A | B | C | D | E | F | G | H | I | J | K | L | M | N | O | P | Q | R | S | T | U | V | W | X | Y | Z






Authenticator Assurance Level

Access Point

A hardware device or a computer's software that acts as a communication hub for users of a wireless device to connect to a wired Local Area Network.

Account Archived

Accounts that have not been used for x years are off-loaded via long term storage solutions.

Account Disabled

Account is in an unusable state and can only be made usable again through an administrative action.

Account Locked

Account is not useable until either an administrator resets a token or the end user resets the token through one of the forgotten password self service functions.

Address of Record

The official location where an individual can be found that is on record with a trusted or authoritative entity such as a government agency, the individual’s employer, financial institution, or utility company. The address of record always includes the residential street address of an individual and may also include the mailing address of the individual.


Logo, graphic, text, sound, video, or any other means intended to promote or market a service, facility, or product offered by an entity for a commercial purpose. Advertising includes messages containing qualitative or comparative language, price information or other indications of savings or value, an endorsement, or an inducement to purchase, sell, or use any company, service, facility, or product.                       
Copyright notices and displaying the name, logo, product, or service of a non-government entity whether or not in exchange for money, services, or other special consideration, including reduced cost or no-cost use in the context of open-source development products or services, may also constitute “advertising”; for example, "Powered by Company X" or "Web design by Company X."                       
Linking to external sites that provide a particular commercial product or service. An SE should ensure that all links to non-government websites further the SE's mission, functions, and responsibilities.


See "Authorized Employee Representative"


A state agency is as defined in Open Meetings Law, Section 103, which states that “'agency' shall mean only a state department, board, bureau, division, council or office and any public corporation the majority of whose members are appointed by the governor," and includes any state agency, department, office, board, commission or other instrumentality of the State, but not a public authority.

Agency Fleet

All State Vehicles acquired by, and assigned to, an agency.


A computerized procedure consisting of a set of steps used to accomplish a determined task.

Alternate Work Site

A specific location away from the official work site where the employee is authorized to conduct business.


An Aircard is a type of wireless modem that is used to connect a single device to the internet through cellular data. A MiFi device can be connected to a cellular network and provide internet access for up to ten devices. The use of an Aircard/MiFi requires a data plan.


See "Access Point"


"See "Application Programming Interface"

Application Programming Interface

A set of subroutine definitions, protocols, and tools for building application software. In general terms, it is a set of clearly defined methods of communication between various software components.


Architecture is a set of components, their structure and inter-relationships, and the methods, guidelines, and standards governing their application and evolution over time. In the case of NYS and the NYS EA, the components being dealt with are the business, operational and information technology components of the enterprise.

Artificial Intelligence

A machine-based system, that can, for a given set of human-defined objectives, make predictions, recommendations, or decisions influencing real or virtual environments. Artificial intelligence systems use machine- and human-based inputs to perceive real and virtual environments; abstract such perceptions into models through analysis in an automated manner; and use model inference to formulate options for information or action. The definition does not include basic calculations like Excel formulas, basic automation, or pre-recorded response systems.

Artificial Intelligence System

Any technology system, whether developed internally or obtained from a third party, that utilizes an artificial intelligence technology.


Agency Security Administrator


Agency Spending Controls Application. A NYS Division of the Budget computer application used by state agencies to request spending approval for planned procurements and other purposes.


Anything that has value to an organization including, but not limited to, another organization, person, computing device, information technology (IT) system, IT network, IT circuit, software (both an installed instance and a physical instance), virtual computing platform (common in cloud and virtualized computing), and related hardware (e.g., locks, cabinets, keyboards).


Administrative Services Unit

Authenticated Scan

A credential-based scan that provides sufficient access to allow the vulnerability scan engine to scan the operating system and all applications running on the system.


The process of establishing confidence in the identity of users or information systems.

Authentication Factors

Something you know, something you have, and something you are. See “Multi-Factor Authentication” and “Single-Factor Authentication.”

Authentication Method

The authentication mechanism used at the time of user account login.

Authentication Protocol

A defined sequence of messages between a Claimant and a Verifier that demonstrates that the Claimant has possession and control of a valid token to establish their identity, and optionally, demonstrates to the Claimant that they are communicating with the intended Verifier.


Something the claimant possesses and controls (typically a cryptographic module or password) that is used to authenticate the claimant’s identity (e.g., token).


Access privileges granted to a user, program, or process or the act of granting those privileges.

Authoritative Time Service Endpoints

Network endpoints maintained by ITS using an industry-accepted protocol for clock synchronization between computer systems.

Authorized Employee Representative

An employee authorized by other employees, or the designated representative of an employee organization, who is recognized or certified to represent the employees pursuant to Article 14 of the Civil Service Law.

Automated Decision System

Any algorithm, including one incorporating machine learning or other artificial intelligence techniques, that uses data-based analytics to make or support decisions, judgments, or conclusions.

Automated Final Decision System

An automated decision system that makes final decisions, judgments, or conclusions without human intervention.

Automated Support Decision System

An automated decision system that provides insights and/or recommendations to inform the final decision, judgment, or conclusion of a human decision maker.


The extent to which information is operational, accessible, functional, and usable upon demand by an authorized entity (e.g., a system or user).



Banner Ad

Typically, rectangular advertisement placed on a website above, below, or to the side of the website's main content area.


A group of similar binary-to-text encoding schemes that represent binary data in an ASCII string format by translating it into a radix-64 representation. The terms Base64 originates from a specific MIME content transfer encoding. Each Base64 digit represents exactly six (6) bits of data.

Best Value

A method of awarding service and technology contracts that optimizes quality, cost, and efficiency among responsive and responsible bidders.


In digital multimedia, bitrate is the number of bits used per unit of time to represent a continuous medium such as audio or video after source coding (data compression). In this sense it corresponds to the term digital bandwidth consumption. While often referred to as "speed," bitrate does not measure distance/time but quantity/time.


Budget Policy and Reporting Manual


Acquiring of information by a person without valid authorization or through unauthorized acquisition.


Business Service Center

Bureau Director

The head of the bureau within ITS.

Business Continuity Program

The process involved in creating a prevention and recovery system addressing potential threats to a company. The plan ensures that personnel and assets are protected and able to function quickly in the event of an incident.

Business Unit(s)

A subdivision of ITS representing a specific business function. For example, Accounts Payable, which has a definite place on the organizational chart, under the domain of an Executive.

Business Analysis and Risk Assessment

Defined by the ESRA regulation as "identifying and evaluating various factors relevant to the selection of an electronic signature for use or acceptance in an electronic transaction.  Such factors include, but are not limited to, relationships between parties to an electronic transaction, value of the transaction, risk of intrusion, risk of repudiation of an electronic signature, risk of fraud, functionality and convenience, business necessity and the cost of employing a particular electronic signature process."


