technology (IT) services with needs of the enterprise, emphasizing benefits to customers. ITSM involves a paradigm shift from managing IT as stacks of individual components to focusing on the delivery of end-to-end services using best practice process models. ITIL (Information Technology Infrastructure Library) is a globally recognized collection of best practices for information technology (IT) service management.
IV&VIndependent Verification and Validation (IV&V) are independent procedures that are used together for checking that a product, service, or system meets requirements and specifications and that it fulfills its intended purpose. These are critical components of a quality management system such as ISO 9000. IV&V is to be performed by a unbiased third party. (Wikipedia)
IVAAn Intelligent Virtual Agent (IVA) is an animated, human-like graphical chatbot commonly displayed on website home pages and advertisement landing pages. Virtual agents are embedded with a predefined script and responses. Intelligent virtual agents - also known as virtual agents, virtual reps or v-reps - are implemented primarily on customer relationship management software. Virtual agents are designed to provide customer services, product information, marketing, support, sales, order placing, reservations or other custom services.
IVRInteractive voice response (IVR) is a technology that allows a computer to interact with humans through the use of voice and DTMF tones input via keypad. In telecommunications, IVR allows customers to interact with a company’s host system via a telephone keypad or by speech recognition, after which services can be inquired about through the IVR dialogue. IVR systems can respond with prerecorded or dynamically generated audio to further direct users on how to proceed. IVR systems deployed in the network are sized to handle large call volumes and also used for outbound calling, as IVR systems are more intelligent than many predictive dialer systems. (Wikipedia)
JADJoint application design (JAD) is a process used in the life cycle area of the dynamic systems development method (DSDM) to collect business requirements while developing new information systems for a company. (Wikipedia)
JCLJob Control Language (JCL) for mainframe scripting
JSONJavaScript Object Notation (JSON), typically used to exchange information among REST enabled APIs using HTTP puts or posts (typically post is less overhead).
JVMJava Virtual Machines (JVM)
KBA knowledge base (KB) is used to store complex structured and unstructured information used by a computer system. For example, ITIL Knowledge Management aims to gather, analyze, store and share knowledge and information within an organization. The primary purpose of this ITIL process is to improve efficiency by reducing the need to rediscover knowledge.
KMKey Metric/Measure (Capturing and monitoring the performance of a service deliverable without imposing financial credits - could become an SLA).
KPIKey Performance Indicator
KTLOKeep the Lights On (KTLO) technology refers to that portion of information technology expenditure a company has to perform on daily operational tasks. (Wikipedia)
KVAKilo Volt Amp (KVA) Uninterruptible Power Supply (UPS) system output may be represented in KVA
KWKilo Watts (KW) UPS system input may be represented in KW.
L/SLift and Shift
LACPLink Aggregation Control Protocol (LACP) is part of an IEEE specification (802.3ad) that allows you to bundle several physical ports together to form a single logical channel. LACP allows a switch to negotiate an automatic bundle by sending LACP packets to the peer. It performs a similar function as Port Aggregation Protocol (PAgP) with Cisco EtherChannel. (Cisco)
LAGLink Aggregation (LAG) is a partial implementation of the 802.3ad port aggregation standard. It bundles all of the controller’s distribution system ports into a single 802.3ad port channel, thereby reducing the number of IP addresses needed to configure the ports on your controller. When LAG is enabled, the system dynamically manages port redundancy and load balances access points transparently to the user.
LAMPOpen Source: (L) Linux OS, (A) Apache web server, (M) MySQL/MariaDB/MongoDB database, and (P) PHP/Perl/Python web programming language
LANLocal Area Network
LARLegislative Appropriations Request (LAR) Agency's request to the LBB for funding approval to operate their agency for the upcoming two-year biennium.
LBBLegislative Budget Board (LBB) A joint committee of the Texas Legislature that develops budget and policy recommendations for legislative appropriations. They conduct evaluations and reviews to improve the efficiency and performance of state and local operations.
LDAPLightweight Directory Access Protocol (LDAP) is an open, vendor-neutral, industry standard application protocol for accessing and maintaining distributed directory information services over an Internet Protocol (IP) network. Directory services play an important role in developing intranet and Internet applications by allowing the sharing of information about users, systems, networks, services, and applications throughout the network. As examples, directory services may provide any organized set of records, often with a hierarchical structure, such as a corporate email directory. Similarly, a telephone directory is a list of subscribers with an address and a phone number. (Wikipedia)
LDCLegacy Data Center (LDC) State of Texas agency owned, non-consolidated data center environment.
LDOMsLogical Domains (LDoms or LDOM) is the server virtualization and partitioning technology from Sun Microsystems for their Solaris operating system when running on SPARC V9. It was released in April 2007. Since Oracle Corporation completed the acquisition of Sun in January 2010, the product has been re-branded as Oracle VM Server for SPARC from version 2.0 onwards.
LECLocal Exchange Carrier (LEC) is a regulatory term in telecommunications for the local telephone company. In the United States, wireline telephone companies are divided into two large categories: long distance (interexchange carrier, or IXCs) and local (local exchange carrier, or LECs). (Wikipedia)
LLDPThe Link Layer Discovery Protocol (LLDP) is a vendor-neutral link layer protocol in the Internet Protocol Suite used by network devices for advertising their identity, capabilities, and neighbors on an IEEE 802 local area network, principally wired Ethernet. The protocol is formally referred to by the IEEE as Station and Media Access Control Connectivity Discovery specified in standards document IEEE 802.1AB.
LOBLine of Business
Low Impact Information ResourcesInformation resources whose loss of confidentiality, integrity, or availability could be expected to have a limited adverse effect on organizational operations, organizational assets, or individuals. Such an event could: (A) cause a degradation in mission capability to an extent and duration that the organization is able to perform its primary functions, but the effectiveness of the functions is noticeably reduced; (B) result in minor damage to organizational assets; (C) result in minor financial loss; or (D) result in minor harm to individuals.
LPARsA logical partition (LPAR) is the division of a computer's processors, memory, and storage into multiple sets of resources so that each set of resources can be operated independently with its own operating system instance and applications. (TechTarget)
LSELimited Support Environment (LSE)
M/SIPSTS Server SCP “Managed-Service Integration Platform (M/SIP)” endpoint at each Enterprise Data Warehouse (EDW) source location
M2MEmerging “machine-to-machine” (M2M) or “Internet of Things” world of connected devices
MAAMaximum Availability Architecture
MACMoves, adds and changes (MAC) is the general term for the routine work performed on computer equipment in an enterprise, including installations, relocations and upgrades. (Gartner)
MANA Metropolitan Area Network (MAN) is a network that interconnects users with computer resources in a geographic area or region larger than that covered by even a large local area network (LAN) but smaller than the area covered by a wide area network (WAN). The term is applied to the interconnection of networks in a city into a single larger network (which may then also offer efficient connection to a wide area network). (TechTarget)
MASManaged Application Services (MAS) DIR STS offering for development, maintenance and rate card services)
MASAThe Mesh Application and Service Architecture (MASA) is the preferred application architecture for the digital mesh. In the MASA, apps or services running on device mesh endpoints connect to a broad set of back-end services, creating a multichannel application that delivers an ambient user experience.
MATManual Audit Template (MAT) used to upload application Usage data to Software Organizer for licensing terms more complex than one-to-one.
mBaaSmobile Back-end as a Service (mBaaS) also known as cloud mobile back-end services
MBBMobile BroadBand (MBB) is the marketing term for wireless Internet access through a portable modem, mobile phone, USB wireless modem, tablet or other mobile devices.
MDSAMultidimensional Database Search & Analysis
MFAMulti-Factor Authentication (MFA) is an approach to authentication which requires the presentation of two or more of the three independent authentication factors: a knowledge factor ("something only the user knows"), a possession factor ("something only the user has"), and an inherence factor ("something only the user is") i.e., biometric. After presentation, each factor must be validated by the other party for authentication to occur.
MFSK/FSKMultiple Frequency-Shift Keying (MFSK) is a variant of Frequency-Shift Keying (FSK), which makes use of more than two frequencies to transmit digital data. (a.k.a. wide-band)
MFTManaged file transfer (MFT) refers to a software or a service that manages the secure transfer of data from one computer to another through a network (e.g., the Internet). MFT software is marketed to corporate enterprises as an alternative to using ad-hoc file transfer solutions, such as FTP, HTTP and others. Typically, MFT offers a higher level of security and control than FTP. Features include reporting (e.g., notification of successful file transfers), non-repudiation, auditability, global visibility, automation of file transfer-related activities and processes, end-to-end security, and performance metrics/monitoring. (Wikipedia)
MIBA Management Information Base (MIB) is a database used for managing the entities in a communication network. Most often associated with the Simple Network Management Protocol (SNMP), the term is also used more generically in contexts such as in OSI/ISO Network management model. (Wikipedia)
MIMMajor Incident Management
MIPSThe number of MIPS (million instructions per second) is a general measure of computing performance and, by implication, the amount of work a larger computer can do. For large servers or mainframes, MIPS is a way to measure the cost of computing: the more MIPS delivered for the money, the better the value. Historically, the cost of computing measured in the number of MIPS has been reduced by half on an annual basis for a number of years.
MIRPMajor Information Resources (MIRP) project: as defined in Texas Government Code, Chapter 2054, any information resources technology project identified in a state agency's biennial operating plan whose development costs exceed $1 million and that requires one year or longer to reach operations status; involves more than one state agency; or substantially alters work methods of state agency personnel or the delivery of services to clients; and any information resources technology project designated by the legislature in the General Appropriations Act as a major information resources project
MIRTMajor Incident Response Team (MIRT) Bridge calls, coordinated by the DIR Multisourcing Services Integrator (MSI) Major Incident Managers, to collaborate with appropriate Service Component Providers, MSI, DIR, Customers and 3rd party vendors to expedite resolution of major outages or incidents impacting the STS environment.
