IT Glossary

The selective restriction of access to resources, ensuring that only authorised users can access specific data, systems, or facilities.

A long-lived team of Agile teams (typically 50–125 people) that incrementally develops, delivers, and operates one or more solutions in a value stream.

The practice of ensuring that services deliver agreed levels of availability to meet the needs of customers and users.

A deployment strategy that maintains two identical production environments (blue and green), with traffic switched between them during releases.

A graphical representation of work remaining versus time in a Sprint or release, showing whether the team is on track to complete all committed work.

A deployment technique that rolls out changes to a small subset of users before making the change available to the entire user base.

The practice of ensuring that services achieve agreed and expected performance levels, satisfying current and future demand cost-effectively.

A group of people that supports the assessment, prioritisation, authorisation, and scheduling of changes.

The practice of ensuring that risks are properly assessed, changes are authorised, and the change schedule is managed to maximise successful service and product changes.

Continuous Integration and Continuous Delivery/Deployment — the practice of automating code integration, testing, and deployment to deliver software changes frequently and reliably.

The three fundamental security principles: Confidentiality (protecting data from unauthorised access), Integrity (ensuring data accuracy), and Availability (ensuring data is accessible when needed).

An approach to building and running applications that fully exploits the advantages of cloud computing — including containers, microservices, and dynamic orchestration.

Configuration Management Database — a repository that stores information about all Configuration Items (CIs) and their relationships within the IT infrastructure.

Control Objectives for Information and Related Technologies — ISACA's framework for enterprise IT governance and management.

The act of adhering to laws, regulations, standards, and internal policies that govern an organisation's operations and information handling.

The practice of ensuring accurate and reliable information about the configuration of services and the CIs that support them is available when needed.

A lightweight virtualisation method that packages an application and its dependencies together, ensuring consistent behaviour across different computing environments.

An ongoing organisational activity to identify and implement improvements to services, practices, processes, and the overall Service Value System.

A schedule analysis technique that determines the longest path through the project network diagram, establishing the minimum project duration.

A 15-minute time-boxed event for the Developers to inspect progress toward the Sprint Goal and adapt the Sprint Backlog as necessary.

A shared understanding of what it means for work to be complete — the quality standard that must be met for a product Increment to be releasable.

Any unique and verifiable product, result, or capability produced to complete a process, phase, or project.

The practice of moving new or changed hardware, software, documentation, or any other component to live environments.

An open-source platform for building, shipping, and running applications in lightweight, portable containers.

An integrated project management methodology that combines scope, schedule, and cost data to assess project performance and progress.

A change that must be introduced as soon as possible to resolve a major incident, security breach, or critical business issue.

The extension of IT Service Management principles and capabilities to non-IT business functions such as HR, facilities, finance, and legal.

A large body of work that can be broken down into smaller user stories — too big to complete in a single Sprint.

The process of moving an incident, problem, or issue to a higher level of expertise (functional escalation) or authority (hierarchical escalation).

A technique that allows teams to modify system behaviour without deploying new code — enabling or disabling features through configuration.

The four perspectives that must be considered for effective service management: Organisations & People, Information & Technology, Partners & Suppliers, and Value Streams & Processes.

A horizontal bar chart that illustrates a project schedule, showing tasks, durations, dependencies, milestones, and the current status of each activity.

General Data Protection Regulation — the European Union regulation governing the collection, processing, storage, and transfer of personal data of EU residents.

An operational framework that uses Git as the single source of truth for declarative infrastructure and application configurations.

The means by which an organisation is directed, controlled, and held accountable. In IT, it ensures technology investments align with business strategy.

Seven universal recommendations in ITIL® 5 that guide an organisation's decision-making in all circumstances regardless of changes in goals, strategies, or structure.

The practice of restoring normal service operation as quickly as possible after an unplanned interruption or reduction in quality.

The practice of managing and provisioning computing infrastructure through machine-readable configuration files rather than manual processes.

The international standard for Information Security Management Systems (ISMS), specifying requirements for establishing, implementing, maintaining, and continually improving information security.

The practice of planning and managing the full lifecycle of all IT assets to maximise value, control costs, manage risks, and support decision-making.

Information Technology Infrastructure Library — the world's most widely adopted framework for IT Service Management, currently in version 5.

IT Service Management — the discipline of designing, delivering, managing, and improving IT services to meet the needs of an organisation and its customers.

A visual workflow management method that focuses on continuous flow, limiting work in progress, and optimising the flow of value through the system.

The practice of maintaining and improving the effective, efficient, and convenient use of information and knowledge across the organisation.

A problem that has a documented root cause and a workaround — recorded in the Known Error Database (KEDB).

An open-source container orchestration platform that automates deployment, scaling, and management of containerised applications.

A management philosophy focused on maximising customer value while minimising waste — doing more with less.

An incident with significant business impact that requires an immediate coordinated response beyond the standard incident management process.

A framework that describes the progression of an organisation's capabilities from initial/ad-hoc levels to optimised/continuous improvement levels.

An architectural approach where an application is built as a collection of small, independently deployable services, each owning its own data and business logic.

A significant point or event in a project timeline that marks the completion of a major phase, deliverable, or decision point.

The practice of systematically observing services and service components, and recording and reporting selected changes of state identified as events.

Mean Time Between Failures — the average time between service or component failures, indicating the reliability of a system.

