CIO Definitions

This glossary explains the meaning of key words and phrases that information technology (IT) and business professionals use when discussing CIO strategy and related software products. You can find additional definitions by visiting WhatIs.com or using the search box below.

Search Definitions
  • P

    project post-mortem

    Project post-mortem is a process intended to inform project improvements by determining aspects that were successful or unsuccessful.

  • project scope

    Project scope is the part of project planning that involves determining and documenting a list of specific project goals, deliverables, tasks, costs and deadlines.

  • proof of concept (POC)

    A proof of concept (POC) is an exercise in which work is focused on determining whether an idea can be turned into a reality.

  • Prototyping Model

    The prototyping model is a systems development method in which a prototype is built, tested and then reworked as necessary until an acceptable outcome is achieved from which the complete system or product can be developed. table prototype is finally achieved.

  • public data

    Public data is information that can be freely used, reused and redistributed by anyone with no existing local, national or international legal restrictions on access or usage.

  • Q

    qualitative data

    Qualitative data is information that cannot be counted, measured or easily expressed using numbers. It is collected from text, audio and images and shared through data visualization tools, such as word clouds, concept maps, graph databases, timelines and infographics.

  • R

    radical innovation

    Radical innovation refers to an invention that represents something new to the world. Radical innovations typically carry more risk, promise greater reward and are more disruptive than incremental innovations, which in general improve upon something that already exists.

  • rainmaker (business)

    A rainmaker is an individual who generates an unusually high amount of revenue for an organization by bringing new clients and new business to the company.

  • Red Flags Rule (RFR)

    The Red Flags Rule (RFR) is a set of United States federal regulations that require certain businesses and organizations to develop and implement documented plans to protect consumers from identity theft.

  • Reddit

    Reddit is a social news website and forum where content is socially curated and promoted by site members through voting.

  • RegTech

    RegTech, or regulatory technology, is a term used to describe technology that is used to help streamline the process of regulatory compliance.

  • Regulation Fair Disclosure (Regulation FD or Reg FD)

    Regulation Fair Disclosure is a rule passed by the U.S. Securities and Exchange Commission that aims to prevent selective disclosure of information by requiring publicly traded companies to make public disclosure of material, nonpublic information.

  • Regulation SCI (Regulation Systems Compliance and Integrity)

    Regulation SCI is a set of compliance rules designed by the SEC to monitor and regulate the technology infrastructure of U.S. securities markets.

  • regulatory compliance

    Regulatory compliance is an organization's adherence to laws, regulations, guidelines and specifications relevant to its business processes.

  • repeatable process

    A repeatable process is a set of actions that allow for a more efficient use of limited resources and reduce unwanted variation during the development and implementation of various projects.

  • reshoring

    Reshoring is the practice of bringing outsourced personnel and services back to the location from which they were originally offshored. 

  • resource allocation

    Resource allocation is the process of assigning and managing assets in a manner that supports an organization's strategic planning goals.

  • reverse mentoring

    Reverse mentoring is a management practice in which a senior employee seeks to gain business insights from a less experienced, often younger employee.

  • rightsourcing

    Rightsourcing is selecting the best way to procure a service and deciding whether a company is best served by performing a business requirement in-house (insourcing) or contracting it out to a third-part service provider (outsourcing).  Rightsourcing literally means "choosing the correct source."

  • risk assessment framework (RAF)

    A risk assessment framework (RAF) is a strategy for prioritizing and sharing information about the security risks to an information technology (IT) infrastructure.

  • risk intelligence (RQ)

    Risk intelligence (RQ) is a term used to describe predictions made around uncertainties and future threat probabilities.

  • Risk Management Framework (RMF)

    The Risk Management Framework (RMF) is a template and guideline used by companies to identify, eliminate and minimize risks.

  • risk management specialist

    A risk management specialist is a role appointed within organizations to identify potential risks that might negatively affect the business.