ML & SPDRMachine Learning (ML) & Statistical pattern discovery and recognition (SPDR)
MMISMedicaid Management Information System (MMIS) The MMIS is an integrated group of procedures and computer processing operations (subsystems) developed at the general design level to meet principal objectives. For Title XIX purposes, "systems mechanization" and "mechanized claims processing and information retrieval systems" is identified in section 1903(a)(3) of the Act and defined in regulation at 42 CFR 433.111. The objectives of this system and its enhancements include the Title XIX program control and administrative costs; service to recipients, providers and inquiries; operations of claims control and computer capabilities; and management reporting for planning and control. (Medicaid)
Moderate Impact Information ResourcesInformation Resources whose loss of confidentiality, integrity, or availability could be expected to have a serious adverse effect on organizational operations, organizational assets, or individuals. Such an event could: (A) cause a significant degradation in mission capability to an extent and duration that the organization is able to perform its primary functions, but the effectiveness of the functions is significantly reduced; (B) result in significant damage to organizational assets; (C) result in significant financial loss; or (D) result in significant harm to individuals that does not involve loss of life or serious life-threatening injuries.
MOFMethod of Finance
MOFThe guidance in the Microsoft Operations Framework (MOF) encompasses all of the activities and processes involved in managing an IT service: its conception, development, operation, maintenance, and—ultimately—its retirement. MOF 4.0 was created to provide guidance across the entire IT life cycle. Completed in early 2008, MOF 4.0 integrates community-generated processes; governance, risk, and compliance activities; management reviews, and Microsoft Solutions Framework (MSF) best practices.
MOMMessage-Oriented Middleware
MOPMainframe Operation Procedures
MOPDIR Datacenter Services Master Operating Plan (MOP)
MOUMemorandum of Understanding
MOVE AVMcAfee Management for Optimized Virtual Environments (MOVE) Antivirus (AV) brings advanced virus protection to virtualized desktops and servers. Choose one efficient solution for virtual server and desktop security that works across all major hypervisors, or an agentless, tuned option for VMware NSX and VMware vCloud Networking and Security.
MPIOIn computer storage, multipath I/O (MPIO) is a fault-tolerance and performance enhancement technique whereby there is more than one physical path between the CPU in a computer system and its mass storage devices through the buses, controllers, switches, and bridge devices connecting them.
MPLSMultiprotocol Label Switching (MPLS) is a type of data-carrying technique for high-performance telecommunications networks. MPLS directs data from one network node to the next based on short path labels rather than long network addresses, avoiding complex lookups in a routing table. The labels identify virtual links (paths) between distant nodes rather than endpoints. MPLS can encapsulate packets of various network protocols, hence its name "multiprotocol". MPLS supports a range of access technologies, including T1/E1, ATM, Frame Relay, and DSL. (Wikipedia)
MPLS ingress/egressMultiprotocol Label Switching router; ingress - starting point (source); egress - endpoint (drain)
MPOMetropolitan Planning Organization (MPO), a local decision-making body that is responsible for overseeing the metropolitan transportation planning process. An MPO is required for each urban area with a population of more than 50,000 people
MPPIn-memory Massively Parallel Processing (MPP)
MPPMicrosoft (Execution) Project Plan application
MQTTMQ Telemetry Transport (MQTT) A publish/subscribe, extremely simple and lightweight messaging protocol, designed for constrained devices and low-bandwidth, high-latency or unreliable networks. The design principles are to minimize network bandwidth and device resource requirements whilst also attempting to ensure reliability and some degree of assurance of delivery. These principles also turn out to make the protocol ideal of the emerging “machine-to-machine” (M2M) or “Internet of Things” world of connected devices, and for mobile applications where bandwidth and battery power are at a premium.
MRCMonthly Recurring Charge
MS-ISACThe Multi-State Information Sharing & Analysis Center (MS-ISAC) is the focal point for cyber threat prevention, protection, response and recovery for the nation's state, local, tribal and territorial (SLTT) governments. The MS-ISAC 24x7 cybersecurity operations center provides real-time network monitoring, early cyber threat warnings and advisories, vulnerability identification, and mitigation and incident response.
MSAMaster Services Agreement
MSDMarketing Functional Specification Document (MSD) used for the DIR DCS innovation program
MSFMicrosoft Solutions Framework (MSF) is a set of principles, models, disciplines, concepts, and guidelines for delivering information technology solutions from Microsoft. MSF is not limited to developing applications only, it is also applicable to other IT projects like deployment, networking or infrastructure projects. MSF does not force the developer to use a specific methodology (Waterfall, Agile) but lets them decide what methodology to use.
MSIMulti-sourcing Service Integrator (MSI) A DCS vendor providing reporting and services to Texas state agencies as set forth in the STS contract.
MSLMinimum Service Level
MSPManaged Service Provider
MSSPMaster Systems Security Plan (MSSP), A system security plan is a formal plan that defines the plan of action to secure a computer or information system.
MSSPManaged Security Service Provider (MSSP)
MSTPMaster Server Transformation Portfolio (MSTP)
MTDMaximum Tolerable Downtime (MTD) which defines the total amount of time that a business process can be disrupted without causing any unacceptable consequences. This value should be defined by the business management team or someone like CTO, CIO or IT manager (Default Reasoning).
MTTRThe Mean Time to Resolution (MTTR) — the time it takes to diagnose and resolve a problem after it’s been identified.
MTTVMean Time to Value (MTTV) - Average time between a request for a specific value and the initial delivery of the value requested.
MTUIn computer networking, the Maximum Transmission Unit (MTU) of a communications protocol of a layer is the size (in bytes) of the largest protocol data unit that the layer can pass onwards. MTU parameters usually appear in association with a communications interface (NIC, serial port, etc.). Standards (Ethernet, for example) can fix the size of an MTU; or systems (such as point-to-point serial links) may decide MTU at connect time.
MVPIn product development, the Minimum Viable Product (MVP) is the product with the highest return on investment versus risk. It is the sweet spot between products without the required features that fail at sunrise and the products with too many features that cut return and increase risk.
N/ANot Available, Not Applicable
N/N-1STS Approved Version N and Previous Approved Version N-1 (N-2 legacy and may be unsupported N+1 beta and not fully supported)
NACNetwork Access Control (or Network Admission Control) Security Solutions (NAC)
NASNetwork Attached Storage (NAS)
NATShort for Network Address Translation (NAT), an Internet standard that enables a local-area network (LAN) to use one set of IP addresses for internal traffic and a second set of addresses for external traffic.
NECNational Electrical Code (NEC) Article 645
NERC CIPThe North America Electric Reliability Corporation (NERC) Critical Infrastructure Protection (CIP) plan comprises more than 100 NERC Reliability Standards, and sets requirements for protecting critical assets used in the bulk electric system and the systems that support those assets. NERC CIP consists of nine standards covering the security of electronic perimeters, physical security of critical cyber assets, personnel and training, security management, disaster recovery and more.
Next3Next3 is a journaled file system for Linux based on ext3 which adds snapshots support, yet retains compatibility to the ext3 on-disk format. Next3 is implemented as open-source software, licensed under the GPL license.
NFSNetwork File System (NFS) is a distributed file system protocol originally developed by Sun Microsystems in 1984, allowing a user on a client computer to access files over a network much like local storage is accessed.
NFVNetwork Functions Virtualization (NFV[1]) is a network architecture concept that uses the technologies of IT virtualization to virtualize entire classes of network node functions into building blocks that may connect, or chain together, to create communication services. NFV relies upon, but differs from, traditional server-virtualization techniques, such as those used in enterprise IT. A virtualized network function, or VNF, may consist of one or more virtual machines running different software and processes, on top of standard high-volume servers, switches and storage devices, or even cloud computing infrastructure, instead of having custom hardware appliances for each network function.( Wikipedia)
NICNetwork Interface Card (NIC)
NIDSNetwork Intrusion Detection Service (NIDS)
NIPNetwork Intrusion Prevention (NIP)
NIPSIBM Security Network Intrusion Prevention System
NISTNational Institute of Standards and Technology
NLUNatural-Language Understanding (NLU) is a subtopic of natural-language processing in artificial intelligence that deals with machine reading comprehension. Natural-language understanding is considered an AI-hard problem. There is considerable commercial interest in the field because of its application to automated reasoning, machine translation, question answering, news-gathering, text categorization, voice-activation, archiving, and large-scale content analysis (Wikipedia).
NoOpsNoOps (No Operations) means that an IT environment can become so automated and abstracted from the underlying infrastructure that there is no need for a dedicated team to manage the deployment of applications in-house. Forrester coined the term NoOps, which they define as “the goal of completely automating the deployment, monitoring and management of applications and the infrastructure on which they run.”
NoSQLA NoSQL (often interpreted as Not Only SQL database) provides a mechanism for storage and retrieval of data that is modeled in means other than the tabular relations used in relational databases.
NPBsNetwork packet brokers (NPBs) enable your tools to perform optimally while providing unprecedented network visibility. Unlike their TAP predecessors, NPBs are sophisticated, high-end devices that provide traffic regeneration, aggregation, load balancing, packet de-duplication, etc.
NPMDNetwork Performance Monitoring and Diagnostics
NRCNon-Recurring Charge
NSOC/NOCNetwork Security Operations Center (formerly ADROC)
NTPNetwork Time Protocol (NTP)
NTTNippon Telegraph and Telephone (NTT) Corporation; system integrator for TxDOT
NUPNamed Users Plus (NUP) licensing. The NUP Metric is based on users and non-human operated devices accessing the database. This metric is usually used when users can be counted. Customers using this metrics have to license either the number of NUP accessing the Oracle software or the minimum NUP – whichever NUP is higher (dbiServices)
NymwarNymwar is a slang term that describes controversy around how users identify themselves on various social media platforms and in other technology environments. The basic idea of nymwars is that there is a tug-of-war between users who wish to remain anonymous and parties who demand the use of real names in online or virtual communications. A nymwar is also known as a pseudonym war.
O365Microsoft Office 365 is a Software as a Service offering for collaboration and email.
OASOracle Application Server (OAS) The Oracle Application Server 10g (the "g" stands for grid) (short Oracle AS), consists of an integrated, standards-based software platform. It forms part of Oracle Corporation's Fusion Middleware technology stack. (Wikipedia)
OBIOperational Business Intelligence
OCISOOffice of Chief Information Security Officer (State of Texas)
ODAOn-Demand Application
OEMAn Original Equipment Manufacturer (OEM) is a company that produces parts and equipment that may be marketed by another manufacturer. However, the term is used in several other ways, which causes ambiguity. It sometimes means the maker of a system that includes other companies' subsystems, an end-product producer, an automotive part that is manufactured by the same company that produced the original part used in the automobile's assembly, or a value-added reseller. (Wikipedia)
OEMOracle Enterprise Manager (OEM or EM) is a set of web-based tools aimed at managing software and hardware produced by Oracle Corporation as well as by some non-Oracle entities.
