Glossary

Term	Definition
IT infrastructure	The IT infrastructure includes all tangible and intangible components that enable the operation of IT.
Social engineering	In social engineering, attackers try to tap into the identities of employees or customers and, by addressing them directly, e.g. with the name of the supervisor, get the user to open an external link or download a file that contains malware and enables an intrusion into the systems. Social engineering is considered the greatest security risk for companies and administrations and has often led to major data thefts in the past.
Digital sovereignty	An individual or institution is able to exercise its role(s) in the digital world independently, self-determined and securely.
Digital immunity	The digital immune system protects applications, products and systems by combining different technologies and practices.
Vulnerability management	Vulnerability management is a part of risk management and means identifying and closing the security gaps in the IT infrastructure and software systems.
open-source	Literally translated, "open source" means "open source" and means that the source code of an application has been published and may be viewed, modified, further developed and usually used free of charge by third parties.
Governance, Risk and Compliance (GRC) requirements	The terms governance, risk and compliance refer to requirements that are important for your administration. Governance describes policies, guidelines, standards and work instructions, but also processes and architectures. Risk stands for risk management as risk analyses, risk assessments and risk treatment. Compliance refers to audit planning, preparation and implementation as well as controls and follow-up of measures and concepts.
ISMS	Information Security System