.NET: This is a software platform/framework from Microsoft Corporation and is commonly called ‘dot net’.

Abstraction: Displaying only the essential information and hiding background details.

Agile: Software development methodologies based on iterative and incremental development, where requirements and solutions evolve through collaboration between self-organising, cross-functional teams.

Annual licence: This allows the customer to use the licensed software for one year and after that the software will no longer work unless a new licence is purchased or the licence is renewed.

API: An application programming interface (API) is a particular set of rules (‘code’) and specifications that software programs can follow to communicate with each other. It serves as an interface between different software programs and facilitates their interaction.

Azure DevOps: A Microsoft toolset, which is used to store product backlog items, sprint information and code.

Business component: A reusable unit that performs a specific task in a business process. You can use a component in multiple business process tests and flows. When you modify a component or its steps, all business process tests or flows containing that component reflect that modification.

Business requirements document: Defines the functional and non-functional specifications for the project or product.

CapEx: Capital expenditures (CapEx) are funds used to acquire, upgrade and maintain assets such as infrastructure, plants, buildings, technology and equipment.

Change control: A procedure to ensure that all changes are controlled, including the submission, analysis, decision making, approval, implementation, documentation and post implementation changes/business as usual (BAU) changes.

Class: In object-oriented programming, a class is an extensible program for creating objects.

Cloud: Cloud computing is storing and accessing data and programs over the internet instead of on your computer’s hard drive. The PCMag Encyclopedia (https://www.pcmag.com/encyclopedia/a) defines it succinctly as ‘hardware and software services from a provider on the internet’).

Code review: A systematic check of other’s code for mistakes, based on standards and guidelines.

Coding: The process of using a programming language to create a set of instructions for a computer to behave as would be expected.

Commercial off-the-shelf: Equipment or software, as applicable, that is readily available to the public from a third party rather than custom-made or bespoke.

Common libraries: A collection of useful libraries that are used for automated testing. They are a source of information referenced and used to fulfil defined common activity.

Component design architecture document: This provides the detailed architecture for a component. It describes the services a component provides, its sub-components and the supporting architectural views for a component, for example application, data and security architectures.

Concurrent licence: This licence is based on the number of simultaneous or concurrent users accessing the software at a single point of time.

Configuration management: This is the tracking and controlling of changes in the software including version control. It is essential once the software has been developed and released by multiple teams or multiple environments across a wide range of end-user communities.

Continuous integration and continuous delivery (CI/CD): Also known as continuous deployment. CI is a set of practices performed as developers are writing code, and CD is a set of practices performed after the code is completed, that is, deployment.

Cucumber: A software tool that supports behaviour-driven development (BDD).

Cybersecurity assessment: This provides an insight into the security aspects and risks associated with the implementation of the IT solution and is used subsequently to show that security has been adequately considered.

Debugging: The process of detecting bugs and errors in a software code.

Deliverable: Anything provided or to be provided by the supplier under the agreement as a result of the services, which could include work items, software, hardware, documentation, reports, drawings, calculations, recommendations and conclusions.

Delivery: The conformity of a particular work item with the relevant ‘definition of done’ and acceptance criteria; deliver and delivered shall be construed accordingly.

Deployment: Software deployment is the process of making the application available on a target place, for example test server, production environment, mobile device.

Detailed design document: This defines the design of the physical architecture of the selected logical option, server types, network architecture, storage requirements and interfaces. This also includes any network design.

DevOps: (Development operations) The close relationship between the developers of applications and the people who test and deploy them. DevOps is said to be ‘the intersection of software engineering, quality assurance and operations. It focuses on improving collaboration among teams’ – according to the PCMag Encyclopedia.

Done: The criteria that need to be met in order for the product owner to accept a product backlog item as being complete.

Early life support (ELS): The services to be provided by the supplier after the release/delivery.

Enhancement: Any modification, update or new release of the software that corrects faults, adds functionality or otherwise amends or updates.

Environment: A subset of the IT infrastructure that is used for a particular purpose (for example production environment, test environment and development environment).

Epic: A collection of features or user stories.

Exception handling: This is the process in a program responding to exceptions or unexpected behaviour.

Feature: A collection of user stories.

Fixed price (FP) contract: This is a type of contract where the payment amount is fixed and is not dependent on resources used or time expended.

Full system architecture document: Defines the generic structure of the solution, providing the logical and physical information architecture for the selected option, including all related components and interfaces, capacity and service continuity designs.

General Data Protection Regulation (GDPR): Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and repealing directive 95/46/EC (General Data Protection Regulation) OJ L 119/1, 4.5.2016. The GDPR is a European Union compliance regulation that went into effect in May 2018.

GUI object: An object has state (data) and behaviour (code) and is an abstract data type with the addition of polymorphism and inheritance. A GUI (graphical user interface) object is the same, representing GUI elements such as a text box, a button or a check box.

High-level design (HLD): Defines the generic structure of the solution, providing the logical (and physical) information architecture for the selected option, including all related components and interfaces, capacity and service continuity designs.

I18N: The abbreviation of the word ‘internationalisation’, being the letter ‘I’ followed by 18 more letters, followed by ‘N’.