OLAOperating Level Agreement (Agreement between service providers defining the measurement of services between the parties).
OLAPOn-Line Analytical Processing
OLTPOnline transaction processing, or OLTP, is a class of information systems that facilitate and manage transaction-oriented applications, typically for data entry and retrieval transaction processing.
OMSIn relational database management systems and in the particular context of an Oracle Enterprise Manager (OEM) environment, an Oracle Management Server (OMS) is a software system that functions as a middle tier between Oracle intelligent agents and Oracle management consoles. The system may operate on multiple nodes and by default uses a schema named DBSNMP. Through this system, database administrators may view and control their OEM domain(s).
OnBoardingProcess of bringing on a new employee or equipment "on board". Sometimes seen as “On-Boarding”.
OOOOut Of Office
OpExOperating Expense (costing) model represents the ongoing cost to run a product, business or system. It is contrasted with the Capital Expense (CapEx) to develop or provide non-consumable parts for the product or system.
OPSOperation Services
OSI modelThe Open Systems Interconnection model (OSI) is a conceptual model that characterizes and standardizes the internal functions of a communication system by partitioning it into abstraction layers. The model is a product of the Open Systems Interconnection project at the International Organization for Standardization (ISO), maintained by the identification ISO/IEC 7498-1. Description of OSI layers:
  • Layer 1: physical layer
  • Layer 2: data link layer
  • Layer 3: network layer
  • Layer 4: transport layer
  • Layer 5: session layer
  • Layer 6: presentation layer
  • Layer 7: application layer
OSSOpen-Source Software (OSS) is computer software with its source code made available with a license in which the copyright holder provides the rights to study, change, and distribute the software to anyone and for any purpose. Open-source software may be developed in a collaborative public manner. According to scientists who studied it, open-source software is a prominent example of open collaboration. The term is often written without a hyphen as "open source software". (Wikipedia)
OTCOne-Time Charge
OVAAn OVA file is an Open Virtualization Archive that contains a compressed, "installable" version of a virtual machine (VM). When you open an OVA file it extracts the VM and imports it into whatever virtualization software you have installed on your computer.
OWAOutlook Web Application. The web interface provided by Microsoft for users to access mail services via an internet browser.
P-VConversion of server instances from Physical to Virtual (machine)
PaaSPlatform as a Service (PaaS) The capability provided to the consumer is to deploy onto the cloud infrastructure consumer-created or acquired applications created using programming languages, libraries, services, and tools supported by the provider. The consumer does not manage or control the underlying cloud infrastructure including network, servers, operating systems, or storage, but has control over the deployed applications and possibly configuration settings for the application-hosting environment.
PAgPPort Aggregation Protocol (PAgP) is a Cisco Systems proprietary networking protocol, which is used for the automated, logical aggregation of Ethernet switch ports, known as an etherchannel. (Wikipedia)
PALIn the DIR STS environment, when servers are set to deployed and moved into production the Project Acceptance Letter (PAL) is prepared by the Service Component Provider and sent to DIR Customers.
PAMPrivileged Account Management
PAMProject Account Manager - typically Service Component Provider staff.
PAWSProtect Against Wrapped Sequences (PAWS) network testing. PAWS is used when the receive window crosses the sequence number wraparound boundary. In the case where a packet was potentially retransmitted it answers the question: "Is this sequence number in the first 4 GB or the second?" And the timestamp is used to break the tie.
PB (PetaByte)The petabyte is a multiple of the unit byte for digital information. The prefix peta indicates the fifth power of 1000 and means 1015 in the International System of Units (SI), and therefore 1 petabyte is one quadrillion (short scale) bytes, or 1 billiard (long scale) bytes. The unit symbol for the petabyte is PB. 1 PB = 1000000000000000B = 1015bytes = 1000terabytes. A related unit, the pebibyte (PiB), using a binary prefix, is equal to 10245 bytes, which is more than 12% greater (250 bytes = 1125899906842624bytes). One thousand peta https://en.wikipedia.org/wiki/Petabyte bytes (1000 PB) is equal to one exabyte (1 EB). (Wikipedia)
PCIPayment Card Industry
PCLSPrioritization of Cybersecurity and Legacy Systems (PCLS). Analysis of projects submitted as part of Legislative Appropriations Request (LAR) submissions. (Facilitated through the DIR SPECTRIM system)
PCRProject Change Request is a process utilized to make any changes consisting of scope, cost or schedule once the project is in implementation.
PCSProcurement and Contracting Services
PDBPhysical Database
PDUA Power Distribution Unit (PDU) or mains distribution unit (MDU) is a device fitted with multiple outputs designed to distribute electric power, especially to racks of computers and networking equipment located within a data center. 3-phase devices must be connected by consecutive poles to operate correctly. PDUs may be smart and monitored.
PFIn electrical engineering, the Power Factor of an AC electrical power system is defined as the ratio of the real power flowing to the load to the apparent power in the circuit, and is a dimensionless number in the closed interval of ?1 to 1. A power factor of less than one means that the voltage and current waveforms are not in phase, reducing the instantaneous product of the two waveforms (V × I) (Wikipedia)
PFAPredictive Failure Analysis (PFA) refers to computer mechanisms that analyze trends in corrected errors to predict future failures of hardware components and proactively enabling mechanisms to avoid them.
PGPartner Group (PG) A grouping of agencies with similar business characteristics to facilitate governance, conduct meetings, and balance the workload of STS resource assignments.
PgMDIR STS MSI Program Manager (PgM)
PHIPersonal Health Information (Confidential Information)
PIAPublic Information Act Texas Government Code, Chapter 552, gives you the right to access government records; and an officer for public information and the officer's agent may not ask why you want them. All government information is presumed to be available to the public. Certain exceptions may apply to the disclosure of the information. Governmental bodies shall promptly release requested information that is not confidential by law, either constitutional, statutory, or by judicial decision, or information for which an exception to disclosure has not been sought. (Texas Comptroller)
PIIPersonally Identifiable Information (PII) (Confidential Information) A category of personal identity information as defined by §521.002(a)(1), Business and Commerce Code. It is information that can be used on its own or with other information to identify, contact, or locate a single person, or to identify an individual in context. (Wikipedia)
PilotA pilot is a productionalized system available for a subset of the whole audience. The reason for doing a pilot is to get a better understanding of how the product will be used in the field and to refine the product. Another name for Pilot is Minimum Viable Product (MVP).
PIMPrivileged Identity Management (PIM) (sometimes referred to as privileged access management, privileged user and password management, etc.) is about understanding who and what has access to system administrator and high-risk business, such as shared accounts.
PIOPublic Information Officer (PIO)
PIRPost Implementation Review (PIR) is used in the STS program to describe the results of a completed change.
PiTPoint-in-Time (e.g., PIT data recovery)
PKEProcess Known Error (PKE) record documenting the preventative measures determined by a RCA (root cause analysis) and a PBI (problem investigation record)
PKIA Public Key Infrastructure (PKI) is a set of roles, policies, and procedures needed to create, manage, distribute, use, store, and revoke digital certificates and manage public-key encryption. The purpose of a PKI is to facilitate the secure electronic transfer of information for a range of network activities such as e-commerce, internet banking and confidential email. It is required for activities where simple passwords are an inadequate authentication method and more rigorous proof is required to confirm the identity of the parties involved in the communication and to validate the information being transferred. (Wikipedia)
PMPreventive Maintenance
POPurchase Order
POCPoint of Contact
POC/PoCProof of Concept (PoC) is a realization of a certain method or idea in order to demonstrate its feasibility, or a demonstration in principle with the aim of verifying that some concept or theory has practical potential. A proof of concept is usually small and may or may not be complete. (Wikipedia)
PoEProof of Entitlement (software license and compliance)
PolicyA course or principle of action adopted or proposed by a government, party, business, or individual.
PoPA Point of Presence (PoP) is an artificial demarcation point or interface point between communicating entities. (Wikipedia)
POP3POP3 (Post Office Protocol 3) is a version of a standard protocol for receiving e-mail. POP3 is a client/server protocol in which e-mail is received and held for you by your Internet server.
PoTProof of Technology (PoT) is used interchangeably with "proof of concept" (PoC) or "pilot project".
PoVProof of Value (PoV) distinct from a PoC in that a PoV proves it will work for the customer and that the expected value to be realized is real and can be justified and measured.
PPMPolicies and Procedures Manual
PPMProject and Portfolio Management
PPMOProgram and Portfolio Management Office
PPSPlanned Procurement Schedule (PPS) is a quarterly report submitted by all state agencies to DIR detailing agency's planned purchases and broken into future quarters for the Fiscal Year.
PPTP VPNPPTP VPN is the process of creating and managing Virtual Private Network (VPN) connections or services using point-to-point tunneling protocol (PPTP). It is one of the most common ways of creating a VPN connection, and operates at layer 2 of the OSI model.
ProcedureAn explanation of ‘how’ a policy is to be carried out or executed. Compliance with procedure related to policy is required and not optional. Procedures may be narrative guidelines or step-by-step “cook-book” instructions. May be instructions to assist information security staff, custodians, and users in implementing policies, standards and guideline.
PrototypeA prototype simulates the full system or at least a relevant part of it. While a Proof of Concept (POC) shows that a product or feature can be done, a prototype explains how it will be done. A prototype may provide some re-usable components that can be re-used in a pilot or production version.
PSAPA Public-Safety Answering Point (PSAP), sometimes called "public-safety access point", is a call center responsible for answering calls to an emergency telephone number for police, firefighting, and ambulance services.
PTPass-Through (PT) charge.  Cost + some percentage uplift for an STS Service Component Provider to procure items and invoices to a DIR Customer.
PTMPricing Team Member (PTM) an STS Service Component Provider for software procurement.
