Glossary of Terms

State contracts may have definitions specific to a contract, and Texas statutes may provide other definitions for the same terms or phrases which apply to various scenarios and exceptions. While statutory definitions have the force of law, they don't always offer the best plain language definition.

When using this glossary, please consider the interrelation of these definitions, statutory definitions and contractual definitions. Where there is a perceived conflict or ambiguity, please consult your legal counsel.


Glossary of Terms

/3GB switch The /3GB switch for 32 bit architectures up through Windows 2003 changes the way the 4GB virtual address space is split up. Instead of splitting it as 2GB of user mode virtual address space and 2GB of kernel mode virtual address space, the split is 3GB of user mode virtual address space and 1GB of kernel mode virtual address space.
4g LTE LTE, an abbreviation for Long-Term Evolution, commonly marketed as 4G LTE, is a standard for wireless communication of high-speed data for mobile phones and data terminals. It is based on the GSM/EDGE and UMTS/HSPA network technologies, increasing the capacity and speed using a different radio interface together with core network improvements.
A/B Testing A/B testing (also known as bucket tests or split-run testing) is a randomized experiment with two variants, A and B. A/B testing is a way to compare two versions of a single variable, typically by testing a subject's response to variant A against variant B, and determining which of the two variants is more effective.
AA-IPM & APM Application-Aware Infrastructure Performance Monitoring & Application Performance Monitoring
AAA Authentication, Authorization, and Accounting (AAA) is a term for a framework for intelligently controlling access to computer resources, enforcing policies, auditing usage, and providing the information necessary to bill for services. These combined processes are considered important for effective network management and security.
AAGR Average Annual Growth Rate
ABAC Attribute-based access control (ABAC) defines an access control paradigm whereby access rights are granted to users through the use of policies which combine attributes together. The policies can use any type of attributes (user attributes, resource attributes, environment attribute etc.).
ABEST Automated Budget and Evaluation System of Texas (ABEST) is a web-based application. Legislative Budget Board (LBB) staff use ABEST to track agency requests for appropriations through the stages of the legislative appropriations process, and agency performance through the biennial budget cycle
ACCESS The physical or logical capability to view, interact with, or otherwise make use of information resources
ACI Cisco Application Centric Infrastructure (ACI) reduces Total Cost of Ownership (TCO), automates IT tasks, and accelerates data center application deployments by using a business-relevant software defined networking (SDN) policy model across networks, servers, storage, security, and services.
ACID Atomicity, Consistency, Isolation, Durability (ACID ) is a set of properties that guarantee that database transactions are processed reliably.
ACL An Access Control List (ACL), with respect to a computer file system, is a list of permissions attached to an object. An ACL specifies which users or system processes are granted access to objects, as well as what operations are allowed on given objects. (Wikipedia)
ACM Association for Computing Machinery (
Actor An actor in the Unified Modeling Language (UML) "specifies a role played by a user or any other system that interacts with the subject." 

"An Actor models a type of role played by an entity that interacts with the subject (e.g., by exchanging signals and data), but which is external to the subject." 

"Actors may represent roles played by human users, external hardware, or other subjects. Actors do not necessarily represent specific physical entities but merely particular facets (i.e., “roles”) of some entities that are relevant to the specification of its associated use cases. A single physical instance may play the role of several different actors and a given actor may be played by multiple different instances." 

Actors interact with use cases(wikipedia)
Actor In the context of the use of a process, procedure, or application software, an actor is a general term that could be any person that manually triggers a process, provides content or data, provides approvals for the completion of stages, or causes the process to stop before completion of said processes or procedures.  It does not generally differentiate between levels of authority or job title. This does not include any automation of a process that involves performing any of these types of tasks through rules, timing, or predetermined data values that may be applied to move a process along in an application.
ACV The Cisco Application Visibility and Control (AVC) solution is a suite of services in Cisco network devices that provides application-level classification, monitoring, and traffic control, with the intent to: improve business-critical application performance; support capacity management and planning; and reduce network operating costs.
AD Active Directory (AD) is a directory service that Microsoft developed for Windows domain networks and is included in most Windows Server operating systems as a set of processes and services.  In STS and the state of Texas also supported in the Unix and other environments and is the default authentication mechanism.
AD LDS Active Directory LDAP Directory Service (AD LDS) is a Microsoft Lightweight Directory Access Protocol (LDAP) directory service role that provides flexible support for directory-enabled applications, without the dependencies that are required for Active Directory Domain Services (AD DS). AD LDS provides much of the same functionality as AD DS, but it does not require the deployment of domains or domain controllers. You can run multiple instances of AD LDS concurrently on a single computer, with an independently managed schema for each AD LDS instance. AD LDS can store “private” directory data, which is relevant only to the application, in a local directory service—possibly on the same server as the application—without requiring any additional configuration to the server operating system directory. This data, which is relevant only to the application and which does not have to be widely replicated, is stored solely in the AD LDS directory that is associated with the application. This solution reduces replication traffic on the network between domain controllers that serve the server operating system directory. However, if necessary you can configure this data to be replicated between multiple AD LDS instances.  Enterprise applications must often store personalization data that is associated with authenticated users in AD DS. Storing this personalization data in AD DS would require AD DS schema changes. In this scenario, an application can use AD LDS to store application-specific data, such as policy and management information, while it uses the user principals in AD DS for authentication and for controlling access to objects in AD LDS. Such a solution makes it unnecessary for each AD LDS directory to have its own user database. Therefore, this solution prevents a proliferation of user IDs and passwords for end users every time a new directory-enabled application is introduced to the network.
ADA The Americans with Disabilities Act of 1990 (42 U.S.C. § 12101) is a civil rights law that prohibits discrimination based on disability. (wikipedia)

ADC Austin Data Center (ADC) The facility located in Austin, Texas that hosts servers and supporting infrastructure that supports agencies business applications for agencies participating in the STS contract.
ADDF The Application Development Decision Framework (ADDF) created by DIR for guidance in application development performed by state agencies. Scope ranges from business alignment to process improvement, and development styles to application architecture innovation. Each topic area is comprised of individual topics, with actionable recommendations to elevate agencies' current approaches to application development.
ADDM BMC Application Discovery and Dependency Mapping (ADDM) for automated asset discovery and application dependency mapping
ADFS Active Directory Federation Services (ADFS) is a software component developed by Microsoft that can be installed on Windows Server operating systems to provide users with single sign-on access to systems and applications located across organizational boundaries. It uses a claims-based access control authorization model to maintain application security and implement federated identity.
AFP AFP (Apple Filing Protocol) for network file sharing and folder synchronization
AFRS Annual Facilitated Risk Session
Agency Acronyms Lists of common state agency abbreviations may be found at:

Texas Comptroller -

Secretary of State -

TSLAC TRAILS list of agency websites -
Agency Head The top-most senior executive with operational accountability for an agency, department, commission, board, office, council, authority, or other agency in the executive or judicial branch of state government, that is created by the constitution or a statute of the state; or institutions of higher education, as defined in §61.003, Education Code.
AHT Average handle time (AHT) is a call center metric for the average duration of one transaction, typically measured from the customer's initiation of the call and including any hold time, talk time and related tasks that follow the transaction. AHT is a prime factor when deciding call center staffing levels.
AI Artificial Intelligence (AI) is the use of computer programs that have some of the qualities of the human mind, such as the ability to understand language, recognize pictures, and learn from experience. (
ALM Application Lifecycle Management (ALM) is the product lifecycle management of computer programs. It encompasses requirements management, software architecture, computer programming, software testing, software maintenance, change management, continuous integration, project management, and release management. Wikipedia
AOT Remedy Application Object Templates (AOT). In STS we use these to note availability outages for SLA measurements attached to a PBI
aPaas application Platform as a Service (aPaaS) is a cloud service that offers enhanced development mechanisms to the cloud platform as a service provisioning and deployment environments
APAR An Authorized Program Analysis Report (APAR) is a formal report from IBM development to customers that have notified IBM of a problem or suspected defect. If IBM development is able to confirm the existence of the issue they will create an APAR with any known workarounds and perhaps an indication of which future release, if any, of the IBM program they intend to target for a formal fix to the defect and whether or not a Program Temporary Fix (PTF) is planned. The APAR will then be published so that it is visible to supported customers.
API Application Programming Interface
APM Application Performance Management (APM) is the monitoring and management of performance and availability of software applications. APM strives to detect and diagnose application performance problems to maintain an expected level of service (SLA). APM is the translation of IT metrics into business meaning (i.e., value).  APM measures OSI layers 4 through 7 while network monitoring measures layers 1 to 3.
APM Application Portfolio Management (APM) is a framework for managing enterprise IT software applications and software-based services. APM provides managers with an inventory of the company's software applications and metrics to illustrate the business benefits of each application.
App/Dev Application Development
APQC American Productivity & Quality Center (APQC) helps organizations work smarter, faster, and with greater confidence. It is the world’s foremost authority in benchmarking, best practices, process and performance improvement, and knowledge management (APQC).
APQC PCF APQC's Process Classification Framework (PCF)® is the most used process framework in the world. It creates a common language for organizations to communicate and define work processes comprehensively and without redundancies. Organizations are using it to support benchmarking, manage content, and perform other important performance management activities (APQC).
APT Advanced Persistent Threat (APT) is a set of stealthy and continuous computer hacking processes, often orchestrated by human(s) targeting a specific entity.
ARC/RRC Additional Resource Charges (ARCs) or Reduced Resource Credits (RRCs) are incremental charges/credits for volumes above or below the Monthly Resource Baselines but within the resource unit pricing bands.

These terms are used in the DIR Data Center Services contract.

Base/Variable is an Exhibit 4B term meaning the costs for the certain items (like infrastructure SW) in part of the monthly base charge + variable ARC/RRC methodology vs charged separately like (HSC/SSC). 

Additional Resource Charges (ARCs) are the incremental charges set forth in Exhibit 4 for the use of the Services above the Monthly Resource Baselines for such Services.

Reduced Resource Charges (RRCs) are the incremental credits set forth in Exhibit 4 to the Agreement for the use of Services below the Monthly Resource Baselines for such Services.

ARP Address Resolution Protocol (ARP) is a protocol for mapping an Internet Protocol address (IP address) to a physical machine address that is recognized in the local network
ASA Cisco Adaptive Security Appliance (ASA) combines firewall, antivirus, intrusion prevention, and virtual private network (VPN) capabilities.  It provides proactive threat defense that stops attacks before they spread through the network
ASA Average Speed to Answer (ASA) - measurement relative to the Service/Help Desk
ASE Accelerated Solution Environment (annual meeting).  A facilitation structure used by Capgemini to bring together the right people with the right content, underpinned by a rigorous method and process.  Events of one to three days are organized in ASE Design Sessions.  A dedicated team scopes, designs, and facilitates multiple ASE DesignSessions over a project lifecycle to help key stakeholders and project members align and implement change successfully. 
AST/DAST/SAST Application Security Testing (DAST - dynamic, SAST - static)
ATIP ATIP blades (Application and Threat Intelligence Processor) – these blades provide the NTO with NetFlow capabilities
ATP Advanced Threat Protection (ATP)
ATS A transfer switch is an electrical switch that switches a load between two sources. Some transfer switches are manual, in that an operator effects the transfer by throwing a switch, while others are automatic and switch when they sense one of the sources has lost or gained powerAn Automatic Transfer Switch (ATS) is often installed where a backup generator is located, so that the generator may provide temporary electrical power if the utility source fails.
AU(s) Authorized User(s)
Availability The security objective of ensuring timely and reliable access to and use of information
AVT Application Verification Testing
AWS Amazon Web Services (AWS) is a collection of remote computing services (also called web services) that together make up a cloud computing platform, offered over the Internet by The most central and well-known of these services are Amazon EC2 (elastic compute cloud) and Amazon S3 (simple storage service).
AWS Availability Zone An AWS Availability Zone is a logical data center in a region available for use by any AWS customer. Each zone in a region has redundant and separate power, networking and connectivity to reduce the likelihood of two zones failing simultaneously. A common misconception is that a single zone equals a single data center. In fact, each zone is backed by one or more physical data centers, with the largest backed by five (Rackspace).
AWS Region An AWS Region is a geographical location with a collection of availability zones mapped to physical data centers in that region. Every region is physically isolated from and independent of every other region in terms of location, power, water supply, etc. (Rackspace)
B2B Business to Business
BAFO Best and Final Offer (BAFO)
BAU Business As Usual
BCP The Border Gateway Protocol (BGP) is the protocol used throughout the Internet to exchange routing information between networks.  It is the language spoken by routers on the Internet to determine how packets can be sent from one router to another to reach their final destination.  BGP has worked extremely well and continues to the be protocol that makes the Internet work.
BCP/BC Planning Business Continuity Planning (BCP) identifies an organization's exposure to internal and external threats and synthesizes hard and soft assets to provide effective prevention and recovery for the organization, while maintaining competitive advantage and value system integrity
BEC Business Email Compromise (BEC), also referred to as a ‘Man in the email’ or ‘Man in the middle’ attack, is a specific form of phishing where cyber criminals spoof the email addresses of an organization’s executive (most of the times C-level) to defraud the organization’s employees, partners, etc. Cyber criminals can spoof the email address of an organization’s executive to increase the credibility of an email. The attack is usually targeted at specific individuals in order to obtain money or confidential information. The methods usually used are wire transfers but check payments can also be requested (DMARC Analyzer).
BELC Business Executive Leadership Council (BELC) is a Governance committee comprised of agency executive leadership that provides direction and guidance to the STS Program.
BIA Business Impact Analysis (BIA) differentiates critical (urgent) and non-critical (non-urgent) organization functions/activities. Critical functions are those whose disruption is regarded as unacceptable. Perceptions of acceptability are affected by the cost of recovery solutions. A function may also be considered critical if dictated by law. For each critical (in scope) function, two values are then assigned:

 • Recovery Point Objective (RPO) 

 • Recovery Time Objective (RTO) (Wikipedia).
BICC Business Intelligence Competency Center (BICC) is a cross-functional organizational team that has defined tasks, roles, responsibilities and processes for supporting and promoting the effective use of Business Intelligence (BI) across an organization.

BIND Berkeley Internet Name Domain (BIND) is open source software that implements the Domain Name System (DNS) protocols for the Internet. It is a reference implementation of those protocols, but it is also production-grade software, suitable for use in high-volume and high-reliability applications.  The name BIND stands for “Berkeley Internet Name Domain”, because the software originated in the early 1980s at the University of California at Berkeley.
Blockchain blockchain, originally block chain, is a growing list of records, called blocks, which are linked using cryptography. Each block contains a cryptographic hash of the previous block, a timestamp, and transaction data. By design, a blockchain is resistant to modification of the data. (Wikipedia)
BMR Bare-Metal Restore (BMR), bringing up a server fully starting with just the hardware platform and backups.
BMS Building Management System (BMS)
BOS Hybrid Cloud Services (HCS) Business Orchestration Suite (BOS) to provide workflow to the Enterprise Service Bus (ESB)
BOSH BOSH is a recursive acronym for Bosh Outer SHell.  BOSH is a project that unifies release engineering, deployment, and lifecycle management of small and large-scale cloud software. BOSH can provision and deploy software over hundreds of VMs. It also performs monitoring, failure recovery, and software updates with zero-to-minimal downtime.

While BOSH was developed to deploy Cloud Foundry PaaS, it can also be used to deploy almost any other software (Hadoop, for instance). BOSH is particularly well-suited for large distributed systems. In addition, BOSH supports multiple Infrastructure as a Service (IaaS) providers like VMware vSphere, vCloud Director, Amazon Web Services EC2, and OpenStack. There is a Cloud Provider Interface (CPI) that enables users to extend BOSH to support additional IaaS providers such as Google Compute Engine and Apache Cloud Stack.
Bot Bot is a device or piece of software that can execute commands, reply to messages, or perform routine tasks, as online searches, either automatically or with minimal human intervention (often used in combination, eg. Chatbot). (
BPA Best Practice Assessment/Analyzer
BPA Business Process Automation (BPA), is the strategy a business uses to automate processes in order to contain costs. It consists of integrating applications, restructuring labor resources and using software applications throughout the organization. (Wikipedia)
BPMN A standard Business Process Model and Notation (BPMN) will provide businesses with the capability of understanding their internal business procedures in a graphical notation and will give organizations the ability to communicate these procedures in a standard manner. Furthermore, the graphical notation will facilitate the understanding of the performance collaborations and business transactions between the organizations. This will ensure that businesses will understand themselves and participants in their business and will enable organizations to adjust to new internal and B2B business circumstances quickly.
BPMS or BPM(s) Business Process Management Suite or

Business Process Management (suite)
BPO Business Process Outsourcing
BRE Business Rule Engine
BTD Build, Test, Deploy (BTD)
BUR BWS Backup Recovery Billing Work Stream milestones
Business Application Business Application name is the high-level label used by an agency business and IT organization to easily identify a group of functions provided by one or more systems to accomplish the specific business needs of the agency.  A Business Application is typically a combination of integrated hardware and software (including data and applications), internally developed custom systems, commercial off the shelf (COTS) applications, and/or customized third-party systems.
BV Base Variable software (BV) – STS term used for Infrastructure software purchased by STS Service Component Provider (SCP) – Require SCP approval by the Business Unit
BVD Business Value Dashboard(s) as a way to visually align technology and business metric/outcomes (i.e., revenue, I&O organizations)
BYOD Bring Your Own Device
BYOL Bring Your Own License to the cloud for software usage
C1R/Class 1R Class 1 Risk (C1R) is a Class 1-eligible application that has not received either a Proof of Concept (PoC) or a DR exercise. 
C2 Sites Command-and-Control servers, also called C&C or C2, are used by attackers to maintain communications with compromised systems within a target network. The terms "command" and "control" are often bandied about without a clear understanding, even among some security professionals, of how these communications techniques work to govern malware. 91% of traffic to known C2 sites leverage DNS layer.
C3 Community Cloud Computing (ACM) / STS Catalog Community Cloud
CA In cryptography, a certificate authority or certification authority (CA) is an entity that issues digital certificates. A digital certificate certifies the ownership of a public key by the named subject of the certificate. This allows others (relying parties) to rely upon signatures or on assertions made about the private key that corresponds to the certified public key. A CA acts as a trusted third party—trusted both by the subject (owner) of the certificate and by the party relying upon the certificate. The format of these certificates is specified by the X.509 standard.  (Wikipedia)
Caas Containers as a Service (CaaS) is a form of container-based virtualization in which container engines, orchestration and the underlying compute resources are delivered to users as a service from a cloud provider. In some cases, CaaS is also used to describe a cloud provider's container support services. (…)

(Context from Docker Blog)
CAB Change Approval Board (CAB)  A regularly scheduled weekly meeting between the STS MSI Change Managers, SCP Sys Admins and agency's meet to obtain agency approval to move forward with requested changes to the agency's environment.
CAB Change Advisory Board (CAB)  STS SCP Architect Board that approves Solution Designs
CAFR Comprehensive Annual Financial Report (CAFR) is a set of U.S. government financial statements comprising the financial report of a state, municipal or other governmental entity that complies with the accounting requirements promulgated by the Governmental Accounting Standards Board (GASB) (wikipedia)
CAGR The year-over-year growth rate of an investment over a specified period of time. The Compound Annual Growth Rate (CAGR) is calculated by taking the nth root of the total percentage growth rate, where n is the number of years in the period being considered.
CAL(s) / ML(s) Client Access Licenses and Management Licenses

If the workstations in your organization are networked, you likely depend on network server software to perform certain functions, such as file and print sharing. To access this server software legally, a Client Access License (CAL) may be required. A CAL is not a software product; rather, it is a license that gives a user the right to access the services of the server.

Likewise, if you manage the devices on your network by using management software such as Microsoft System Center, a Management License (ML) may be required for the device being managed.