Bring Your Own Device




Credit Card Administrator

Cell Phone

A telephone with access to a cellular radio system so it can be used over a wide area, without a physical connection to a network. A cell phone only allows users to place and receive voice calls and text messages. Requires only a voice plan.

Centralized Contract

Any contract let by the NYS Office of General Services for use by authorized users, including state agencies, for the purpose of commodities or services.


Chief Financial Officer

Chief Information Officer

See "State Chief Information Officer"


Configuration Item


See "State Chief Information Officer"


Chief Information Security Office(r)


A party whose identity is to be verified using an authentication protocol.

Clear GIF

A graphic with a unique identifier, similar to a cookie, used to track the online movements of users. Clear gifs are also known as pixel tags, web beacons, or web bugs.


A message on a user's computer screen, requiring that the user respond to a question and, as a result, provide information by clicking on an icon.


Closure of a workplace may occur when an extraordinary circumstance has been identified and the space has been deemed uninhabitable or otherwise dangerous by local officials, emergency services personnel, landlords, or other authorized persons. Closure of a workplace is not the same as, but may be used in conjunction with, a directed early departure or direction not to report.

Cloud Broker

An entity that manages the use, performance, and delivery of cloud services, and negotiates relationships between cloud providers and cloud consumers. As cloud computing evolves, the integration of cloud services may be too complex for cloud consumers to manage alone.


See "Computer Network Defense"


Chart of Accounts. A standard financial coding structure used for recording and reporting State financial information.


NYS Commission on Ethics and Lobbying in Government

Collaborative Computing Device

Collaborative computing devices may include, but are not limited to, networked white boards, cameras, and microphones that are connected to NYS IT systems for the purposes of conducting government business collaboratively.

Computer Network Defense

Using defensive measures in order to protect information, information systems, and networks from threats.

Computer Security Event

An anomaly that has been reported or noticed in a system or network.

Computer Security Incident

A violation or imminent threat of violation of computer security policies, acceptable use policies, or standard security practices. A computer security incident is also defined as any event that adversely affects the confidentiality, integrity, or availability of system and its data.

Computer Vision

A field of artificial intelligence (AI) that enables computers and systems to derive meaningful information from digital images, videos, and other visual inputs - and take actions or make recommendations based on that information.


The property that information is not made available or disclosed to unauthorized individuals, entities, or processes.

Consolidated Log Infrastructure

The hardware, software, networks, and media used to generate, transmit, store, analyze, and dispose of log data.


See "ITS Consultant"

Contiguous United States (CONUS)

The 48 contiguous states of the United States and the District of Columbia. This definition specifically excludes the states of AK and HI as they are not part of the contiguous states and are included in the definition of Non-Foreign, Outside the Continental United States (OCONUS) locations.

Continuity of Operations Plan

Clearly defined steps an organization will take during times of disruption to ensure they can continue their operations.

Contract Award

A written determination from ITS to an Offerer indicating that ITS has accepted its bid or offer.


Refers to any entity that contracts with ITS.


An action taken to enhance the likelihood that established goals or objectives will be achieved (in the context of this policy, generally an action taken to reduce risk).


A unique text file stored on a user's computer by an Internet browser. These text files are used as a means of distinguishing among users of a website and as a means of customizing the website according to the user's preferences and interests. A cookie will not include personal information unless the user has volunteered that information.


Continuing Professional Education


An object that authoritatively binds an identity to a token possessed and controlled by a person or entity.

Credential Service Provider

A trusted entity that issues or registers subscriber authenticators and issues electronic credentials to subscribers.


Contract Reporter Exemption Request

Critical Incidents

Critical incidents include the following:                       
A sudden, unexpected event requiring action due to potential threat to health and safety, the environment, or property.                       
A critical event, which, if not handled in an appropriate manner, may dramatically impact an organization’s profitability, reputation, or ability to operate.                       
A sudden, unplanned, calamitous event causing great damage or loss. Critical incidents can also include an “Emergency” as defined in the New York State Finance Law, Section 163, which means an urgent and unexpected requirement where health and public safety or the conservation of public resources is at risk.

Critical Infrastructure

Systems and assets, whether physical or virtual, so vital to New York State that the incapacity or destruction of such systems and assets would have a debilitating impact on security, economic security, public health or safety, or any combination of those matters.


The degree to which a State Entity depends on the information or information system for the success of a mission or of a business function.


Related to cryptography which is (1) The mathematical science used to secure the confidentiality and authentication of data by replacing it with a transformed version that can be reconverted to reveal the original data only by someone holding the proper cryptographic algorithm and key; (2) A discipline that embodies the principles, means, and methods for transforming data in order to hide its information content, prevent its undetected modification, and/or prevent its unauthorized uses.

Cryptographic Keys

Data used to encrypt or decrypt a message or information.


Civil Service Employees Association


Chief Technology Office(r)

Current Stable Release

The most recent stable-channel release of any given web browser, as published by the software vendor of that web browser. Vendors utilize different release schedules, and as such, versions may increment differently across different web browsers and platforms.


A person or entity who is responsible for a device.




A subset of information in an electronic format that allows it to be retrieved or transmitted.

Digital Object

Any discrete set of digital data that can be individually selected and manipulated. This can include shapes, pictures, string of numbers, or characters that appear on a display screen as well as less tangible software entities.

Digital Signatures

Produced by two mathematically linked cryptographic keys, a private key used to sign, and a public key used to validate the signature. A digital signature is created when a person uses their private key to create a unique mark (called a "signed hash") on an electronic document. The recipient of the document employs the person’s public key to validate the authenticity of the digital signature and to verify that the document was not altered subsequent to signing. Digital signatures are often used within the context of a Public Key Infrastructure (PKI) in which a trusted third party known as a Certification Authority (CA) binds individuals to private keys.

Direct Application Access

Accessing an application directly with the application providing its own security (e.g., webmail, https).

Directed Early Departure

Dismissal situation used in conjunction with an extraordinary circumstance when a workplace has been deemed dangerous or, when a determination has been made by the Office of Employee Relations or State Ops that travel may become unsafe for employees during extreme weather conditions, such as an impending blizzard.

Direction Not to Report

Dismissal situation used in conjunction with an extraordinary circumstance when a workplace has been deemed dangerous or, when a determination has been made by the Office of Employee Relations or State Ops that travel may be unsafe for employees during extreme weather conditions, such as a blizzard.


Shall have the same meaning as defined in State Technology Law §202. This shall mean to reveal, release, transfer, disseminate, or otherwise communicate information orally, in writing or by electronic or other means, other than to the person who is the subject of such information.