Inception: The early activity required to do just enough work to get the team going in the right direction. This can include, but is not limited to: initial requirements modelling, initial architecture modelling, initial planning, initial organisational modelling.

Infrastructure as a service (IaaS): According to the PCMag Encyclopedia, ‘IaaS is a cloud computing service that provides a basic computing platform, typically the hardware and virtual machine (VM) infrastructure (no operating system) or the hardware and an operating system’.

Inheritance: The ability of one class of objects to inherit properties from a higher class.

ISTQB: ISTQB (International Software Testing Qualifications Board) was founded in November 2002 and is a not-for-profit association. ISTQB has defined the ‘ISTQB Certified Tester’ scheme that has become the worldwide leader in the certification of competences in software testing.

Iteration: A short-time boxed period, typically 2 to 4 weeks in duration, during which time the feature team(s) completes as much of the work planned for the iteration as it is reasonably able to do.

IT service continuity (ITSC): The process of ensuring that identified IT services will be available during abnormal situations. It typically involves a detailed assessment of the business risk of key IT services being lost, and then identifies countermeasures and plans to prevent, or recover from, identified contingencies.

Java: An object-oriented programming language from Oracle Corporation, platform independent.

L10N: An abbreviation of the word ‘localisation’, which is the letter ‘l’ followed by 10 more letters, followed by ‘n’.

Lean: Lean software development adapted principles from the Toyota Lean production system and is largely used by the Agile community. It focuses on optimising efficiency and minimising the waste of software applications during their design and development. The value, value stream, flow, pull, and perfection are considered as the five key Lean principles.

Low-level design (LLD): This defines the low-level design of the physical architecture of the selected logical option, server types, network architecture, storage requirements and interfaces.

Minimum viable/valuable product (MVP): An early version of a working product with just enough features to be usable by early users who can then provide feedback for future product development.

Non-functional requirement (NFR): A requirement that does not relate to functionality, but to attributes such as reliability, efficiency, usability, maintainability and portability.

Object-oriented programming (OOP): A programming structure wherein the data and their methods are defined as self-contained entities called ‘objects’.

Object repository: A collection of objects and properties taken from the system under test (SUT), so that a testing tool can recognise the corresponding elements. Record and playback gathers the objects and their properties.

OpEx: An operating expense (OpEx) is an expense required for the day-to-day functioning of a business.

Personal identifiable information (PII): Any data that could potentially be used to identify a particular person. Examples include a full name, National Insurance number, driver’s licence number, bank account number, passport number or email address.

Physical design document: This defines the design of the physical architecture of the selected logical option, server types, network architecture, storage requirements and interfaces. This also includes any network design.

Platform as a service (PaaS): A cloud computing service that provides a comprehensive computing environment. ‘PaaS includes the hardware, operating system, database and other necessary software for the execution of applications. It may include a complete development environment as well’ (according to the PCMag Encyclopedia).

Polymorphism: The ability of an object to take on many forms based on the object that it is sent to.

Portability: The degree of compatibility and ease of moving applications, data, source code and so on from one operating system to another or one database to another or one cloud to another or one platform to another.

PRINCE2: Projects in Controlled Environments 2 is a structured project management approach and practitioner certification programme.

Product: A combination of features that supports a particular business process or group of processes.

Product backlog: A prioritised list of items, containing short descriptions of all functionality desired in the product, and associated business outcomes as defined. A product backlog comprises: (i) the prioritised set of work items; (ii) the estimated amount of story points required to deliver each work item; (iii) the work items with the status of done; and (iv) acceptance criteria, to be delivered as part of the project, as amended from time to time by the product owner in accordance with this schedule.

Product manager: A person that provides long-term ownership and vision for the product.

Product owner: The main representative concerning the scope and requirements of a product and accountable for updating the product backlog.

Project: The overall delivery of the services described in a particular package.

Project manager: A person who is responsible for the delivery of large IT projects, acquiring and utilising the necessary resources and skills, within the agreed parameters of cost, timescales and quality.

Proof of concept (PoC): The evidence that a proposed product concept is viable and capable of solving an organisation’s problem.

Proof of technology (PoT): The evidence that a proposed product technology is a viable solution that can solve an organisation’s problem.

Quality assurance (QA): The process of ensuring that the quality of a product, service or process will provide its intended value.

RACI log: Refers to a responsible, accountable, consulted and informed matrix.

RAID log: Refers to a risks, actions, issues and decisions matrix.

Record and playback: A type of automated testing where the automation tool records the user behaviour or activity and plays this back.

Recovery point objective (RPO): The longest period of time in which newly entered data can be lost in the event of a major IT failure. The RPO determines how often backups must be performed.

Recovery scenario: This contains generic functions to handle exceptions at runtime.

Recovery time objective (RTO): The amount of time a computer system or application can stop functioning before it is considered unacceptable to the organisation. The RTO is used to determine the types of backup and disaster recovery plans that should be implemented.

Release: A collection of hardware, software, documentation, processes or other components required to implement the solution. The contents of each release are managed, tested and deployed as a single entity.