Licensing software with CALs and MLs can be complicated due to the technical nature of server products and networks. For example, Microsoft offers a device-based CAL (Device CAL) or a user-based CAL (User CAL) for purchase. In addition, an External Connector (EC) license is offered for some products as an optional alternative to address specific customer scenarios.
CAP Capgemini America, Inc
CAP Corrective Action Plan
CapEx Traditional Capital Expenditure Model
CapNet Capitol Area Network
CAPPS Centralized Accounting and Payroll/Personnel System (CAPPS) established as a shared service and coordinated by the Texas Comptroller of Public Accounts
CASB Cloud Access Security Brokers (e.g., common defense infrastructure and tools across all SaaS deployments)
CASE Computer-Aided Software Engineering

The Contract Advisory Team (CAT) was created to assist state agencies in improving contract management practices by reviewing the solicitation of contracts with a monetary value of $5 million or more. Section §2262.102 of the Texas Government Code lists the following members for the CAT:

  • one member from the Comptroller of Public Accounts (CPA);
  • one member from the Department of Information Resources (DIR);
  • one member from the Health and Human Services Commission (HHSC);
  • one member from the Office of the Governor (OOG);
  • one member from the Texas Facilities Commission (TFC) (CPA)
CATRAD CPA’s Contract Advisory Team Review and Delegation Application used by the CAT to submit solicitation information.
CB Chargeback
CBU Contingency Capacity Backup - expanding IBM mainframe MIPS and storage to larger machine for Disaster Recovery
CCB Change Control Board (CCB) is the group of stakeholders responsible for evaluating and approving proposed changes to project baselines such as project scope, schedules, resources and budgets.
CCM Customer Communications Management (CCM) is a term highlighted by research companies such as Gartner Group, Forrester Research, InfoTrends, and Madison Advisors to define a convergent set of Information Technology solutions that together provide organizations with the ability to advance the way that they communicate with their customers.
CCR Contract Change Request
CCTS DIR’s Capitol Complex Telephone System
CCTV Closed-Circuit Television (CCTV)
CDC Consolidated Data Center (A facility housing/hosting servers and supporting infrastructure in support of DCS agencies business applications).
CDN Content Delivery Network (CDN) takes binary blobs within storage and caches them to the nearest data center to where the content is being requested.
CDPG / CEG Cloud Data Security & Protection Gateway (CDPG) with out-of-band API / Cloud Encryption Gateways (CEG) by tokenizing data
CDR Centralized Document Repository
CEM Customer Experience Management (CEM) is the collection of processes a company uses to track, oversee and organize every interaction between a customer and the organization throughout the customer lifecycle. The goal of CEM is to optimize interactions from the customer's perspective and, as a result, foster customer loyalty
CERT Community Emergency Response Team (e.g., FEMA)
CERT Computer Emergency Response Team (monitors threats and issues patches and fixes)
CET Cost Estimating Tool  A tool  (ITFM) that includes the various rate charges for components that comprise server costs. The estimating tool calculates costs for various assets to be procured for use in the STS program. This enables agencies to anticipate costs associated with various server configurations.
CEU Customer / End-User
CFSG Contracts and Finance Solution Group (Governance)
Chatbot chatbot is an artificial intelligence (AI) program that simulates interactive human conversation by using key pre-calculated user phrases and auditory or text-based signals. Chatbots are frequently used for basic customer service and marketing systems that frequent social networking hubs and instant messaging (IM) clients. They are also often included in operating systems as intelligent virtual assistants. (Techopedia)
CI(s) Configuration Item(s)/Instance(s) Typically used in reference to Server Names but is also used to identify other hardware and software components associated with the STS contract. The CI names are one of the primary flags to identify an asset.
CICS Customer Information Control System (CICS) is a transaction server that runs primarily on IBM mainframe systems under z/OS and z/VSE.  CICS is middleware designed to support rapid, high-volume online transaction processing. A CICS transaction is a unit of processing initiated by a single request that may affect one or more objects. This processing is usually interactive (screen-oriented), but background transactions are possible
CIFS The Common Internet File System (CIFS) is the standard way that computer users share files across corporate intranets and the Internet. An enhanced version of the Microsoft open, cross-platform Server Message Block (SMB) protocol, CIFS is a native file-sharing protocol in Windows 2000.
CIM Common Information Model (CIM) is an open standard that defines how managed elements in an IT environment are represented as a common set of objects and relationships between them.  (Wikipedia)
Cisco ACE Cisco ACE 4700 Application Control Engine (ACE) appliances are used to:
  • Help ensure business continuity by increasing application availability
  • Improve business productivity by accelerating server and application performance
  • Reduce data center power and cooling needs through a virtualized architecture
  • Help lower operational costs for provisioning and scaling of applications
Cisco ASA Cisco Adaptive Security Appliance (ASA) Software

Proven Firewall and Network Security Platform

The Cisco ASA Family of security devices protects corporate networks and data centers of all sizes. It provides users with highly secure access to data and network resources - anytime, anywhere, using any device. Cisco ASA devices represent more than 15 years of proven firewall and network security engineering and leadership, with more than 1 million security appliances deployed throughout the world.
CISM Certified Information Security Manager (CISM) is a certification offered by ISACA, a nonprofit, independent association that advocates for professionals involved in information security, assurance, risk management and governance (SearchSecurity).
CISO Chief Information Security Officer
CISSP Certified Information Systems Security Professional (CISSP) is an information security certification developed by the International Information Systems Security Certification Consortium, also known as (ISC)². The CISSP designation is a globally recognized, vendor-neutral standard attesting to an IT security professional's technical skills and hands-on experience implementing and managing a security program (SearchSecurity).
CJIS A joint program of the FBI, State Identification Bureaus, and CJIS Systems Agency, the Criminal Justice Information Services (CJIS) Security Policy outlines the security precautions that must be taken to protect sensitive information like fingerprints and criminal backgrounds gathered by local, state, and federal criminal justice and law enforcement agencies.

The CJIS Security Policy contains specific requirements for wireless networking, remote access, encryption, certification of cryptographic modules, and minimum key lengths.
Class 1 After a Class 1R-designated application has been exercised or a POC performed, the CMDB designation is changed from Class 1R to Class 1.  These are DCS contractual definitions for DR categories.  Class 1 is the highest and most expensive level with 24-hour RTO in the case of complete disaster such as a data center goes away.  It is marked 1R until it is tested and proven it can perform as a Class.
Cloud Computing Has the same meaning as "Advanced Internet-Based Computing Service" as defined in §2157.007(a), Texas Government Code.
CloudSOC Cloud Service Organization Control (CloudSOC) is a Cloud  Access Security Broker (CASB) that enables organizations to securely adopt cloud apps and IaaS to meet their regulatory compliance requirements with an industry-leading solution that integrates with the rest of their enterprise security. This cloud-based service provides visibility, data security and threat protection for today’s cloud generation of users across a wide range of sanctioned and unsanctioned apps. CloudSOC enables safe usage of any cloud app on managed or unmanaged devices, even deep within Office 365, G Suite, and more, with unparalleled DLP and threat protection.
CM Contracts Module in the STS ITSM System for software licensing, subscriptions and purchases
CMB(s) Change Management Board(s)
CMDb Configuration Management Database (Hardware/software infrastructure asset database)
CMIS Capacity Management Information System
CMP Cloud Management Platform
CMS Configuration/Content Management System
CN Change Notification/Notice
COBIT Control Objectives for Information and Related Technology (COBIT) is a framework created by ISACA for information technology (IT) management and IT governance. It is a supporting toolset that allows managers to bridge the gap between control requirements, technical issues and business risks. COBIT 5 is the current version as 6/23/2017  
CoE A Center of Excellence (CoE) is a team of skilled knowledge workers whose mission is to provide the organization they work for with best practices around a particular area of interest. The concept of creating special-interest groups for thought leadership originated in lean manufacturing. (TechTarget)
COEP Complex Operations Event Processing (COEP)
Confidential Information Information that must be protected from unauthorized disclosure or public release based on state or federal law or other legal agreement
Confidentiality The security objective of preserving authorized restrictions on information access and disclosure, including means for protecting personal privacy and proprietary information.
Control A safeguard or protective action, device, policy, procedure, technique, or other measure prescribed to meet security requirements (i.e., confidentiality, integrity, and availability) that may be specified for a set of information resources. Controls may include security features, management constraints, personnel security, and security of physical structures, areas, and devices.
Control Standards Catalog The document that provides state agencies and higher education institutions state specific implementation guidance for alignment with the National Institute of Standards and Technology (NIST) SP (Special Publication) 800-53 security controls
COOP Continuity of Operations (COOP)
COPE Corporately Owned, Personally Enabled (COPE) devices. BYOD vs COPE: The biggest difference between BYOD and COPE is the management of personal data on the device.
COTS Commercial Off-The-Shelf software packages
CPS Cyber-Physical System (CPS) is a system of collaborating computational elements controlling physical entities.
CPT Controlled Penetration Testing (white hat cyber attacking)
CPU Central Processing Unit
CRAC Computer Room Air Conditioning Unit
CRL Entrust SSL Certificate Revocation List (CRL) is a list of every Entrust SSL Certificate that has been revoked. Revoked certificates are no longer trusted for a variety of reasons (for example, the private key has been lost or compromised). To view the list of revoked Entrust SSL certificates, you must first agree to the Entrust Relying Party Agreement.
cron/crontab The software utility Cron is a time-based job scheduler in Unix-like computer operating systems. People who set up and maintain software environments use cron to schedule jobs (commands or shell scripts) in a "crontab" file (cron table) to run periodically at fixed times, dates, or intervals. It typically automates system maintenance or administration—though its general-purpose nature makes it useful for things like downloading files from the Internet and downloading email at regular intervals. The origin of the name cron is from the Greek word for time, χρόνος (chronos).
CRUD Create, Read, Update, Delete operations
CSG Cloud Storage Gateways
CSI Cloud Service Integration
CSIRT Computer Security Incident Response Team (CSIRT) is a team that responds to computer security incidents when they occur. An incident could be a denial of service or the discovering of unauthorized access to a computer system (techopedia).
CSL Critical Service Level
CSM Customer Service Manager (CSM) an STS service component provider staff member assigned as the primary interface to agencies for operational coordination, issue resolution and overall management.
CSP Cloud Service Provider (CSP) is a company that offers some component of cloud computing – typically Infrastructure as a Service (IaaS)Software as a Service (SaaS) or Platform as a Service (PaaS) – to other businesses or individuals.
CSS Cascading Style Sheets
CT (or RFC) Change Ticket or Request for Change – the formal method of communicating the need for a software update or security patches.
CTS Communications Technology Services (CTS) Voice and Data Solutions for the state of Texas
CVE Common Vulnerabilities and Exposures (CVE®) is a dictionary of common names (i.e., CVE Identifiers) for publicly known cybersecurity vulnerabilities. CVE's common identifiers make it easier to share data across separate network security databases and tools and provide a baseline for evaluating the coverage of an organization’s security tools. If a report from one of your security tools incorporates CVE Identifiers, you may then quickly and accurately access fix information in one or more separate CVE-compatible databases to remediate the problem.
CVSS The Common Vulnerability Scoring System (CVSS) is a free and open industry standard for assessing the severity of computer system security vulnerabilities. CVSS attempts to assign severity scores to vulnerabilities, allowing responders to prioritize responses and resources according to threat. Scores are calculated based on a formula that depends on several metrics that approximate ease of exploit and the impact of exploit. Scores range from 0 to 10, with 10 being the most severe. While many utilize only the CVSS Base score for determining severity, Temporal and Environmental scores also exist, to factor in availability of mitigations and how widespread vulnerable systems are within an organization, respectively.
CWE Common Weakness Enumeration (CWE) International standard for software assurance
DAD Deliverable Acceptance Document (DAD) used to ensure vendor has met certain acceptance criteria
DAM Digital Asset Management (DAM) is a system that enables the creation of a process for archiving, organizing, and accessing files. Files are saved to shared locations, organized in meaningful hierarchies, and discoverable through search. DAM often involves rich content such as videos, music, photos, animations, or multimedia assets. Marketing, entertainment, and enterprise-level organizations frequently use DAM software to manage such assets. ( )
DAPP Disaster Assistance Payment Program (DAPP) receives information from FEMA and creates payment transactions to assist disaster victims.
DAR Data at Rest
DASD Direct Access Storage Device
DATA Act On May 9, 2014, President Barack Obama signed the Digital Accountability and Transparency Act (DATA Act), It requires the Department of the Treasury and the White House Office of Management and Budget to transform U.S. federal spending from disconnected documents into open, standardized data, and to publish that data online. The Data Transparency Coalition is committed to working with the executive branch and encouraging Congressional oversight to ensure that the DATA Act is fully implemented.  Stakeholders from among the tech industry, non-profit sector, executive and legislative branches of government will convene on June 9th and 10th, 2015 for the DATA Act Summit to build a shared vision for making the DATA Act a success. Coalition members are working to assist agencies, grantees and contractors to take advantage of the DATA Act’s first-ever government-wide data standards for federal spending, which were announced on May 8, 2015.
Data Lake Data Lake is a centralized repository that allows an organization to store all structured and unstructured data at any scale.
DBA Database Administrator/Administration (DBA) In the DIR STS environment, Physical DBA functions are typically performed by the STS vendor and Logical DBA functions are performed by the DIR Customers.
DBaaS Database-as-a-Service (DBaaS) refers to software that enables users to provision, manage, consume, configure, and operate database software using a common set of abstractions (primitives), without having to either know nor care about the exact implementations of those abstractions for the specific database software. 

STS offers a Database as a Service (DBaaS) Oracle program that features full management and maintenance of the underlying Oracle Exadata platform.
DBE Disadvantaged Business Enterprise (DBE) is a business entity so certified in the United States by the government of the State in which it is located. SAFETEA provides that the Secretary of Transportation will provide uniform criteria for certification, and that at least ten percent of the amounts made available for any Federal-aid highway, mass transit, and transportation research and technology program be expended with certified DBEs (Wikipedia)

DBITS Deliverables-Based Information Technology Services (DBITS) - DBITS contracts provide deliverables-based, outsourced systems integration or application development projects, requiring acceptance of Statement of Work (SOW) and authorization for payment of milestone tasks.
dbPaaS Database Platform as a Service (dbPaas) A database platform as a service (dbPaaS) is any database management system (DBMS) or data store engineered as a scalable, elastic, multitenant subscription service with a degree of self-service. It is offered and supported by a cloud service provider (CSP) or a third-party software vendor on CSP infrastructure. Direct access to system services, such as the operating system and storage software, is not allowed. (Gartner)
DCC Digital Content Creation (DCC) refers to the category of applications in the market that are used to create creative content, from pictures to the web, from signs to 3D movies.  (Cineversity)
DCIM Data Center Infrastructure Management (DCIM) is a category of solutions which were created to extend the traditional data center management function to include all of the physical assets and resources found in the Facilities and IT domains.
DCPI Data Center Physical Infrastructure (DCPI)
DCS Data Center Services (The term used to identify the DIR managed program that supports  Texas agencies consolidating their computing environment into consolidated data centers).
DDO Districts, Divisions and Offices (DDO); the main TxDOT groupings
DDoS Distributed Denial of Service (DDoS) attack attempts to make service unavailable by overwhelming it with traffic from multiple sources.
DED Deliverable Expectation Document (DED)  A DED presents pertinent information (e.g., deliverable description, applicable industry standards, SOW reference, acceptance criteria and schedule) specifying the expectations of a deliverable. The DED is reviewed and approved by a state manager to ensure agreed-upon expectations are clearly defined before the deliverable is actually developed.
DEM  A VMware Distributed Execution Manager (DEM) executes the business logic of custom models, interacting with the database and with external databases and systems as required. DEMs also manage cloud and physical machines. 

Each DEM instance performs one of two roles: Worker or Orchestrator. The Worker role is responsible for executing workflows. The Orchestrator role is responsible for monitoring DEM Worker instances, pre-processing workflows for execution, and scheduling workflows.  (VMware)
Destruction The result of actions taken to ensure that media cannot be reused as originally intended and that information is technologically infeasible to recover or prohibitively expensive.
DevOps Broadly, Development/Operations (DevOps) is the practice of operations and development engineers participating together in the entire service lifecycle, from design through the development process to production support. DevOps is also characterized by operations staff making use many of the same techniques as developers for their systems work. Those techniques can range from using source control to testing to participating in an Agile development process. 
DFSR Distributed File System Replication (DFSR) Microsoft’s method of replication that is used to keep folders synchronized on multiple servers.
DHCP The Dynamic Host Configuration Protocol (DHCP) is a standardized network protocol used on Internet Protocol (IP) networks. The DHCP is controlled by a DHCP server that dynamically distributes network configuration parameters, such as IP addresses, for interfaces and services.