  • robotic process automation (RPA)

    Robotic process automation (RPA) is a technology that mimics the way humans interact with software to perform high-volume, repeatable tasks.

  • rogue IT

    Rogue IT is the use of unsanctioned information technology resources within an organization. 

  • ROI (return on investment)

    Return on investment, or ROI, is a mathematical formula that investors can use to evaluate their investments and judge how well a particular investment has performed compared to others.

  • S

    Sarbanes-Oxley Act

    The Sarbanes-Oxley Act of 2002 is a federal law that established sweeping auditing and financial regulations for public companies.

  • Sarbanes-Oxley Act (SOX) Section 404

    Sarbanes-Oxley Act (SOX) Section 404 mandates that all publicly traded companies must establish internal controls and procedures for financial reporting and must document, test, and maintain those controls and procedures to ensure their effectiveness.

  • Securities and Exchange Act of 1934 (Exchange Act)

    The Securities and Exchange Act of 1934 (Exchange Act) is a law that governs secondary trading and stock exchanges.

  • security audit

    A security audit is a systematic evaluation of the security of a company's information system by measuring how well it conforms to an established set of criteria.

  • selective outsourcing

    Selective outsourcing is a targeted sourcing strategy that relies upon sending very specific functions and work off-premises while keeping other functions on-premises.

  • servant leadership

    Servant leadership is a leadership philosophy built on the belief that the most effective leaders strive to serve others, rather than accrue power or take control.

  • shared services

    Shared services is the consolidation of business operations that are used by multiple parts of the same organization.  

  • sharing economy

    The sharing economy, also known as collaborative consumption or peer-to-peer-based sharing, is a concept that highlights the ability -- and perhaps the preference -- of individuals to rent or borrow goods rather than buy and own them.

  • Silicon Valley

    Silicon Valley is home to some of the world's largest technology corporations and thousands of technology-related startup companies.

  • SIPOC diagram (suppliers, inputs, process, outputs, customers)

    A SIPOC (suppliers, inputs, process, outputs, customers) diagram is a visual tool for documenting a business process from beginning to end prior to implementation.

  • situational leadership

    Situational leadership is based on the belief that there is no single way to direct people; successful leaders will adapt the way they lead to the needs and abilities of their employees.

  • Six Sigma

    Six Sigma is a business methodology for quality improvement that measures how many defects there are in a current process and seeks to systematically eliminate them.

  • SkunkWorks project (Skunk Works)

    A skunk works is a small group of people who work on a project that needs to be completed quickly. The group's purpose is to develop something quickly with minimal management constraints.

  • SMAC (social, mobile, analytics and cloud)

    SMAC (social, mobile, analytics and cloud) is the concept that the convergence of four technologies is currently driving business innovation.

  • smart contract

    A smart contract is a decentralized application that executes business logic in response to events.

  • smart machines

    A smart machine is a device embedded with machine-to-machine (M2M) and/or cognitive computing technologies such as artificial intelligence (AI), machine learning or deep learning, all of which it uses to reason, problem-solve, make decisions and even, ultimately, take action.

  • smart process applications (smart process apps)

    A smart process application is software that is designed to support an organization's business process management (BPM) efforts in a collaborative manner.

  • Social media management software (SMMS)

    Social media management software (SMMS) is a tool that allows organizations to monitor and analyze online conversations from different communication channels.

  • social network

    A social network, in technology parlance, is a website or other application where people, often of similar interests, come together to communicate with each other and share information including photos, videos, audio and written messages.

  • social shopping

    Social shopping is a type of e-commerce that seeks to involve people with similar tastes in an online shopping experience.

  • soft skills

    A soft skill is a personal attribute that supports situational awareness and enhances an individual's ability to get a job done. The term soft skills is often used as a synonym for people skills or emotional intelligence.

  • software license

    A software license is a document that provides legally binding guidelines for the use and distribution of software.