Discretionary Purchase

Purchases below an established dollar threshold that are authorized by law to be made without a formal competitive process.

Division Director

The head of the division within ITS


ITS Division of Legal Affairs


This refers to all the domains and subdomains within the Internet Domain Name System (DNS).


Division of the Budget


Department of Health


A region of jurisdiction on the World Wide Web (Internet) for naming assignment. The General Services Administration is responsible for registrations in the dot-gov domain, and has delegated this authority to the CIO for all State Entities.

Domain Name

A name assigned to an Internet server, requested from ITS by a State Entity.

Domestic Violence

A pattern of coercive behavior, including acts or threatened acts, that is used by a perpetrator to gain power and control over a victim, as defined in New York State Social Service Law § 459-a, including, but not limited to physical, sexual, psychological, economic, and/or emotional abuse; or the threat of any/all of the aforementioned acts.

Domestic Violence Agency Liaison (DVAL)

A designated employee(s) of ITS who has been trained by the Office for the Prevention of Domestic Violence (OPDV) to assist victimized employees; who ensure ITS compliance with the Gender-Based Violence and the Workplace Policy; and who serves as the primary contact for OPDV.


ITS employees or other persons, expressly authorized by the Chief Information Officer, who operate a State Vehicle.




Also known as electronic authentication. The process of establishing confidence in user identities electronically presented to an information system.


Employee Data Administrator


Enterprise eDiscovery Services


E-equipment is hardware used to input, store, process, transmit, and output information, including, but not limited to, desktops, laptops, mobile devices, servers, telephones, video conferencing equipment, copiers, printers, and data center equipment.


The use of computer technology to provide faster, more convenient, and better delivery of government services to customers by reducing paper processes and the need to go to government offices for the service. Customers in e-Government can include citizens, businesses, and other governments. Typically, these services are available over the internet on a government agency’s website or a government portal, like ID.

Electronic Evidence

Electronic evidence as defined by the US DOJ Electronic Crime Scene Investigation is information and data of investigative value that is stored on or transmitted by an electronic device.

Electronic Record

Information, evidencing any act, transaction, occurrence, event, or other activity, produced or stored by electronic means and capable of being accurately reproduced in forms perceptible by human sensory capabilities.

Electronic Signature

Shall have the same meaning as defined in State Technology Law §302. This shall mean "an electronic sound, symbol, or process, attached to or logically associated with an electronic record and executed or adopted by a person with the intent to sign the record." This definition conforms to the definition found in the Federal E-Sign Law.

Electronic Transaction

Shall mean an action or set of actions occurring through the use of electronic technology by or with a governmental entity.


HTML tags


A situation that poses an immediate risk to health, life, property, or natural environment.


See "ITS Employee"


A device used to change a signal (such as a bitstream) or data into a code. The code may serve any of a number of purposes such as compressing information for transmission or storage, encrypting or adding redundancies to the input code, or translating from one code to another. This is usually done by means of a programmed algorithm, especially if any part of the code is digital.


The process of preparing content for sending to viewers. Audio and video are converted to a format that matches the chosen distribution technique and attributes and is also compressed.


A cryptographic operation that is used to enhance security and protect the State’s electronic data ("data") by transforming readable information ("plaintext") into unintelligible information ("ciphertext").


Statement of approval of a product, service or individual business, person or any other non-governmental entity.


A measure of the amount of uncertainty that an attacker faces to determine the value of a secret such as a password. Entropy is usually stated in bits. See NIST 800-63 Recommendation for Electronic Authentication.


Event Participation Request Form


See "Electronic Record"


Electronically Stored Information


See "Electronic Signature"

Essential Employee

Essential employees may include, but are not limited to, those who job function is crucial to the effective operation of ITS or who must be physically present to perform their job.

Ethics Officer

Ethics Officer at the Division of Legal Affairs


Extract, Transform and Load

Explicit Indication 

A signal or alert to user(s) physically present providing notice that a collaborative computing device sensor has been activated.

External Engagement

Formal presentations, or informal discussions, delivered to non-ITS employees for the purpose of providing information regarding the agency's vision, mission, programs, services, or other ITS-related information, and/or speaking on behalf of ITS as a subject matter expert on a particular topic. This includes discussions with non-New York government entities, including federal, state, and local government organizations.

Extraordinary Circumstance

An event that may pose a health or safety risk, impacting employee's ability to report to, or remain in, the workplace. Such emergency circumstances may include building conditions, such as a fire, power outage or flood, or extreme weather conditions, such as a blizzard.




Annual statements of financial disclosure submitted to the New York State Commission on Ethics and Lobbying in Government (COELIG).


Finance Transaction Form

Fundamental Alteration

A change in the fundamental characteristic of the product, not merely a cosmetic or esthetic change.



Gender-Based Violence

Violence or threats that happen because of someone’s sex, gender, sexual orientation, gender identity or expression, or other related characteristics. Gender-based violence is an umbrella term that includes domestic violence, sex-based discrimination, sexual harassment, sexual assault, and sexual violence, and can also include stalking or human trafficking.

Generative AI

AI that is capable of generating text, images, or other media, using generative models. Generative AI models learn the patterns and structure of their input training data and then generate new data that has similar characteristics.


Guide to Financial Operations


A commercial entity that provides online software hosting with code repositories developers use to collaborate on software development projects in real-time. GitHub provides social networking features to allow developed to follow open-source projects, share code, and learn how code changes are made throughout the development process. GitHub gets its name from the open-source version control system (VCS) known as Git.


The electronic sharing of data and/or information systems between government agencies, departments, or organizations.

Guideline (NYS-P09-003)

Guidance, best practices, recommendations, or administrative instructions to perform a specific task. A guideline can be a standalone document or make a policy or standard more meaningful and effective. Compliance with a guideline is not compulsory, but strongly suggested.

Guideline (NYS-S13-001)

Non-mandatory suggested course of action.



Hardware Security Model

A physical computing device that safeguards and manages digital keys for strong authentication and provides crypto processing.


Producing hash values for accessing data or for security. A hash value (or simply hash) is a number generated from a string of text. The hash is substantially smaller than the text itself, and is generated by a formula in such a way that it is extremely unlikely that some other text will produce the same hash value. Hashes play a role in security systems where they are used to ensure that transmitted messages have not been tampered with. The sender generates a hash of the message, encrypts it, and sends it with the message itself. The recipient then decrypts both the message and the hash, produces another hash from the received message, and compares the two hashes. If they are the same, there is a very high probability that the message was transmitted intact.

Hazard Assessment

A process to identify potential hazards and analyze outcomes if a hazard occurs.