DHS Definitive Hardware Store (DHS) A location, or a number of locations, set aside for the secure storage of definitive hardware spares maintained at the same level as the equivalent hardware Configuration Items (CIs) in the live environment. Only authorized hardware should be accepted into the DHS, strictly controlled by Change and Release Management. (KnowledgeTransfer)
Digital Twins Digital Twin refers to the digital representation of a real-world entity or system. Digital twins are software representations of assets and processes that are used to understand, predict, and optimize performance in order to achieve improved business outcomes. Digital twins consist of three components: a data model, a set of analytics or algorithms, and knowledge.
DIM Data in Motion and classification labelling. Data in motion refers to a stream of data moving through any kind of network. It is one of the two major states of data, the other being data at rest. It can be considered the opposite of data at rest as it represents data which is being transferred or moved, while data at rest is data which is static and is not moving anywhere. For example, an email being sent is an example of data in motion. However, when it arrives in the recipient's inbox, it would then become data at rest. Data in motion is also known as data in transit or data in flight. (Techopedia)
DIR Texas Department of Information Resources
DLP Data Loss Prevention (DLP) software detects potential data breaches/data ex-filtration transmissions and prevents them by monitoring, detecting and blocking sensitive data while in-use (endpoint actions), in-motion (network traffic), and at-rest (data storage). In data leakage incidents, sensitive data is disclosed to unauthorized parties by either malicious intent or an inadvertent mistake. Sensitive data includes private or company information, intellectual property (IP), financial or patient information, credit-card data and other information (Wikipedia)
DLT Distributed Ledger Technology (DLT) is a digital system for recording the transaction of assets in which the transactions and their details are recorded in multiple places at the same time. Unlike traditional databases, distributed ledgers have no central data store or administration functionality. One form of distributed ledger design is the blockchain system.
DML Definitive Media Library (DML) - physical media, perhaps downloaded copies, license certificates & keys
DMTF Distributed Management Task Force (DMTF) is an organization devoted to the development, unification and implementation of standards, initiatives and technologies for the Internet. The DMTF consists of hardware and application developers, device and system manufacturers and distributors, systems integrators, government agencies and computer end users. The organization was founded in the early 1990s and is headquartered in Portland, Oregon. (TechTarget)
DMZ Demilitarized Zone. In network security, a network that is isolated from, and serves as a neutral zone between, a trusted network (for example, a private intranet) and an untrusted network (for example, the Internet). One or more secure gateways usually control access to the DMZ from the trusted or the untrusted network
DND Do Not Destroy/Destruct
DNS The Domain Name System (DNS) is a hierarchical decentralized naming system for computers, services, or other resources connected to the Internet or a private network. It associates various information with domain names assigned to each of the participating entities. Most prominently, it translates more readily memorized domain names to the numerical IP addresses needed for locating and identifying computer services and devices with the underlying network protocols. By providing a worldwide, distributed directory service, the Domain Name System is an essential component of the functionality on the Internet, that has been in use since 1985. (Wikipedia)
DOM The Document Object Model (DOM) is a cross-platform and language-independent application programming interface that treats an HTMLXHTML, or XML document as a tree structure wherein each node is an object representing a part of the document. The objects can be manipulated programmatically and any visible changes occurring as a result may then be reflected in the display of the document. (Wikipedia)
DP – D4 DCS Disaster Recovery Performance Levels & Options
DPA Data Protection Advisor (DPA) from EMC. This tool replaced the Bocada tool that was used previously for reporting backup success/failure in the STS environment - sometimes incorrectly called the Avamar reporting tool.
DPV Delivery Point Validation
DR Disaster Recovery (DR) involves a set of policies, tools and procedures to enable the recovery or continuation of vital technology infrastructure and systems following a natural or human-induced disaster. Disaster recovery focuses on the IT or technology systems supporting critical business functions, as opposed to business continuity, which involves keeping all essential aspects of a business functioning despite significant disruptive events. Disaster recovery can therefore be considered as a subset of business continuity (Wikipedia).
DRE Disaster Recovery Exercise
DRL Disaster Recovery Level
DRP Disaster Recovery Plan
DSL Digital Subscriber Line (DSL) is a technology for bringing high- bandwidth information to homes and small businesses over ordinary copper telephone lines. xDSL refers to different variations of DSL, such as ADSL, HDSL, and RADSL
DSL Definitive Software Library (DSL) is the location where all authorized versions of all Software, in physical or electronic form as applicable, are stored.
DTF STS Service Provider Deliverable Transmittal Form (DTF) used by DIR Enterprise Contract Managers, to submit formal entries into DIR’s Salesforce system.
DVS Dell’s Desktop Virtualization Solutions (DVS) Simplified Appliance implements a Virtual Desktop Infrastructure (VDI) by coming preconfigured with Citrix VDI-in-a-Box software and a choice of hypervisors for fast deployment and provisioning of virtual desktops.
DW Data Warehouse (DW) A data warehouse (DW or DWH), also known as an enterprise data warehouse (EDW), is a system used for reporting and data analysis, and is considered a core component of business intelligence. DWs are central repositories of integrated data from one or more disparate sources. They store current and historical data in one single place and are used for creating analytical reports for knowledge workers throughout the enterprise.  (Wikipedia)
DXL Intel Security Data Exchange Layer (DXL) A hardware/software end-to-end threat detection and prevention bus, allows for isolation at the chip hardware layer before the spread of a bad actor.
EA Enterprise Architecture (EA) Map of an organization's production capabilities, where they interact, and where there may be redundancies.
EAI Enterprise Application Integration (EAI) is the use of software and computer systems architectural principles to integrate a set of enterprise computer applications.
EBT Electronic Benefit Transfer (EBT) is an electronic system that allows state welfare departments to issue benefits via a magnetically encoded payment card.  Common benefits provided (in the United States) via EBT are typically of two general categories: food and cash benefits.
EC2 Amazon Elastic Compute Cloud (EC2) forms a central part of's cloud-computing platform, Amazon Web Services (AWS), by allowing users to rent virtual computers on which to run their own computer applications. EC2 encourages scalable deployment of applications by providing a web service through which a user can boot an Amazon Machine Image (AMI) to configure a virtual machine, which Amazon calls an "instance", containing any software desired. A user can create, launch, and terminate server-instances as needed, paying by the hour for active servers – hence the term "elastic". EC2 provides users with control over the geographical location of instances that allows for latency optimization and high levels of redundancy.  (Wikipedia)
ECA Economic Change Adjustment (ECA) DIR STS contractual inflation factor
ECM Enterprise Content Management (ECM) is a formalized means of organizing and storing an organization's documents, and other content, that relate to the organization's processes. The term encompasses strategies, methods, and tools used throughout the lifecycle of the content.  (Wikipedia)
ECS Dell EMC® Elastic Cloud Storage (ECS™) provides a complete software-defined object storage platform designed for today’s cloud-scale storage requirements.  ECS provides the simplicity and low cost benefits of the public cloud without the risk, compliance, and data sovereignty concerns.
EDH Enterprise Data Hub (EDH) An enterprise data hub is a big data management model that uses a Hadoop platform as the central data repository.  The goal of an enterprise data hub is to provide an organization with a centralized, unified data source that can quickly provide diverse business users with the information they need to do their jobs.  (TechTarget)
EDI Electronic Data Interchange
eDiscovery Also known as ‘e-discovery’ or ‘eDiscovery’ and refers to discovery in civil litigation or government investigations which deals with the exchange of information in electronic format (often referred to as electronically stored information or ESI).  These data are subject to local rules and agreed-upon processes and are often reviewed for privilege and relevance before being released.
EDR Endpoint Detection and Response (EDR) capabilities. Endpoint detection and response (EDR) platforms are a category of endpoint security tools, built to provide endpoint visibility, and are used to detect and respond to cyber threats and exploits. (Cybereason)
EDW Data Warehouse (DW) A data warehouse (DW or DWH), also known as an enterprise data warehouse (EDW), is a system used for reporting and data analysis, and is considered a core component of business intelligence. DWs are central repositories of integrated data from one or more disparate sources. They store current and historical data in one single place and are used for creating analytical reports for knowledge workers throughout the enterprise.  (Wikipedia)
EEO Equal Employment Opportunity
EFS Enterprise File System (EFS) a.k.a. Remote File.  This is an STS storage solution.
EFS Microsoft Encrypting File System
EFSS According to Gartner, “Enterprise File Synchronization and Sharing (EFSS) refers to a range of on-premises or cloud-based capabilities that enable individuals to synchronize and share documents, photos, videos and files across multiple devices, such as smartphones, tablets and PCs. File sharing can be within the organization, as well as externally (e.g., with partners and customers) or on a mobile device as data sharing among apps. Security and collaboration support are critical capabilities of EFSS to address enterprise priorities.”
EHR Electronic Health Record (medical record)
EIR Electronic and Information Resources
EIR Accessibility

Electronic and Information Resources (EIR) Accessibility --Includes information technology and any equipment or interconnected system or subsystem of equipment used to create, convert, duplicate, or deliver data or information. EIR Accessibility includes telecommunications products (such as telephones), information kiosks and transaction machines, web sites, multimedia, and office equipment such as copiers and fax machines. The term does not include any equipment that contains embedded information technology that is used as an integral part of the product, but the principal function of which is not the acquisition, storage, manipulation, management, movement, control, display, switching, interchange, transmission, or reception of data or information. For example, thermostats or temperature control devices, and medical equipment that contain information technology that is integral to its operation, are not information technology. If the embedded information technology has an externally available web or computer interface, that interface is considered EIR. Other terms such as, but not limited to, Information and Communications Technology (ICT), Electronic Information Technology (EIT), etc. can be considered interchangeable terms with EIR for purposes of applicability or compliance with this chapter.

Electronic Communication A process used to convey a message or exchange information via electronic media. It includes the use of electronic mail (email), Internet access, Instant Messaging (IM), Short Message Service (SMS), facsimile transmission, and other paperless means of communication.
Electronic state record Information that meets the definition of a state record in the Government Code, §441.180, and is maintained in electronic format for computer processing, including the product of computer processing of the information. 
ELR Electronic Life Record (ELR) The life cycle of electronic records includes creation, use, storage and disposition for most business and government entities. (Bizfluent)
ELT The Department of Information Resources’ (DIR) Executive Leadership Team (ELT) is comprised of upper-level management, designated by the agency’s Executive Director, and establishes agency strategy and governs agency activities.
EMC SRDF EMC’s Symmetrix Remote Data Facility (SRDF). Built for the VMAX architecture.
EMM Enterprise Mobility Management (EMM) is the set of people, processes and technology focused on managing the increasing array of mobile devices, wireless networks, and related services to enable broad use of mobile computing in a business context.
EMS STS Enterprise Management Systems (EMS) networks
Encryption (encrypt or encipher) The conversion of plaintext information into a code or cipher text using a variable called a "key" and processing those items through a fixed algorithm to create the encrypted text that conceals the data's original meaning.
EOI Evidence of Insurability
EOL End of Life (EOL) is a term used with respect to a product supplied to customers, indicating that the product is in the end of its useful life (from the vendor's point of view), and a vendor stops marketing, selling, or rework sustaining it. (The vendor may simply intend to limit or end support for the product.)  (Wikipedia)
EOSL End of Service Life (EOSL) Refers to an STS asset which may still be Deployed and supported by the STS Service Component Provider (SCP) but the manufacturer is no longer providing support or patches for the component. Essentially, all support, including both primary and extended, will no longer be offered by the vendor.
EPO Emergency Power Off (EPO) controls
ePO McAfee ePolicy Orchestrator (ePO) is an advanced, extensible, and scalable centralized security management software.
EPSS Emergency Power Supply System (i.e., data center generator)
ERB Engineering Review Board (ERB) used internally by STS SCP to review and approve system builds and changes.
ERP Emergency Response Plan (ERP) The purpose of an Emergency Response Plan is to outline the roles and responsibilities for managing an emergency event resulting from an unresolved major incident, and to facilitate communications and decision-making by the Emergency Response Team members.
ERPM Lieberman's Enterprise Random Password Manager™ (ERPM) provides a web interface for the remote recovery of passwords. Passwords for accounts that have been changed through ERPM can be displayed through the web application. Users with appropriate access controls have the right to use the application as well as the right to recover passwords for accounts managed by ERPM. Permissions can be delegated out to users of the web application. These permissions apply to users, global groups, or roles (RBAC) and control access to the features of the web interface as well as system and account information exposed through the web interface
ERS Employees Retirement System of Texas
ESB An Enterprise Service Bus (ESB) is a software architecture model used for designing and implementing communication between mutually interacting software applications in a Service-oriented Architecture (SOA).
ESC Exadata Service Charges (ESC) Charges for the Oracle Exadata database appliance provided in the DCS program.
ESI Electronically Stored Information
ESL Expected Service Level
ESN Enterprise Social Networking (ESN) focuses on the use of online social networks or social relations among people who share business interests and/or activities.
ESRS EMC Secure Remote Support (ESRS) - IP Solution to communicate with EMC VNX Storage arrays, etc.
ESS Extended Software Support
ESS DIR Enterprise Solution Services
ESX Host VMware ESX is an enterprise-level computer virtualization product.  The name ESX originated as an abbreviation of Elastic Sky X.
ETC Expected Time to Completion (ETC) is a projection of the time and or effort required to complete a project activity. Estimated time to complete is a value that is expressed in hours of work required to complete a task or project (Tenrox)
ETIP DCS Enterprise Transformation Improvement Project revamp SCON/RFS/Refresh
EUC End User Computing (EUC) refers to systems in which non-programmers can create working applications.[1] EUC is a group of approaches to computing that aim to better integrate end users into the computing environment. These approaches attempt to realize the potential for high-end computing to perform problem-solving in a trustworthy manner. (Wikipedia)
EULA In proprietary software, an End-User License Agreement (EULA) or software license agreement is the contract between the licensor and purchaser, establishing the purchaser's right to use the software.  The license may define ways under which the copy can be used, in addition to the automatic rights of the buyer including the first sale doctrine and 17 U.S.C. § 117 (freedom to use, archive, re-sale, and backup with legal restrictions) (Wikipedia).
FaaS Functions-as-a-Service (FaaS) for event-driven computing

Functions-as-a-Service (FaaS) is a framework for building serverless functions on Docker with first class support for metrics. Any UNIX process can be packaged as a function enabling you to consume a range of web events without repetitive boiler-plate coding (Docker)
FAQ Frequently Asked Questions
FAR US Section 508 Technical Standards - Part of the Federal Acquisition Regulation (FAR) and address access for people with physical, sensory, or cognitive disabilities.  They contain technical criteria specific to various types of technologies and performance-based requirements which focus on functional capabilities of covered products.  Specific criteria cover software applications and operating systems, web-based information and applications, computers, telecommunications products, video and multi-media, and self-contained closed products. 508 technical standards are incorporated by reference into Texas Administrative Code related to EIR Accessibility.
FCIP or FC/IP Fiber Channel over IP (FCIP or FC/IP) - also known as Fiber Channel tunneling or storage tunneling is an Internet Protocol (IP)-based storage networking technology developed by the Internet Engineering Task Force (IETF). FCIP mechanisms enable the transmission of FiberChannel (FC) information by tunneling data between storage area network (SAN) facilities over IP networks; this capacity facilitates data sharing over a geographically distributed enterprise. One of two main approaches to storage data transmission over IP networks, FCIP is among the key technologies expected to help bring about rapid development of the storage area network market by increasing the capabilities and performance of storage data transmission.
FCR First Call Resolution within a helpdesk environment.

In customer relationship management (CRM), First Call Resolution (FCR) is properly addressing the customer's need the first time they call, thereby eliminating the need for the customer to follow up with a second call.
FDE Self-Encrypting Drive (SED) technology is the same as Hardware Full-Disk Encryption (FDE) technology
FedRAMP The Federal Risk and Authorization Management Program (FedRAMP) is a government-wide program that provides a standardized approach to security assessment, authorization, and continuous monitoring for cloud products and services. FedRAMP enables Agencies to rapidly adapt from old, insecure legacy IT to mission-enabling, secure, and cost-effective cloud-based IT. FedRAMP created and manages a core set of processes to ensure effective, repeatable cloud security for the government. FedRAMP established a mature marketplace to increase utilization and familiarity with cloud services while facilitating collaboration across government through open exchanges of lessons learned, use cases, and tactical solutions (FedRAMP).
FEMA The Federal Emergency Management Agency (FEMA) is an agency of the United States Department of Homeland Security, initially created by Presidential Reorganization Plan No. 3 of 1978 and implemented by two Executive Orders on April 1, 1979. The agency's primary purpose is to coordinate the response to a disaster that has occurred in the United States and that overwhelms the resources of local and state authorities. The governor of the state in which the disaster occurs must declare a state of emergency and formally request from the president that FEMA and the federal government respond to the disaster. (Wikipedia)
FERPA Family Educational Rights and Privacy Act (FERPA)
FEX Cisco Fabric Extender (Adapter FEX) is a technology that provides infrastructure consolidation and architecture flexibility, while helping to ensure network separation and operational simplicity.  Concept is being called Software Defined Network (SDN).
FIM Microsoft Forefront Identity Manager (FIM) is a state-based identity management software product, designed to manage users' digital identities, credentials and groupings throughout the lifecycle of their membership of an enterprise computer system. FIM integrates with Active Directory and Exchange Server to provide identity synchronization, certificate management, user password resets and user provisioning from a single interface.(Wikipedia)
FIPS Federal Information Processing Standards (FIPS) are publicly announced standardizations developed by the United States federal government for use in computer systems by all non-military government agencies and by government contractors, when properly invoked and tailored on a contract. The purpose of FIPS is to ensure that all federal government and agencies adhere to the same guidelines regarding security and communication.
FMO Future Mode of Operations (FMO)

Future Method of Operation - An envisioned or possible set of procedures, processes, and methods that might be employed by a company, division, or organization to accomplish business objectives that is different than the present method of operation (PMO) (TechTraining)
FOIA request Freedom of Information Act request

Since 1967, the Freedom of Information Act (FOIA) has provided the public the right to request access to records from any federal agency. It is often described as the law that keeps citizens in the know about their government. Federal agencies are required to disclose any information requested under the FOIA unless it falls under one of nine exemptions which protect interests such as personal privacy, national security, and law enforcement. (FOIA)
FQDN Fully Qualified Domain Name (FQDN) is the complete domain name for a specific computer, or host, on the Internet. The FQDN consists of two parts: the hostname and the domain name. For example, an FQDN for a hypothetical mail server might be The hostname is mymail, and the host is located within the domain
FRC Firewall Rule Committee (FRC)
FRD The Functional Requirements Document (FRDis a formal statement of an application’s functional requirements. It serves the same purpose as a contract.
FRM DIR STS Financial Responsibility Matrix (FRM)
FSC Forward Schedule of Changes (FSC) of planned approved Changes
FSK Frequency-shift keying (FSK) is a frequency modulation scheme in which digital information is transmitted through discrete frequency changes of a carrier signal. The technology is used for communication systems such as amateur radio, caller ID and emergency broadcasts. (Wikipedia)
FSS Fixed-satellite service (FSS | also: fixed-satellite radiocommunication service) is – according to article 1.21 of the International Telecommunication Union´s (ITU) Radio Regulations (RR)[1] – defined as a radiocommunication service between earth stations at given positions, when one or more satellites are used; the given position may be a specified fixed point or any fixed point within specified areas; in some cases this service includes satellite-to-satellite links, which may also be operated in the inter-satellite service; the fixed-satellite service may also include feeder links for other space radiocommunication services (Wikipedia)
FTE Full Time Equivalent is a resource committed on an hourly basis and equivalent to the productive hours of one individual during a given timeframe
FTI Federal Tax Information
FTP/SFTP File Transfer Protocol/Secure FTP
FY Fiscal Year (State of Texas FY is Sept. 1 - August 31).
GAAP Generally Accepted Accounting Principles (GAAP) – a common set of accounting principles, standards, and procedures for financial accounting and financial statement preparation.
GCP Google Cloud Platform (GCP), offered by Google, is a suite of cloud computing services that runs on the same infrastructure that Google uses internally for its end-user products, such as Google Search and YouTube. (Wikipedia)
GIS A Geographic Information System (GIS) is a computer system for capturing, storing, checking, and displaying data related to positions on Earth’s surface. GIS can show many different kinds of data on one map, such as streets, buildings, and vegetation. This enables people to more easily see, analyze, and understand patterns and relationships (National Geographic). GIS are maintained by certain STS Customers like DIR, TWDB, TCEQ to store images of land, lakes, rivers, etc. (Large storage requirements)
GPFS IBM General Parallel File System (GPFS) to connect TS7700 mainframe continuous data protection appliances.
GPU Graphics Processing Unit: A Graphics Processing Unit (GPU) is a specialized electronic circuit designed to rapidly manipulate and alter memory to accelerate the creation of images in a frame buffer intended for output to a display device. 
GRC Governance, Risk management, and Compliance or GRC is the umbrella term covering an organization's approach across these three areas: governance, risk management, and compliance.
GSA United States General Services Administration
GUI Graphical User Interface (GUI) - user interface that allows users to interact with electronic devices through graphical icons and visual indicators, instead of text-based user interfaces, typed command labels or text navigation.
HA Level High Availability Level (% uptime)
HA/DR Techniques like High Availability/Disaster Recovery (HA/DR) provide durability by replicating data changes from a source database, called the primary database, to a target database, called the standby database.
HAVA The Help America Vote Act (HAVA) of 2002 (Pub.  L. 107–252) is a United States federal law which passed in the House 357-48 and 92-2 in the Senate on October 29, 2002. Drafted (at least in part) in reaction to the controversy surrounding the 2000 U.S. presidential election.  Compliance is designated as “HAVA-compliant”.
HB House Bill (A government bill signed into law)
HB1516 The 79th Texas Legislative mandate to merge the computing resources of 28 Texas state agencies into two consolidated data centers located in Austin and San Angelo (See Texas Government Code 2054 and HB 1516 for legislation information).  (HB1516)
HBA Host Bus Adapter (HBA) is a circuit board and/or integrated circuit adapter that provides input/output (I/O) processing and physical connectivity between a server and a storage device.
HCD Hardware Configuration Definition for IBM mainframe
HCI Hybrid Cloud Service (HCS) a service provided by STS
HCM Hardware Configuration Management for IBM mainframe
HCP Hitachi Content Platform (HCP) – Object Storage Solution (Nodes, Storage)
HDAP Highly Available Directory Access Protocol (HDAP) - LDAP + Hadoop: The World’s First Super-Scalable LDAP Directory Driven by Big Data and Search Technology by Radiant Logic
HDI Hitachi Data Ingestor (HDI) is a physical or virtual caching appliance that presents a NAS interface through which file data from remote and branch offices or other cloud storage users can be fed to Hitachi's Content Platform (HCP), a virtualized and scalable object store. (The Register)
HDLC High-level Data Link Control (HDLC) is a bit-oriented synchronous data link layer protocol used to ensure the error-free transmission of data to respective destinations and control the speed at which data is transmitted.
HFS check Checkpoint validation, which is also called an Avamar Hash Filesystem check (HFS check), is an internal operation that validates the integrity of a specific checkpoint. Once a checkpoint has passed an HFS check, it can be considered reliable enough to be used for a system rollback.
HIDS Host Intrusion Detection Service
High Impact Information Resources Information Resources whose loss of confidentiality, integrity, or availability could be expected to have a severe or catastrophic adverse effect on organizational operations, organizational assets, or individuals. Such an event could: (a) cause a severe degradation in or loss of mission capability to an extent and duration that the organization is not able to perform one or more of its primary functions; (b) result in major damage to organizational assets; (c) result in major financial loss; or (d) result in severe or catastrophic harm to individuals involving loss of life or serious life-threatening injuries.
HIP Hybrid Integration Platform (HIP) is a framework of on-premises and cloud-based integration and governance capabilities that enables differently skilled personas (integration specialists and nonspecialists) to support a wide range of integration use cases. An organization's HIP is usually implemented by assembling a variety of technology building blocks, from one or more providers, which are managed as a cohesive, federated and integrated whole. Responsibility for HIP management is well-defined. (Gartner)
HIPAA Health Insurance Portability and Accountability Act (HIPAA) includes security, privacy and confidentiality regulations that all health-related applications containing personal medical data must adhere to.
HIPS HIPS is an installed software package which monitors a single host for suspicious activity by analyzing events occurring within that host. In other words, a Host Intrusion Prevention System (HIPS) aims to stop malware by monitoring the behavior of code. This makes it possible to help keep your system secure without depending on a specific threat to be added to a detection update.
HL7 Health Language 7 (HL7) Healthcare industry standards for the exchange of EHR/ELR data.
HLA/ROM High Level Architecture/Rough Order of Magnitude (HLA/ROM) Terminology used in DIR STS to characterize Requests for Solution documents provided to agencies for approval to move forward with provisioning.
HMC Hardware Management Console is a technology created by IBM to provide a standard interface for configuring and operating partitioned (also known as an LPAR or virtualized system) and SMP systems such as IBM System i, IBM System p, IBM System z, and IBM Power Systems.