  • spoliation

    Spoliation is the destruction, alteration, or mutilation of evidence that may pertain to legal action. (Continued)

  • stakeholder

    A stakeholder is a person or group who has an interest -- vested or otherwise -- in an enterprise and whose support is required in order for an enterprise to be successful.

  • startup accelerator

    A startup accelerator, sometimes referred to as a seed accelerator, is a business program that supports early-stage, growth-driven companies through education, mentorship and financing.

  • startup company

    A startup company is a newly formed business with particular momentum behind it based on perceived demand for its product or service.

  • startup culture

    Startup culture refers to how people within a new business, or startup, work together.

  • steering committee

    A steering committee is a group of high-level advisors who have been appointed to provide an organization or project with direction.

  • strategic innovation

    Strategic innovation is a company's process of reinventing its corporate strategy to encourage growth, create value for the company and its customers, and gain competitive differentiation.

  • strategic leadership

    Strategic leadership is a practice in which executives, using different styles of management, develop a vision for their organization that enables it to adapt to or remain competitive in a changing economic and technological climate.

  • strategic management

    Strategic management is the ongoing planning, monitoring, analysis and assessment of all necessities an organization needs to meet its goals and objectives.

  • strategic planning

    Strategic planning is a process in which an organization's leaders define their vision for the future and identify their organization's goals and objectives.

  • sunk cost (SC)

    A sunk cost is money that has already been spent and cannot be recovered. Logic dictates that because sunk costs will not change -- no matter what actions are taken -- they should not play a role in decision-making. Emotionally, however, the more someone invests time, effort and money on something, the harder it becomes to leave it and move on.

  • Superdome

    Superdome is a high-end 64-bit, Hewlett Packard Enterprise (HPE) PA-8600 processor-based UNIX server designed for e-commerce customers using very large databases.

  • sustainability risk management (SRM)

    Sustainability risk management (SRM) is a business strategy that aligns profit goals with a company's environmental policies.

  • SWOT analysis (strengths, weaknesses, opportunities and threats analysis)

    SWOT analysis is a framework for identifying and analyzing an organization's strengths, weaknesses, opportunities and threats.

  • synthetic data

    Synthetic data is information that's artificially manufactured rather than generated by real-world events.

  • systems of engagement

    Systems of engagement are decentralized IT components that incorporate technologies such as social media and the cloud to encourage and enable peer interaction.

  • systems thinking

    Systems thinking is a holistic approach to analysis that focuses on the way that a system's constituent parts interrelate and how systems work over time and within the context of larger systems.

  • T

    cyber threat hunter (cybersecurity threat analyst)

    A cyber threat hunter, also called a cybersecurity threat analyst, proactively identifies security incidents that may go undetected by automated security tools such as malware detectors and firewalls.

  • think tank

    A think tank is an organization that gathers a group of interdisciplinary scholars to perform research around particular policies, issues or ideas.

  • thought leader (thought leadership)

    A thought leader is a person who or organization that is widely recognized as an expert in a given field and whose opinions are in high demand. Thought leaders use their influence to change their fields, to make money and to add value to the people and organizations that seek their expertise.

  • Total Quality Management (TQM)

    Total Quality Management is a management framework based on the belief that an organization can build long-term success by having all its members, from low-level workers to its highest ranking executives, focus on quality improvement and, thus, delivering customer satisfaction.

  • transaction

    In computer programming, a transaction usually means a sequence of information exchange and related work (such as database updating) that is treated as a unit for the purposes of satisfying a request and for ensuring database integrity.

  • transactional leadership

    Transactional leadership is a leadership style where the executive relies on rewards and punishments to achieve optimal job performance from his or her subordinates.

  • transfer learning

    Transfer learning is the application of knowledge gained from completing one task to help solve a different, but related, problem.

  • transformational leadership

    Transformational leadership is a management philosophy that encourages and inspires employees to innovate and develop new ways to grow and improve the path to a company's future success.