Hourly-Based Information Technology Services. The suite of OGS centralized contracts providing hourly IT consultant services.

Host Agency

The name for the ITS partner agency that physically hosts an ITS staff member.


The Hypertext Transfer Protocol (HTTP) is an application protocol for distributed, collaborative, and hypermedia information systems. HTTP is the foundation of data communication for the World Wide Web.




Infrastructure as a Service


See "Identity Assurance Level"


"Information Communication Technology"


The property of certain operations in the mathematics and computer science to be applied multiple times without changing the result beyond the initial application.

Identity Assurance Level

The degree of confidence in the vetting process used to establish the identity of the individual to whom the credential was issued, and the degree of confidence that the individual who uses the credential is the individual to whom the credential was issued.

Identity Provider

The party that manages the individual’s primary authentication credentials and issues assertions derived from those credentials. This is commonly the Credential Service Provider (CSP) as defined in the ITS Glossary.


See Identity Provider


Invitation for Bid


Inspector General

Imminent Danger

Any dangerous conditions or practices in any place of employment that could reasonably be expected to cause death or serious physical harm immediately or before the imminence of such danger can be eliminated through the enforcement procedures.


The magnitude of harm that could be caused by a threat.

Incident Command System

A standardized approach to the command, control, and coordination of emergency response, providing a common hierarchy within which responders from multiple agencies can be effective.

Incident Response

The manual and automated procedures used to respond to reported network intrusions (real or suspected); network failures and errors; and other undesirable events.

Incident Response Stakeholders

IR Stakeholders are any individuals‚ technical or non- technical, directly responding to or overseeing IR activities.

Independently Verified

Information provided by a user is verified to a source that is independent of the user (most often a trusted database) which finds that the claimed identity exists and is consistent with the identity and address information provided.

Individual Account

A unique account issued to a single user. The account enables the user to authenticate to systems with a digital identity. After a user (e.g., NYS citizen, resident, employee, or other applicable user type) is authenticated, the user is authorized or denied access to the system based on the permissions that are assigned directly or indirectly to that user.


Any communication or representation of knowledge such as facts, data, or opinions in any medium or form, including textual, numerical, graphic, cartographic, narrative, or audiovisual. An instance of an information type.

Information Communication Technology

Shall have the same meaning as set forth in 36 C.F.R. Appendix A to Part 1194, information technology and other equipment, systems, technologies, or processes, for which the principal function is the creation, manipulation, storage, display, receipt, or transmission of electronic data and information, as well as any associated content.

Information Owner

An individual or organizational unit responsible for making classification and control decisions regarding use of information.

Information Security

The concepts, techniques and measures used to protect information from accidental or intentional unauthorized access, modification, destruction, disclosure or temporary or permanent loss.

Information System

A discrete set of information resources organized for the collection, processing, maintenance, use, sharing, dissemination, or disposition of information.

Information Technology

Shall have the same meaning as set forth in 40 U.S.C. § 11101(6): (A) any equipment or interconnected system or subsystem of equipment, used in the automatic acquisition, storage, analysis, evaluation, manipulation, management, movement, control, display, switching, interchange, transmission, or reception of data or information by a State Entity, if the equipment is used by the State Entity directly or is used by a contractor under a contract with the State Entity that requires the use (1) of that equipment; or (2) of that equipment to a significant extent in the performance of a service or the furnishing of a product; (B) includes computers, ancillary equipment (including imaging peripherals, input, output, and storage devices necessary for security and surveillance), peripheral equipment designed to be controlled by the central processing unit of a computer, software, firmware and similar procedures, services (including support services), and related resources; but (C) does not include any equipment acquired by a State contractor incidental to a State contract.

Information Technology Resources

Equipment, software or services used to input, store, process, transmit, and output information, including, but not limited to, desktops, laptops, mobile devices, servers, telephones, fax machines, copiers, printers, Internet, email, and social media sites.

Inherent Risk

The probability of loss arising out of circumstances or existing in an environment in the absence of any action to control or modify the circumstances.


The property that data has not been altered or destroyed from its intended form or content in an unintentional or an unauthorized manner.

Interested Party

A participant in the procurement process and those who are a participant in the procurement process and those who participate in the procurement process which has been foreclosed by the actions of ITS.

Internal Control

A process, effected by an entity's board of directors, management, and other personnel, designed to provide reasonable assurance regarding the achievement of objectives relating to operations, reporting, and compliance.

Internal Engagement

Presentations or meetings with ITS partner agencies to unveil major new services or projects, presenting service offerings to potential new agency clients, or formal presentations with ITS business partners (e.g., vendors) about any major new or changing ITS service or project.


Shall have the same meaning as defined in State Technology Law, Section 202. This shall mean a system of linked computer networks, international in scope, that facilitate DATA transmission and exchange.

Internet Protocol Address

A numerical identifier assigned either to a user's Internet service provider or directly to a user's computer.


The ability of computer systems or software to exchange and make use of information.

IP Address

See "Internet Protocol Address"


Information Security Officer


Information Technology Business Management

ITS Consultant

Refers to any individual who performs services for ITS and/or its customers pursuant to a contract with ITS.

ITS Employee

See "ITS State Employee"


IT Service Management

ITS State Employee

Any employee, contractor, or consultant who works for ITS in any capacity, regardless of the employee's bargaining unit, employment location, and employment status.

ITS Staff Member

Any full-time, part-time, seasonal, per diem employee or contractor working for ITS; or an applicant for a full-time, part-time, seasonal, per diem, or contractor position at ITS.




Job Access with Speech


JavaScript Object Notation. An open-standard file format that uses human-readable text to transmit data objects consisting of attribute-value pairs and array data types or any other serializable value.



Knowledge-Based Verification (KBV)

Identity verification method based on knowledge of private information associated with the claimed identity. This is often referred to as knowledge-based authentication (KBA) or knowledge-based proofing (KBP).



Large Language Models

A large language model, or LLM, is a deep learning algorithm that can recognize, summarize, translate, predict, and generate text and other forms of content based on knowledge gained from massive datasets.


Leave and Accrual Tracking System - New York


Local Department of Social Services

Least Functionality

Configuring information systems to provide only essential functions and limit component functionality needed to perform their principal tasks and no more.

Least Privilege

Granting users, programs or processes only the access they specifically need to perform their business task and no more.






Minority or Women-Owned Business Enterprises

Machine Learning

A type of artificial intelligence that gives computers the ability to learn without being programmed by humans.


Minority-Owned Business Enterprise


See "Aircard/MiFi"

Mission Essential Function

An agency or business unit function that must be continued throughout, or resumed rapidly after, a disruption of normal activities because they enable the organization to provide vital services or allow it to function.