Hardware Services Charge (HSC) DIR STS Application server hardware maintenance, software licenses and maintenance fees; A bundled charge invoiced to DIR Customers that includes but not limited to memory and OS.

HSM Hierarchical Storage Management (HSM) is a data storage technique primarily on mainframes, which automatically moves data between high-cost and low-cost storage media. HSM systems exist because high-speed storage devices, such as hard disk drive arrays (DASD), are more expensive (per byte stored) than slower devices, such as optical discs, VTS (Virtual Tape Storage / EMC Data Domains) and magnetic tape drives. While it would be ideal to have all data available on high-speed devices all the time, this is prohibitively expensive for many organizations. Instead, HSM systems store the bulk of the enterprise's data on slower devices, and then copy data to faster disk drives when needed. In effect, HSM turns the fast disk drives into caches for the slower mass storage devices. The HSM system monitors the way data is used and makes best guesses as to which data can safely be moved to slower devices and which data should stay on the fast devices.
HSM Hardware Security Module (HSM) is a physical computing device that safeguards and manages digital keys for strong authentication and provides crypto processing. These modules traditionally come in the form of a plug-in card or an external device that attaches directly to a computer or network server.
HSRP In computer networking, the Hot Standby Router Protocol (HSRP) is a Cisco proprietary redundancy protocol for establishing a fault-tolerant default gateway. The protocol establishes a framework between network routers to achieve default gateway failover if the primary gateway becomes inaccessible, in close association with a rapid-converging routing protocol like EIGRP or OSPF. HSRP routers send multicast Hello messages to other routers to notify them of their priorities (which router is preferred) and current status (Active or Standby). The primary router with the highest configured priority will act as a virtual router with a pre-defined gateway IP address and will respond to the ARP / ND request from machines connected to the LAN with a virtual MAC address. If the primary router should fail, the router with the next-highest priority would take over the gateway IP address and answer ARP requests with the same MAC address, thus achieving transparent default gateway failover.
HTAP In-Memory computing (IMC) have led to the emergence of Hybrid Transaction/Analytical Processing (HTAP), the enablement of transactional processing and analytics to operate on the same database.
HTML Hyper Text Markup Language (HTML) has become the standard language for creating web pages and web applications.
Hybrid App Hybrid App is one that is built using multiple technologies, most commonly a mixture of native code, often a client-side container, and HTML5
I&O Infrastructure & Operations (organization/leadership) - brings together people, process & technology (see also IM&O)
IaaS Infrastructure as a Service
IAC InterAgency Contract - Agency's FY or Biennium Financial Commitment to DIR program areas, e.g. DCS, CCTS and TEX-AN.
IAM Identity and Access Management is a broad administrative area that establishes a unique identity for individuals and associates their established identity with user rights and privileges. It is an enterprise business strategy that governs the definition, storage, use and management of identities.
IAM Services Identity and Access Management Services
IANA The Internet Assigned Numbers Authority (IANA) is responsible for the global coordination of the DNS Root, IP addressing, and other Internet protocol resources.
IB Integration Broker (IB), also called an interface engine or a message broker, an IB is a third-party intermediary that facilitates interactions between applications. IBs minimally provide message transformation and routing services. They mostly communicate program to program; they integrate previously independent applications at the application-logic level of the software design. (Gartner)
IBM Tivoli SA MP IBM® Tivoli® System Automation for Multiplatforms (Tivoli SA MP) is cluster managing software that facilitates automatic switching of users, applications, and data from one database system to another in a cluster. Tivoli SA MP automates control of IT resources such as processes, file systems, and IP addresses. (IBM)
ICAP The Internet Content Adaptation Protocol (ICAP) is a lightweight HTTP-like protocol specified in RFC 3507 which is used to extend transparent proxy servers, thereby freeing up resources and standardizing the way in which new features are implemented. ICAP is generally used to implement virus scanning and content filters (including censorware) in transparent HTTP proxy caches. Content Adaptation refers to performing the particular value-added service (content manipulation) for the associated client request/response.
ICC The Integration Competency Center (ICC), sometimes referred to as an integration center of excellence (COE), is a shared service function within an organization, particularly large corporate enterprises as well as public sector institutions, for performing methodical data integration, system integration or enterprise application integration. (Wikipedia)
ICC STS Intel Community Cloud (ICC), also formerly referred to as Big Intel (BI) or CC2 (community cloud 2)
ICF Gartner Information Capabilities Framework
ICMP Internet Control Message Protocol sends error messages indicating, for example, that a requested service is not available or that a host or router could not be reached.
IDE An Integrated Development Environment (IDE) is a software application that provides comprehensive facilities to computer programmers for software development. An IDE normally consists of a source code editor, build automation tools and a debugger. Most modern IDEs have intelligent code completion. (Wikipedia)
iDRAC An integrated Dell Remote Access Controller (iDRAC) with Lifecycle Controller is embedded in every Dell PowerEdge server. Because it is embedded within each server from the factory, the Dell iDRAC with Lifecycle Controller requires no operating system or hypervisor to work.
IDS Intrusion detection is the process of monitoring the events occurring in your network and analyzing them for signs of possible incidents, violations, or imminent threats to your security policies. Intrusion prevention is the process of performing intrusion detection and then stopping the detected incidents. These security measures are available as Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS), which become part of your network to detect and stop potential incidents (Juniper).
IEEE Institute of Electrical and Electronics Engineers (IEEE) is an organization composed of engineers, scientists, and students. The IEEE is best known for developing standards for the computer and electronics industry. In particular, the IEEE 802 standards for local-area networks are widely followed. (Webopedia)
IEEE 802 IEEE 802 is a family of IEEE standards dealing with local area networks and metropolitan area networks. More specifically, the IEEE 802 standards are restricted to networks carrying variable-size packets. By contrast, in cell relay networks data is transmitted in short, uniformly sized units called cells. (Wikipedia)
IEM IBM (Tivoli) Endpoint Manager,known as IBM BigFix, formerly IBM Endpoint Manager, Tivoli Endpoint Manager (TEM) and before that, BigFix, is a systems-management software product developed by IBM for managing large groups of computers running Windows, Mac OS X, VMware ESX, Linux or UNIX, as well as various mobile operating systems such as Windows Phone, Symbian, iOS and Android. (Wikipedia)
IETF The Internet Engineering Task Force (IETF) develops and promotes voluntary Internet standards, in particular the standards that comprise the Internet protocol suite (TCP/IP). It is an open standards organization, with no formal membership or membership requirements. All participants and managers are volunteers, though their work is usually funded by their employers or sponsors.
IGA Identity Governance and Administration
IHEs Institutions of Higher Education (IHEs)
IIS Integrated Infrastructure Systems
IKE The Internet Key Exchange (IKE) is an IPsec (Internet Protocol Security) standard protocol used to ensure security for virtual private network (VPN) negotiation and remote host or network access. Specified in IETF Request for Comments (RFC) 2409, IKE defines an automatic means of negotiation and authentication for IPsec security associations (SA). Security associations are security policies defined for communication between two or more entities; the relationship between the entities is represented by a key. The IKE protocol ensures security for SA communication without the pre-configuration that would otherwise be required.
ILC Inter-local contracts (ILC) are contracts between public entities. An ILC might be referred to as an IAC when the agreement is between state agencies.
ILMT The IBM License Metric Tool (ILMT) helps you maintain an inventory of the PVU based software deployed for your Full Capacity or Virtualization (Sub-) Capacity environment, and measures the PVU licenses required by software Product. It is intended to help you manage your IBM software licensing requirements, and help you maintain an audit ready posture.
ILO Integrated Lights-Out, or iLO, is a proprietary embedded server management technology by Hewlett-Packard which provides out-of-band management facilities. The physical connection is an Ethernet port that can be found on most Proliant servers of the 300 and above series. iLO has similar functionality to the lights out management (LOM) technology offered by other vendors, for example Sun/Oracle's ILOM, Dell DRAC, the IBM Remote Supervisor Adapter and Cisco CIMC.
ILOM Oracle Integrated Lights-Out Manager (ILOM) is the service processor embedded on all Oracle's SPARC Enterprise T-series and Sun Fire x86 servers, including all rack mounts and blades. Oracle ILOM enables full out-of-band management, providing a “Just like being there” remote management capability.
IM&O Infrastructure Management & Operations (IM&O).  Gartner uses this term for companies that manage data centers for others.  M&O is the more generic version and often refers to the business and financial oversight unit. IM&O is often used as IM&O, HHS IM&O and TIERS IM&O
IMAC Install, Moves, Adds, Changes
IMC In-Memory computing (IMC) In-memory computing is the storage of information in the main random access memory (RAM) of dedicated servers rather than in complicated relational databases operating on comparatively slow disk drives. In-memory computing helps business customers, including retailers, banks and utilities, to quickly detect patterns, analyze massive data volumes on the fly, and perform their operations quickly. IMC systems have led to the emergence of hybrid transaction/analytical processing (HTAP). (Techopedia)
IMDBMS In-Memory Database Management System (IMDBMS) An in-memory database (IMDB, also main memory database system or MMDB or memory resident database) is a database management system that primarily relies on main memory for computer data storage. It is contrasted with database management systems that employ a disk storage mechanism. In-memory databases are faster than disk-optimized databases because disk access is slower than memory access, the internal optimization algorithms are simpler and execute fewer CPU instructions. Accessing data in memory eliminates seek time when querying the data, which provides faster and more predictable performance than disk. (Wikipedia)
IMDG In-Memory Data Grids is the base technology for Oracle GoldenGate HotCache
INC Incident (e.g. Helpdesk INC tickets)
Information Data as processed, stored, or transmitted by a computer.
Information Custodian A department, agency, or third-party service provider responsible for implementing the information owner-defined controls and access to an information resource.
Information Owner(s) A person(s) with statutory or operational authority for specified information or information resources.
Information Resources As defined in §2054.003(7), Texas Government Code.
Information Resources Manager As defined in §2054.071, Texas Government Code.
Information Security Program The policies, standards, procedures, elements, structure, strategies, objectives, plans, metrics, reports, services, and resources that establish an information resources security function within an institution of higher education or state agency.
Information System An interconnected set of information resources under the same direct management control that shares common functionality. An Information System normally includes, but is not limited to, hardware, software, network Infrastructure, information, applications, communications and people.
Integrity The security objective of guarding against improper information modification or destruction, including ensuring information non-repudiation and authenticity.
IOCP Input Output Configuration Program
IODF The client production Input/Output Definition File (IODF) is used as input to the Hardware Configuration Definition (HCD) to create a work IODF that becomes the base to new or upgrade configuration.
IOPS Input/Output Operations Per Second (IOPS), pronounced "eye-ops." This is unit of measurement used to describe the maximum number of reads and writes to a disk or storage area.
IOPS Input/Output Operations Per Second (pronounced "eye-ops") are a performance measurement typically used to characterize computer storage.
IoT The Internet of Things (IoT) is a system of interrelated computing devices, mechanical and digital machines, objects, animals or people that are provided with unique identifiers and the ability to transfer data over a network without requiring human-to-human or human-to-computer interaction. (TechTarget)
IP The Internet Protocol (IP) is the principal communications protocol in the Internet protocol suite for relaying datagrams across network boundaries. Its routing function enables internetworking, and essentially establishes the Internet. IP has the task of delivering packets from the source host to the destination host solely based on the IP addresses in the packet headers. For this purpose, IP defines packet structures that encapsulate the data to be delivered. It also defines addressing methods that are used to label the datagram with source and destination information.(Wikipedia)
IP Intellectual Property - a work or invention that is the result of creativity, such as a manuscript or a design, to which one has rights and for which one may apply for a patent, copyright, trademark, etc.
IPAA International Passport Advantage Agreement: Passport Advantage is IBM's program for combined software license acquisition, Software Subscription and Support, IBM Appliances and IBM SaaS subscriptions.
iPaaS integration Platform as a Service (iPaaS) is a suite of cloud services enabling development, execution and governance of integration flows connecting any combination of on premises and cloud-based processes, services, applications and data within individual or across multiple organizations. (Gartner)
IPL Initial Program Load (IPL) is a mainframe term for the loading of the operating system into the computer's main memory. A mainframe operating system (such as OS/390) contains many megabytes of code that is customized by each installation, requiring some time to load the code into the memory. On a personal computer, booting or re-booting (re-starting) is the equivalent to IPLing (the term is also used as a verb).
IPM Infrastructure Performance Monitoring
IPS Intrusion detection is the process of monitoring the events occurring in your network and analyzing them for signs of possible incidents, violations, or imminent threats to your security policies. Intrusion prevention is the process of performing intrusion detection and then stopping the detected incidents. These security measures are available as Intrusion Prevention Systems (IPS) and Intrusion Detection Systems (IDS, which become part of your network to detect and stop potential incidents (Juniper).
IPsec Internet Protocol Security (IPsec) is a protocol suite for secure Internet Protocol (IP) communications by authenticating and encrypting each IP packet of a communication session. IPsec includes protocols for establishing mutual authentication between agents at the beginning of the session and negotiation of cryptographic keys to be used during the session. IPsec can be used in protecting data flows between a pair of hosts (host-to-host), between a pair of security gateways (network-to-network), or between a security gateway and a host (network-to-host).
IPv4 Internet Protocol version 4 (IPv4) is the fourth version of the Internet Protocol (IP). It is one of the core protocols of standards-based internetworking methods in the Internet, and was the first version deployed for production in the ARPANET in 1983. It still routes most Internet traffic today, despite the ongoing deployment of a successor protocol, IPv6. IPv4 is described in IETF publication RFC 791 (September 1981), replacing an earlier definition (RFC 760, January 1980). (Wikipedia)
IPv6 Internet Protocol version 6 (IPv6) is the most recent version of the Internet Protocol (IP), the communications protocol that provides an identification and location system for computers on networks and routes traffic across the Internet. IPv6 was developed by the Internet Engineering Task Force (IETF) to deal with the long-anticipated problem of IPv4 address space exhaustion. IPv6 is intended to replace IPv4.
IRM IT Director, Information Resource Manager
ISEC IT Security Control (ISEC) document
ISM Information Security Management
ISMS An Information Security Management System (ISMS) is a set of policies and procedures for systematically managing an organization's sensitive data. The goal of an ISMS is to minimize risk and ensure business continuity by pro-actively limiting the impact of a security breach. (TechTarget)
ISO Information Security Officer
ISO/IEC 20000 ISO/IEC 20000-1:2011 is a service management system (SMS) standard. It specifies requirements for the service provider to plan, establish, implement, operate, monitor, review, maintain and improve an SMS. The requirements include the design, transition, delivery and improvement of services to fulfill agreed service requirements. (
ISO/IEC 27000/1 The ISO/IEC 27000 family of standards helps organizations keep information assets secure. Using this family of standards will help your organization manage the security of assets such as financial information, intellectual property, employee details or information entrusted to you by third parties. ISO/IEC 27001 is the best-known standard in the family providing requirements for an information security management system (ISMS). (
ISPF Interactive System Productivity Facility (ISPF) primarily provides an IBM 3270 terminal interface with a set of panels. Each panel may include menus and dialogs to run tools on the underlying Time Sharing Option (TSO). Generally, these panels just provide a convenient interface to do tasks—most of them execute modules of IBM mainframe utility programs to do the actual work. ISPF is frequently used to manipulate z/OS data sets via its Program Development Facility named ISPF/PDF, where PDF refers to Program Development Facility.
ISPF/PDF Interactive System Productivity Facility (ISPF) and editor / Program Development Facility (PDF) on mainframes primary TSO programs such as batch
ISTQB® certification International Software Testing Qualifications Board (ISTQB)
ITAD DIR Information Technology Application Delivery Team
ITAM IT Asset Management (ITAM) is the set of business practices that join financial, contractual and inventory functions to support life cycle management and strategic decision making for the IT environment.
ITAR ITAR U.S. Department of State International Traffic in Arms Regulations promulgated pursuant to the United States Arms Export Control Act of 1976, as amended.
ITC Intent to Contract (ITC)
ITCHE Information Technology Council for Higher Education (ITCHE) is a statutorily defined group of the CIOs of the six public Texas higher education systems plus a representative of the 4 public independent universities. It reviews proposed rules relating to higher education and makes recommendations and comments to the Department of Information Resources. The UT System CIO acts as the coordinator.
ITD Texas state agency's Information Technology Detail (ITD) yearly report to LBB
ITES DIR Information Technology Enterprise Services Team
ITFM Information Technology Financial Management (ITFM) a Chargeback System and software component assessable thru the STS Portal that contains financials pertaining to STS.
ITIL (v3) Information Technology Infrastructure Library (version 3). The Information Technology Infrastructure Library (ITIL) is a collection of concepts and practices combined in a series of books to be applied in IT Service Management (ITSM), IT development and IT operations.
ITKMD IT Key Metrics Data
ITL Integrated Test Laboratory (ITL) - a facility for safely simulating a Disaster Recovery scenario
ITLC Information Technology Leadership Council (ITLC) a governance committee comprised of Agency IT leadership to provide direction to the STS Program
ITO Information Technology Outsourcing
ITOA In the fields of Information Technology (IT) and systems management, IT operations analytics (ITOA) is an approach or method to retrieve, analyze, and report data for IT operations. ITOA may apply big data analytics to large datasets to produce business insights. In 2014, Gartner predicted its use might increase revenue or reduce costs. By 2017, it predicted that 15% of enterprises will use IT operations analytics technologies. (Wikipedia)
ITOM IT Operations Management (ITOM) software is intended to represent all the tools needed to manage the provisioning, capacity, performance and availability of the computing, networking and application environment. Leaders: BMC, CA, IBM, HP, …
ITPS DIR Information Technology Production Services Team
ITS DIR’s Information Technology Services (ITS) Division
ITSAC Information Technology Staff Augmentation Contract
ITSCM IT Service Continuity Management (ITSCM) aims to manage risks that could seriously impact IT services. This ITIL process ensures that the IT service provider can always provide minimum agreed Service Levels, by reducing the risk from disaster events to an acceptable level and planning for the recovery of IT services. ITSCM should be designed to support Business Continuity Management. (Wikipedia)
ITSM IT Service Management (ITSM) is a process-based practice intended to align the delivery of information technology (IT) services with needs of the enterprise, emphasizing benefits to customers. ITSM involves a paradigm shift from managing IT as stacks of individual components to focusing on the delivery of end-to-end services using best practice process models. ITIL (Information Technology Infrastructure Library) is a globally recognized collection of best practices for information technology (IT) service management.
IV&V Independent Verification and Validation (IV&V) are independent procedures that are used together for checking that a product, service, or system meets requirements and specifications and that it fulfills its intended purpose. These are critical components of a quality management system such as ISO 9000. IV&V is to be performed by a unbiased third party. (Wikipedia)
IVA An Intelligent Virtual Agent (IVA) is an animated, human-like graphical chatbot commonly displayed on website home pages and advertisement landing pages. Virtual agents are embedded with a predefined script and responses. Intelligent virtual agents - also known as virtual agents, virtual reps or v-reps - are implemented primarily on customer relationship management software. Virtual agents are designed to provide customer services, product information, marketing, support, sales, order placing, reservations or other custom services.

