IT Manager's Handbook: Getting Your New Job Done (75 page)

Microblogging:
small text or multimedia messages sent to subscriber lists.

Middleware:
software that connects other software.

Milestone:
a point in a project that represents the completion of an important sequence of key tasks and activities.

Millennials:
(“Generation Y”) people born between 1981 and 2000.

Mission statement:
explains the fundamental purpose of the company or organization.

Mobile device management (MDM):
tools that provide capabilities like device and app inventory, feature lockdown, device configuration, remote lock and wipe, encryption, extensive logging.

Multiple Tier Licensing:
a software licensing model that licenses the server portion of an application as well as the client portion.

Multiple Use Licensing:
a software licensing model that allows an individual software license to be used on more than one device. Additional device(s) typically refers to a laptop computer or a home computer.

N

Network Access Control (NAC):
solution for granting access to network resources based upon authentication of the user and the device.

Non-Perpetual Licensing (Subscription licenses, Annual licenses, Renewal licenses):
a software licensing model that requires the license to be renewed periodically, typically on an annual basis.

O

Object-Oriented Programming (OOP):
a methodology or a method that defines how you write a software program in a very specific way. Rather than have a series of commands that specify certain actions, objects interact with each other. C++ is an object-oriented programming language; C is not.

OCTAVE (Operationally Critical Threat, Asset, and Vulnerability Evaluation):
a method of performing a risk analysis developed by CERT.

OFAC (Office of Foreign Assets Control):
part of the U.S. Department of Treasury that administers and enforces economic sanctions programs primarily against countries and groups of individuals, such as terrorists and narcotics traffickers.

Off-shore Outsourcing:
the process of a domestic company arranging with one or more overseas third parties to provide services that the first company could provide but chose not to.

OLTP:
Online Transaction Processing.

On-demand computing:
providing computing resources as they are needed, as opposed to the traditional full-time basis. Also sometimes referred to as “utility computing.” Usually associated with cloud computing.

Open Source Software (OSS):
software created by the worldwide user community. Open source software is generally free, can be modified by anyone, and usually doesn't have any single “owner.”

Operating system:
software that manages computer hardware and resources, and provides common services for applications to run. Examples include Mac OS, Linux, Windows, Android, iOS, etc.

Operating expense:
a financial expenditure for something whose value is gone in a short period of time, typically less than a year. Also used for items that have a longer life, but are relatively inexpensive (below a threshold set by Accounting).

Operating lease:
a lease for the rental of equipment for specified periods of time that are shorter than the total expected service lives of that equipment, and where ownership of the equipment is held by lessor during and after the lease.

OSS (Open Source Software):
software created by the worldwide user community. Open source software is generally free, can be modified by anyone, and usually doesn't have any single “owner.”

Outsourcing:
the process of a company arranging with one or more third parties to provide services that the first company could provide but chose not to.

P

Page hijacker:
a form of malware that changes a browser's default home settings, search settings, and such to point to other sites.

Patriot Act:
U.S. legislation that has a number of requirements for financial institutions in regard to verifying customers' identities and determining whether the customer appears on any list of known or suspected terrorists or terrorist organizations.

PD (Position Description):
detailed description of a specific role in the company.

PDCA (Plan, Do, Check, Act):
continuous improvement cycle originally developed by Walter Shewhart in the 1930s.

Per seat licensing:
a software licensing model that requires a license for any user connecting to an application.

Per server licensing:
a software licensing model that requires a license for any server running an application.

Perpetual licenses:
a licensing model where the licenses are purchased outright and don't have to be periodically renewed.

PERT chart:
a type of chart used in project management, where tasks are represented as circles, and arrows between tasks are used to show the sequence and task dependencies.

PGP (Pretty Good Privacy):
data encryption method.

Phishing:
the process of trying to obtain confidential information (e.g., credit card numbers, passwords, social security numbers, bank account numbers, etc.) by sending e-mails that appear to be from legitimate organizations but are in fact fraudulent.

PII (Personal Identifying Information):
term used frequently in a number of compliance regulations and legislations to refer to types of protected information.

PIPEDA (Personal Information Protection and Electronic Documents Act):
a Canadian law that regulates the collection, use, and disclosure of personally identifiable information.

PKI (Public Key Infrastructure):
enables users to securely exchange data through the use of a public and a private cryptographic key pair that is obtained and shared through a trusted authority.

Plan, Do, Check, Act (PDCA):
a continuous improvement methodology.

Platform as a Service (PaaS):
delivery of an application development platform (hardware and software) from a third party via the Internet without having to buy and manage these resources.

PMBOK (Project Management Book of Knowledge):
globally recognized standard for Project Management, from the Project Management Institute (PMI), which provides practices, tools, and techniques that can be used in most projects.

PMO (Project Management Office):
a function that oversees all projects within an organization. Responsibilities may also include setting standards (like for methodologies, document formats, etc.), defining best practices, etc.

