IT inventory glossary
Short, clear definitions of the key terms around IT inventory management, IT asset management and compliance - as a reference and a starting point.
- IT inventory management
- The structured capture and ongoing upkeep of all IT assets of an organisation - hardware, software and licences, networks and IP addresses, certificates, contracts - including their relationships and responsibilities.
- IT asset management (ITAM)
- The management of the lifecycle of IT assets: procurement, assignment, cost and depreciation, maintenance and decommissioning. Builds on the inventory.
- CMDB
- Configuration Management Database - a database of configuration items and their relationships. Makes dependencies visible and enables impact analysis.
- IPAM
- IP address management - the structured management of IP addresses, subnets, VLANs and related network objects, so address assignment stays traceable and collision-free.
- Auto-discovery
- The automatic detection of devices on the network via a scan (agentless, TCP/optionally SNMP) and their adoption as assets in the inventory.
- Inventory agent
- A lean program for Windows, Linux and macOS that automatically reports the operating system, hardware and installed software of an endpoint.
- ISO 27001
- International standard for information security management systems (ISMS). Defines requirements for building, operating and continuously improving information security.
- BSI C5
- Cloud Computing Compliance Criteria Catalogue of the German BSI - a criteria catalogue for the security of cloud services.
- GDPR
- General Data Protection Regulation of the EU. Governs the handling of personal data; relevant for data minimisation, data-subject rights and evidence obligations.
- SSL/TLS certificate
- A digital certificate for encrypted, authenticated connections. It has a limited validity and must be renewed before expiry.
- SSH key
- A cryptographic key pair for secure, passwordless access to systems. Like certificates, a security asset that must be managed.
- Multi-tenancy
- A single software instance serves several separate tenants (e.g. clients) with data isolated from one another.
- RBAC
- Role-Based Access Control. Permissions are granted through roles rather than individually per user.
- Provisioning
- The provisioning and configuration of systems via templates and workflows - e.g. configuration templates, firewall rules or ACLs.
- Audit log
- A complete record of all changes to the data - the basis for traceability, troubleshooting and audit-ready evidence.
- Self-hosted
- Running the software in your own infrastructure (Docker/VM/Kubernetes) rather than as a hosted service - for full data sovereignty.
Back to the IT inventory guide.