Appendix B: Glossary

A  B  C  D  E  F  H  I  L  M  N  O  P  R  S  T  U  V  W  


ApplicationSoftware that performs automated functions for a user. Examples include home banking, word processing and payroll. Distinguished from operating system or utility software.
Asynchronous transfer modeThe method of transmitting bits of data one after another with a start bit and a stop bit to mark the beginning and end of each data unit. Can also mean automated teller machine.
Attack signatureA specific sequence of events indicative of an unauthorized access attempt.


BandwidthTerminology used to indicate the transmission or processing capacity of a system or of a specific location in a system (usually a network system) for information (text, images, video, sound). Bandwidth is usually defined in bits per second (bps) but also is usually described as either large or small. Where a full page of English text is about 16,000 bits, a fast modem can move approx. 15,000 bps. Full-motion, full-screen video requires about 10,000,000 bps, depending on compression.
Bits per second (BPS)A measurement of how fast data moves from one place to another. A 28.8 modem can move 28,800 bits per second.


Cash LetterA group of checks accompanied by a paper listing sent to a clearinghouse, a Federal Reserve Bank, or another institution. A cash letter contains a number of negotiable items, mostly checks, accompanied by a letter that lists the amounts and instructions for transmittal to another bank. May also be called a transmittal letter. An incoming cash letter is one that is received by an institution from a clearinghouse, a Federal Reserve Bank, or another institution and contains checks written on accounts at the institution that were cashed elsewhere. An outgoing cash letter is one that is being sent to a clearinghouse, a Federal Reserve Bank, or another institution and contains checks deposited at the institution, which are written on accounts at other institutions.
Change managementThe broad processes for managing organizational change. Change management encompasses planning, oversight or governance, project management, testing, and implementation.
Check 21 ActFormally known as the Check Clearing for the 21st Century Act. Creates a new document, the IRD (image replacement document or substitute check) that is the legal equivalent of the original check and should be accepted as such. The act does not require institutions to accept electronic images instead of checks or IRDs, but does require the acceptance of IRDs instead of paper checks. The exchange of electronic images is optional and will be done by agreements between individual institutions, groups of institutions, or clearinghouses.
ClusteringConnecting two or more computers together in such a way that enables them to act as a single computer. Clustering is used for parallel processing, load balancing, and fault tolerance.
Commercial off-the-shelf (COTS)COTS products include software and hardware products that are ready-made and available for sale to the general public. COTS products are typically installed in existing systems and do not require customization. Also known as "shrink-wrap" applications.
Courtesy amount recognition (CAR)The numeric amount of a check.


Digital subscriber line (DSL)A technology that uses existing copper telephone lines and advanced modulation schemes to provide high-speed telecommunications to businesses and homes.
Direct access storage device (DASD)A magnetic disk storage device historically used in mainframe environments. DASD may also include hard drives used in personal computers.


EncryptionA data security technique used to protect information from unauthorized inspection or alteration. Information is encoded so that data appears as a meaningless string of letters and symbols during delivery or transmission. Upon receipt, the information is decoded using an encryption key.
Enterprise architectureThe overall design and high-level plan that describes an institution's operational framework and includes the institution's mission, stakeholders, business and customers, work flow and processes, data processing, access, security, and availability.


Fibre channelA high performance serial link supporting its own, as well as higher-level protocols such as the small computer system interface, high performance parallel interface framing protocol and intelligent peripheral interface. The Fibre Channel standard addresses the need for very fast transfers of large amounts of information. The fast (up to 1 Giga byte per second) technology can be converted for LAN technology by adding a switch specified in the Fibre Channel standard that handles multipoint addressing. Fibre Channel gives users one port that supports both channel and network interfaces, unburdening the computers from large number of input and output (I/O) ports. Fibre Channel provides control and complete error checking over the link.
Frame relayA high-performance wide area network protocol that operates at the physical and data link layers of the Open Systems Interconnect (OSI) reference model. Frame Relay is an example of a packet-switched technology. Packet-switched networks enable end stations to dynamically share the network medium and the available bandwidth. Frame relay uses existing T-1 and T-3 lines and provides connection speeds from 56 Kbps to T-1.


HopEach step of a trip a data packet takes from its origination to its destination. For example, on the Internet a data packet may go through several routers before reaching its final destination.
Host bus adapter (HBA)A host bus adapter provides I/O processing and physical connectivity between a server and storage. As the only part of a storage area network that resides in a server, HBAs also provide a critical link between the storage area network and the operating system and application software.
HubSimple devices that pass all data traffic in both directions between the LAN sections they link. Hubs forward every message they receive to the other sections of the LAN, even those that do not need to go there.
HVACHeating, ventilation, and air conditioning.


I/O (Acronym)Input/output.
Integrated Systems Digital Networking (ISDN)A hierarchy of digital switching and transmission systems that provides voice, data, and image in a unified manner. Integrated Systems Digital Networking (ISDN) is synchronized so that all digital elements communicate in the same protocol at the same speed.
Internet Small Computer System Interface (iSCSI)An Internet protocol based storage networking standard for linking data storage facilities, used to facilitate. iSCSI is data transfers over intranets and to manage storage over long distances.


Legal amount recognition (LAR)The handwritten dollar amount of the check.