Mobile Device

A computing device in a small portable form factor that has at least one network connection interface, non-removable and/or removable storage, and is portable, including but not limited to smartphones, Personal Digital Assistants (PDAs), tablets, laptops, smart watches and wearable devices.

Multi-Factor Authentication

Using more than one of the following verification factors to authenticate to a system:                       
Something you know (e.g., user-ID, password, personal identification number (PIN), or passcode)                       
Something you have (e.g., a one-time password authentication token, ‘smart card’)                       
Something you are (e.g., fingerprint, retina scan)




Network Attached Storage

Natural Language Processing

Allows computers to understand the structure and meaning of spoken or written human language, allowing users to interact with the computer using natural sentences.

Network Time Protocol

An internet standard protocol that is used to synchronize computer clock times in a network of computers. NTP uses UTC to synchronize computer clock times to a millisecond, and sometimes to a fraction of a millisecond.


Network File System


National Institute of Standards and Technology


A value used in security protocols that is never repeated with the same key. For example, nonces used as challenges in challenge- response authentication protocols must not be repeated until authentication keys are changed. Otherwise, there is a possibility of a replay attack. Using a nonce as a challenge is a different requirement than a random challenge, because a nonce is not necessarily unpredictable.

Non-State Personnel

Any individual who is not employed by ITS or another state entity.


NYS Contract Reporter. The official publication for NYS procurement activity, including competitive procurement opportunities.


NYS Industries for the Disabled

NYS Private Cloud

The NY State Private Cloud is a framework of services that provide New York State entities with secure technology services and solutions.


NYS Preferred Source Program




Open Authorization. An open standard for the token-based authentication and authorization on the internet.


Office of Children and Family Services


An individual, bidder, or entity who has submitted an offer in response to a solicitation for commodities or services issued by ITS.

Official Records

Records required to be kept pursuant to Arts and Cultural Affairs Law, Section 57.05, and 8 NYCRR Part 188.

Official Work Site

The employee's official office. This is also known as the official workstation or the usual and customary work address.


Office of General Services

Online Service

A service accessed via the Internet or other networks which provides access to citizens, businesses, business partners, other State Entities, local government entities, and the State workforce.



Open Market Purchase

A purchase made from a seller that does not have a state or agency contract for the commodity or service being bought.

Open-Source AI Systems

AI software that is available for anyone to use, modify, and distribute, and the source code of the software is publicly accessible, and anyone can contribute to its development.

Open Standard

A standard that is openly accessible and usable by anyone. Typically, anybody can participate in their development due to their inherently open nature.

Order of Protection (OP)

An order issued by any court to limit the behavior of someone who harms or threatens to harm another person. Orders of protection may direct the offending party not to injure, threaten, or harass the victim, their family, or any other person(s) listed in the order and may include, but are not limited to ordering him/her/them to stay away from the home, school, business, or place of employment of the victim; vacate a shared residence; abide by any active orders of custody and visitation; and surrender any firearms.

Orders of Succession

Plan that pre-identifies who will step in if personnel in leadership positions are unavailable.


Office of the State Comptroller


Open Source Software


Operational Services Unit


Office of Temporary and Disability Services


All positions allocated or equated to salary grades 22 and below are deemed to be eligible to receive overtime compensation. Employees authorized or required to work more than 40 hours in any week in their regular position or in a title allocated to the same salary grade, shall receive compensation for the hours worked in excess of 40 hours in each week at one and one-half times the hourly rate of pay.




Platform as a Service


The process of dividing a document into discrete electronic or printed pages.

Password Expiration

The frequency in which a user is required to choose a new password (i.e., forced to change the password after x days).

Patch Management

Vulnerabilities that can be addressed by a software or firmware update (patch) and applies to all software used on NYS systems.


Project-Based Information Technology Services. The suite of OGS centralized contracts that provide deliverable-based IT services.


See "Procurement Card"


Public Employees Federation

Penetration Testing

Test of the overall strength of an SE’s defenses (technology, processes, people) by simulating the objectives and actions of an attacker.


Public Employment Relations Board


A device or component associated with a workplace device, used to input/output data from a workplace device. Examples of peripherals include keyboard, mice, and LCD displays.

Perpetrator. or Abusive Partner, or Person Who Causes Harm 

A person who commits or threatens to commit coercive or violence acts, which may include, but is not limited to, physical, psychological, sexual, economic, and/or emotional abuse against a victim.

Persistent Cookie

A cookie that remains on the user's computer.

Personal Information

Any information concerning a natural person which, because of name, number, symbol, personal mark, or other identifier, can be used to identify that natural person.

Personal, Private or Sensitive Information

Any information where unauthorized access, disclosure, modification, destruction, or disruption of access to or use of such information could severely impact the SE, its critical functions, employees, customers, third parties, or New Yorkers. This term shall be deemed to include, but is not limited to:                       
Personal information;                       
Private information;                       
Information that identifies specific structural, operational, or technical information of the State's Critical Infrastructure, such as maps, mechanical or architectural drawings, floor plans, operational plans or procedures, training and security procedures, descriptions of technical processes and technical architecture, plans for disaster recovery and business continuity;                       
Reports, logs, surveys, or audits that contain sensitive information;                       
Security-related information (e.g., vulnerability reports, risk assessments, security logs); and,                       
Other information that is protected from disclosure by law or relates to subjects and areas of concern as determined by SE executive management.

Physical and Environmental Security

Measures taken to protect systems and physical infrastructure against threats associated with their physical environment. Physical and environmental security controls include the following broad areas:                       
The facility's general geographic operating location determines the characteristics of natural threats, such as earthquakes and flooding; threats made by people such as burglary, civil disorders, or interception of transmissions and emanations; and damaging nearby activities, including toxic chemical spills, explosions, fires, and electromagnetic interference from emitters, such as radars.                       
Supporting facilities are those services, both technical and human, that underpin the operation of the system. The system's operation usually depends on supporting facilities such as electric power, heating and air conditioning, and telecommunications. The failure or substandard performance of these facilities may interrupt operation of the system and may cause physical damage to system hardware or stored data.

Physical Infrastructure

A generic description of any area containing non-end-user IT equipment and subsidiary hardware, including but not limited to:                       
Communications equipment;                       
Printing facilities;                       
Media libraries; and,                       
Wiring closets.


Purchase Order

Policy (1)

A prescribed or proscribed course of action or behavior which is to be followed with respect to the acquisition, deployment, implementation or use of information technology resources.

Policy (2)

A formal, high-level statement that outlines an organization's general beliefs, values, goals, objectives, and expectations for a specified subject area. Compliance with a policy is required.

Policy maker

An ITS employee who holds a policy-making position, as annually determined by ITS and available upon request to the Ethics Officer.