PUEPower Usage Effectiveness
QAQuality Assurance
QAPCQuality Assurance and Process Compliance (QAPC) Review program managed by the MSI Process & Training Team. It is a component of CSI – every quarter DIR STS reviews several programs and measures results against objectives and identifies gaps and opportunities for improvement.  Once a year DIR STS agrees as to what should be reviewed and in which quarter.
QATThe Texas Quality Assurance Team (QAT) implements a consistent and repeatable approach for quality assurance review of technology projects within Texas. Projects are continually assessed to help reduce the likelihood that a project will not deliver a quality solution based on the schedule, budget, and scope commitments made to state leadership.
QFSDPQuarterly Full Stack Download Patch for Oracle Exadata
QORQuarterly Operations Review (QOR) All-day DIR Service Component Provider meeting to review performance of each STS service Tower.
QoSQuality of service (QoS) is the description or measurement of the overall performance of a service, such as a telephony or computer network or a cloud computing service, particularly the performance seen by the users of the network. In the field of computer networking and other packet-switched telecommunication networks, quality of service refers to traffic prioritization and resource reservation control mechanisms rather than the achieved service quality. Quality of service is the ability to provide different priority to different applications, users, or data flows, or to guarantee a certain level of performance to a data flow. (Wikipedia)
RARisk Assessment (RA) is the combined effort of
1. identifying and analyzing potential (future) events that may negatively impact individuals, assets, and/or the environment (i.e., risk analysis); and
2. making judgments "on the tolerability of the risk on the basis of a risk analysis" while considering influencing factors (i.e., risk evaluation). Put in simpler terms, a risk assessment analyzes what can go wrong, how likely it is to happen, what the potential consequences are, and how tolerable the identified risk is. As part of this process, the resulting determination of risk may be expressed in a quantitative or qualitative fashion. The risk assessment plays an inherent part of an overall risk management strategy, which attempts to, after a risk assessment, "introduce control measures to eliminate or reduce" any potential risk-related consequences (Wikipedia).
RACOracle Real Application Clusters (RAC) provides software for clustering and high availability in Oracle database environments. Oracle Corporation includes RAC with the Standard Edition of Oracle Database (aka Baby RAC), but makes it an extra-charge option for the Enterprise Edition.
RACIWho is Responsible, Accountable, Consulted and Informed.
RADRapid Application Development (RAD) is both a general term used to refer to alternatives to the conventional waterfall model of software development as well as the name for James Martin's approach to rapid development. In general, RAD approaches to software development put less emphasis on planning and more emphasis on process. In contrast to the waterfall model, which calls for rigorously defined specification to be established prior to entering the development phase, RAD approaches emphasize adaptability and the necessity of adjusting requirements in response to knowledge gained as the project progresses. Prototypes are often used in addition to or sometimes even in place of design specifications. (Wikipedia)
RAIDRAID (originally redundant array of inexpensive disks; now commonly redundant array of independent disks) is a data storage virtualization technology that combines multiple disk drive components into a logical unit for the purposes of data redundancy or performance improvement. RAID level indicates type of redundancy and recoverability (mirrored, striped, parity, etc.)
RAID logRAID stands for Risks, Actions, Issues and Decisions. The RAID log is a simple tool to keep track of all of these, which can be very useful in regular project meetings as well as for audit purposes.
RAINRedundant Array of Independent Nodes (RAIN) is a disk subsystem that provides distributed data storage and protection in network architecture by integrating inexpensive hardware and management software. RAIN is designed to offer scalable and reliable network-attached storage (NAS) by combining off-the-shelf distributed computing and commodity hardware with sound management software. It is designed to improve on the shortcomings of non-redundant NAS systems. The concept of RAIN is derived from redundant array of independent disks (RAID), which is a similar system that is implemented at the disk level. Redundant array of independent nodes may also be called redundant array of inexpensive nodes. (e.g., HCP, Avamar Grid) (Technopedia)
RASPRuntime application self-protection (RASP) is a security technology that is built or linked into an application or application runtime environment, and is capable of controlling application execution and detecting and preventing real-time attacks. (Gartner)
RBACRole Based Access Controls (RBAC) Role-based access control (RBAC) is a method of regulating access to computer or network resources based on the roles of individual users within an enterprise. In this context, access is the ability of an individual user to perform a specific task, such as view, create, or modify a file. (TechTarget)
RBACRole-Based Access Control (RBAC)
RCA Release Candidate (RC), also known as "going silver", is a beta version with potential to be a final product, which is ready to release unless significant bugs emerge. In this stage of product stabilization, all product features have been designed, coded and tested through one or more beta cycles with no known showstopper-class bugs. (Wikipedia)
RCARoot Cause Analysis (RCA) Identifies the cause of a problem or outage and details actions required to resolve.
RDBMSRelational Data Base Management System
RDFResource Description Framework (RDF) is a model for encoding semantic relationships between items of data so that these relationships can be interpreted computationally. RDF (family of World Wide Web Consortium specifications) was originally designed as a metadata data model. It has come to be used as a general method for conceptual description or modeling of information that is implemented in web resources, using a variety of syntax notations and data serialization formats.
RDURack Distribution Unit (RDU) (e.g. Power Strips)
RE/FMReal Estate / Facility Management (RE/FM)
Refresh (cycle)Period of time determined for update of equipment and software. Examples are five years for server hardware, seven years for network switches.
regexUse of pattern-matching or regular expression (regex)
REITA Real Estate Investment Trust security that sells like a stock on the major exchanges and invests in real estate directly, either through properties or mortgages. REITs receive special tax considerations and typically offer investors high yields, as well as a highly liquid method of investing in real estate.
Residual RiskThe risk that remains after security controls have been applied.
REST APIRepresentational state transfer (REST) Application Programming Interface (API) or RESTful web services are a way of providing interoperability between computer systems on the Internet. REST-compliant Web services allow requesting systems to access and manipulate textual representations of Web resources using a uniform and predefined set of stateless operations. Other forms of Web services exist, which expose their own arbitrary sets of operations such as WSDL and SOAP. (Wikipedia)
RFCRequest for Change
RFIDRadio-frequency Identification (RFID) uses electromagnetic fields to automatically identify and track tags attached to objects. The tags contain electronically stored information. Passive tags collect energy from a nearby RFID reader's interrogating radio waves. Active tags have a local power source such as a battery and may operate at hundreds of meters from the RFID reader. Unlike a barcode, the tag need not be within the line of sight of the reader, so it may be embedded in the tracked object. RFID is one method for Automatic Identification and Data Capture (AIDC).
RFOA Request for Offer (RFO) is an open and competitive purchasing process whereby an organization requests the submission of offers in response to specifications and/or a scope of services. An RFO may also include a cost proposal. (TechTarget)
RFQRequest for Qualifications; Request for Quote
RFSDIR STS Request for Solution/Service (RFS) is initiated by a Solution Request and results in a financial obligation to the requestor.
RFSRemote File Server (RFS) (e.g., Oracle "Data Guard")
RiskThe effect on the entity's missions, functions, image, reputation, assets, or constituencies considering the probability that a threat will exploit a vulnerability, the safeguards already in place, and the resulting impact. Risk outcomes are a consequence of Impact levels defined in this section.
Risk AssessmentThe process of identifying, evaluating, and documenting the level of impact on an organization's mission, functions, image, reputation, assets, or individuals that may result from the operation of information systems. Risk Assessment incorporates threat and vulnerability analyses and considers mitigations provided by planned or in-place security controls.
Risk ManagementThe process of aligning information resources risk exposure with the organization's risk tolerance by either accepting, transferring, or mitigating risk exposures.
RMANRecovery Manager (RMAN) supplied for Oracle databases by Oracle Corporation. Provides backup, restore, and recovery capabilities.
RMORecords Management Officer
rootvgEvery AIX system has a rootvg. It's a volume group—a logical group of disks—that is created at the time you install AIX. It contains the AIX operating system with its standard file systems. (IBM Developer Works)
RPAEMC RecoveryPoint Appliance (RPA) which manages the replication setup and operations, compressing the data with advanced algorithms for efficient bandwidth utilization that reduces network cost up to 90% (per EMC) RPAs are deployed in a cluster of up to eight units with a minimum of two in a single cluster.
RPARobotic Process Automation (RPA) is an emerging form of business process automation technology based on the notion of software robots or artificial intelligence (AI) workers (Wikipedia).
RPCIn computer science, a remote procedure call (RPC) is an inter-process communication that allows a computer program to cause a subroutine or procedure to execute in another address space (commonly on another computer on a shared network) without the programmer explicitly coding the details for this remote interaction.
RPOA Recovery Point Objective, or “RPO”, is defined by business continuity planning. It is the maximum tolerable period in which data might be lost from an IT service due to a major incident. (i.e., amount of potential data loss)
RRBFor DIR STS, once the Solutions Design Proposal (SDP) is approved by the Engineering Review Board (ERB), the SDP and Cost Estimating Tool (CET) is reviewed by the Resource Review Board (RRB) to review the draft schedule and soft book resources.
RRC/ARCAdditional Resource Charges (ARCs) or Reduced Resource Credits (RRCs) are incremental charges/credits for volumes above or below the Monthly Resource Baselines but within the resource unit pricing bands.
These terms are used in the DIR Data Center Services contract.

Base/Variable is an Exhibit 4B term meaning the costs for the certain items (like infrastructure SW) in part of the monthly base charge + variable ARC/RRC methodology vs charged separately like (HSC/SSC). 

Additional Resource Charges (ARCs) are the incremental charges set forth in Exhibit 4 for the use of the Services above the Monthly Resource Baselines for such Services. Reduced Resource Charges (RRCs) are the incremental credits set forth in Exhibit 4 to the Agreement for the use of Services below the Monthly Resource Baselines for such Services.
RRSRecords Retention Schedule (TSLAC)
RSSRDF Site Summary (RSS) (originally; later, two competing approaches emerged, which used the backronyms Rich Site Summary and Really Simple Syndication respectively) is a type of web feed which allows users and applications to access updates to websites in a standardized, computer-readable format (Wikipedia).