Scrum: Scrum is based on a ‘Sprint’, which is typically a predefined period for delivering a working part of the system. Each Sprint starts with a planning session that includes the customer (product owner), the facilitator (Scrum master) and the cross-functional team.

Scrum master: The facilitator in a Scrum software project.

Seat licence: ‘A software licence based on the number of users who have access to the software. For example, a 100-user licence based on users means that up to 100 specifically named users have access to the program’ (according to PCMag Encyclopedia).

Security architecture document: This provides insight into the security aspects and risks associated with the implementation of the solution and used subsequently to show that security has been adequately considered. It highlights the threats and vulnerabilities and investigates countermeasures to provide assurance to the business that adequate security has been implemented.

Smoke test: Validates the key features and basic functionalities of a software program or solution to ensure that it is fit for further detailed testing. Smoke test was originally used to find leaks in containers and pipes using smoke. The term was introduced to software testing with reference to testing a software application for the first time.

Software as a service (SaaS): A rented software service. Instead of buying applications, with this you pay a subscription, that is, when that expires, the software is no longer valid.

Software development life cycle (SDLC): The sequence of events in the development of an information system.

Software test life cycle (STLC): The sequence of events in the testing of an information system.

Solution: The solution delivered by the supplier under this project package, which may comprise more than one product.

Solution architecture design document: This defines the generic structure of the solution, providing the logical and physical information architecture for the selected option, including all related components and interfaces, capacity and service continuity designs.

Sprint: A time-boxed period during which the team delivers the Sprint backlog.

Sprint backlog: The list of product backlog items (PBIs) that the product team commit to deliver in the Sprint.

Sprint goal: A short statement summarising the principal objective of the Sprint.

Sprint planning: The meeting at the start of a Sprint where the product owner states the Sprint goal, presents the PBIs that they would like to have completed in the next Sprint and agrees the Sprint backlog.

Sprint retrospective: The meeting at the end of a Sprint where the product team review the delivery methodology and agree changes to be implemented in the next Sprint.

Sprint review: The meeting at the end of a Sprint where the team present the results and output of the Sprint to the product owner and stakeholders, and adaptions to the product backlog are discussed and agreed, if needed.

Stakeholder: Those who have some interest in the products or projects. Any individual who may be affected by a business decision.

Static code analysis: Implies the usage of tools that scan the source code to find out if it contains any of the known formal defect patterns.

Story: A description of a particular behaviour of the product agreed upon by the developers, the product owner and the architecture owner as part of the Sprint planning process.

Subcontractor: Any party engaged by the supplier in the provision of the services.

Subject matter expert (SME): An individual who hold knowledge of a product or services.

System(s) software: Those programs and software, including documentation and materials, that perform tasks basic to the functioning of the computer hardware, or that are required to operate the applications, or otherwise support the provision of services by the supplier. Systems software includes operating software, systems utilities and any other software not designated as applications.

Test environment: A controlled environment used to test configuration items, builds, IT services and processes.

Test plan: This may comprise separate documents for each test phase in line with the test strategy. This includes all the information necessary to plan and control the test effort for the solution development phase. It describes the approach to the testing of the artefacts and is the top-level plan generated and used by the managers to direct the test effort.

Test pyramid: According to ISTQB Glossary, test pyramid is a graphical model representing the relationship of the amount of testing per level, with more testing at the bottom than at the top. Mike Cohn, one of the founders of the Scrum Alliance, came up with the test pyramid concept in his book Succeeding with Agile. It is a visual model of different layers of testing and how much testing is to be done on each layer. Mike Cohn’s original test pyramid consists of three layers including unit tests, service tests and user interface tests (bottom to top). Unit tests form the base of the test pyramid, that should be frequent, and run fast. Integration tests are the middle tier of the pyramid. Test pyramid expects that more automated testing is done through unit tests than GUI-based testing. The pyramid provides the advantages of avoiding many of the complexities of dealing with UI frameworks.

Test script: An automation test script is a set of instructions that will be performed on the system under test (SUT) to validate that it works as expected. Good test scripts are small, isolated, maintainable and easy to understand with swift execution of steps. They are independent of each other and run with good exception handling.

Test strategy: This defines the strategy for the assurance and testing effort required for the project/product. It provides a summary of the test stages and responsibilities specific to the project. Test objectives, scope and resources are detailed within this strategy.

Testing as a service (TaaS): A model in which IT solution testing activities associated with an organisation’s activities are performed by a supplier rather than in-house employees.

Time and materials (T&M): A standard contract for product development or any other piece of work in which the customer agrees to pay the supplier based upon the time spent and materials used.

Traffic light/RAG: A RAG rating system indicates the status of a variable using red, amber or green traffic lights.

User story: A description of a particular behaviour of the product in a few sentences.

Validation: Typically involves actual testing and takes place after verifications are completed.

Verification: Typically involves reviews and meetings to evaluate documents, plans, code, requirements, and specifications. This can be done with checklists, issues lists, walkthroughs, and inspection meetings.

Work item: An item in the product backlog, including but not limited to enhancements, epics, features, user stories or tasks.