Pop-Up Ad

Type of window that appears on top of (over) the browser window of a website that a user has visited. In contrast to a pop-under ad, which appears behind (in back of) the browser window, a pop-up is more obtrusive as it covers other windows, particularly the window that the user is trying to read. Pop-up ads are used extensively in advertising on the web.

Portable Storage Device

A storage device that is capable of being physically transported, including but not limited to USB/flash drives/thumb drives, external hard drives, tapes, CDs, DVDs and cameras.


The classic intranet portal site functions as an informational hub (i.e., topical tree listing of sites combined with a search engine), aggregating links that connect the portal's constituency of visitors to related information sources. Portals are typically positioned as starting points for users. Private sector examples include Google and Yahoo.


A server that offers access to one or more applications through a single centralized interface that provides authentication (e.g., web-based portal, virtual desktop interface (VDI)).


See "Personal, Private, Sensitive Information"


Purchase Requisition

Preferred Source

An organization providing commodities or services that NYS law has accorded the priority for state agency purchases. For example, to advance special social and economic goals, the NYS Preferred Source Program for People Who are Blind (NYSPSP), the NYS Industries for the Disabled (NYSID) and Corcraft have been designated as preferred sources.


Procurement Request Form

Primary Mission Essential Function

Any function performed by the organization that meets one or more of the following criteria: A function that is required to be completed by law/ordinance; A function that is required to be completed `by directive/executive order; and/or A function that is required to be completed based on critical health and safety.

Private Information

As defined in State Technology Law, shall mean personal information in combination with any one or more of the following data elements, when either the personal information or the data element is not encrypted or encrypted with an encryption key that has also been acquired: (1) social security number; (2) driver's license number or non-driver identification card number; or (3) account number, credit or debit card number, in combination with any required security code, access code, or password which would permit access to an individual's financial account. Private information does not include publicly available information that is lawfully made available to the general public from federal, state, or local government records.

Private Key

A cryptographic key kept secret or known only by the holder. Private keys can be used to create e-signatures or decrypt messages or files. The same private key used to sign should not be used to decrypt.

Privileged Account

An account which provides increased access and requires additional authorization. Examples include a network, system or security administrator account.


A set of administrative instructions for implementation of a policy or standard.

Procurement Card

A credit card issued to NYS employees for use in purchasing goods and services for official use by a state agency.


Shall include, without limitation, when solicited from a vendor in State government contract, RFP, IFB, or mini-bid, any piece or component of equipment, hardware, firmware, middleware, custom or commercial software, or internal components or subroutines therein which perform any date/time data recognition function, calculation, comparing or sequencing. Where services are being furnished, e.g., consulting, systems integration, code or data conversion or data entry, the term "Product" shall include resulting deliverables.

Project Sunlight

An initiative which authorized the creation of an online database ( where the public can access to see the names of individuals and entities interacting with government decision makers, and imposes reporting requirements on certain state employees ("covered employees").

Proof of Value

An ITS Proof-of-Value (POV) is a formal evaluation of an un-procured technology to demonstrate that the technology has practical potential to fill a business need.

Proprietary Information

Material and information relating to or associated with a company's products, business, or activities, including but not limited to financial information; data or statements; trade secrets; product research and development; existing and future product designs and performance specifications; marketing plans or techniques; schematics; client lists; computer programs; processes; and know-how that has been clearly identified and properly marked by the company as proprietary information, trade secrets, or company confidential information. The information must have been developed by the company and not be available to the government or to the public without restriction from another source.


A written challenge by an interested party to a contract award made by ITS.


Professional, Scientific and Technical Services Unit


Procurement Services Group

Public Authority

For purposes of this standard, the definition of a public authority is defined in POL, Section 103, as a public authority or public benefit corporation created by or existing under any State law, at least one of whose members is appointed by the Governor (including any subsidiaries of such public authority or public benefit corporation), other than an interstate or international authority or public benefit corporation.

Public Key Infrastructure (PKI)

The architecture, organization, techniques, practices, and procedures that collectively support the implementation and operation of a certificate-based asymmetric or public key cryptographic system. The PKI consists of systems that collaborate to provide and implement e-signatures, encryption, and authentication services.




See "Registration Authority"


In terms of sexual harassment, it is the person who is the object of the behavior who defines it as sexual harassment. An observer (co-worker, supervisor, or manager) may also find the behavior inappropriate or offensive. This is known as third-party harassment. The recipient or harasser can also be a non-employee. For example, if a visitor or a person who provides services to ITS harasses someone at the workplace, this is sexual harassment, which should be reported. When ITS becomes aware that a non-employee is involved in sexual harassment, the agency will take appropriate action.

Recovery Point Objective

The measure of how much information is lost as a result of the disaster. This is information that had been updated and/or captured during normal operations but had not been protected through the off-site storage process before the disaster.

Registration Authority

A trusted entity that establishes and vouches for the identity of an applicant to a CSP. The RA may be an integral part of a CSP, or it may be independent of a CSP, but it has a relationship to the CSP(s).


A new credential is created with a new identity and/or a new token. For example, a password token is re-issued by having the user select a new password.

Relying Party

An entity that relies upon the claimant’s token and credentials or a verifier's assertion of a claimant’s identity, typically to process a transaction or grant access to information or a system.

Remote Access

The ability to access non-public computing resources from locations other than the State’s internal network.

Remote System Control

Controlling a system remotely from a location other than the State’s internal network.


The usage or validity period of the token and credential is extended without changing the token or re-verifying the user's identity. Examples of tokens that would be renewed or extended include hard tokens, out of band tokens, one-time passwords, and soft tokens.

Residual Risk

Risk that remains after all mitigation efforts and IT security measures are applied.


Representational State Transfer. REST services are a way of providing interoperability between computer systems on the internet. REST-compliant web services allow requesting systems to access and manipulate textual representations of web resources using a uniform and predefined set of stateless operations.

Restraining Order

See "Order of Protection"

Retaliatory Action

The discharge, suspension, demotion, penalization, or discrimination against any employee, or other adverse employment action taken against an employee in the terms and conditions of employment.


Request for Proposal


Request for Quote


The possibility of an event occurring that will have an impact on the achievement of objectives. Risk is measured in terms of impact and likelihood.

Risk Assessment

The process of identifying threats to information or information systems, determining the likelihood of occurrence of the threat, and identifying system vulnerabilities that could be exploited by the threat.

Risk Management

A process that includes taking actions to assess risk and avoid or reduce risk to acceptable levels.




Small Business Enterprises


See "Standby/On-Call"


State Budget Request


Service-Disabled Veteran-Owned Business


See "State Entity"

Secure Coding 

Coding practices to avoid the occurrence of common coding vulnerabilities and to be resilient to high-risk threats before being deployed in production.