Magnetic ink character recognition (MICR)Magnetic codes found on the bottom of checks, deposit slips, and general ledger debit and credit tickets that allow a machine to scan (capture) the information. MICR encoding on a check includes the account number, the routing number, the serial number of the check, and the amount of the check. The amount of the check is encoded when the proof department processes the check.
MainframeAn industry term for a large computer, typically used for the commercial applications of businesses and other large-scale computing purposes. Generally, a mainframe is associated with centralized rather than distributed computing.
Management information systems (MIS)A general term for the computer systems in an enterprise that provide information about its business operations.
MediaPhysical objects that store data, such as paper, hard disk drives, tapes, and compact disks (CDs).
MidrangeComputers that are more powerful and capable than personal computers but less powerful and capable than mainframe computers.
Millions of instructions per second (MIPS)A general measure of computing performance and, by implication, the amount of work a larger computer can do.
MirroringA process that copies data to multiple disks over a computer network in real time or close to real time. Mirroring reduces network traffic, ensures better availability of the website or files, or enables the site or downloaded files to arrive more quickly for users close to the mirror site.


Network attached storage (NAS)NAS systems usually contain one or more hard disks that are arranged into logical, redundant storage containers much like traditional file servers. NAS provides readily available storage resources and helps alleviate the bottlenecks associated with access to storage devices.


Operating systemA system that supports and manages software applications. Operating systems allocate system resources, provide access and security controls, maintain file systems, and manage communications between end users and hardware devices.


Plain old telephone system (POTS)Basic telephone service.
PlatformThe underlying computer system on which applications programs run. A platform consists of an operating system, the computer system's coordinating program, which in turn is built on the instruction set for a processor or microprocessor, and the hardware that performs logic operations and manages data movement in the computer.
Private branch exchange (PBX)A telephone system within an enterprise that switches calls between enterprise users on local lines while allowing all users to share a certain number of external phone lines.
Proof of deposit (POD)The verification of the dollar amount written on a negotiable instrument being deposited.
ProtocolA format for transmitting data between devices.


Recovery siteAn alternate location for processing information (and possibly conducting business) in an emergency. Usually distinguished as "hot" sites that are fully configured centers with compatible computer equipment and "cold" sites that are operational computer centers without the computer equipment.
Redundant array of independent disks (RAID)The use of multiple hard disks to store the same data in different places. By placing data on multiple disks, I/O operations can overlap in a balanced way, improving performance. Since multiple disks increase the mean time between failures (MTBF), storing data redundantly also increases fault-tolerance.
RoutingThe process of moving information from its source to the destination.


SAS 70 reportAn audit report of a servicing institution prepared in accordance with guidance provided in the American Institute of Certified Public Accountant's Statement of Auditing Standards Number 70. Replaced by SSAE 16.
ScalabilityA term that refers to how well a hardware and software system can adapt to increased demands. For example, a scalable network system would be one that can start with just a few nodes but can easily expand to thousands of nodes. Scalability can be a very important feature because it means the entity can invest in a system with confidence they will not quickly outgrow it.
ServerA computer or other device that manages a network service. An example is a print server, which is a device that manages network printing.
Service level agreementDefines the specific responsibilities of the service provider and sets the customer expectations.NIST Glossary
A formal agreement between two parties that records: a common understanding about products or services to be delivered, priorities, responsibilities, guarantees, and warranties between the parties. In addition, the agreement describes the nature, quality, security, availability, scope, and timeliness of delivery and response of the parties, the point(s) of contact for end-user problems, and the metrics by which the effectiveness of the process is monitored and approved, and may include other measurable objectives. The agreement should cover not only expected day-to-day situations, but also unexpected or adverse events, as the need for the service may vary.FFIEC Adapted for Supervisory Purposes
Small Computer Systems Interface (SCSI)Small computer systems interface (pronounced "scuzzy"). A standard way of interfacing a computer to disk drives, tape drives, and other devices that require high-speed data transfer. Also, a secondary SAN protocol that allows computer applications to talk to storage devices.
Storage area network (SAN)A high-speed special-purpose network (or sub-network) that connects different types of data storage devices with associated data servers on behalf of a larger network of users.
Storage virtualizationThe process of taking many different physical storage networks and devices, and making them appear as one "virtual" entity for purposes of management and administration.
SwitchA device that connects more than two LAN segments that use the same data link and network protocol.
Synchronous Optical NETwork (SONET)SONET is a standard for telecommunications transmissions over fiber optic cables. SONET is self-healing so that if a break occurs in the lines, it can use a back-up redundant ring to ensure that the transmission continues. SONET networks can transmit voice and data over optical networks.
Systems Development Life Cycle (SDLC)An approach used to plan, design, develop, test, and implement an application system or a major modification to an application system.


T-1 lineA special type of telephone line for digital communication and transmission. T-1 lines provide for digital transmission with signaling speed of 1.544Mbps (1,544,000 bits per second). This is the standard for digital transmissions in North America. Usually delivered on fiber optic lines.
Total cost of ownership (TCO)The true cost of ownership of a computer or other technology system that includes original cost of the computer and software, hardware and software upgrades, maintenance, technical support, and training.
Transmission control protocol/Internet protocol (TCP/IP)A communication standard for transmitting data packets from one computer to another. TCP/IP is used on the Internet and other networks. The two parts of TCP/IP are TCP, which deals with constructions of data packets, and IP, which routes them from machine to machine.


Uninterruptible power supply (UPS)A device that allows your computer to keep running for at least a short time when the primary power source is lost. A UPS may also provide protection from power surges. A UPS contains a battery that "kicks in" when the device senses a loss of power from the primary source allowing the user time to save any data they are working on and to exit before the secondary power source (the battery) runs out. When power surges occur, a UPS intercepts the surge so that it doesn't damage your computer.


Very early smoke detection alert (VESDA)A system that samples the air on a continuing basis and can detect fire at the pre-combustion stage.
Voice over Internet Protocol (VoIP)The transmission of voice telephone conversations using the Internet or Internet Protocol networks.


WorkstationAny computer connected to a local-area network.
WORM (Acronym)Write once, read many times. A type of optical disk where a computer can save information once, can then read that information, but cannot change it.


Previous Section
Tier II Objectives and Procedures
Next Section
Appendix C: Item Processing