IVR Interactive voice response (IVR) is a technology that allows a computer to interact with humans through the use of voice and DTMF tones input via keypad. In telecommunications, IVR allows customers to interact with a company’s host system via a telephone keypad or by speech recognition, after which services can be inquired about through the IVR dialogue. IVR systems can respond with prerecorded or dynamically generated audio to further direct users on how to proceed. IVR systems deployed in the network are sized to handle large call volumes and also used for outbound calling, as IVR systems are more intelligent than many predictive dialer systems. (Wikipedia)
JAD Joint application design (JAD) is a process used in the life cycle area of the dynamic systems development method (DSDM) to collect business requirements while developing new information systems for a company. (Wikipedia)
JCL Job Control Language (JCL) for mainframe scripting
JSON JavaScript Object Notation (JSON), typically used to exchange information among REST enabled APIs using HTTP puts or posts (typically post is less overhead).
JVM Java Virtual Machines (JVM)
KB knowledge base (KB) is used to store complex structured and unstructured information used by a computer system. For example, ITIL Knowledge Management aims to gather, analyze, store and share knowledge and information within an organization. The primary purpose of this ITIL process is to improve efficiency by reducing the need to rediscover knowledge.
KM Key Metric/Measure (Capturing and monitoring the performance of a service deliverable without imposing financial credits - could become an SLA).
KPI Key Performance Indicator
KTLO Keep the Lights On (KTLO) technology refers to that portion of information technology expenditure a company has to perform on daily operational tasks. (Wikipedia)
KVA Kilo Volt Amp (KVA) Uninterruptible Power Supply (UPS) system output may be represented in KVA
KW Kilo Watts (KW) UPS system input may be represented in KW.
L/S Lift and Shift
LACP Link Aggregation Control Protocol (LACP) is part of an IEEE specification (802.3ad) that allows you to bundle several physical ports together to form a single logical channel. LACP allows a switch to negotiate an automatic bundle by sending LACP packets to the peer. It performs a similar function as Port Aggregation Protocol (PAgP) with Cisco EtherChannel. (Cisco)
LAG Link Aggregation (LAG) is a partial implementation of the 802.3ad port aggregation standard. It bundles all of the controller’s distribution system ports into a single 802.3ad port channel, thereby reducing the number of IP addresses needed to configure the ports on your controller. When LAG is enabled, the system dynamically manages port redundancy and load balances access points transparently to the user.
LAMP Open Source: (L) Linux OS, (A) Apache web server, (M) MySQL/MariaDB/MongoDB database, and (P) PHP/Perl/Python web programming language
LAN Local Area Network
LAR Legislative Appropriations Request (LAR) Agency's request to the LBB for funding approval to operate their agency for the upcoming two-year biennium.
LBB Legislative Budget Board (LBB) A joint committee of the Texas Legislature that develops budget and policy recommendations for legislative appropriations. They conduct evaluations and reviews to improve the efficiency and performance of state and local operations.
LDAP Lightweight Directory Access Protocol (LDAP) is an open, vendor-neutral, industry standard application protocol for accessing and maintaining distributed directory information services over an Internet Protocol (IP) network. Directory services play an important role in developing intranet and Internet applications by allowing the sharing of information about users, systems, networks, services, and applications throughout the network. As examples, directory services may provide any organized set of records, often with a hierarchical structure, such as a corporate email directory. Similarly, a telephone directory is a list of subscribers with an address and a phone number. (Wikipedia)
LDC Legacy Data Center (LDC) State of Texas agency owned, non-consolidated data center environment.
LDOMs Logical Domains (LDoms or LDOM) is the server virtualization and partitioning technology from Sun Microsystems for their Solaris operating system when running on SPARC V9. It was released in April 2007. Since Oracle Corporation completed the acquisition of Sun in January 2010, the product has been re-branded as Oracle VM Server for SPARC from version 2.0 onwards.
LEC Local Exchange Carrier (LEC) is a regulatory term in telecommunications for the local telephone company. In the United States, wireline telephone companies are divided into two large categories: long distance (interexchange carrier, or IXCs) and local (local exchange carrier, or LECs). (Wikipedia)
LLDP The Link Layer Discovery Protocol (LLDP) is a vendor-neutral link layer protocol in the Internet Protocol Suite used by network devices for advertising their identity, capabilities, and neighbors on an IEEE 802 local area network, principally wired Ethernet. The protocol is formally referred to by the IEEE as Station and Media Access Control Connectivity Discovery specified in standards document IEEE 802.1AB.
LOB Line of Business
Low Impact Information Resources Information resources whose loss of confidentiality, integrity, or availability could be expected to have a limited adverse effect on organizational operations, organizational assets, or individuals. Such an event could: (A) cause a degradation in mission capability to an extent and duration that the organization is able to perform its primary functions, but the effectiveness of the functions is noticeably reduced; (B) result in minor damage to organizational assets; (C) result in minor financial loss; or (D) result in minor harm to individuals.
LPARs logical partition (LPAR) is the division of a computer's processors, memory, and storage into multiple sets of resources so that each set of resources can be operated independently with its own operating system instance and applications. (TechTarget)
LSE Limited Support Environment (LSE)
M/SIP STS Server SCP “Managed-Service Integration Platform (M/SIP)” endpoint at each Enterprise Data Warehouse (EDW) source location
M2M Emerging “machine-to-machine” (M2M) or “Internet of Things” world of connected devices
MAA Maximum Availability Architecture
MAC Moves, adds and changes (MAC) is the general term for the routine work performed on computer equipment in an enterprise, including installations, relocations and upgrades. (Gartner)
MAN Metropolitan Area Network (MAN) is a network that interconnects users with computer resources in a geographic area or region larger than that covered by even a large local area network (LAN) but smaller than the area covered by a wide area network (WAN). The term is applied to the interconnection of networks in a city into a single larger network (which may then also offer efficient connection to a wide area network). (TechTarget)
MAS Managed Application Services (MAS) DIR STS offering for development, maintenance and rate card services)
MASA The Mesh Application and Service Architecture (MASA) is the preferred application architecture for the digital mesh. In the MASA, apps or services running on device mesh endpoints connect to a broad set of back-end services, creating a multichannel application that delivers an ambient user experience.
MAT Manual Audit Template (MAT) used to upload application Usage data to Software Organizer for licensing terms more complex than one-to-one.
mBaaS mobile Back-end as a Service (mBaaS) also known as cloud mobile back-end services
MBB Mobile BroadBand (MBB) is the marketing term for wireless Internet access through a portable modem, mobile phone, USB wireless modem, tablet or other mobile devices.
MDSA Multidimensional Database Search & Analysis
MFA Multi-Factor Authentication (MFA) is an approach to authentication which requires the presentation of two or more of the three independent authentication factors: a knowledge factor ("something only the user knows"), a possession factor ("something only the user has"), and an inherence factor ("something only the user is") i.e., biometric. After presentation, each factor must be validated by the other party for authentication to occur.
MFSK/FSK Multiple Frequency-Shift Keying (MFSK) is a variant of Frequency-Shift Keying (FSK), which makes use of more than two frequencies to transmit digital data. (a.k.a. wide-band)
MFT Managed file transfer (MFT) refers to a software or a service that manages the secure transfer of data from one computer to another through a network (e.g., the Internet). MFT software is marketed to corporate enterprises as an alternative to using ad-hoc file transfer solutions, such as FTP, HTTP and others. Typically, MFT offers a higher level of security and control than FTP. Features include reporting (e.g., notification of successful file transfers), non-repudiation, auditability, global visibility, automation of file transfer-related activities and processes, end-to-end security, and performance metrics/monitoring. (Wikipedia)
MIB Management Information Base (MIB) is a database used for managing the entities in a communication network. Most often associated with the Simple Network Management Protocol (SNMP), the term is also used more generically in contexts such as in OSI/ISO Network management model. (Wikipedia)
MIM Major Incident Management
MIPS The number of MIPS (million instructions per second) is a general measure of computing performance and, by implication, the amount of work a larger computer can do. For large servers or mainframes, MIPS is a way to measure the cost of computing: the more MIPS delivered for the money, the better the value. Historically, the cost of computing measured in the number of MIPS has been reduced by half on an annual basis for a number of years.
MIRP Major Information Resources (MIRP) project: as defined in Texas Government Code, Chapter 2054, any information resources technology project identified in a state agency's biennial operating plan whose development costs exceed $1 million and that requires one year or longer to reach operations status; involves more than one state agency; or substantially alters work methods of state agency personnel or the delivery of services to clients; and any information resources technology project designated by the legislature in the General Appropriations Act as a major information resources project
MIRT Major Incident Response Team (MIRT) Bridge calls, coordinated by the DIR Multisourcing Services Integrator (MSI) Major Incident Managers, to collaborate with appropriate Service Component Providers, MSI, DIR, Customers and 3rd party vendors to expedite resolution of major outages or incidents impacting the STS environment.
ML & SPDR Machine Learning (ML) & Statistical pattern discovery and recognition (SPDR)
MMIS Medicaid Management Information System (MMIS) The MMIS is an integrated group of procedures and computer processing operations (subsystems) developed at the general design level to meet principal objectives. For Title XIX purposes, "systems mechanization" and "mechanized claims processing and information retrieval systems" is identified in section 1903(a)(3) of the Act and defined in regulation at 42 CFR 433.111. The objectives of this system and its enhancements include the Title XIX program control and administrative costs; service to recipients, providers and inquiries; operations of claims control and computer capabilities; and management reporting for planning and control. (Medicaid)
Moderate Impact Information Resources Information Resources whose loss of confidentiality, integrity, or availability could be expected to have a serious adverse effect on organizational operations, organizational assets, or individuals. Such an event could: (A) cause a significant degradation in mission capability to an extent and duration that the organization is able to perform its primary functions, but the effectiveness of the functions is significantly reduced; (B) result in significant damage to organizational assets; (C) result in significant financial loss; or (D) result in significant harm to individuals that does not involve loss of life or serious life-threatening injuries.
MOF Method of Finance
MOF The guidance in the Microsoft Operations Framework (MOF) encompasses all of the activities and processes involved in managing an IT service: its conception, development, operation, maintenance, and—ultimately—its retirement. MOF 4.0 was created to provide guidance across the entire IT life cycle. Completed in early 2008, MOF 4.0 integrates community-generated processes; governance, risk, and compliance activities; management reviews, and Microsoft Solutions Framework (MSF) best practices.
MOM Message-Oriented Middleware
MOP Mainframe Operation Procedures
MOP DIR Datacenter Services Master Operating Plan (MOP)
MOU Memorandum of Understanding
MOVE AV McAfee Management for Optimized Virtual Environments (MOVE) Antivirus (AV) brings advanced virus protection to virtualized desktops and servers. Choose one efficient solution for virtual server and desktop security that works across all major hypervisors, or an agentless, tuned option for VMware NSX and VMware vCloud Networking and Security.
MPIO In computer storage, multipath I/O (MPIO) is a fault-tolerance and performance enhancement technique whereby there is more than one physical path between the CPU in a computer system and its mass storage devices through the buses, controllers, switches, and bridge devices connecting them.
MPLS Multiprotocol Label Switching (MPLS) is a type of data-carrying technique for high-performance telecommunications networks. MPLS directs data from one network node to the next based on short path labels rather than long network addresses, avoiding complex lookups in a routing table. The labels identify virtual links (paths) between distant nodes rather than endpoints. MPLS can encapsulate packets of various network protocols, hence its name "multiprotocol". MPLS supports a range of access technologies, including T1/E1, ATM, Frame Relay, and DSL. (Wikipedia)
MPLS ingress/egress Multiprotocol Label Switching router; ingress - starting point (source); egress - endpoint (drain)
MPO Metropolitan Planning Organization (MPO), a local decision-making body that is responsible for overseeing the metropolitan transportation planning process. An MPO is required for each urban area with a population of more than 50,000 people
MPP In-memory Massively Parallel Processing (MPP)
MPP Microsoft (Execution) Project Plan application
MQTT MQ Telemetry Transport (MQTT) A publish/subscribe, extremely simple and lightweight messaging protocol, designed for constrained devices and low-bandwidth, high-latency or unreliable networks. The design principles are to minimize network bandwidth and device resource requirements whilst also attempting to ensure reliability and some degree of assurance of delivery. These principles also turn out to make the protocol ideal of the emerging “machine-to-machine” (M2M) or “Internet of Things” world of connected devices, and for mobile applications where bandwidth and battery power are at a premium.
MRC Monthly Recurring Charge
MS-ISAC The Multi-State Information Sharing & Analysis Center (MS-ISAC) is the focal point for cyber threat prevention, protection, response and recovery for the nation's state, local, tribal and territorial (SLTT) governments. The MS-ISAC 24x7 cybersecurity operations center provides real-time network monitoring, early cyber threat warnings and advisories, vulnerability identification, and mitigation and incident response.
MSA Master Services Agreement
MSD Marketing Functional Specification Document (MSD) used for the DIR DCS innovation program
MSF Microsoft Solutions Framework (MSF) is a set of principles, models, disciplines, concepts, and guidelines for delivering information technology solutions from Microsoft. MSF is not limited to developing applications only, it is also applicable to other IT projects like deployment, networking or infrastructure projects. MSF does not force the developer to use a specific methodology (Waterfall, Agile) but lets them decide what methodology to use.
MSI Multi-sourcing Service Integrator (MSI) A DCS vendor providing reporting and services to Texas state agencies as set forth in the STS contract.
MSL Minimum Service Level
MSP Managed Service Provider
MSSP Master Systems Security Plan (MSSP), A system security plan is a formal plan that defines the plan of action to secure a computer or information system.
MSSP Managed Security Service Provider (MSSP)
MSTP Master Server Transformation Portfolio (MSTP)
MTD Maximum Tolerable Downtime (MTD) which defines the total amount of time that a business process can be disrupted without causing any unacceptable consequences. This value should be defined by the business management team or someone like CTO, CIO or IT manager (Default Reasoning).
MTTR The Mean Time to Resolution (MTTR) — the time it takes to diagnose and resolve a problem after it’s been identified.
MTTV Mean Time to Value (MTTV) - Average time between a request for a specific value and the initial delivery of the value requested.
MTU In computer networking, the Maximum Transmission Unit (MTU) of a communications protocol of a layer is the size (in bytes) of the largest protocol data unit that the layer can pass onwards. MTU parameters usually appear in association with a communications interface (NIC, serial port, etc.). Standards (Ethernet, for example) can fix the size of an MTU; or systems (such as point-to-point serial links) may decide MTU at connect time.
MVP In product development, the Minimum Viable Product (MVP) is the product with the highest return on investment versus risk. It is the sweet spot between products without the required features that fail at sunrise and the products with too many features that cut return and increase risk.
N/A Not Available, Not Applicable
N/N-1 STS Approved Version N and Previous Approved Version N-1 (N-2 legacy and may be unsupported N+1 beta and not fully supported)
NAC Network Access Control (or Network Admission Control) Security Solutions (NAC)
NAS Network Attached Storage (NAS)
NAT Short for Network Address Translation (NAT), an Internet standard that enables a local-area network (LAN) to use one set of IP addresses for internal traffic and a second set of addresses for external traffic.
NEC National Electrical Code (NEC) Article 645
NERC CIP The North America Electric Reliability Corporation (NERC) Critical Infrastructure Protection (CIP) plan comprises more than 100 NERC Reliability Standards, and sets requirements for protecting critical assets used in the bulk electric system and the systems that support those assets. NERC CIP consists of nine standards covering the security of electronic perimeters, physical security of critical cyber assets, personnel and training, security management, disaster recovery and more.
Next3 Next3 is a journaled file system for Linux based on ext3 which adds snapshots support, yet retains compatibility to the ext3 on-disk format. Next3 is implemented as open-source software, licensed under the GPL license.
NFS Network File System (NFS) is a distributed file system protocol originally developed by Sun Microsystems in 1984, allowing a user on a client computer to access files over a network much like local storage is accessed.
NFV Network Functions Virtualization (NFV[1]) is a network architecture concept that uses the technologies of IT virtualization to virtualize entire classes of network node functions into building blocks that may connect, or chain together, to create communication services. NFV relies upon, but differs from, traditional server-virtualization techniques, such as those used in enterprise IT. A virtualized network function, or VNF, may consist of one or more virtual machines running different software and processes, on top of standard high-volume servers, switches and storage devices, or even cloud computing infrastructure, instead of having custom hardware appliances for each network function.( Wikipedia)
NIC Network Interface Card (NIC)
NIDS Network Intrusion Detection Service (NIDS)
NIP Network Intrusion Prevention (NIP)
NIPS IBM Security Network Intrusion Prevention System
NIST National Institute of Standards and Technology
NLU Natural-Language Understanding (NLU) is a subtopic of natural-language processing in artificial intelligence that deals with machine reading comprehension. Natural-language understanding is considered an AI-hard problem. There is considerable commercial interest in the field because of its application to automated reasoning, machine translation, question answering, news-gathering, text categorization, voice-activation, archiving, and large-scale content analysis (Wikipedia).
NoOps NoOps (No Operations) means that an IT environment can become so automated and abstracted from the underlying infrastructure that there is no need for a dedicated team to manage the deployment of applications in-house. Forrester coined the term NoOps, which they define as “the goal of completely automating the deployment, monitoring and management of applications and the infrastructure on which they run.”
NoSQL A NoSQL (often interpreted as Not Only SQL database) provides a mechanism for storage and retrieval of data that is modeled in means other than the tabular relations used in relational databases.
NPBs Network packet brokers (NPBs) enable your tools to perform optimally while providing unprecedented network visibility. Unlike their TAP predecessors, NPBs are sophisticated, high-end devices that provide traffic regeneration, aggregation, load balancing, packet de-duplication, etc.
NPMD Network Performance Monitoring and Diagnostics
NRC Non-Recurring Charge
NSOC/NOC Network Security Operations Center (formerly ADROC)
NTP Network Time Protocol (NTP)
NTT Nippon Telegraph and Telephone (NTT) Corporation; system integrator for TxDOT
NUP Named Users Plus (NUP) licensing. The NUP Metric is based on users and non-human operated devices accessing the database. This metric is usually used when users can be counted. Customers using this metrics have to license either the number of NUP accessing the Oracle software or the minimum NUP – whichever NUP is higher (dbiServices)
Nymwar Nymwar is a slang term that describes controversy around how users identify themselves on various social media platforms and in other technology environments. The basic idea of nymwars is that there is a tug-of-war between users who wish to remain anonymous and parties who demand the use of real names in online or virtual communications. A nymwar is also known as a pseudonym war.
O365 Microsoft Office 365 is a Software as a Service offering for collaboration and email.
OAS Oracle Application Server (OAS) The Oracle Application Server 10g (the "g" stands for grid) (short Oracle AS), consists of an integrated, standards-based software platform. It forms part of Oracle Corporation's Fusion Middleware technology stack. (Wikipedia)
OBI Operational Business Intelligence
OCISO Office of Chief Information Security Officer (State of Texas)
ODA On-Demand Application
OEM An Original Equipment Manufacturer (OEM) is a company that produces parts and equipment that may be marketed by another manufacturer. However, the term is used in several other ways, which causes ambiguity. It sometimes means the maker of a system that includes other companies' subsystems, an end-product producer, an automotive part that is manufactured by the same company that produced the original part used in the automobile's assembly, or a value-added reseller. (Wikipedia)
OEM Oracle Enterprise Manager (OEM or EM) is a set of web-based tools aimed at managing software and hardware produced by Oracle Corporation as well as by some non-Oracle entities.
OLA Operating Level Agreement (Agreement between service providers defining the measurement of services between the parties).
OLAP On-Line Analytical Processing
OLTP Online transaction processing, or OLTP, is a class of information systems that facilitate and manage transaction-oriented applications, typically for data entry and retrieval transaction processing.
OMS In relational database management systems and in the particular context of an Oracle Enterprise Manager (OEM) environment, an Oracle Management Server (OMS) is a software system that functions as a middle tier between Oracle intelligent agents and Oracle management consoles. The system may operate on multiple nodes and by default uses a schema named DBSNMP. Through this system, database administrators may view and control their OEM domain(s).
OnBoarding Process of bringing on a new employee or equipment "on board". Sometimes seen as “On-Boarding”.
OOO Out Of Office
OpEx Operating Expense (costing) model represents the ongoing cost to run a product, business or system. It is contrasted with the Capital Expense (CapEx) to develop or provide non-consumable parts for the product or system.
OPS Operation Services
OSI model The Open Systems Interconnection model (OSI) is a conceptual model that characterizes and standardizes the internal functions of a communication system by partitioning it into abstraction layers. The model is a product of the Open Systems Interconnection project at the International Organization for Standardization (ISO), maintained by the identification ISO/IEC 7498-1. Description of OSI layers:
  • Layer 1: physical layer
  • Layer 2: data link layer
  • Layer 3: network layer
  • Layer 4: transport layer
  • Layer 5: session layer
  • Layer 6: presentation layer
  • Layer 7: application layer
OSS Open-Source Software (OSS) is computer software with its source code made available with a license in which the copyright holder provides the rights to study, change, and distribute the software to anyone and for any purpose. Open-source software may be developed in a collaborative public manner. According to scientists who studied it, open-source software is a prominent example of open collaboration. The term is often written without a hyphen as "open source software". (Wikipedia)
OTC One-Time Charge
OVA An OVA file is an Open Virtualization Archive that contains a compressed, "installable" version of a virtual machine (VM). When you open an OVA file it extracts the VM and imports it into whatever virtualization software you have installed on your computer.
OWA Outlook Web Application. The web interface provided by Microsoft for users to access mail services via an internet browser.
P-V Conversion of server instances from Physical to Virtual (machine)
PaaS Platform as a Service (PaaS) The capability provided to the consumer is to deploy onto the cloud infrastructure consumer-created or acquired applications created using programming languages, libraries, services, and tools supported by the provider. The consumer does not manage or control the underlying cloud infrastructure including network, servers, operating systems, or storage, but has control over the deployed applications and possibly configuration settings for the application-hosting environment.
PAgP Port Aggregation Protocol (PAgP) is a Cisco Systems proprietary networking protocol, which is used for the automated, logical aggregation of Ethernet switch ports, known as an etherchannel. (Wikipedia)
PAL In the DIR STS environment, when servers are set to deployed and moved into production the Project Acceptance Letter (PAL) is prepared by the Service Component Provider and sent to DIR Customers.
PAM Privileged Account Management
PAM Project Account Manager - typically Service Component Provider staff.
PAWS Protect Against Wrapped Sequences (PAWS) network testing. PAWS is used when the receive window crosses the sequence number wraparound boundary. In the case where a packet was potentially retransmitted it answers the question: "Is this sequence number in the first 4 GB or the second?" And the timestamp is used to break the tie.
PB (PetaByte) The petabyte is a multiple of the unit byte for digital information. The prefix peta indicates the fifth power of 1000 and means 1015 in the International System of Units (SI), and therefore 1 petabyte is one quadrillion (short scale) bytes, or 1 billiard (long scale) bytes. The unit symbol for the petabyte is PB. 1 PB = 1000000000000000B = 1015bytes = 1000terabytes. A related unit, the pebibyte (PiB), using a binary prefix, is equal to 10245 bytes, which is more than 12% greater (250 bytes = 1125899906842624bytes). One thousand peta bytes (1000 PB) is equal to one exabyte (1 EB). (Wikipedia)
PCI Payment Card Industry
PCLS Prioritization of Cybersecurity and Legacy Systems (PCLS). Analysis of projects submitted as part of Legislative Appropriations Request (LAR) submissions. (Facilitated through the DIR SPECTRIM system)
PCR Project Change Request is a process utilized to make any changes consisting of scope, cost or schedule once the project is in implementation.
PCS Procurement and Contracting Services
PDB Physical Database
PDU Power Distribution Unit (PDU) or mains distribution unit (MDU) is a device fitted with multiple outputs designed to distribute electric power, especially to racks of computers and networking equipment located within a data center. 3-phase devices must be connected by consecutive poles to operate correctly. PDUs may be smart and monitored.
PF In electrical engineering, the Power Factor of an AC electrical power system is defined as the ratio of the real power flowing to the load to the apparent power in the circuit, and is a dimensionless number in the closed interval of ?1 to 1. A power factor of less than one means that the voltage and current waveforms are not in phase, reducing the instantaneous product of the two waveforms (V × I) (Wikipedia)
PFA Predictive Failure Analysis (PFA) refers to computer mechanisms that analyze trends in corrected errors to predict future failures of hardware components and proactively enabling mechanisms to avoid them.
PG Partner Group (PG) A grouping of agencies with similar business characteristics to facilitate governance, conduct meetings, and balance the workload of STS resource assignments.
PgM DIR STS MSI Program Manager (PgM)
PHI Personal Health Information (Confidential Information)
PIA Public Information Act Texas Government Code, Chapter 552, gives you the right to access government records; and an officer for public information and the officer's agent may not ask why you want them. All government information is presumed to be available to the public. Certain exceptions may apply to the disclosure of the information. Governmental bodies shall promptly release requested information that is not confidential by law, either constitutional, statutory, or by judicial decision, or information for which an exception to disclosure has not been sought. (Texas Comptroller)
PII Personally Identifiable Information (PII) (Confidential Information) A category of personal identity information as defined by §521.002(a)(1), Business and Commerce Code. It is information that can be used on its own or with other information to identify, contact, or locate a single person, or to identify an individual in context. (Wikipedia)
Pilot pilot is a productionalized system available for a subset of the whole audience. The reason for doing a pilot is to get a better understanding of how the product will be used in the field and to refine the product. Another name for Pilot is Minimum Viable Product (MVP).
PIM Privileged Identity Management (PIM) (sometimes referred to as privileged access management, privileged user and password management, etc.) is about understanding who and what has access to system administrator and high-risk business, such as shared accounts.
PIO Public Information Officer (PIO)
PIR Post Implementation Review (PIR) is used in the STS program to describe the results of a completed change.
PiT Point-in-Time (e.g., PIT data recovery)
PKE Process Known Error (PKE) record documenting the preventative measures determined by a RCA (root cause analysis) and a PBI (problem investigation record)
PKI Public Key Infrastructure (PKI) is a set of roles, policies, and procedures needed to create, manage, distribute, use, store, and revoke digital certificates and manage public-key encryption. The purpose of a PKI is to facilitate the secure electronic transfer of information for a range of network activities such as e-commerce, internet banking and confidential email. It is required for activities where simple passwords are an inadequate authentication method and more rigorous proof is required to confirm the identity of the parties involved in the communication and to validate the information being transferred. (Wikipedia)
PM Preventive Maintenance
PO Purchase Order
POC Point of Contact
POC/PoC Proof of Concept (PoC) is a realization of a certain method or idea in order to demonstrate its feasibility, or a demonstration in principle with the aim of verifying that some concept or theory has practical potential. A proof of concept is usually small and may or may not be complete. (Wikipedia)
PoE Proof of Entitlement (software license and compliance)
Policy A course or principle of action adopted or proposed by a government, party, business, or individual.
PoP Point of Presence (PoP) is an artificial demarcation point or interface point between communicating entities. (Wikipedia)
POP3 POP3 (Post Office Protocol 3) is a version of a standard protocol for receiving e-mail. POP3 is a client/server protocol in which e-mail is received and held for you by your Internet server.
PoT Proof of Technology (PoT) is used interchangeably with "proof of concept" (PoC) or "pilot project".
PoV Proof of Value (PoV) distinct from a PoC in that a PoV proves it will work for the customer and that the expected value to be realized is real and can be justified and measured.
PPM Policies and Procedures Manual
PPM Project and Portfolio Management
PPMO Program and Portfolio Management Office
PPS Planned Procurement Schedule (PPS) is a quarterly report submitted by all state agencies to DIR detailing agency's planned purchases and broken into future quarters for the Fiscal Year.
PPTP VPN PPTP VPN is the process of creating and managing Virtual Private Network (VPN) connections or services using point-to-point tunneling protocol (PPTP). It is one of the most common ways of creating a VPN connection, and operates at layer 2 of the OSI model.
Procedure An explanation of ‘how’ a policy is to be carried out or executed. Compliance with procedure related to policy is required and not optional. Procedures may be narrative guidelines or step-by-step “cook-book” instructions. May be instructions to assist information security staff, custodians, and users in implementing policies, standards and guideline.
Prototype prototype simulates the full system or at least a relevant part of it. While a Proof of Concept (POC) shows that a product or feature can be done, a prototype explains how it will be done. A prototype may provide some re-usable components that can be re-used in a pilot or production version.
PSAP Public-Safety Answering Point (PSAP), sometimes called "public-safety access point", is a call center responsible for answering calls to an emergency telephone number for police, firefighting, and ambulance services.
PT Pass-Through (PT) charge.  Cost + some percentage uplift for an STS Service Component Provider to procure items and invoices to a DIR Customer.
PTM Pricing Team Member (PTM) an STS Service Component Provider for software procurement.