RTMRelease to Manufacturing (RTM) The term "release to manufacturing", also known as "going gold", is a term used when a software product is ready to be delivered. This build may be digitally signed, allowing the end user to verify the integrity and authenticity of the software purchase. A copy of the RTM build known as the "gold master" or GM is sent for mass duplication if applicable. RTM precedes general availability (GA) when the product is released to the public. (Wikipedia)
RTOThe Recovery Time Objective (RTO) is the duration of time and a service level within which a business process must be restored after a disaster (or disruption) in order to avoid unacceptable consequences associated with a break in business continuity.
RTS / IVTRS / TPEThe counties use RTS (Registration and Title System) to process internet registration renewals. However, RTS is merely one component in the electronic registration renewal process. First, customers access IVTRS (Internet Vehicle and Title Registration Service) online to pay for a registration renewal. Transactions are then processed via TPE (Transaction Processing Engine). Once a renewal payment is authorized, the renewal is sent to RTS to be evaluated.
RUResource Unit (RU) A term used with invoicing for computing cost
S3Amazon Simple Storage (blob) Service
SASystem Administrator
SaaSSoftware as a Service (SaaS) The capability provided to the consumer is to use the provider’s applications running on a cloud infrastructure. The applications are accessible from various client devices through either a thin client interface, such as a web browser (e.g., web-based email), or a program interface. The consumer does not manage or control the underlying cloud infrastructure including network, servers, operating systems, storage, or even individual application capabilities, with the possible exception of limited user-specific application configuration settings. (NIST)
SACMDIR STS Service Assets & Configuration Management (SACM) team
Safe ModeAn alternate method of booting Microsoft Windows for the purpose of diagnosing operating system-specific problems.
SAINSAN-attached array of independent nodes (e.g., HCP)
SAMLSecurity Assertion Markup Language (SAML, pronounced sam-el) is an open standard for exchanging authentication and authorization data between parties, in particular, between an identity provider and a service provider. As its name implies, SAML is an XML-based markup language for security assertions (statements that service providers use to make access-control decisions). SAML is also: A set of XML-based protocol messages A set of protocol message bindings A set of profiles (utilizing all of the above) (Wikipedia)
SANStorage Area Network
SAPMShared-Account Password Management
SBCEnterprise Session Border Controllers (SBC) provide security, interoperability, session control, resiliency and supportability between enterprise and carrier Session Initiation Protocol (SIP) trunks, and enterprise Unified Communications (UC) telephony platforms.
SCATADIR STS Security Clearance Access and Tracking Database
SCCMSystem Center Configuration Manager (SCCM) (officially referred to as ConfigMgr 2012 or ConfigMgr 2007 or simply ConfigMgr), formerly Systems Management Server (SMS), is a systems management software product by Microsoft for managing large groups of computers running Windows, Windows Embedded, Mac OS X, Linux or UNIX, as well as various mobile operating systems such as Windows Phone, Symbian, iOS and Android. Configuration Manager provides remote control, patch management, software distribution, operating system deployment, network access protection and hardware and software inventory.
SCIMSystem for Cross-domain Identity Management (SCIM) is an open standard for automating the exchange of user identity information between identity domains, or IT systems. The SCIM standard was created to simplify user management in the cloud by defining a schema for representing users and groups and a REST API for all the necessary CRUD operations
SCMService Center Management
SCMSupply Chain Management
SCONDIR DCS Server Consolidation (The process of relocating agency servers from their local (legacy) data centers (LDC) to one of the Consolidated Data Centers).
SCPService Component Provider (SCP) DIR STS Vendor(s) providing infrastructure and services to Texas state DIR Customers as set forth in STS Contracts.
SDAService Desk (SD) Agent (SDA) who takes the original service call from Customer/End-User (CEU) at the Help Desk managed through outsourced contract for DIR
SDASSoftware-Defined Application Services
SDC/SADCSan Angelo Data Center - A facility located in San Angelo, Texas that hosts servers and supporting infrastructure for DCS DIR Customers business applications for DIR Customers participating in the STS contract.
SDDA Software Design Description (a.k.a. software design document or SDD) is a written description of a software product, that a software designer writes in order to give a software development team overall guidance to the architecture of the software project. An SDD usually accompanies an architecture diagram with pointers to detailed feature specifications of smaller pieces of the design. Practically, the description is required to coordinate a large team under a single vision, needs to be a stable reference, and outline all parts of the software and how they will work. (Wikipedia)
SDKA Software Development Kit (SDK or "devkit") is typically a set of software development tools that allows the creation of applications for a certain software package, software framework, hardware platform, computer system, video game console, operating system, or similar development platform.
SDLCSoftware Development Life Cycle is a framework that defines activities performed throughout the software development process. (Synopsys)
SDLCSystems Development Life Cycle (SDLC) The systems development life cycle (SDLC), also referred to as the application development life-cycle, is a term used in systems engineering, information systems and software engineering to describe a process for planning, creating, testing, and deploying an information system The systems development lifecycle concept applies to a range of hardware and software configurations, as a system can be composed of hardware only, software only, or a combination of both (Wikipedia)
SDNSoftware-Defined Networking (SDN) is an approach to computer networking that allows network administrators to manage network services through abstraction of lower level functionality. This is done by decoupling the system that makes decisions about where traffic is sent (the control plane) from the underlying systems that forward traffic to the selected destination (the data plane). The inventors and vendors of these systems claim that this simplifies networking.
SDPSolutions Design Proposal (SDP) Submitted to DIR Customers, along with the Cost Estimating Tool (CET) (estimated design cost) to obtain agency approval to move forward with solution development
SDSGService Delivery Solutions Group (SDSG) DIR STS Governance committee comprised of agency resources that review service delivery issues and recommends and approves changes to delivery processes.
SDSISelf-Directed Semi-Independent (SDSI) agencies are a subset of agencies that fall under the SDSI Agency Project Act, which allows some agencies to collect revenues and establish budgets outside of the appropriations process.
SEBSource Evaluation Board (SEB) 
group that reviews the vendor responses on an RFO
CPO term.
SECCTexas State Employee Charitable Campaign
Security IncidentAn event which results in the accidental or deliberate unauthorized access, loss, disclosure, modification, disruption, or destruction of information or information resources.
Security ProceduresThese define roles, responsibilities, and procedures for IT staff in following the Disaster Recovery Plan; securing DIR data, information, and hardware; incident reporting and investigations; and other procedures relevant to IT security.
SEDSelf-Encrypting Drive (SED) technology is the same as Hardware Full-Disk Encryption (FDE) technology
SEOSearch Engine Optimization (SEO) is the process of affecting the online visibility of a website or a web page in a web search engine's unpaid results—often referred to as "natural", "organic", or "earned" results. In general, the earlier (or higher ranked on the search results page), and more frequently a website appears in the search results list, the more visitors it will receive from the search engine's users; these visitors can then be converted into customers. SEO may target different kinds of search, including image search, video search, academic search, news search, and industry-specific vertical search engines. SEO differs from local search engine optimization in that the latter is focused on optimizing a business' online presence so that its web pages will be displayed by search engines when a user enters a local search for its products or services. The former instead is more focused on national or international searches. (Wikipedia)
SEV1Severity One incident indicating a critical service outage.
SEV1In STS, may refer to the SevOne monitoring tool.
SFAScheduled for Approval / Review for change release
SFPSmall Form-factor Pluggable (SFP) transceiver module
SFRScheduled for Approval / Review for change release
Shared networked resourcesShared networked resources consist of logically organized space for the storage of data created and used by staff in divisional, community, or otherwise specified logical groups. Shared networked resources are established, managed, and maintained centrally by designated IT staff
SISystem Integration (SI) is an IT or engineering process or phase concerned with joining different subsystems or components as one large system. It ensures that each integrated subsystem functions as required. (Techopedia)
SIAMService Integration and Management (SIAM) is an approach to managing multiple suppliers of services (business services as well as information technology services) and integrating them to provide a single business-facing IT organization. It aims at seamlessly integrating interdependent services from various internal and external service providers into end-to-end services in order to meet business requirements (Wikipedia)
SIAMIt is the goal of the Service Integration Assurance Management (SIAM) Team to provide the customer base of the STS Contract, STS Customers, STS Personnel, Service Component Provider Personnel, and MSI Personnel with a Service Management Toolset and related functionality that are available on a 24x7 basis, not including maintenance windows.
SIDThe Oracle System ID (SID) is used to uniquely identify a particular database on a system. For this reason, one cannot have more than one database with the same SID on a computer system. (Oracle)
SIEMSecurity information and event management (SIEM) is a term for software products and services combining security information management (SIM) and security event management (SEM). (e.g., Nitro)
SIPThe Session Initiation Protocol (SIP) is a signaling communications protocol, widely used for controlling multimedia communication sessions such as voice and video calls over Internet Protocol (IP) networks.
slEnd of Life (EOL) - A DCS asset which is in the process of being decommissioned
SLAService Level Agreement (SLA) Contractual performance measures that must be met by the service provider to avoid penalty
SLISoftware-Led Infrastructure software-led infrastructure (SLI) refers to datacenter technologies that form the underpinning for application portability & functionality, data placement, and automation within and between datacenters. SLI technologies have a design point with the aim to synchronize with other datacenter technologies and optimize for:
  • Speed, Performance, or Time to Market
  • Availability and/or business Continuity
  • Efficiency and Cost Reduction
  • Business and IT Productivity
SLIPService Level Improvement Plan
SLOESoftware License Optimization and Entitlement
SLRService Level Requirements (SLR) is a standard for performance of the services, which sets Provider and Service Recipient expectations, describes the products or services to be delivered, and specifies the metrics by which the effectiveness of service activities, functions and processes will be measured, examined, changed, and controlled.
SMACITSocial, Mobile, Analytics, Cloud, and Internet of Things (SMACIT) technologies.
SMARTServices Management and Resource Tracking for IT Education
SMESubject Matter Expert
SMMService Management Manual (SMM) A series of DIR STS documents that describe operational procedures and policies
SMPSymmetric Multiprocessing (SMP) - involves a multiprocessor computer hardware and software architecture where two or more identical processors are connected to a single, shared main memory, have full access to all input and output devices, and are controlled by a single operating system instance that treats all processors equally, reserving none for special purposes. (Wikipedia)
SNMPSimple Network Management Protocol for managing devices on IP networks
SOSoftware Organizer (SO) tool used on the STS contract for storing Proof of Entitlement (PoE) and usage application data and calculating software license compliance positions.