Mean Time to Repair — the average time taken to restore a service or component after a failure, measured from detection to resolution.

A cloud strategy that uses services from multiple cloud providers (e.g., AWS, Azure, GCP) to avoid vendor lock-in and optimise for cost, performance, or compliance.

The ability to understand the internal state of a system by examining its external outputs — typically through logs, metrics, and traces.

An agreement between an IT service provider and another part of the same organisation that assists in providing a service.

An authorised simulated attack on a computer system to evaluate its security — identifying vulnerabilities before malicious attackers can exploit them.

Programme Increment Planning — a cadence-based, face-to-face event that aligns all teams on an Agile Release Train to a shared mission and plan.

The discipline of designing and building internal developer platforms (IDPs) that enable self-service capabilities for software development teams.

The centralised management of one or more portfolios of projects, programmes, and operations to achieve strategic business objectives.

A framework that combines impact and urgency to determine the priority of an incident, which in turn dictates the response and resolution targets.

The practice of identifying and managing the root causes of incidents to prevent recurrence and minimise the impact of incidents that cannot be prevented.

An ordered list of everything that is known to be needed in the product — the single source of requirements for any changes to the product.

The accountability in Scrum responsible for maximising the value of the product by managing and ordering the Product Backlog.

The coordinated management of a group of related projects and activities to obtain benefits and control not available from managing them individually.

A document issued by the project sponsor that formally authorises the existence of a project and provides the project manager with authority to apply resources.

A responsibility assignment matrix that defines who is Responsible, Accountable, Consulted, and Informed for each task or deliverable.

The practice of making new and changed services and features available for use, ensuring they are deployed smoothly and deliver expected value.

The systematic process of identifying, analysing, and evaluating risks to determine their likelihood, impact, and priority for treatment.

A document that records identified risks, their analysis results, planned responses, and current status throughout the project lifecycle.

A systematic investigation technique used to identify the fundamental underlying cause of an incident or problem.

Scaled Agile Framework — an enterprise-level framework for scaling Agile and Lean practices across large organisations with multiple teams.

The uncontrolled expansion of project scope without corresponding adjustments to time, cost, and resources — often caused by poor change control.

A lightweight Agile framework for developing, delivering, and sustaining complex products through iterative, incremental work cadences called Sprints.

The accountability in Scrum responsible for ensuring the team follows Scrum practices, removing impediments, and coaching the team toward self-management.

A web-based interface that enables users to log incidents, submit service requests, search knowledge bases, and track the status of their issues without contacting the service desk.

A database or structured document with information about all live IT services, including those available for deployment.

The practice of ensuring that the availability and performance of a service is maintained at sufficient levels in case of a disaster.

The single point of contact between the service provider and users for all communication regarding service requests, incidents, and general information.

A documented agreement between a service provider and a customer that identifies services required and the expected level of service.

The practice of setting clear business-based targets for service performance and ensuring delivery against those targets through monitoring, reporting, and review.

The complete set of services managed by a service provider — including services in the pipeline, live services, and retired services.

The practice of handling all pre-defined, user-initiated service requests — such as access requests, information requests, and standard provisions.

The central operating model within the Service Value System, consisting of six interconnected activities that transform demand into value.

The overarching model in ITIL® 5 that describes how all components and activities work together to create value through IT-enabled services.

Service Integration and Management — a methodology for managing multiple service providers and integrating them to provide a single business-facing IT organisation.

An engineering discipline that applies software engineering practices to infrastructure and operations problems to create scalable and reliable systems.

System and Organization Controls 2 — an auditing standard that evaluates a service organisation's controls for security, availability, processing integrity, confidentiality, and privacy.

A fixed-length iteration in Scrum (typically 1–4 weeks) during which a potentially releasable product Increment is created.

A Scrum event where the team defines the Sprint Goal, selects Product Backlog items, and creates a plan for delivering the Sprint Increment.

A Scrum event where the team inspects how the last Sprint went with regard to people, relationships, processes, and tools, and identifies improvements.

A Scrum event held at the end of the Sprint to inspect the Increment and adapt the Product Backlog based on stakeholder feedback.

The practice of identifying, analysing, planning, and engaging with individuals or groups who can affect or be affected by the project.

A pre-authorised, low-risk, relatively common change that follows a documented procedure and does not require additional change authorisation.

A unit of measure for expressing the overall effort, complexity, and uncertainty of implementing a Product Backlog item.

The practice of ensuring that the organisation's suppliers and their performance are managed appropriately to support the provision of seamless, quality services.

A short, simple description of a feature or requirement told from the perspective of the end user who desires the new capability.

The functionality offered by a product or service to meet a particular need — what the service does. Also known as 'fitness for purpose'.

The principle that value is created through the active collaboration between service providers and service consumers — not delivered unilaterally.

The series of steps an organisation undertakes to create and deliver products and services to consumers — from demand to value realisation.

The amount of work a Scrum team completes in a Sprint, typically measured in story points or number of items completed.

Assurance that a product or service will meet agreed requirements — typically covering availability, capacity, security, and continuity. Also known as 'fitness for use'.

A hierarchical decomposition of the total scope of work to be carried out by the project team to accomplish project objectives and create required deliverables.

A temporary solution that reduces or eliminates the impact of an incident or problem for which a full resolution is not yet available.

A security model that assumes no user, device, or network should be automatically trusted — requiring continuous verification for every access request.