PUE Power Usage Effectiveness
QA Quality Assurance
QAPC Quality Assurance and Process Compliance (QAPC) Review program managed by the MSI Process & Training Team. It is a component of CSI – every quarter DIR STS reviews several programs and measures results against objectives and identifies gaps and opportunities for improvement.  Once a year DIR STS agrees as to what should be reviewed and in which quarter.
QAT The Texas Quality Assurance Team (QAT) implements a consistent and repeatable approach for quality assurance review of technology projects within Texas. Projects are continually assessed to help reduce the likelihood that a project will not deliver a quality solution based on the schedule, budget, and scope commitments made to state leadership.
QFSDP Quarterly Full Stack Download Patch for Oracle Exadata
QOR Quarterly Operations Review (QOR) All-day DIR Service Component Provider meeting to review performance of each STS service Tower.
QoS Quality of service (QoS) is the description or measurement of the overall performance of a service, such as a telephony or computer network or a cloud computing service, particularly the performance seen by the users of the network. In the field of computer networking and other packet-switched telecommunication networks, quality of service refers to traffic prioritization and resource reservation control mechanisms rather than the achieved service quality. Quality of service is the ability to provide different priority to different applications, users, or data flows, or to guarantee a certain level of performance to a data flow. (Wikipedia)
RA Risk Assessment (RA) is the combined effort of

1. identifying and analyzing potential (future) events that may negatively impact individuals, assets, and/or the environment (i.e., risk analysis); and

2. making judgments "on the tolerability of the risk on the basis of a risk analysis" while considering influencing factors (i.e., risk evaluation). Put in simpler terms, a risk assessment analyzes what can go wrong, how likely it is to happen, what the potential consequences are, and how tolerable the identified risk is. As part of this process, the resulting determination of risk may be expressed in a quantitative or qualitative fashion. The risk assessment plays an inherent part of an overall risk management strategy, which attempts to, after a risk assessment, "introduce control measures to eliminate or reduce" any potential risk-related consequences (Wikipedia).
RAC Oracle Real Application Clusters (RAC) provides software for clustering and high availability in Oracle database environments. Oracle Corporation includes RAC with the Standard Edition of Oracle Database (aka Baby RAC), but makes it an extra-charge option for the Enterprise Edition.
RACI Who is Responsible, Accountable, Consulted and Informed.
RAD Rapid Application Development (RAD) is both a general term used to refer to alternatives to the conventional waterfall model of software development as well as the name for James Martin's approach to rapid development. In general, RAD approaches to software development put less emphasis on planning and more emphasis on process. In contrast to the waterfall model, which calls for rigorously defined specification to be established prior to entering the development phase, RAD approaches emphasize adaptability and the necessity of adjusting requirements in response to knowledge gained as the project progresses. Prototypes are often used in addition to or sometimes even in place of design specifications. (Wikipedia)
RAID RAID (originally redundant array of inexpensive disks; now commonly redundant array of independent disks) is a data storage virtualization technology that combines multiple disk drive components into a logical unit for the purposes of data redundancy or performance improvement. RAID level indicates type of redundancy and recoverability (mirrored, striped, parity, etc.)
RAID log RAID stands for Risks, Actions, Issues and Decisions. The RAID log is a simple tool to keep track of all of these, which can be very useful in regular project meetings as well as for audit purposes.
RAIN Redundant Array of Independent Nodes (RAIN) is a disk subsystem that provides distributed data storage and protection in network architecture by integrating inexpensive hardware and management software. RAIN is designed to offer scalable and reliable network-attached storage (NAS) by combining off-the-shelf distributed computing and commodity hardware with sound management software. It is designed to improve on the shortcomings of non-redundant NAS systems. The concept of RAIN is derived from redundant array of independent disks (RAID), which is a similar system that is implemented at the disk level. Redundant array of independent nodes may also be called redundant array of inexpensive nodes. (e.g., HCP, Avamar Grid) (Technopedia)
RASP Runtime application self-protection (RASP) is a security technology that is built or linked into an application or application runtime environment, and is capable of controlling application execution and detecting and preventing real-time attacks. (Gartner)
RBAC Role Based Access Controls (RBAC) Role-based access control (RBAC) is a method of regulating access to computer or network resources based on the roles of individual users within an enterprise. In this context, access is the ability of an individual user to perform a specific task, such as view, create, or modify a file. (TechTarget)
RBAC Role-Based Access Control (RBAC)
RC Release Candidate (RC), also known as "going silver", is a beta version with potential to be a final product, which is ready to release unless significant bugs emerge. In this stage of product stabilization, all product features have been designed, coded and tested through one or more beta cycles with no known showstopper-class bugs. (Wikipedia)
RCA Root Cause Analysis (RCA) Identifies the cause of a problem or outage and details actions required to resolve.
RDBMS Relational Data Base Management System
RDF Resource Description Framework (RDF) is a model for encoding semantic relationships between items of data so that these relationships can be interpreted computationally. RDF (family of World Wide Web Consortium specifications) was originally designed as a metadata data model. It has come to be used as a general method for conceptual description or modeling of information that is implemented in web resources, using a variety of syntax notations and data serialization formats.
RDU Rack Distribution Unit (RDU) (e.g. Power Strips)
RE/FM Real Estate / Facility Management (RE/FM)
Refresh (cycle) Period of time determined for update of equipment and software. Examples are five years for server hardware, seven years for network switches.
regex Use of pattern-matching or regular expression (regex)
REIT Real Estate Investment Trust security that sells like a stock on the major exchanges and invests in real estate directly, either through properties or mortgages. REITs receive special tax considerations and typically offer investors high yields, as well as a highly liquid method of investing in real estate.
Residual Risk The risk that remains after security controls have been applied.
REST API Representational state transfer (REST) Application Programming Interface (API) or RESTful web services are a way of providing interoperability between computer systems on the Internet. REST-compliant Web services allow requesting systems to access and manipulate textual representations of Web resources using a uniform and predefined set of stateless operations. Other forms of Web services exist, which expose their own arbitrary sets of operations such as WSDL and SOAP. (Wikipedia)
RFC Request for Change
RFID Radio-frequency Identification (RFID) uses electromagnetic fields to automatically identify and track tags attached to objects. The tags contain electronically stored information. Passive tags collect energy from a nearby RFID reader's interrogating radio waves. Active tags have a local power source such as a battery and may operate at hundreds of meters from the RFID reader. Unlike a barcode, the tag need not be within the line of sight of the reader, so it may be embedded in the tracked object. RFID is one method for Automatic Identification and Data Capture (AIDC).
RFO A Request for Offer (RFO) is an open and competitive purchasing process whereby an organization requests the submission of offers in response to specifications and/or a scope of services. An RFO may also include a cost proposal. (TechTarget)
RFQ Request for Qualifications; Request for Quote
RFS DIR STS Request for Solution/Service (RFS) is initiated by a Solution Request and results in a financial obligation to the requestor.
RFS Remote File Server (RFS) (e.g., Oracle "Data Guard")
Risk The effect on the entity's missions, functions, image, reputation, assets, or constituencies considering the probability that a threat will exploit a vulnerability, the safeguards already in place, and the resulting impact. Risk outcomes are a consequence of Impact levels defined in this section.
Risk Assessment The process of identifying, evaluating, and documenting the level of impact on an organization's mission, functions, image, reputation, assets, or individuals that may result from the operation of information systems. Risk Assessment incorporates threat and vulnerability analyses and considers mitigations provided by planned or in-place security controls.
Risk Management The process of aligning information resources risk exposure with the organization's risk tolerance by either accepting, transferring, or mitigating risk exposures.
RMAN Recovery Manager (RMAN) supplied for Oracle databases by Oracle Corporation. Provides backup, restore, and recovery capabilities.
RMO Records Management Officer
rootvg Every AIX system has a rootvg. It's a volume group—a logical group of disks—that is created at the time you install AIX. It contains the AIX operating system with its standard file systems. (IBM Developer Works)
RPA EMC RecoveryPoint Appliance (RPA) which manages the replication setup and operations, compressing the data with advanced algorithms for efficient bandwidth utilization that reduces network cost up to 90% (per EMC) RPAs are deployed in a cluster of up to eight units with a minimum of two in a single cluster.
RPA Robotic Process Automation (RPA) is an emerging form of business process automation technology based on the notion of software robots or artificial intelligence (AI) workers (Wikipedia).
RPC In computer science, a remote procedure call (RPC) is an inter-process communication that allows a computer program to cause a subroutine or procedure to execute in another address space (commonly on another computer on a shared network) without the programmer explicitly coding the details for this remote interaction.
RPO A Recovery Point Objective, or “RPO”, is defined by business continuity planning. It is the maximum tolerable period in which data might be lost from an IT service due to a major incident. (i.e., amount of potential data loss)
RRB For DIR STS, once the Solutions Design Proposal (SDP) is approved by the Engineering Review Board (ERB), the SDP and Cost Estimating Tool (CET) is reviewed by the Resource Review Board (RRB) to review the draft schedule and soft book resources.
RRC/ARC Additional Resource Charges (ARCs) or Reduced Resource Credits (RRCs) are incremental charges/credits for volumes above or below the Monthly Resource Baselines but within the resource unit pricing bands.

These terms are used in the DIR Data Center Services contract.

Base/Variable is an Exhibit 4B term meaning the costs for the certain items (like infrastructure SW) in part of the monthly base charge + variable ARC/RRC methodology vs charged separately like (HSC/SSC). 

Additional Resource Charges (ARCs) are the incremental charges set forth in Exhibit 4 for the use of the Services above the Monthly Resource Baselines for such Services. Reduced Resource Charges (RRCs) are the incremental credits set forth in Exhibit 4 to the Agreement for the use of Services below the Monthly Resource Baselines for such Services.