Secure Sockets Layer (SSL)

An older version of the TLS proto.

Security Level

The degree of trust that is associated with a user account, based upon Identification method; one of the attributes of a user account.


A measure of the importance assigned to information by its owner, for the purpose of denoting its need for protection.

Serious Physical Harm

Physical injury which creates a substantial risk of death, or which causes death or serious and protracted disfigurement, protracted impairment of health, protracted loss or impairment of the function of any bodily organ, or a sexual offense as defined in Article 130 of the Penal Law.


A mechanism to enable access to one or more business capabilities where the access is provided using a prescribed interface and is exercised consistent with constraints and policies as specified by the service description.

Service Consumer

An entity that seeks to satisfy a particular need through the use of capabilities offered by means of a service.

Service Orientated Architecture (SOA)

A set of principles and methodologies for designing and developing software in the form of interoperable services. These services are well-defined business functions that are built as software components (i.e., discrete pieces of code and/or data structures) that can be reused for different purposes.

Service Set Identifier (SSID)

The name assigned to a Wi-Fi (wireless) network. All devices in the network must use this name to communicate over Wi-Fi.

Session Cookie

A cookie that is erased during browser operation or when the browser is closed.

Set Schedule

Approved hours and days worked in a pay period.

Sexual Harassment

Consistent with the New York State Human Rights Law, unwelcome conduct which is either of a sexual nature, or which is directed at an individual because of that individual’s sex when:                       
Such conduct has the purpose or effect of unreasonably interfering with an individual’s work performance or creating an intimidating, hostile, or offensive work environment, even if the reporting individual is not the intended target of the sexual harassment;                       
Such conduct is made either explicitly or implicitly a term or condition of employment; or,                       
Submission to or rejection of such conduct is used as the basis for employment decisions affecting an individual’s employment.


Statewide Financial System

Shared Account

Any account where more than one person knows the password and/or uses the same authentication token. Use of shared accounts is only allowed when there is a system or business limitation preventing use of individual accounts. These cases must be documented by the information owner and reviewed by the Information Security Officer (ISO)/ designated security representative.

Significant Change

Includes but is not limited to:                       
Adding/deleting/modifying features/functionality to existing systems;                       
Substantial redesign of the existing system or environment; or,                       
Other modifications that could substantially affect the system security. Exclusions include, but are not limited to changes to wording, adding links to an outside site, adding a document to a web site, installing vendor supplied security patches to the underlying software or operating system, uploading data to the database.

Single-Factor Authentication

Using one of the following to authenticate to a system:                       
Something you know (e.g., user-ID, password, memorized personal identification number (PIN), or passcode)                       
Something you have (e.g., a one-time password authentication token, 'smart card')                       
Something you are (e.g., fingerprint, retina scan)

Single Source

A type of procurement in which two or more vendors can supply the required commodity or service, yet the state NYS agency has decided to award a contract to one vendor.

Smart Card

A hardware token that incorporates one or more integrated circuit (IC) chips to implement cryptographic functions and possesses some inherent resistance to tampering.


A mobile phone that performs many of the functions of a computer, typically having a touchscreen interface, internet access, and an operating system capable of running downloaded applications. The use of a smartphone requires a data plan.


Subject Matter Expert


See "Service Oriented Architecture"


Simple Object Access Protocol. A protocol specification for exchanging structured information in the implementation of web services in computer networks. Its purpose is to induce extensibility, neutrality, and independence. It uses XML Information Set for its message format, and relies on application layer protocols, most often Hypertext Transfer Protocol (HTTP) or Simple Mail Transfer Protocol (SMTP), for message negotiation and transmission.

Social Media

Media that is created to be shared freely across different web publishing platforms.

Sole Source

A type of procurement in which only one vendor can supply the required commodity or service and where the state agency has awarded a contract to that one vendor.

Sound Mixer

A device which takes two or more audio signals, mixes them together and provides one or more output signals.


Spend Plan ID number


Logo, graphic, text, sound, video or any other identifier recognizing an individual business, person or any other non-governmental entity in exchange for donation of services, support, underwriting a project, etc.


See "Service Set Identifier"


Sets of rules for implementing policy. Standards make specific mention of technologies, methodologies, implementation procedures and other detail factors.


Employees with certain expertise available for immediate recall to work in support of operating needs. These employees must be prepared to return to duty within a limited period and are considered on standby or on call.


State of New York.

State Chief Information Officer

See "CIO"

State Entity

Any entity that falls within the definition of "State Government" entities as defined in Executive Order 117 or "State Agencies" as defined in Section 101 of the State Technology Law.

State Government Entity

See "State Entity"

State Labor Law, Section 27-b

Known as "The Workplace Violence Protection Act", a specific section of State Labor Law regarding the duty of public employers to evaluate the risk of workplace assaults and homicides and to develop and implement programs to prevent and minimize workplace violence.

State Vehicle

A vehicle owned by a State agency or authority or leased or rented by a State agency or authority for official business.

Stay-Away Order

See "Order of Protection"


An individual responsible for day-to-day management or supervision of a User.

Synchronized Text Captioning

Text transcript that is synchronized or coordinated in time with the audio and video track (also referred to as synchronized text captions).


An interconnected set of information resources under the same direct management control that shares common functionality. A system normally includes hardware, software, applications, and communications.




A tablet is a wireless touch screen personal computer (PC) that is smaller than a notebook/laptop but larger than a smartphone. Modern tablets are built with wireless Internet or local area network (LAN) connectivity and a variety of software applications, including business applications, and Web browsers. A tablet may be used 1) with a data plan or 2) without a data plan by connecting it to a LAN, tethering it to a smartphone, or connecting it to a Wi-Fi or MiFi device.


Tenant Alteration Request

Target Implementation Environment

The deployment environment in which the new or modified system is installed or fielded for use by a defined set of users after system acceptance has been completed. This is often referred to as the "production" environment.


Science of classification according to a predetermined system, with the resulting catalog used to provide a conceptual framework for discussion, analysis, or information retrieval.

TBM Counsel

The TBM Council is a nonprofit professional organization dedicated to advancing the discipline of technology business management (TBM). TBM provides technology leaders with standards and validated best practices to communicate the cost, quality, and value of IT investments to their business partners. In turn, IT is able to drive innovation for their organization. The TBM Council and its community focus on collaboration, standardization, and education to advance TBM and the IT profession.


Travel Card


Employees who have been approved to participate in the Telecommuting Program.


An alternate work arrangement that allows employees to conduct all or some of their work away from the official work site.

Telecommuting Application

A document completed by the employee requesting to become an approved telecommuter.