SOAService-Oriented Architecture (SOA) is a meta architecture — that is, an architecture that unifies multiple (stand-alone) application level architectures to enable composite applications.
SOAPSimple Object Access Protocol (SOAP) is a protocol specification for exchanging structured information in the implementation of web services in computer networks. It uses XML Information Set for its message format, and relies on application layer protocols, most often Hypertext Transfer Protocol (HTTP) or Simple Mail Transfer Protocol (SMTP), for message negotiation and transmission.
SOCSecurity Operations Center
SOCService Organization Control (SOC) is a standard of compliance that has three types of certification, aptly named SOC 1, SOC 2 and SOC 3.

SOC 1® – Service Organization Control (SOC) 1 is a standard of compliance certification for the ICFR Report on Controls at a Service Organization Relevant to User Entities’ Internal Control over Financial Reporting (AICPA.ORG).

SOC 2, SOC 2+

SOC 2® – Service Organization Control (SOC) 2 is a standard of compliance certification for the Trust Services Criteria Report on Controls at a Service Organization Relevant to Security, Availability, Processing Integrity, Confidentiality or Privacy (AICPA.ORG).


SOC 3® – Service Organization Control (SOC) 3 is a standard of compliance certification for the Trust Services Criteria for General Use Report. These reports are designed to meet the needs of users who need assurance about the controls at a service organization relevant to security, availability, processing integrity confidentiality, or privacy, but do not have the need for or the knowledge necessary to make effective use of a SOC 2 Report. Because they are general use reports, SOC 3 reports can be freely distributed (AICPA.ORG).

SOHOSmall Office/Home Office
SOPStandard Operating Procedure
SOPServer Operation Procedures
SORMTexas State Office of Risk Management
SoTState of Texas (SoT)
SOWStatement of Work
SP&RCapgemini Service Performance & Reporting team - measurements against SLAs and importing them into ServiceNow
SPAN (port)Most enterprise switches copy the activity of one or more ports through a Switch Port Analyzer (SPAN) port, also known as a mirror port. An analysis device can then be attached to the SPAN port to access network traffic.
SPDR & MLMachine Learning (ML) & Statistical pattern discovery and recognition (SPDR)
SPECTRIMThe Statewide Portal for Enterprise Cybersecurity Threat, Risk & Incident Management (SPECTRIM) (based on RSA Archer SaaS platform)
SPISensitive Personal Information (SPI) or personally identifiable information (PII), as defined by §521.002(a)(2), Business and Commerce Code. Information that alone or in conjunction with other information identifies an individual.
SPOCSingle Point of Contact
SPOFSingle Point of Failure
SPSMSaaS Platform Security Management (SPSM) technologies
SpywareA form of Malicious Software that collects information about Users without their knowledge.
SQESenior / Software Quality Engineer
SQESafety, Quality, and Environmental (SQE) (ISO 9000, 14001)
SQLSQL is a standardized Structured Query Language for requesting information from a database, typically a tabular relational Database Management System (DBMS).
SRService Request (SR) A request from a User for information, or advice, or for a Standard Change or for Access to an IT Service. For example, to reset a password, or to provide standard IT Services for a new User. Service Requests are usually handled by a Service Desk, and do not require an Request for Change (RFC) to be submitted. (KnowledgeTransfer)
SRCSystems Rationalization Consolidation (SRC) DIR STS project.
SRMService Responsibility Matrix (SRM) Defines the level of responsibility of the SCP, MSI and DIR Customers for functions within STS.
SRTSchedules, Retentions and Targets (SRT) backup schedules, data retention period, targets to be backed up; Used in reference to the Schedules, Retention periods and Target environment for specific backups jobs. Defined by DIR Customers as a safeguard for data recovery.
SSASource Selection Authority (SSA) 
oversees the source selection process and selects the source or sources whose proposal(s) is the best value to the organization.
SSCSoftware Service Charge (SSC) software – STS Customer requested and payable by the DIR Customers - Requires Agency approval
SSDA solid-state drive (SSD) (also known as a solid-state disk or flash storage)
SSDSoftware String Description - acronym Capgemini is using for software compliance and standardizing software names. It is part of the method utilized to associate proof of entitlement documentation to the specific software license it represents
SSDA set of Standard Software Descriptions (SSD) used to associate a licensing pool with a particular application record. SSD is a combination of the Publication, Application, and Version for a particular software. These are gathered by the Discovery Tool during software scans and are utilized when linking the Proof of Entitlement with the Software's usage data.
SSISSQL Server Integration Services (SSIS) is a component of Microsoft SQL Server database software used for data migration and workflow. Provides data warehousing tool for data extraction, transformation, and loading (ELT).
SSLC/SSLCsTexas HHS State Supported Living Centers
SSOSingle Sign-On
SSPState Strategic Plan (SSP) for Information Resources presents updated technology trends agency leaders identified as relevant and describes how these trends will impact the direction for information resources management state.
SSRBPrior to project closure, the servers are reviewed by the SCP Steady State Review Board (SSRB) to ensure all of the tools are installed, etc., prior to accepting the servers for Steady State support.
SSRSSQL Server Reporting Services (SSRS) is a server-based report generating software system from Microsoft. It is part of suite of Microsoft SQL Server services, including SSAS (SQL Server Analysis Services) and SSIS (SQL Server Integration Services). Administered via a Web interface, it can be used to prepare and deliver a variety of interactive and printed reports. The SSRS service provides an interface into Microsoft Visual Studio so that developers as well as SQL administrators can connect to SQL databases and use SSRS tools to format SQL reports in many complex ways. It also provides a 'Report Builder' tool for less technical users to format SQL reports of lesser complexity. (Wikipedia)
StandardsSpecific mandatory controls that help enforce and support policies.
State recordAs defined by the Government Code, §441.180(11), any written, photographic, machine-readable, or other recorded information created or received by or on behalf of a state agency or an elected state official that documents activities in the conduct of state business or use of public resources. The term does not include library or museum material made or acquired and maintained solely for reference or exhibition purposes; an extra copy of recorded information maintained only for reference; or a stock of publications or blank forms. 
STMService Tier Matrix (STM) defines the level of service provided for the defined TIER for the agency servers e.g. Platinum, Gold, Silver, Bronze, Utility.
STSDIR Shared Technology Services (previously DCS). Statewide shared services including data center, managed security, managed applications and Texas.gov e-commerce portal.
sudoSudo stands for “superuser do,” and ships free with virtually every Unix and Linux operating system. When an administrator needs to perform a task that requires elevated rights, he or she prefaces the command with “su.” Sudo then checks a policy file, and if the requested command is approved, it is allowed. If it is not approved, the administrator is not allowed to execute the command.
SWLCSoftware License Compliance (SWLC) is a STS program managed by the MSI and implemented by the SCPs
SWMAAn IBM Software Maintenance Agreement (SWMA) is an agreement between you and IBM to provide ongoing support to your IBM licensed software, including your operating system (OS/400), WebSphere Development Studio (RPG, COBOL, JAVA, etc.), iSeries Access (formerly known as Client Access), and Query/400.
SWOTA SWOT analysis (alternatively SWOT matrix) is a structured planning method used to evaluate the Strengths, Weaknesses, Opportunities, and Threats involved in a project or in a business venture. (Wikipedia)
T&MTime and Materials cost basis
T2Texas Child Support Enforcement System 2.0
TACTexas Administrative Code
TAC 202Texas Administrative Code Chapter 202 – Information Security
TAP (port)A Test Access Point (TAP) is a passive splitting mechanism installed between a ‘device of interest’ and the network. TAPs transmit both the send and receive data streams simultaneously on separate dedicated channels, ensuring all data arrives at the monitoring device in real time.
TBMTechnology business management (TBM) uses people, process, technology, and data to create transformational IT initiatives that bring IT and the business closer together, all while better managing IT finance and operational costs.
TCOTotal cost of ownership or operations (TCO) is a financial estimate intended to help buyers and owners determine the direct and indirect costs of a product or system. It is a management accounting concept that can be used in full cost accounting or even ecological economics where it includes social costs.
TDDTelecommunications Device for the Deaf (TDD)
TDETransparent Data Encryption (TDE) is a technology employed by Microsoft, IBM and Oracle to encrypt database files. TDE offers encryption at file level. TDE solves the problem of protecting data at rest, encrypting databases both on the hard drive and consequently on backup media. It does not protect data in transit nor data in use. Enterprises typically employ TDE to solve compliance issues such as PCI DSS which require the protection of data at rest. (Wikipedia)
TechSGTechnical Solutions Group (TechSG) An STS Governance Committee comprised of agency, vendor and DIR staff members to review and approve DIR Customer's technical requests that are usually an exception to or a request to modify or expand technical contract standards.
TEX-AN NGTexas Agency Network Next Generation (TEX-AN NG) Communications Technology Services program
TGCTexas Government Code (TGC) This code is enacted as a part of the state's continuing statutory revision program, begun by the Texas Legislative Council in 1963 as directed by the legislature in the law codified as Chapter 323 of this code. The program contemplates a topic-by-topic revision of the state's general and permanent statute law without substantive change. (FindLaw)
ThreatAny circumstance or event with the potential to adversely impact organizational operations (including mission, functions, image, or reputation), organizational assets, or individuals.
TIMEThe Gartner TIME Framework is a comparative analysis that identifies applications—in the relative groups of Tolerate, Invest, Migrate, and Eliminate (TIME)—to help facilitate the prioritization of a portfolio and assist agencies in determining, “Where to start first.”
TIQSDCS Tools Infrastructure Query System (TIQS) scripted by the DCS Server SCP to pull in BigFix, SevOne, ADDM, CMDb, etc. into a central database for operations.
TKUTechnology Knowledge Update (TKU) is the method used by BMC Atrium Discovery (ADDM) to distribute TPL (the pattern language) patterns that you can install. Software identification and versioning is provided by the TKU patterns.