RRS Records Retention Schedule (TSLAC)
RSS RDF Site Summary (RSS) (originally; later, two competing approaches emerged, which used the backronyms Rich Site Summary and Really Simple Syndication respectively) is a type of web feed which allows users and applications to access updates to websites in a standardized, computer-readable format (Wikipedia).
RTM Release to Manufacturing (RTM) The term "release to manufacturing", also known as "going gold", is a term used when a software product is ready to be delivered. This build may be digitally signed, allowing the end user to verify the integrity and authenticity of the software purchase. A copy of the RTM build known as the "gold master" or GM is sent for mass duplication if applicable. RTM precedes general availability (GA) when the product is released to the public. (Wikipedia)
RTO The Recovery Time Objective (RTO) is the duration of time and a service level within which a business process must be restored after a disaster (or disruption) in order to avoid unacceptable consequences associated with a break in business continuity.
RTS / IVTRS / TPE The counties use RTS (Registration and Title System) to process internet registration renewals. However, RTS is merely one component in the electronic registration renewal process. First, customers access IVTRS (Internet Vehicle and Title Registration Service) online to pay for a registration renewal. Transactions are then processed via TPE (Transaction Processing Engine). Once a renewal payment is authorized, the renewal is sent to RTS to be evaluated.
RU Resource Unit (RU) A term used with invoicing for computing cost
S3 Amazon Simple Storage (blob) Service
SA System Administrator
SaaS Software as a Service (SaaS) The capability provided to the consumer is to use the provider’s applications running on a cloud infrastructure. The applications are accessible from various client devices through either a thin client interface, such as a web browser (e.g., web-based email), or a program interface. The consumer does not manage or control the underlying cloud infrastructure including network, servers, operating systems, storage, or even individual application capabilities, with the possible exception of limited user-specific application configuration settings. (NIST)
SACM DIR STS Service Assets & Configuration Management (SACM) team
Safe Mode An alternate method of booting Microsoft Windows for the purpose of diagnosing operating system-specific problems.
SAIN SAN-attached array of independent nodes (e.g., HCP)
SAML Security Assertion Markup Language (SAML, pronounced sam-el) is an open standard for exchanging authentication and authorization data between parties, in particular, between an identity provider and a service provider. As its name implies, SAML is an XML-based markup language for security assertions (statements that service providers use to make access-control decisions). SAML is also: A set of XML-based protocol messages A set of protocol message bindings A set of profiles (utilizing all of the above) (Wikipedia)
SAN Storage Area Network
SAPM Shared-Account Password Management
SBC Enterprise Session Border Controllers (SBC) provide security, interoperability, session control, resiliency and supportability between enterprise and carrier Session Initiation Protocol (SIP) trunks, and enterprise Unified Communications (UC) telephony platforms.
SCATA DIR STS Security Clearance Access and Tracking Database
SCCM System Center Configuration Manager (SCCM) (officially referred to as ConfigMgr 2012 or ConfigMgr 2007 or simply ConfigMgr), formerly Systems Management Server (SMS), is a systems management software product by Microsoft for managing large groups of computers running Windows, Windows Embedded, Mac OS X, Linux or UNIX, as well as various mobile operating systems such as Windows Phone, Symbian, iOS and Android. Configuration Manager provides remote control, patch management, software distribution, operating system deployment, network access protection and hardware and software inventory.
SCIM System for Cross-domain Identity Management (SCIM) is an open standard for automating the exchange of user identity information between identity domains, or IT systems. The SCIM standard was created to simplify user management in the cloud by defining a schema for representing users and groups and a REST API for all the necessary CRUD operations
SCM Service Center Management
SCM Supply Chain Management
SCON DIR DCS Server Consolidation (The process of relocating agency servers from their local (legacy) data centers (LDC) to one of the Consolidated Data Centers).
SCP Service Component Provider (SCP) DIR STS Vendor(s) providing infrastructure and services to Texas state DIR Customers as set forth in STS Contracts.

SDA Service Desk (SD) Agent (SDA) who takes the original service call from Customer/End-User (CEU) at the Help Desk managed through outsourced contract for DIR
SDAS Software-Defined Application Services
SDC/SADC San Angelo Data Center - A facility located in San Angelo, Texas that hosts servers and supporting infrastructure for DCS DIR Customers business applications for DIR Customers participating in the STS contract.
SDD Software Design Description (a.k.a. software design document or SDD) is a written description of a software product, that a software designer writes in order to give a software development team overall guidance to the architecture of the software project. An SDD usually accompanies an architecture diagram with pointers to detailed feature specifications of smaller pieces of the design. Practically, the description is required to coordinate a large team under a single vision, needs to be a stable reference, and outline all parts of the software and how they will work. (Wikipedia)
SDK Software Development Kit (SDK or "devkit") is typically a set of software development tools that allows the creation of applications for a certain software package, software framework, hardware platform, computer system, video game console, operating system, or similar development platform.
SDLC Software Development Life Cycle is a framework that defines activities performed throughout the software development process. (Synopsys)
SDLC Systems Development Life Cycle (SDLC) The systems development life cycle (SDLC), also referred to as the application development life-cycle, is a term used in systems engineering, information systems and software engineering to describe a process for planning, creating, testing, and deploying an information system The systems development lifecycle concept applies to a range of hardware and software configurations, as a system can be composed of hardware only, software only, or a combination of both (Wikipedia)
SDN Software-Defined Networking (SDN) is an approach to computer networking that allows network administrators to manage network services through abstraction of lower level functionality. This is done by decoupling the system that makes decisions about where traffic is sent (the control plane) from the underlying systems that forward traffic to the selected destination (the data plane). The inventors and vendors of these systems claim that this simplifies networking.
SDP Solutions Design Proposal (SDP) Submitted to DIR Customers, along with the Cost Estimating Tool (CET) (estimated design cost) to obtain agency approval to move forward with solution development
SDSG Service Delivery Solutions Group (SDSG) DIR STS Governance committee comprised of agency resources that review service delivery issues and recommends and approves changes to delivery processes.
SDSI Self-Directed Semi-Independent (SDSI) agencies are a subset of agencies that fall under the SDSI Agency Project Act, which allows some agencies to collect revenues and establish budgets outside of the appropriations process.
SEB Source Evaluation Board (SEB) 

group that reviews the vendor responses on an RFO

CPO term.

SECC Texas State Employee Charitable Campaign
Security Incident An event which results in the accidental or deliberate unauthorized access, loss, disclosure, modification, disruption, or destruction of information or information resources.
Security Procedures These define roles, responsibilities, and procedures for IT staff in following the Disaster Recovery Plan; securing DIR data, information, and hardware; incident reporting and investigations; and other procedures relevant to IT security.
SED Self-Encrypting Drive (SED) technology is the same as Hardware Full-Disk Encryption (FDE) technology
SEO Search Engine Optimization (SEO) is the process of affecting the online visibility of a website or a web page in a web search engine's unpaid results—often referred to as "natural", "organic", or "earned" results. In general, the earlier (or higher ranked on the search results page), and more frequently a website appears in the search results list, the more visitors it will receive from the search engine's users; these visitors can then be converted into customers. SEO may target different kinds of search, including image search, video search, academic search, news search, and industry-specific vertical search engines. SEO differs from local search engine optimization in that the latter is focused on optimizing a business' online presence so that its web pages will be displayed by search engines when a user enters a local search for its products or services. The former instead is more focused on national or international searches. (Wikipedia)
SEV1 Severity One incident indicating a critical service outage.
SEV1 In STS, may refer to the SevOne monitoring tool.
SFA Scheduled for Approval / Review for change release
SFP Small Form-factor Pluggable (SFP) transceiver module
SFR Scheduled for Approval / Review for change release
Shared networked resources Shared networked resources consist of logically organized space for the storage of data created and used by staff in divisional, community, or otherwise specified logical groups. Shared networked resources are established, managed, and maintained centrally by designated IT staff
SI System Integration (SI) is an IT or engineering process or phase concerned with joining different subsystems or components as one large system. It ensures that each integrated subsystem functions as required. (Techopedia)
SIAM Service Integration and Management (SIAM) is an approach to managing multiple suppliers of services (business services as well as information technology services) and integrating them to provide a single business-facing IT organization. It aims at seamlessly integrating interdependent services from various internal and external service providers into end-to-end services in order to meet business requirements (Wikipedia)
SIAM It is the goal of the Service Integration Assurance Management (SIAM) Team to provide the customer base of the STS Contract, STS Customers, STS Personnel, Service Component Provider Personnel, and MSI Personnel with a Service Management Toolset and related functionality that are available on a 24x7 basis, not including maintenance windows.
SID The Oracle System ID (SID) is used to uniquely identify a particular database on a system. For this reason, one cannot have more than one database with the same SID on a computer system. (Oracle)
SIEM Security information and event management (SIEM) is a term for software products and services combining security information management (SIM) and security event management (SEM). (e.g., Nitro)
SIP The Session Initiation Protocol (SIP) is a signaling communications protocol, widely used for controlling multimedia communication sessions such as voice and video calls over Internet Protocol (IP) networks.
sl End of Life (EOL) - A DCS asset which is in the process of being decommissioned
SLA Service Level Agreement (SLA) Contractual performance measures that must be met by the service provider to avoid penalty
SLI Software-Led Infrastructure software-led infrastructure (SLI) refers to datacenter technologies that form the underpinning for application portability & functionality, data placement, and automation within and between datacenters. SLI technologies have a design point with the aim to synchronize with other datacenter technologies and optimize for:
  • Speed, Performance, or Time to Market
  • Availability and/or business Continuity
  • Efficiency and Cost Reduction
  • Business and IT Productivity


SLIP Service Level Improvement Plan
SLOE Software License Optimization and Entitlement
SLR Service Level Requirements (SLR) is a standard for performance of the services, which sets Provider and Service Recipient expectations, describes the products or services to be delivered, and specifies the metrics by which the effectiveness of service activities, functions and processes will be measured, examined, changed, and controlled.
SMACIT Social, Mobile, Analytics, Cloud, and Internet of Things (SMACIT) technologies.
SMART Services Management and Resource Tracking for IT Education
SME Subject Matter Expert
SMM Service Management Manual (SMM) A series of DIR STS documents that describe operational procedures and policies
SMP Symmetric Multiprocessing (SMP) - involves a multiprocessor computer hardware and software architecture where two or more identical processors are connected to a single, shared main memory, have full access to all input and output devices, and are controlled by a single operating system instance that treats all processors equally, reserving none for special purposes. (Wikipedia)
SNMP Simple Network Management Protocol for managing devices on IP networks
SO Software Organizer (SO) tool used on the STS contract for storing Proof of Entitlement (PoE) and usage application data and calculating software license compliance positions.
SOA Service-Oriented Architecture (SOA) is a meta architecture — that is, an architecture that unifies multiple (stand-alone) application level architectures to enable composite applications.
SOAP Simple Object Access Protocol (SOAP) is a protocol specification for exchanging structured information in the implementation of web services in computer networks. It uses XML Information Set for its message format, and relies on application layer protocols, most often Hypertext Transfer Protocol (HTTP) or Simple Mail Transfer Protocol (SMTP), for message negotiation and transmission.
SOC Security Operations Center
SOC Service Organization Control (SOC) is a standard of compliance that has three types of certification, aptly named SOC 1, SOC 2 and SOC 3.

SOC 1® – Service Organization Control (SOC) 1 is a standard of compliance certification for the ICFR Report on Controls at a Service Organization Relevant to User Entities’ Internal Control over Financial Reporting (AICPA.ORG).

SOC 2, SOC 2+

SOC 2® – Service Organization Control (SOC) 2 is a standard of compliance certification for the Trust Services Criteria Report on Controls at a Service Organization Relevant to Security, Availability, Processing Integrity, Confidentiality or Privacy (AICPA.ORG).


SOC 3® – Service Organization Control (SOC) 3 is a standard of compliance certification for the Trust Services Criteria for General Use Report. These reports are designed to meet the needs of users who need assurance about the controls at a service organization relevant to security, availability, processing integrity confidentiality, or privacy, but do not have the need for or the knowledge necessary to make effective use of a SOC 2 Report. Because they are general use reports, SOC 3 reports can be freely distributed (AICPA.ORG).

SOHO Small Office/Home Office
SOP Standard Operating Procedure
SOP Server Operation Procedures
SORM Texas State Office of Risk Management
SoT State of Texas (SoT)
SOW Statement of Work
SP&R Capgemini Service Performance & Reporting team - measurements against SLAs and importing them into ServiceNow
SPAN (port) Most enterprise switches copy the activity of one or more ports through a Switch Port Analyzer (SPAN) port, also known as a mirror port. An analysis device can then be attached to the SPAN port to access network traffic.
SPDR & ML Machine Learning (ML) & Statistical pattern discovery and recognition (SPDR)
SPECTRIM The Statewide Portal for Enterprise Cybersecurity Threat, Risk & Incident Management (SPECTRIM) (based on RSA Archer SaaS platform)
SPI Sensitive Personal Information (SPI) or personally identifiable information (PII), as defined by §521.002(a)(2), Business and Commerce Code. Information that alone or in conjunction with other information identifies an individual.
SPOC Single Point of Contact
SPOF Single Point of Failure
SPSM SaaS Platform Security Management (SPSM) technologies
Spyware A form of Malicious Software that collects information about Users without their knowledge.
SQE Senior / Software Quality Engineer
SQE Safety, Quality, and Environmental (SQE) (ISO 9000, 14001)
SQL SQL is a standardized Structured Query Language for requesting information from a database, typically a tabular relational Database Management System (DBMS).
SR Service Request (SR) A request from a User for information, or advice, or for a Standard Change or for Access to an IT Service. For example, to reset a password, or to provide standard IT Services for a new User. Service Requests are usually handled by a Service Desk, and do not require an Request for Change (RFC) to be submitted. (KnowledgeTransfer)
SRC Systems Rationalization Consolidation (SRC) DIR STS project.
SRM Service Responsibility Matrix (SRM) Defines the level of responsibility of the SCP, MSI and DIR Customers for functions within STS.
SRT Schedules, Retentions and Targets (SRT) backup schedules, data retention period, targets to be backed up; Used in reference to the Schedules, Retention periods and Target environment for specific backups jobs. Defined by DIR Customers as a safeguard for data recovery.
SSA Source Selection Authority (SSA) 

oversees the source selection process and selects the source or sources whose proposal(s) is the best value to the organization.

