Skip to main content
ITSMx
Glossary

Terms and definitions

The vocabulary of EU IT service management and compliance — defined plainly.

EU regulation
DORAEU regulation requiring financial entities to manage ICT risk, report major ICT-related incidents, test digital operatioNIS-2EU directive establishing cybersecurity obligations for operators of essential and important services across 18 sectors.Register of InformationUnder DORA Art. 28(3), financial entities must maintain a register of all contractual arrangements with ICT third-party
German regulation
BAITGerman financial-supervision requirements for IT at banks and financial institutions, issued by BaFin. Covers IT governaMaRiskMinimum requirements for risk management at German financial institutions, issued by BaFin. Covers organizational requirBerechtigungskonzeptA documented concept describing who has access to what systems and data, with which permissions, and under what constrai
ITIL
CMDBA database that stores information about hardware and software assets (configuration items) and the relationships betweeCIAny component that needs to be managed in order to deliver an IT service. Examples: servers, applications, databases, neMajor IncidentAn incident with significant business impact requiring coordinated resolution beyond normal incident management. Under DChange ManagementThe ITIL practice of controlling the lifecycle of all changes to minimize disruption. Includes change types (standard, n
platform
ChaRMSAP Solution Manager's change request management module. Manages SAP transport requests through approval workflows with
security
SoDA control principle that prevents one person from holding incompatible roles in a process — for example, the person who

Informational only — not legal advice. Definitions are simplified for clarity.