A potential circumstance, entity or event capable of exploiting vulnerability and causing harm. Threats can come from natural causes, human actions, or environmental conditions. A threat does not present a risk when there is no vulnerability.


Something that a user possesses and controls (typically a key or password) used to authenticate the user’s identity. A token incorporates one or more of the three factors of authentication: something you know (e.g., user-ID, password, personal identification number (PIN), or passcode); something you have (e.g., a one-time password authentication token, ‘smart card’); or something you are (e.g., fingerprint, retina scan).


"Terms of Service"

Transport Layer Security (TLS)

A network protocol provides communications security over the Internet. The protocol allows client/server applications to communicate in a way that is designed to prevent eavesdropping, tampering, or message forgery.

Trusted Party

An entity with which the State Entity has established a business relationship through a service level agreement, memorandum of understanding, contract or other comparable mechanism. For purposes of this standard, the trusted party must be evaluated and accepted per the NYS Federation/Partner Process.


A secure communication channel through which information can be transmitted between networks (e.g., Virtual Private Network [VPN])



Undue Burden

Significant difficulty or expense. In determining whether an action would result in an undue burden, state government entities must consider all resources available for use in the funding and operation of the service, program, or activity.


To insert rows into a database table if they do not already exist or update them if they do.


Uniform Resource Identifier. A string of characters used to identify a resource. Such identification enables interaction with representations of the resource over a network, typically the web, using specific protocols.


Uniform Resource Locator, colloquially termed a web address, is a reference to a web resource that specifies its location on a computer network and a mechanism for retrieving it. A URL is a specific type of Uniform Resource Identifier (URI), although many people use the two terms interchangeably.


Shall have the same meaning as defined in State Technology Law, Section 202. This shall mean any natural person who uses the internet to access a state agency website.


Coordinated Universal Time




An entity that verifies the claimant’s identity by verifying the claimant’s possession and control of one or two authenticators using an authentication protocol. 

Victim of Domestic Violence

Any person over the age of sixteen, any married person, or any parent accompanied by his or her minor child or children in situations in which such person or such person’s child is a victim of an act which would constitute a violation of the penal law, including, but not limited to, acts constituting disorderly conduct, harassment, aggravated harassment, sexual misconduct, forcible touching, sexual abuse, stalking, criminal mischief, menacing, reckless endangerment, kidnapping, assault, attempted assault, attempted murder, criminal obstruction of breathing or blood circulation, or strangulation, identity theft, grand larceny, or coercion; and                       
Such act or acts have resulted in actual physical or emotional injury or have created a substantial risk of physical or emotional harm to such person or such person’s child; and                       
Such act or acts are or are alleged to have been committed by a family 0r household member. “Family or household members” mean the following individuals:                       
Persons related by consanguinity or affinity (blood or a person’s relation to blood relatives of their spouse                       
Persons legally married to one another                       
Persons formerly married to one another regardless of whether they still reside in the same household                       
Persons who have a child in common regardless of whether such persons are married or have married or have lived together at any time                       
Unrelated persons who are continually or at regular intervals living in the same household or who in the past continually or at regular intervals lived in the same household                       
Persons who are not related by consanguinity or affinity and who are or have been in an intimate relationship regardless of whether such persons have lived together at any time. Factors that may be considered in determining whether a relationship is an “intimate relationship” include, but are not limited to: the nature or type of relationship, regardless of whether the relationship is sexual in nature; the frequency of interaction between the persons; and the duration of the relationship. Neither a casual acquaintance nor ordinary fraternization between two individuals in business or social contexts shall be deemed to constitute an “intimate relationship”                       
ITS-P08-004, page 16 of 17                       
Any other category of individuals deemed to be a victim of domestic violence as defined by the Office of Children and Family Services in regulation. “Parent” means a natural or adoptive parent or any individual lawfully charged with a minor child’s care or custody.


Includes, but not limited to, family members, friends, children, customers, vendors, and/or professional colleagues who would not otherwise have physical access to the building.

Visual Inspection 

Inspection of valid current photo ID that contains the applicant’s picture and either address of record or nationality (e.g., driver’s license or Passport). Inspection will include comparing picture to applicant and recording ID number, address and date of birth.


Voluntary Reduction in Work Schedule


Vendor Sourcing and Management Organization


A weakness that can be accidentally triggered or intentionally exploited.




Women-Owned Business Enterprise


"Web Content Accessibility Guidelines"

Web Browser

A software application for retrieving, presenting, and traversing information resources on the World Wide Web. Although browsers are primarily intended to use the World Wide Web, they can also be used to access information on private networks. Examples of web browsers are Microsoft Edge, Google Chrome, Firefox, and Safari.


A broadcast produced in one location and transmitted to any PC or video-capable device connected to the internet.


Workflow Administrator

White Balance

A setting in a camera that compensates for the differences in color temperature of the surrounding light. In both analog and digital electronic cameras that use CCD and CMOS sensors to capture the image, the white balance must be adjusted to ensure that all colors in the scene will be represented faithfully. It can be adjusted automatically by the camera, by selecting presets (tungsten, fluorescent, etc.) or by aiming the lens at a totally white surface (the white card) and selecting "lock white balance." Alternatively, a gray card with 18% gray is sometimes used.

Wireless Local Area Network (WLAN)

A group of wireless networking nodes within a limited geographic area that serve as an extension to existing wired local area networks, and which are based on the IEEE 802.11 standard and its amendments.

Wireless Technology

Technology that permits the transfer of information between separated points without physical connection. Currently wireless technologies use infrared, acoustic, radio frequency, and optical.


See "Wireless Local Area Network"


State employees, and other persons, whose conduct, in the performance of work for the state entity, is under the direct control of state entity, whether or not they are paid by the state entity.


Any permanent or temporary location away from an employee's domicile where an employee performs any work-related duty in the course of employment.

Workplace Device

An IT hardware device, connected to a State or third-party network, used to access applications.


Workplace Services

Workplace Violence

Any physical assault or acts of aggressive behavior occurring where a public employee performs any work-related duty in the course of their employment, including but not limited to:                        
An attempt of threat, whether verbal or physical, to inflict physical injury upon an employee;                       
Any intentional display of force which would give an employee reason to fear or expect bodily harm;                       
Intentional and wrongful physical contact with a person without their consent that entails some injury, and                       
Stalking an employee with the intent of causing fear of material harm to the physical safety and health of such employee when stalking has arisen through and in the course of employment.                




Extensible Markup Language. A markup language that defines a set of rules for encoding documents in a format that is both human readable and machine readable.

Contact Information

Questions concerning this glossary may be directed to the New York State Office of Information Technology Services by e-mailing [email protected].

Back To Top