PMP (Project Management Professional):
a certification awarded by the Project Management Institute to individuals who have met the established minimum requirements in knowledge, education, experience, and service in the discipline of project management.

Podcasting:
making digital media files available for download and playing.

Position Description (PD):
a relatively detailed description of a specific job function.

Pretty Good Privacy (PGP):
data encryption method.

Privacy and Electronic Communications Directive:
the European Union's directive that covers many aspects of electronic communications such as security of data and networks and guaranteeing the privacy of communications.

Private cloud:
the leveraging of very large IT environments to essentially offer on-demand/cloud-like offerings to their internal customers and subsidiaries, as a way to provide services in a more efficient, flexible, and scalable manner.

Productivity tools:
common desktop applications such as word processing, spreadsheets, and presentation. Productivity tools are either sold in suites or as stand-alone components.

Project charter:
a project management document that defines a project scope, objectives, benefits, assumptions, etc. May also identify team assignments, project sponsor, time and cost estimates and constraints, and areas that are out of scope.

Project Management Book of Knowledge (PMBOK):
globally recognized standard for Project Management, from the Project Management Institute (PMI), which provides practices, tools, and techniques that can be used in most projects.

Project Management Institute (PMI):
a professional association for project management professionals.

Project Management Office (PMO):
a function that oversees all projects within an organization. Responsibilities may also include setting standards (like for methodologies, document formats, etc.), defining best practices, and so on.

Project Management Professional (PMP):
a certification awarded by the Project Management Institute to individuals who have met the established minimum requirements in knowledge, education, experience, and service in the discipline of project management.

Project manager (PM):
the person responsible for completing the project on time, within budget, and to an agreed scope.

Project milestones:
significant events or the completion of a phase within a project.

Project plan:
documentation of a project's projected activities including timing, resource assignments, assumptions, constraints, costs, etc.

Project sponsor:
the individual whose support and approval is required for a project to start and continue. May also be the person who initially proposed the project.

Project stakeholder:
any individual or organization who may be affected by a project and/or benefit from it.

Public cloud:
cloud services that are available to any individual or organization to use, for a fee.

R

Recovery Point Objective (RPO):
in disaster recovery planning, the age, or “freshness,” of the data available to be restored in a disaster scenario.

Recovery Time Objective (RTO):
in disaster recovery planning, the expected amount of time between the disaster, and when services are restored.

Renewal licensing:
a software licensing model that requires the license to be renewed periodically, typically on an annual basis.

Request for Information (RFI):
a document issued to potential suppliers and vendors to enable them to determine if they can meet the requirements of a project.

Request for Proposal (RFP):
document issued to suppliers asking them to submit detailed proposals pricing and other information.

Request for Quotation (RFQ):
document issued to suppliers asking them to submit detailed proposals pricing and other information.

Return on Investment (ROI):
a calculation of the net benefits of a project against the total costs.

RFI (Request for Information):
a document issued to potential suppliers and vendors to enable them to determine if they can meet the requirements of a project. The RFI helps narrow down the list of vendors that would get the RFP.

RFID (Radio Frequency Identification):
technology used to identify and track items (e.g., inventory, consumer products) using very small components known as “tags”.

RFP (Request for Proposal):
document issued to suppliers asking them to submit detailed proposals pricing and other information.

RFQ (Request for Quotation):
document issued to suppliers asking them to submit detailed proposals pricing and other information.

ROI (Return on Investment):
Return on Investment.

Rootkits:
a form of malware that is particularly difficult to detect because they are activated before the operating system.

RPO (Recovery Point Objective):
in disaster recovery planning, the age, or “freshness,” of the data available to be restored in a disaster scenario.

RTO (Recovery Time Objective):
in disaster recovery planning, the expected amount of time between the disaster, and when services are restored.

Rule of Least Privilege:
users should be granted only the least amount of access to the system, and for the least amount of time necessary, as is authorized and required for their job.

S

SaaS (Software as a Service):
a software deployment model where a provider licenses an application to customers for use over the Internet, without requiring purchase and installation of the licenses.

Sarbanes–Oxley:
law passed by the U.S. Congress to regulate the integrity of financial statements.

SB-1386:
California state law requiring organizations that maintain personal information about individuals to inform those individuals if the security of their information is compromised.

SCAMPI (Standard CMMI Appraisal Method for Process Improvement):
appraisal process for the CMMI process improvement methodology.

Scope Creep:
adding features and functionality (project scope) without addressing the effects on time, costs, and resources, or without customer approval.

Search Engine Optimization (SEO):
techniques to help ensure that a web site appears as close to the first position on a web search results page as possible.

Security Incident Response Team (SIRT):
a formal group assembled within a company to respond to security breaches.

SEO (Search Engine Optimization):
techniques to help ensure that a web site appears as close to the first position on a web search results page as possible.

Service Level Agreement (SLA):
a statement to customers or the user community about the service the IT department will provide. It can refer to a variety of metrics, such as performance, up-time, resolution time, and so on.