devguard
Collections

Definitions

Definitions provide clarity and context by breaking down concepts into clear, concise terms, ensuring consistent usage and understanding across your policies, risks, or frameworks.

Overview

Common examples include API Rate Limiting (the practice of controlling the number of requests a user can make to an API within a specific time period), Data Controller (the entity that determines the purposes and means of processing personal data), and Business Continuity (the capability to continue operations during and after a disruptive incident). Definitions can be coupled with acronyms to provide complete clarity when abbreviated forms are used.

Core Functionality

We provide a central place to store definitions with clear explanations and context, ensuring accurate and consistent usage of terms throughout your organization. Each definition supports easy linking and referencing by acronyms and documentation, creating a unified source of truth for your internal and external communications.

Users can search definitions and find related associations. Definitions can be referenced by acronyms and other modules, ensuring clarity across all areas where terms are used.

Changes to definitions are instantaneous, ensuring all references are updated automatically within policies or reports. The system tracks changes through the audit log.

Fields Explained

FieldDescriptionExample
NameThe term or concept being definedCloud Connector
SlugUnique identifier for referencing definitionscloud-connector
ExplanationDetailed explanation and usage guidance (optional)A lightweight agent enabling secure connections to customer infrastructure.

Export and Import

Acronyms can be exported and imported from the platform. An export will provide a CSV with all information, including related and meta data. The import does not required all fields. The following is an example of a minimal CSV file:

definitions.csv
slug,name,explanation
api-rate-limiting,API Rate Limiting,The practice of controlling the number of requests a user can make to an API within a specific time period to prevent abuse and ensure service availability
data-controller,Data Controller,The entity that determines the purposes and means of processing personal data under data protection regulations
business-continuity,Business Continuity,The capability of an organization to continue operations and deliver products or services during and after a disruptive incident
encryption-at-rest,Encryption at Rest,The protection of data stored on disk or in databases through cryptographic methods to prevent unauthorized access
zero-trust,Zero Trust,A security model that requires strict identity verification for every person and device attempting to access resources regardless of their location
incident-response,Incident Response,The organized approach to addressing and managing the aftermath of a security breach or cyberattack

Best Practices

  • Use clear, concise language understandable to non-experts.
  • Align definitions with industry standards when possible.
  • Provide context for terms with potential multiple meanings.
  • Regularly review and update definitions to maintain accuracy.
  • Link acronyms to their definitions where applicable for additional clarity.

For example, definitions frequently used across teams include:

  • Cloud ConnectorA lightweight agent enabling secure connections to customer infrastructure.
  • Risk MatrixA structured tool for assessing and visualizing risk likelihood and impact.
  • ControlA safeguard or countermeasure used to manage or mitigate risks.

Our platform ensures that when terms are used, their definitions are clear, consistent, and contextually appropriate across all modules and communications.

How is this guide?

On this page