Glossary for Stakeholders
PT CPI documentation uses the full term (abbreviation) format—e.g. Statement of Work (SOW)—so non-technical readers can follow the partnership flow.
Contract, legal, and procurement
Section titled “Contract, legal, and procurement”| Term | Brief meaning | Who typically cares |
|---|---|---|
| Statement of Work (SOW) | Scope of work, deliverables, milestones, completion criteria, assumptions | Sponsor, procurement, legal |
| Master Service Agreement (MSA) | Long-term umbrella agreement between vendor and client | Legal, procurement |
| Non-Disclosure Agreement (NDA) | Confidentiality agreement before sharing sensitive data | Legal |
| Data Processing Agreement (DPA) | Rules for processing personal data (e.g. General Data Protection Regulation (GDPR)/Personal Data Protection (PDP)) | Legal, compliance |
| Purchase Order (PO) | Client internal purchase document authorizing spend | Procurement, finance |
| Service Level Agreement (SLA) | Service level commitments (response, uptime, etc.) | Sponsor, operations |
| Time and Materials (T&M) | Billing model based on actual hours/materials | Finance, procurement |
Roles and collaboration
Section titled “Roles and collaboration”| Term | Brief meaning |
|---|---|
| Responsible, Accountable, Consulted, Informed (RACI) | Matrix of who does the work, who decides, who is consulted, who is informed |
| Key Performance Indicator (KPI) | Primary business success metrics (latency, availability, revenue, etc.) |
Cloud and platform
Section titled “Cloud and platform”| Term | Brief meaning |
|---|---|
| Google Cloud Platform (GCP) | Google cloud platform (compute, data, AI, etc.) |
| Google Kubernetes Engine (GKE) | Managed Kubernetes service on Google Cloud Platform (GCP) |
| Identity and Access Management (IAM) | Who may access which cloud resources |
| Infrastructure as Code (IaC) | Infrastructure defined as code (review, versioning, automation) |
| Internal Developer Platform (IDP) | Internal “product” so developer teams deploy to the same standards |
| Financial Operations (FinOps) | Discipline for managing and optimizing cloud cost |
| Total Cost of Ownership (TCO) | Total cost estimate (not only licenses, including operations) |
Engineering, security, and data
Section titled “Engineering, security, and data”| Term | Brief meaning |
|---|---|
| Development, Security, and Operations (DevSecOps) | Security built into development and operations, not only at the end |
| Software Development Life Cycle (SDLC) | Stages of building software (design, build, test, release, operate) |
| Continuous Integration and Continuous Delivery (CI/CD) | Automation of build, test, and deploy |
| Software Bill of Materials (SBOM) | List of components/libraries in software (for security audit) |
| Cloud-Native Application Protection Platform (CNAPP) | Security tooling for cloud workloads (example partner: Wiz) |
| User Acceptance Testing (UAT) | Testing by business owners before go-live |
| Architecture Decision Record (ADR) | Short record of why an architecture decision was made |
| High-Level Design (HLD) | High-level architecture overview |
| Low-Level Design (LLD) | Implementation technical detail |
| Site Reliability Engineering (SRE) | Practices for reliable production systems |
| Recovery Time Objective (RTO) | Target time to restore after disruption |
| Recovery Point Objective (RPO) | Target acceptable data loss |
| Disaster Recovery (DR) | Plan to recover from major failure/disaster |
| Machine Learning (ML) / Machine Learning Operations (MLOps) | Artificial intelligence models in production with controlled process |
| Business Intelligence (BI) | Reports and dashboards for business decisions |
Regulation (Indonesia & industry)
Section titled “Regulation (Indonesia & industry)”| Term | Brief meaning |
|---|---|
| Otoritas Jasa Keuangan (OJK) | Indonesian financial services authority |
| Payment Card Industry (PCI) | Security standard for payment card data |
Next steps
Section titled “Next steps”Getting started Start a partnership with PT CPI.