Glossary

IT inventory glossary

Short, clear definitions of the key terms around IT inventory management, IT asset management and compliance - as a reference and a starting point.

IT inventory management
The structured capture and ongoing upkeep of all IT assets of an organisation - hardware, software and licences, networks and IP addresses, certificates, contracts - including their relationships and responsibilities.
IT asset management (ITAM)
The management of the lifecycle of IT assets: procurement, assignment, cost and depreciation, maintenance and decommissioning. Builds on the inventory.
CMDB
Configuration Management Database - a database of configuration items and their relationships. Makes dependencies visible and enables impact analysis.
IPAM
IP address management - the structured management of IP addresses, subnets, VLANs and related network objects, so address assignment stays traceable and collision-free.
Auto-discovery
The automatic detection of devices on the network via a scan (agentless, TCP/optionally SNMP) and their adoption as assets in the inventory.
Inventory agent
A lean program for Windows, Linux and macOS that automatically reports the operating system, hardware and installed software of an endpoint.
ISO 27001
International standard for information security management systems (ISMS). Defines requirements for building, operating and continuously improving information security.
BSI C5
Cloud Computing Compliance Criteria Catalogue of the German BSI - a criteria catalogue for the security of cloud services.
GDPR
General Data Protection Regulation of the EU. Governs the handling of personal data; relevant for data minimisation, data-subject rights and evidence obligations.
SSL/TLS certificate
A digital certificate for encrypted, authenticated connections. It has a limited validity and must be renewed before expiry.
SSH key
A cryptographic key pair for secure, passwordless access to systems. Like certificates, a security asset that must be managed.
Multi-tenancy
A single software instance serves several separate tenants (e.g. clients) with data isolated from one another.
RBAC
Role-Based Access Control. Permissions are granted through roles rather than individually per user.
Provisioning
The provisioning and configuration of systems via templates and workflows - e.g. configuration templates, firewall rules or ACLs.
Audit log
A complete record of all changes to the data - the basis for traceability, troubleshooting and audit-ready evidence.
Self-hosted
Running the software in your own infrastructure (Docker/VM/Kubernetes) rather than as a hosted service - for full data sovereignty.

Back to the IT inventory guide.