TlogThe transaction log (TLOG) keeps track of global transactions during the commit phase. At the end of the first phase of a 2-phase commit protocol, the participants in a global transaction issue a reply to the question of whether to commit or roll back the transaction. This reply is recorded in the TLOG. (Oracle)
TLSTransport layer security (TLS) is a protocol that provides communication security between client/server applications that communicate with each other over the Internet. It enables privacy, integrity and protection for the data that's transmitted between different nodes on the Internet. TLS is a successor to the secure socket layer (SSL) protocol.
TnTTransition and Transformation (TnT) STS Milestone Payment (only used one time to initiate enterprise services, e.g. the initial vBlock chassis and blades were covered out of this one time milestone)
TOASTexas Online Authentication Service (TOAS)
TOCThe Theory of Constraints (TOC) is a thinking process that focuses on the weakest link in a process. By identifying the core problem, solution, and implementation of the solution for each successive weakest link, TOC supports continuous improvement (ASQ.org).
TOSGTechnical/Operational Support Group (TOSG) DCS Mainframe SCP Analyst
TPETransaction Processing Engine (TPE) is the software used by the payment SCP to process credit card and Automated Clearing House (ACH) transactions.
TPLThe Pattern Language, TPL, is used to describe applications, products and other real-world entities that have been modeled in BMC Atrium Discovery (ADDM). The core aim of the language is to make it easy to describe the most common structures to be modeled, while remaining powerful enough to describe the vast majority of modeling situations.
TPMTechnology Policy Management
TPMTransaction Processing Monitor (TPM) A transaction processing monitor (TPM) is a program that monitors transactions from one stage to the next, ensuring that each one completes successfully; if not, or if an error occurs, the TM Monitor takes the appropriate action. A transaction processing monitor’s main purpose/objective is to allow resource sharing and assure optimal use of the resources by applications. (Techopedia)
TPMTechnical Project Manager (TPM) STS SCP Solutioning, Closing, Workstream RFS/Refresh, Technology, CSM and other Project Managers
TPPGThe DIR Technology Policy, Planning & Governance team provides Statewide policy and guidance in information resource management
TR&RTechnology Refreshment and Replenishment (TR&R) STS Services are the activities associated with modernizing the IT infrastructure on a continual basis to ensure that the system components stay current with evolving industry-standard technology platforms.
TRFARTemporary raised floor accesses for valid business reasons is granted or denied based on Data Center Site Support (approvers for temporary raised floor access requests) analysis of the Temporary Raised Floor Access Request (TRFAR) to validate the legitimacy of the request.
TRGTechnical Recovery Guide (TRG) i.e., disaster recovery document; Specifications for service recovery in the event of DR.
TRUSTeTrue Ultimate Standards Everywhere, Inc. (TRUSTe) is a data privacy management (DPM) and TrustArc subsidiary that specializes in Internet privacy. It is best known for the TRUSTe logo as an online privacy seal, signifying that a website is safe and values the security of its user base. TRUSTe monitors, assesses and certifies websites as well as cloud and mobile applications for data privacy and security.
TSDTechnical Specification Document (TSD) used for the STS innovation program.
TSDSThe Texas Student Data System (TSDS), a major initiative by the Texas Education Agency, is a new statewide system that modernizes and improves the quality of data collection, management, and reporting in Texas education.
TSLTransport Layer Security (TLS) and its predecessor, Secure Sockets Layer (SSL), both of which are frequently referred to as 'SSL', are cryptographic protocols designed to provide communications security over a computer network. They use X.509 certificates and hence asymmetric cryptography to authenticate the counterpart with whom they are communicating, and to negotiate a symmetric session key. This session key is then used to encrypt data flowing between the parties. This allows for data/message confidentiality, and message authentication codes for message integrity and as a by-product, message authentication. Several versions of the protocols are in widespread use in applications such as web browsing, email, Internet faxing, instant messaging, and voice-over-IP (VoIP). An important property in this context is forward secrecy, so the short-term session key cannot be derived from the long-term asymmetric secret key.
TSM backupsIBM Tivoli Storage Manager (TSM or ITSM) is a centralized, policy-based, enterprise class, data backup and recovery package.
TSOTime Sharing Option (TSO) is an interactive time-sharing environment for IBM mainframe operating systems, including OS/360 MVT, OS/VS2 (SVS), MVS, OS/390, and z/OS.
TSODIR Technology Sourcing Office – Now referred to as the Chief Procurement Office (CPO).
TTLTime to live (TTL) or hop limit is a mechanism that limits the lifespan or lifetime of data in a computer or network. TTL may be implemented as a counter or timestamp attached to or embedded in the data. Once the prescribed event count or timespan has elapsed, data is discarded. (Wikipedia)
TVSSTransient Voltage Surge Suppressor (TVSS) The purpose of a TVSS is to eliminate or reduce damage to data processing equipment and other critical equipment by limiting transient (surge) voltages and currents (surges) on electrical circuits.
UAAUnmatched Audited Applications (UAA) - Any application that Software Organizer cannot match to a Standard Software Description once Software Organizer reconciliation has been run.
UATUser Acceptance/Acceptability Testing
UBAUser Behavior Analytics
UCUnified communications (UC) is the integration of real-time communication services such as instant messaging (chat), presence information, telephony (including IP telephony), video conferencing, desktop sharing, data sharing (including web connected electronic interactive whiteboards), call control and speech recognition with non-real-time communication services such as unified messaging (integrated voicemail, e-mail, SMS and fax). UC is not necessarily a single product, but a set of products that provides a consistent unified user-interface and user-experience across multiple devices and media-types.
UC SAN certsUnified Communications (UC) Multi-Domain SSL Certificates have been developed primarily for use with Exchange, Lync, or Skype for Business Servers or environments where you need to secure multiple names across different domains. UC Multi-Domain SSL Certificates may use Subject Alternative Names (SANs) to secure 250 domains, websites or subdomains with one certificate. Subject Alternative Name (SAN) is an extension to X.509 that allows various values to be associated with a security certificate using a subjectAltName field. These values are called "Subject Alternative Names" (SANs). Names include: Email addresses IP addresses URIs DNS names (This is usually also provided as the Common Name RDV within the Subject field of the main certificate.) other names, as given as a General Name: a registered Object identifier followed by a value
UCaaSUnified Communications as a Service is a cloud provided integration of real-time communication services such as instant messaging (chat), presence information, telephony (including IP telephony), video conferencing, desktop sharing, data sharing (including web connected electronic interactive whiteboards), call control and speech recognition with non-real-time communication services such as unified messaging (integrated voicemail, e-mail, SMS and fax). UC is not necessarily a single product, but a set of products that provides a consistent unified user-interface and user-experience across multiple devices and media-types.
UEBABecause privileged access remains risky, more vendor Privileged Access Management (PAM) offerings will feature capabilities to review privileged activity like advanced session recording, intelligent playback, and User and Entity Behavior Analytics (UEBA)
ULNSTS Unix, Linux and Novell servers (i.e., the non-Windows servers)
UPSAn Uninterruptible Power Supply, also uninterruptible power source (UPS) is typically used to protect hardware such as computers, data centers, telecommunication equipment or other electrical equipment where an unexpected power disruption could cause injuries, fatalities, serious business disruption or data loss. UPS units range in size from units designed to protect a single computer without a video monitor (around 200 volt-ampere rating) to large units powering entire data centers or buildings. The world's largest UPS, the 46-megawatt Battery Electric Storage System (BESS), in Fairbanks, Alaska, powers the entire city and nearby rural communities during outages.
URLUniform Resource Locator (web address)
UserAn individual, process, or automated application authorized to access an information resource in accordance with federal and state law, agency policy, and the information-owner's procedures and rules.
UTISIUnstructured text indexing, search and inference (UTISI) Gartner’s
vBlockvBlock systems consist of storage and provisioning from EMC, switches and servers from Cisco, and VMware virtualization software running on the servers. (Wikipedia)
VCACVMWare’s vCloud Automation Center (vCAC) - depreciated by vRealize
VCEVCE is the VMware, Cisco, EMC (VCE) Coalition is a partnership between these 3 companies to work together to promote and accelerate the movement to cloud computing and fully virtualized environments. The VCE acronym has also been interpreted as "virtualization changes everything". The vBlock is the building block offered by VCE to help companies make this move to virtualization easier and faster (hyper converged architecture)
VCP5-DCVVMware Certified Professional on Data Center Virtualization (VCP5-DCV) certification
vCPUA vCPU stands for Virtual Central Processing Unit. One or more vCPUs are assigned to every Virtual Machine (VM) within a cloud environment. Each vCPU is seen as a single physical CPU core by the VM's operating system.
VDIVirtual Desktop Infrastructure (VDI) is virtualization technology that hosts a desktop operating system on a centralized server in a data center. VDI is a variation on the client-server computing model, sometimes referred to as server-based computing. The term was coined by VMware. (Wikipedia)
VDIVirtual Desktop Infrastructure (VDI) is software technology that separates the desktop environment and associated application software from the physical client device that is used to access it. (Wikipedia)
VHDVirtual Hard Drive- Just like a VHD in Hyper-V or Virtual PC, this binary file represents a complete virtual disk.
VILTVirtual instructor-led training (VILT) refers to training that is delivered in a virtual or simulated environment, or when instructor and learner are in separate locations. Virtual instruction environments are designed to simulate the traditional classroom or learning experience. VILT can be conducted synchronously or asynchronously. The term is also referred to as virtual classroom training (VCT).
VIO/VIOS (servers)Virtual Input/Output (VIO) is a technique used in IBM enterprise environments to lower costs, improve performance and make server management easy and simple. The virtual I/O methodology allows a single physical adapter card to be seen as multiple virtual network interface cards (NICs) and virtual host bus adapters (HBAs), which operate just like conventional NICs and HBAs.
VirtualizationCreation of a virtual version of a server, storage, or network resource.
VirusA form of Malicious Software that can copy itself and infect a computer without the permission or knowledge of the User.   
VLANVirtual Local Area Network
VLAN in the CloudVLAN (Virtual LAN) in the Cloud provides standard supportable STS connectivity for CDC deployed applications to applications hosted in AWS or Azure.
VMVirtual Machine
VMAXThe EMC VMAX is a family of SAN arrays designed for enterprise environments requiring large amounts of storage.