  • tweetchat

    A tweetchat, also called a tweet jam, is a discussion carried out on Twitter.

  • two-speed IT

    Two-speed IT is the concept that strategic planning for an IT department should include a fast track that allows some projects to be implemented quickly.

  • U

    U.S. Department of Homeland Security (DHS)

    The U.S. Department of Homeland Security (DHS) is a federal agency designed to protect the United States against threats.

  • user-generated content (UGC)

    User-generated content (UGC) is the words and photos that unpaid contributors create and provide to publications, particularly Web properties.

  • UX (user experience)

    User experience (UX) encompasses all aspects of an end user's interaction with and attitude toward a given IT system or services, including the interface, graphics and design.

  • V

    VAL IT (value from IT investments)

    VAL IT (value from IT investments) is a framework that outlines governance best practices for information technology-enabled business investments.

  • value chain

    A value chain is a concept describing the full chain of a business's activities in the creation of a product or service -- from the initial reception of materials all the way through its delivery to market, and everything in between.

  • value innovation

    Value innovation is the implementation of upgrades or new technologies designed to help a company differentiate its products or services while lowering costs.

  • value proposition

    A value proposition is a statement that clearly identifies the benefits a company's products and services will deliver to its customers.

  • value-sensitive design (VSD)

    Value-sensitive design (VSD) is a concept that advocates the consideration of human principles and standards when planning technology.

  • vendor management office (VMO)

    A vendor management office (VMO) is an internal unit within an enterprise that is charged with evaluating third-party providers of goods and services, supervising day-to-day interactions and managing longer-term relationships.

  • vendor risk management (VRM)

    Vendor risk management (VRM) is a comprehensive plan for identifying and decreasing potential business uncertainties and legal liabilities regarding the hiring of 3rd party vendors for IT products and services.

  • Vertical SaaS (Software as a Service)

    Vertical SaaS describes a type of Software as a Service cloud computing solution created for a specific industry.

  • Video Privacy Protection Act of 1988

    The Video Privacy Protection Act of 1988 is United States legislation that prevents wrongful disclosure of an individual's personally identifiable information stemming from their rental or purchase of audiovisual material, including videotapes, DVDs and video games.

  • video resume

    A video resume is a brief account of a job applicant's professional experience, qualifications and interests, submitted to a prospective employer in video form. (Continued...)

  • Vine (Vine app)

    Vine is a free mobile application that enables users to record and share an unlimited number of short, looping video clips with a maximum length of six seconds.

  • W

    whistleblower

    A whistleblower is a person who voluntarily provides information to the general public, or someone in a position of authority, about dishonest or illegal business activities occurring at an organization.

  • Whistleblower Protection Act

    The Whistleblower Protection Act of 1989 is a law that protects federal government employees in the United States from retaliatory action for voluntarily disclosing information about dishonest or illegal activities occurring in a government organization.

  • Wizard of Oz prototyping

    Wizard of Oz prototyping is a tactic used by developers to give the appearance that an application or program has been completely automated when, in fact, it hasn't.

  • workflow

    Workflow is the series of activities that are necessary to complete a task.

  • X

    X-engineering (cross-engineering)

    X-engineering (sometimes called cross-engineering) is a collaborative and process-oriented approach to change management in the business world.

  • XACML (Extensible Access Control Markup Language)

    XACML (Extensible Access Control Markup Language) is an attribute-based access control policy language (ABAC) or XML-based language, designed to express security policies and access requests to information.

  • Y

    Yammer

    Yammer is a private microblogging and collaboration platform for enterprise social networking. Unlike public social media platforms such as Twitter,Yammer only allows members to connect with other members who belong to the same email domain.

  • YouTube

    YouTube is a free video-hosting website that allows members to store and serve video content.

SearchCloudComputing
SearchMobileComputing
SearchDataCenter
Close