SSC Software Service Charge (SSC) software – STS Customer requested and payable by the DIR Customers - Requires Agency approval
SSD solid-state drive (SSD) (also known as a solid-state disk or flash storage)
SSD Software String Description - acronym Capgemini is using for software compliance and standardizing software names. It is part of the method utilized to associate proof of entitlement documentation to the specific software license it represents
SSD A set of Standard Software Descriptions (SSD) used to associate a licensing pool with a particular application record. SSD is a combination of the Publication, Application, and Version for a particular software. These are gathered by the Discovery Tool during software scans and are utilized when linking the Proof of Entitlement with the Software's usage data.
SSIS SQL Server Integration Services (SSIS) is a component of Microsoft SQL Server database software used for data migration and workflow. Provides data warehousing tool for data extraction, transformation, and loading (ELT).
SSLC/SSLCs Texas HHS State Supported Living Centers
SSO Single Sign-On
SSP State Strategic Plan (SSP) for Information Resources presents updated technology trends agency leaders identified as relevant and describes how these trends will impact the direction for information resources management state.
SSRB Prior to project closure, the servers are reviewed by the SCP Steady State Review Board (SSRB) to ensure all of the tools are installed, etc., prior to accepting the servers for Steady State support.
SSRS SQL Server Reporting Services (SSRS) is a server-based report generating software system from Microsoft. It is part of suite of Microsoft SQL Server services, including SSAS (SQL Server Analysis Services) and SSIS (SQL Server Integration Services). Administered via a Web interface, it can be used to prepare and deliver a variety of interactive and printed reports. The SSRS service provides an interface into Microsoft Visual Studio so that developers as well as SQL administrators can connect to SQL databases and use SSRS tools to format SQL reports in many complex ways. It also provides a 'Report Builder' tool for less technical users to format SQL reports of lesser complexity. (Wikipedia)
Standards Specific mandatory controls that help enforce and support policies.
State record As defined by the Government Code, §441.180(11), any written, photographic, machine-readable, or other recorded information created or received by or on behalf of a state agency or an elected state official that documents activities in the conduct of state business or use of public resources. The term does not include library or museum material made or acquired and maintained solely for reference or exhibition purposes; an extra copy of recorded information maintained only for reference; or a stock of publications or blank forms. 
STM Service Tier Matrix (STM) defines the level of service provided for the defined TIER for the agency servers e.g. Platinum, Gold, Silver, Bronze, Utility.
STS DIR Shared Technology Services (previously DCS). Statewide shared services including data center, managed security, managed applications and e-commerce portal.
sudo Sudo stands for “superuser do,” and ships free with virtually every Unix and Linux operating system. When an administrator needs to perform a task that requires elevated rights, he or she prefaces the command with “su.” Sudo then checks a policy file, and if the requested command is approved, it is allowed. If it is not approved, the administrator is not allowed to execute the command.
SWLC Software License Compliance (SWLC) is a STS program managed by the MSI and implemented by the SCPs
SWMA An IBM Software Maintenance Agreement (SWMA) is an agreement between you and IBM to provide ongoing support to your IBM licensed software, including your operating system (OS/400), WebSphere Development Studio (RPG, COBOL, JAVA, etc.), iSeries Access (formerly known as Client Access), and Query/400.
SWOT A SWOT analysis (alternatively SWOT matrix) is a structured planning method used to evaluate the Strengths, Weaknesses, Opportunities, and Threats involved in a project or in a business venture. (Wikipedia)
T&M Time and Materials cost basis
T2 Texas Child Support Enforcement System 2.0
TAC Texas Administrative Code
TAC 202 Texas Administrative Code Chapter 202 – Information Security
TAP (port) Test Access Point (TAP) is a passive splitting mechanism installed between a ‘device of interest’ and the network. TAPs transmit both the send and receive data streams simultaneously on separate dedicated channels, ensuring all data arrives at the monitoring device in real time.
TBM Technology business management (TBM) uses people, process, technology, and data to create transformational IT initiatives that bring IT and the business closer together, all while better managing IT finance and operational costs.
TCO Total cost of ownership or operations (TCO) is a financial estimate intended to help buyers and owners determine the direct and indirect costs of a product or system. It is a management accounting concept that can be used in full cost accounting or even ecological economics where it includes social costs.
TDD Telecommunications Device for the Deaf (TDD)
TDE Transparent Data Encryption (TDE) is a technology employed by Microsoft, IBM and Oracle to encrypt database files. TDE offers encryption at file level. TDE solves the problem of protecting data at rest, encrypting databases both on the hard drive and consequently on backup media. It does not protect data in transit nor data in use. Enterprises typically employ TDE to solve compliance issues such as PCI DSS which require the protection of data at rest. (Wikipedia)
TechSG Technical Solutions Group (TechSG) An STS Governance Committee comprised of agency, vendor and DIR staff members to review and approve DIR Customer's technical requests that are usually an exception to or a request to modify or expand technical contract standards.
TEX-AN NG Texas Agency Network Next Generation (TEX-AN NG) Communications Technology Services program
TGC Texas Government Code (TGC) This code is enacted as a part of the state's continuing statutory revision program, begun by the Texas Legislative Council in 1963 as directed by the legislature in the law codified as Chapter 323 of this code. The program contemplates a topic-by-topic revision of the state's general and permanent statute law without substantive change. (FindLaw)
Threat Any circumstance or event with the potential to adversely impact organizational operations (including mission, functions, image, or reputation), organizational assets, or individuals.
TIME The Gartner TIME Framework is a comparative analysis that identifies applications—in the relative groups of Tolerate, Invest, Migrate, and Eliminate (TIME)—to help facilitate the prioritization of a portfolio and assist agencies in determining, “Where to start first.”
TIQS DCS Tools Infrastructure Query System (TIQS) scripted by the DCS Server SCP to pull in BigFix, SevOne, ADDM, CMDb, etc. into a central database for operations.
TKU Technology Knowledge Update (TKU) is the method used by BMC Atrium Discovery (ADDM) to distribute TPL (the pattern language) patterns that you can install. Software identification and versioning is provided by the TKU patterns.
Tlog The transaction log (TLOG) keeps track of global transactions during the commit phase. At the end of the first phase of a 2-phase commit protocol, the participants in a global transaction issue a reply to the question of whether to commit or roll back the transaction. This reply is recorded in the TLOG. (Oracle)
TLS Transport layer security (TLS) is a protocol that provides communication security between client/server applications that communicate with each other over the Internet. It enables privacy, integrity and protection for the data that's transmitted between different nodes on the Internet. TLS is a successor to the secure socket layer (SSL) protocol.
TnT Transition and Transformation (TnT) STS Milestone Payment (only used one time to initiate enterprise services, e.g. the initial vBlock chassis and blades were covered out of this one time milestone)
TOAS Texas Online Authentication Service (TOAS)
TOC The Theory of Constraints (TOC) is a thinking process that focuses on the weakest link in a process. By identifying the core problem, solution, and implementation of the solution for each successive weakest link, TOC supports continuous improvement (
TOSG Technical/Operational Support Group (TOSG) DCS Mainframe SCP Analyst
TPE Transaction Processing Engine (TPE) is the software used by the payment SCP to process credit card and Automated Clearing House (ACH) transactions.
TPL The Pattern Language, TPL, is used to describe applications, products and other real-world entities that have been modeled in BMC Atrium Discovery (ADDM). The core aim of the language is to make it easy to describe the most common structures to be modeled, while remaining powerful enough to describe the vast majority of modeling situations.
TPM Technology Policy Management
TPM Transaction Processing Monitor (TPM) A transaction processing monitor (TPM) is a program that monitors transactions from one stage to the next, ensuring that each one completes successfully; if not, or if an error occurs, the TM Monitor takes the appropriate action. A transaction processing monitor’s main purpose/objective is to allow resource sharing and assure optimal use of the resources by applications. (Techopedia)
TPM Technical Project Manager (TPM) STS SCP Solutioning, Closing, Workstream RFS/Refresh, Technology, CSM and other Project Managers
TPPG The DIR Technology Policy, Planning & Governance team provides Statewide policy and guidance in information resource management
TR&R Technology Refreshment and Replenishment (TR&R) STS Services are the activities associated with modernizing the IT infrastructure on a continual basis to ensure that the system components stay current with evolving industry-standard technology platforms.
TRFAR Temporary raised floor accesses for valid business reasons is granted or denied based on Data Center Site Support (approvers for temporary raised floor access requests) analysis of the Temporary Raised Floor Access Request (TRFAR) to validate the legitimacy of the request.
TRG Technical Recovery Guide (TRG) i.e., disaster recovery document; Specifications for service recovery in the event of DR.
TRUSTe True Ultimate Standards Everywhere, Inc. (TRUSTe) is a data privacy management (DPM) and TrustArc subsidiary that specializes in Internet privacy. It is best known for the TRUSTe logo as an online privacy seal, signifying that a website is safe and values the security of its user base. TRUSTe monitors, assesses and certifies websites as well as cloud and mobile applications for data privacy and security.
TSD Technical Specification Document (TSD) used for the STS innovation program.
TSDS The Texas Student Data System (TSDS), a major initiative by the Texas Education Agency, is a new statewide system that modernizes and improves the quality of data collection, management, and reporting in Texas education.
TSL Transport Layer Security (TLS) and its predecessor, Secure Sockets Layer (SSL), both of which are frequently referred to as 'SSL', are cryptographic protocols designed to provide communications security over a computer network. They use X.509 certificates and hence asymmetric cryptography to authenticate the counterpart with whom they are communicating, and to negotiate a symmetric session key. This session key is then used to encrypt data flowing between the parties. This allows for data/message confidentiality, and message authentication codes for message integrity and as a by-product, message authentication. Several versions of the protocols are in widespread use in applications such as web browsing, email, Internet faxing, instant messaging, and voice-over-IP (VoIP). An important property in this context is forward secrecy, so the short-term session key cannot be derived from the long-term asymmetric secret key.
TSM backups IBM Tivoli Storage Manager (TSM or ITSM) is a centralized, policy-based, enterprise class, data backup and recovery package.
TSO Time Sharing Option (TSO) is an interactive time-sharing environment for IBM mainframe operating systems, including OS/360 MVT, OS/VS2 (SVS), MVS, OS/390, and z/OS.
TSO DIR Technology Sourcing Office – Now referred to as the Chief Procurement Office (CPO).
TTL Time to live (TTL) or hop limit is a mechanism that limits the lifespan or lifetime of data in a computer or network. TTL may be implemented as a counter or timestamp attached to or embedded in the data. Once the prescribed event count or timespan has elapsed, data is discarded. (Wikipedia)
TVSS Transient Voltage Surge Suppressor (TVSS) The purpose of a TVSS is to eliminate or reduce damage to data processing equipment and other critical equipment by limiting transient (surge) voltages and currents (surges) on electrical circuits.
UAA Unmatched Audited Applications (UAA) - Any application that Software Organizer cannot match to a Standard Software Description once Software Organizer reconciliation has been run.
UAT User Acceptance/Acceptability Testing
UBA User Behavior Analytics
UC Unified communications (UC) is the integration of real-time communication services such as instant messaging (chat), presence information, telephony (including IP telephony), video conferencing, desktop sharing, data sharing (including web connected electronic interactive whiteboards), call control and speech recognition with non-real-time communication services such as unified messaging (integrated voicemail, e-mail, SMS and fax). UC is not necessarily a single product, but a set of products that provides a consistent unified user-interface and user-experience across multiple devices and media-types.
UC SAN certs Unified Communications (UC) Multi-Domain SSL Certificates have been developed primarily for use with Exchange, Lync, or Skype for Business Servers or environments where you need to secure multiple names across different domains. UC Multi-Domain SSL Certificates may use Subject Alternative Names (SANs) to secure 250 domains, websites or subdomains with one certificate. Subject Alternative Name (SAN) is an extension to X.509 that allows various values to be associated with a security certificate using a subjectAltName field. These values are called "Subject Alternative Names" (SANs). Names include: Email addresses IP addresses URIs DNS names (This is usually also provided as the Common Name RDV within the Subject field of the main certificate.) other names, as given as a General Name: a registered Object identifier followed by a value
UCaaS Unified Communications as a Service is a cloud provided integration of real-time communication services such as instant messaging (chat), presence information, telephony (including IP telephony), video conferencing, desktop sharing, data sharing (including web connected electronic interactive whiteboards), call control and speech recognition with non-real-time communication services such as unified messaging (integrated voicemail, e-mail, SMS and fax). UC is not necessarily a single product, but a set of products that provides a consistent unified user-interface and user-experience across multiple devices and media-types.
UEBA Because privileged access remains risky, more vendor Privileged Access Management (PAM) offerings will feature capabilities to review privileged activity like advanced session recording, intelligent playback, and User and Entity Behavior Analytics (UEBA)
ULN STS Unix, Linux and Novell servers (i.e., the non-Windows servers)
UPS An Uninterruptible Power Supply, also uninterruptible power source (UPS) is typically used to protect hardware such as computers, data centers, telecommunication equipment or other electrical equipment where an unexpected power disruption could cause injuries, fatalities, serious business disruption or data loss. UPS units range in size from units designed to protect a single computer without a video monitor (around 200 volt-ampere rating) to large units powering entire data centers or buildings. The world's largest UPS, the 46-megawatt Battery Electric Storage System (BESS), in Fairbanks, Alaska, powers the entire city and nearby rural communities during outages.
URL Uniform Resource Locator (web address)
User An individual, process, or automated application authorized to access an information resource in accordance with federal and state law, agency policy, and the information-owner's procedures and rules.
UTISI Unstructured text indexing, search and inference (UTISI) Gartner’s
vBlock vBlock systems consist of storage and provisioning from EMC, switches and servers from Cisco, and VMware virtualization software running on the servers. (Wikipedia)
VCAC VMWare’s vCloud Automation Center (vCAC) - depreciated by vRealize
VCE VCE is the VMware, Cisco, EMC (VCE) Coalition is a partnership between these 3 companies to work together to promote and accelerate the movement to cloud computing and fully virtualized environments. The VCE acronym has also been interpreted as "virtualization changes everything". The vBlock is the building block offered by VCE to help companies make this move to virtualization easier and faster (hyper converged architecture)
VCP5-DCV VMware Certified Professional on Data Center Virtualization (VCP5-DCV) certification
vCPU A vCPU stands for Virtual Central Processing Unit. One or more vCPUs are assigned to every Virtual Machine (VM) within a cloud environment. Each vCPU is seen as a single physical CPU core by the VM's operating system.
VDI Virtual Desktop Infrastructure (VDI) is virtualization technology that hosts a desktop operating system on a centralized server in a data center. VDI is a variation on the client-server computing model, sometimes referred to as server-based computing. The term was coined by VMware. (Wikipedia)
VDI Virtual Desktop Infrastructure (VDI) is software technology that separates the desktop environment and associated application software from the physical client device that is used to access it. (Wikipedia)
VHD Virtual Hard Drive- Just like a VHD in Hyper-V or Virtual PC, this binary file represents a complete virtual disk.
VILT Virtual instructor-led training (VILT) refers to training that is delivered in a virtual or simulated environment, or when instructor and learner are in separate locations. Virtual instruction environments are designed to simulate the traditional classroom or learning experience. VILT can be conducted synchronously or asynchronously. The term is also referred to as virtual classroom training (VCT).
VIO/VIOS (servers) Virtual Input/Output (VIO) is a technique used in IBM enterprise environments to lower costs, improve performance and make server management easy and simple. The virtual I/O methodology allows a single physical adapter card to be seen as multiple virtual network interface cards (NICs) and virtual host bus adapters (HBAs), which operate just like conventional NICs and HBAs.
Virtualization Creation of a virtual version of a server, storage, or network resource.
Virus A form of Malicious Software that can copy itself and infect a computer without the permission or knowledge of the User.   
VLAN Virtual Local Area Network
VLAN in the Cloud VLAN (Virtual LAN) in the Cloud provides standard supportable STS connectivity for CDC deployed applications to applications hosted in AWS or Azure.
VM Virtual Machine
VMAX The EMC VMAX is a family of SAN arrays designed for enterprise environments requiring large amounts of storage.
VMI Vendor-Managed Inventory
VNeM Virtual Network Management is a Hitachi term for the Hitachi content platform network environment
VNX EMC’s unified hybrid storage arrays. Combines flash, capacity, and application-aware software.
VoIP Voice over IP (VoIP) is a methodology and group of technologies for the delivery of voice communications and multimedia sessions over Internet Protocol (IP) networks, such as the Internet. Other terms commonly associated with VoIP are IP telephony, Internet telephony, broadband telephony, and broadband phone service.
VPAT Voluntary Product Accessibility Template (VPAT) related to section 508 of the Americans with Disabilities Act (ADA). DIR provides description for VPATs on its website.

Virtual Private Cloud (VPC) is an on-demand configurable pool of shared computing resources allocated within a public cloud environment, providing a certain level of isolation between the different organizations (denoted as users hereafter) using the resources (Wikipedia).

VPN Virtual Private Network
VPS Virtual Private Server (VPS), a form of mass-market hosting (e.g., Digital Ocean)
VR Virtual Reality (VR) an artificial environment which is experienced through sensory stimuli (such as sights and sounds) provided by a computer and in which one's actions partially determine what happens in the environment; also : the technology used to create or access a virtual reality (merriam-webster)
vRA VMware vRealize Automation (formerly vCloud Automation Center - vCAC) – (VMware)
VRF In IP-based computer networks, Virtual Routing and Forwarding (VRF) is a technology that allows multiple instances of a routing table to co-exist within the same router at the same time. Because the routing instances are independent, the same or overlapping IP addresses can be used without conflicting with each other. Network functionality is improved because network paths can be segmented without requiring multiple routers (Wikipedia)
vROps vRealize Operations Manager delivers intelligent operations management with application-to-storage visibility across physical, virtual, and cloud infrastructures (VMWare)
VSAT Very Small Aperture Terminal (VSAT) is a two-way satellite ground station with a dish antenna that is smaller than 3.8 meters. The majority of VSAT antennas range from 75 cm to 1.2 m. Data rates, in most cases, range from 4 kbit/s up to 16 Mbit/s. VSATs access satellites in geosynchronous orbit or geostationary orbit to relay data from small remote Earth stations (terminals) to other terminals (in mesh topology) or master Earth station "hubs" (in star topology). (Wikipedia)
VSE McAfee VirusScan Enterprise (VSE) (Replaced by McAfee end-point security) safeguards systems and files from viruses and other security risks. It detects and removes malware, and configures antivirus policies to manage quarantined items. - Real-time antivirus scanning ensures all systems, including remote locations, are protected from threats. - Guards against buffer-overflow exploits that target vulnerabilities in Microsoft applications. - Uses the McAfee ePolicy Orchestrator centralized management console to deploy policies, manage security alerts, and review automated reports. - Supported by McAfee Global Threat Intelligence, working 24/7 to protect against cyberthreats across all vectors.
VSM Value-Stream Mapping (VSM) is a lean-management method for analyzing the current state and designing a future state for the series of events that take a product or service from its beginning through to the customer with reduced lean wastes as compared to current map (wikipedia).
vSOM VMWare vSphere with Operations Management (vSOM) for capacity planning
VSS Volume Shadow Copy Service-based backup (VSS-based backup) is a Windows service that captures and creates snapshots called shadow copies. VSS, also known as Volume Snapshot Service, operates at the block level of the file system and enables virtual server backup in Microsoft environments. The VSS is a set of COM interfaces that implements a framework to allow volume backups to be performed while applications on a system continue to write to the volumes.
VTAM Virtual Telecommunications Access Method (VTAM) is the IBM subsystem that implements Systems Network Architecture (SNA) for mainframe environments. VTAM provides an application programming interface (API) for communication applications, and controls communication equipment such as adapters and controllers.
VTS Virtual Tape Storage (data domain)
Vulnerability Assessment A documented evaluation containing information described in §2054.077(b), Texas Government Code which includes the susceptibility of a particular system to a specific attack.
VUM Initially called “VMware Update Manager (VUM)”, the now renamed vSphere Update Manager (or VUM) is used to keep vSphere infrastructures up to date. Every commercial version of vSphere, (all the way down to vSphere Essentials) includes VUM, but vCenter is a required component.
VVol Virtual Volumes (VVol) is an integration framework to make 3rd party storage systems VM-aware and thereby enables control over native storage capabilities using the VMware control plane for Storage Policy-Based Management
W3C World Wide Web Consortium (W3C) is the main international standards organization for the World Wide Web
WAAS Cisco Wide Area Application Services (WAAS) is technology developed by Cisco Systems that optimizes the performance of any TCP-based application operating in a wide area network (WAN) environment while preserving and strengthening branch security. WAAS combines WAN optimization, acceleration of TCP-based applications, and Cisco's Wide Area File Services (WAFS) in a single appliance or blade (Wikipedia)
WAF(s) Web Application Firewall (WAF) filters, monitors, and blocks HTTP traffic to and from a web application. A WAF is differentiated from a regular firewall in that a WAF is able to filter the content of specific web applications while regular firewalls serve as a safety gate between servers. By inspecting HTTP traffic, it can prevent attacks stemming from web application security flaws, such as SQL injection, cross-site scripting (XSS), file inclusion, and security misconfigurations (Wikipedia)
WAM Web Access Management
WAN Wide Area Network
WBEM Web-Based Enterprise Management (WBEM) is a set of specifications published by DMTF that define how resources modeled using the DMTF’s Common Information Model (CIM) can be discovered, accessed and manipulated. WBEM provides the ability for the industry to deliver a well-integrated set of standard-based management tools, facilitating the exchange of data across otherwise disparate technologies and platforms. (DMTF)
WCAG Web Content Accessibility Guidelines (WCAG) -   Part of a series of web accessibility guidelines published by the Web Accessibility Initiative (WAI) of the World Wide Web Consortium (W3C), the main international standards organization for the Internet. They are a set of guidelines that specify how to make content accessible, primarily for people with disabilities—but also for all user agents, including highly limited devices, such as mobile phones. The current version, WCAG 2.0, was published in December 2008 and became an ISO standard, ISO/IEC 40500:2012 in October 2012.
WebDAV Web Distributed Authoring and Versioning (WebDAV) is an extension of the Hypertext Transfer Protocol (HTTP)
WEP / WPA(2) Wired Equivalent Privacy (WEP) was first released as a portion of the IEEE 802.11 standard in 1999. Its security was deemed to be the equivalent of any wired medium, hence its name. As the years passed, WEP was deemed broken, and it has since been replaced by two other iterations of wireless security protocols, Wi-Fi Protected Access (WPA) and WPA2.
WiDEN Wideband Integrated Dispatch Enhanced Network (WiDEN) was a software enhancement for the iDEN enhanced specialized mobile radio (ESMR) wireless telephony protocol, both developed by Motorola. WiDEN enabled compatible subscriber units to communicate using four combined 25-kHz channels, resulting in up to 100 kbits/s of bandwidth. WiDEN was generally regarded as a 2.5G wireless cellular technology.
WIP Work in Progress (WIP)
WIPS Wireless Intrusion Prevention System (WIPS) prevents unauthorized network access by monitoring a radio spectrum and looking for unusual network activity.
WITO Walk In -Take Over (WITO) - The transitioning contract period between current vendors and new vendors where the incoming vendors are contracted for "keeping the lights on" to maintain essential service operations, prior to the new contract commencement.
WMI Windows Management Instrumentation (WMI) is Microsoft's implementation of the Web-Based Enterprise Management (WBEM) and Common Information Model (CIM) standards from the Distributed Management Task Force (DMTF).
Worm A self-replicating computer program that performs specific tasks. Worms are often used as Malicious Software.
WORM Write-Once, Read-Many (WORM) storage
WRT Work Recovery Time (WRT) determines the maximum tolerable amount of time that is needed to verify the system and/or data integrity. This could be, for example, checking the databases and logs, making sure the applications or services are running and are available (Default Reasoning).
WSUS Windows Server Update Services (WSUS), previously known as Software Update Services (SUS), is a computer program developed by Microsoft Corporation that enables administrators to manage the distribution of updates and hotfixes released for Microsoft products to computers in a corporate environment. WSUS downloads these updates from the Microsoft Update website and then distributes them to computers on a network. WSUS runs on Windows Server and is free to licensed Microsoft customers.
WWN/WWID World Wide Name (WWN) is a unique identifier assigned by the Institute of Electrical and Electronics Engineers (IEEE) to the manufacturers of network storage products. A manufacturer must include a WWN with all network storage devices. WWN is also known as World Wide Identifier (WWID).
XaaS Anything-as-a-Service (XaaS) refers to the growing diversity of services available over the Internet via cloud computing as opposed to being provided locally, or on premises. Also known as everything-as-a-service, anything-as-a-service reflects the vast potential for on-demand cloud services and is already being heavily marketed and promoted by companies like VMware and HP.
XACML eXtensible Access Control Markup Language (XACML) is an OASIS standard that describes both a policy language and an access control decision request/response language (both written in XML). The policy language is used to describe general access control requirements, and has standard extension points for defining new functions, data types, combining logic, etc.
XML eXtensible Markup Language (XML) XML stands for eXtensible Markup Language. XML was designed to store and transport data. XML was designed to be both human- and machine-readable. (w3schools)
XMPP Extensible Messaging and Presence Protocol (XMPP) is an open XML technology for real-time communication, which powers a wide range of applications.
Zero-day Zero-day (also known as Zero-hour or 0-day) vulnerability is an undisclosed and uncorrected computer application vulnerability that could be exploited to adversely affect the computer programs, data, additional computers or a network. It is known as a "zero-day" because once a flaw becomes known, the programmer or developer has zero days to fix it. Zero-day exploits are attempted before or on the day notice of the vulnerability is released to the public; sometimes before the author is aware or has developed and made available corrected code. Zero-day attacks are a severe threat.
IT Solutions and Services

About File Formats

Some documents on this page are in the PDF format. Please download the Adobe Reader in order to view these documents.