VMIVendor-Managed Inventory
VNeMVirtual Network Management is a Hitachi term for the Hitachi content platform network environment
VNXEMC’s unified hybrid storage arrays. Combines flash, capacity, and application-aware software.
VoIPVoice over IP (VoIP) is a methodology and group of technologies for the delivery of voice communications and multimedia sessions over Internet Protocol (IP) networks, such as the Internet. Other terms commonly associated with VoIP are IP telephony, Internet telephony, broadband telephony, and broadband phone service.
VPATVoluntary Product Accessibility Template (VPAT) related to section 508 of the Americans with Disabilities Act (ADA). DIR provides description for VPATs on its website.
A Virtual Private Cloud (VPC) is an on-demand configurable pool of shared computing resources allocated within a public cloud environment, providing a certain level of isolation between the different organizations (denoted as users hereafter) using the resources (Wikipedia).
VPNVirtual Private Network
VPSVirtual Private Server (VPS), a form of mass-market hosting (e.g., Digital Ocean)
VRVirtual Reality (VR) an artificial environment which is experienced through sensory stimuli (such as sights and sounds) provided by a computer and in which one's actions partially determine what happens in the environment; also : the technology used to create or access a virtual reality (merriam-webster)
vRAVMware vRealize Automation (formerly vCloud Automation Center - vCAC) – (VMware)
VRFIn IP-based computer networks, Virtual Routing and Forwarding (VRF) is a technology that allows multiple instances of a routing table to co-exist within the same router at the same time. Because the routing instances are independent, the same or overlapping IP addresses can be used without conflicting with each other. Network functionality is improved because network paths can be segmented without requiring multiple routers (Wikipedia)
vROpsvRealize Operations Manager delivers intelligent operations management with application-to-storage visibility across physical, virtual, and cloud infrastructures (VMWare)
VSATVery Small Aperture Terminal (VSAT) is a two-way satellite ground station with a dish antenna that is smaller than 3.8 meters. The majority of VSAT antennas range from 75 cm to 1.2 m. Data rates, in most cases, range from 4 kbit/s up to 16 Mbit/s. VSATs access satellites in geosynchronous orbit or geostationary orbit to relay data from small remote Earth stations (terminals) to other terminals (in mesh topology) or master Earth station "hubs" (in star topology). (Wikipedia)
VSEMcAfee VirusScan Enterprise (VSE) (Replaced by McAfee end-point security) safeguards systems and files from viruses and other security risks. It detects and removes malware, and configures antivirus policies to manage quarantined items. - Real-time antivirus scanning ensures all systems, including remote locations, are protected from threats. - Guards against buffer-overflow exploits that target vulnerabilities in Microsoft applications. - Uses the McAfee ePolicy Orchestrator centralized management console to deploy policies, manage security alerts, and review automated reports. - Supported by McAfee Global Threat Intelligence, working 24/7 to protect against cyberthreats across all vectors.
VSMValue-Stream Mapping (VSM) is a lean-management method for analyzing the current state and designing a future state for the series of events that take a product or service from its beginning through to the customer with reduced lean wastes as compared to current map (wikipedia).
vSOMVMWare vSphere with Operations Management (vSOM) for capacity planning
VSSA Volume Shadow Copy Service-based backup (VSS-based backup) is a Windows service that captures and creates snapshots called shadow copies. VSS, also known as Volume Snapshot Service, operates at the block level of the file system and enables virtual server backup in Microsoft environments. The VSS is a set of COM interfaces that implements a framework to allow volume backups to be performed while applications on a system continue to write to the volumes.
VTAMVirtual Telecommunications Access Method (VTAM) is the IBM subsystem that implements Systems Network Architecture (SNA) for mainframe environments. VTAM provides an application programming interface (API) for communication applications, and controls communication equipment such as adapters and controllers.
VTSVirtual Tape Storage (data domain)
Vulnerability AssessmentA documented evaluation containing information described in §2054.077(b), Texas Government Code which includes the susceptibility of a particular system to a specific attack.
VUMInitially called “VMware Update Manager (VUM)”, the now renamed vSphere Update Manager (or VUM) is used to keep vSphere infrastructures up to date. Every commercial version of vSphere, (all the way down to vSphere Essentials) includes VUM, but vCenter is a required component.
VVolVirtual Volumes (VVol) is an integration framework to make 3rd party storage systems VM-aware and thereby enables control over native storage capabilities using the VMware control plane for Storage Policy-Based Management
W3CWorld Wide Web Consortium (W3C) is the main international standards organization for the World Wide Web
WAASCisco Wide Area Application Services (WAAS) is technology developed by Cisco Systems that optimizes the performance of any TCP-based application operating in a wide area network (WAN) environment while preserving and strengthening branch security. WAAS combines WAN optimization, acceleration of TCP-based applications, and Cisco's Wide Area File Services (WAFS) in a single appliance or blade (Wikipedia)
WAF(s)Web Application Firewall (WAF) filters, monitors, and blocks HTTP traffic to and from a web application. A WAF is differentiated from a regular firewall in that a WAF is able to filter the content of specific web applications while regular firewalls serve as a safety gate between servers. By inspecting HTTP traffic, it can prevent attacks stemming from web application security flaws, such as SQL injection, cross-site scripting (XSS), file inclusion, and security misconfigurations (Wikipedia)
WAMWeb Access Management
WANWide Area Network
WBEMWeb-Based Enterprise Management (WBEM) is a set of specifications published by DMTF that define how resources modeled using the DMTF’s Common Information Model (CIM) can be discovered, accessed and manipulated. WBEM provides the ability for the industry to deliver a well-integrated set of standard-based management tools, facilitating the exchange of data across otherwise disparate technologies and platforms. (DMTF)
WCAGWeb Content Accessibility Guidelines (WCAG) -   Part of a series of web accessibility guidelines published by the Web Accessibility Initiative (WAI) of the World Wide Web Consortium (W3C), the main international standards organization for the Internet. They are a set of guidelines that specify how to make content accessible, primarily for people with disabilities—but also for all user agents, including highly limited devices, such as mobile phones. The current version, WCAG 2.0, was published in December 2008 and became an ISO standard, ISO/IEC 40500:2012 in October 2012.
WebDAVWeb Distributed Authoring and Versioning (WebDAV) is an extension of the Hypertext Transfer Protocol (HTTP)
WEP / WPA(2)Wired Equivalent Privacy (WEP) was first released as a portion of the IEEE 802.11 standard in 1999. Its security was deemed to be the equivalent of any wired medium, hence its name. As the years passed, WEP was deemed broken, and it has since been replaced by two other iterations of wireless security protocols, Wi-Fi Protected Access (WPA) and WPA2.
WiDENWideband Integrated Dispatch Enhanced Network (WiDEN) was a software enhancement for the iDEN enhanced specialized mobile radio (ESMR) wireless telephony protocol, both developed by Motorola. WiDEN enabled compatible subscriber units to communicate using four combined 25-kHz channels, resulting in up to 100 kbits/s of bandwidth. WiDEN was generally regarded as a 2.5G wireless cellular technology.
WIPWork in Progress (WIP)
WIPSA Wireless Intrusion Prevention System (WIPS) prevents unauthorized network access by monitoring a radio spectrum and looking for unusual network activity.
WITOWalk In -Take Over (WITO) - The transitioning contract period between current vendors and new vendors where the incoming vendors are contracted for "keeping the lights on" to maintain essential service operations, prior to the new contract commencement.
WMIWindows Management Instrumentation (WMI) is Microsoft's implementation of the Web-Based Enterprise Management (WBEM) and Common Information Model (CIM) standards from the Distributed Management Task Force (DMTF).
WormA self-replicating computer program that performs specific tasks. Worms are often used as Malicious Software.
WORMWrite-Once, Read-Many (WORM) storage
WRTWork Recovery Time (WRT) determines the maximum tolerable amount of time that is needed to verify the system and/or data integrity. This could be, for example, checking the databases and logs, making sure the applications or services are running and are available (Default Reasoning).
WSUSWindows Server Update Services (WSUS), previously known as Software Update Services (SUS), is a computer program developed by Microsoft Corporation that enables administrators to manage the distribution of updates and hotfixes released for Microsoft products to computers in a corporate environment. WSUS downloads these updates from the Microsoft Update website and then distributes them to computers on a network. WSUS runs on Windows Server and is free to licensed Microsoft customers.
WWN/WWIDA World Wide Name (WWN) is a unique identifier assigned by the Institute of Electrical and Electronics Engineers (IEEE) to the manufacturers of network storage products. A manufacturer must include a WWN with all network storage devices. WWN is also known as World Wide Identifier (WWID).
XaaSAnything-as-a-Service (XaaS) refers to the growing diversity of services available over the Internet via cloud computing as opposed to being provided locally, or on premises. Also known as everything-as-a-service, anything-as-a-service reflects the vast potential for on-demand cloud services and is already being heavily marketed and promoted by companies like VMware and HP.
XACMLeXtensible Access Control Markup Language (XACML) is an OASIS standard that describes both a policy language and an access control decision request/response language (both written in XML). The policy language is used to describe general access control requirements, and has standard extension points for defining new functions, data types, combining logic, etc.
XMLeXtensible Markup Language (XML) XML stands for eXtensible Markup Language. XML was designed to store and transport data. XML was designed to be both human- and machine-readable. (w3schools)
XMPPExtensible Messaging and Presence Protocol (XMPP) is an open XML technology for real-time communication, which powers a wide range of applications.
Zero-dayA Zero-day (also known as Zero-hour or 0-day) vulnerability is an undisclosed and uncorrected computer application vulnerability that could be exploited to adversely affect the computer programs, data, additional computers or a network. It is known as a "zero-day" because once a flaw becomes known, the programmer or developer has zero days to fix it. Zero-day exploits are attempted before or on the day notice of the vulnerability is released to the public; sometimes before the author is aware or has developed and made available corrected code. Zero-day attacks are a severe threat.

DIR acknowledges the use of many and varied external references in the generation of this glossary.  We have attempted to clearly identify the source with a link to the source.  Please contact us via glossary@dir.texas.gov with any concerns about the source or usage.
If your use of the glossary has the potential to impact your organization's services please review its use with your legal counsel.