Your Guide to Essential IT and Cloud Terminology our IT Industry Glossary

Whether you’re navigating a cloud migration, planning your cybersecurity strategy, or exploring automation and AI, having a solid grasp of industry terminology can significantly improve communication, decision-making, and overall confidence when dealing with technical stakeholders or service providers.

Our Industry Glossary is a comprehensive reference guide that breaks down the complex and often jargon-filled world of IT and cloud computing into clear, accessible definitions. Covering everything from cloud service models like SaaS, IaaS and PaaS, to advanced topics such as Kubernetes, Zero Trust Security, DevSecOps, and quantum computing, this glossary provides the foundational knowledge you need to stay informed and in control.

It’s a valuable tool for business leaders, IT professionals, procurement managers, and anyone involved in digital transformation or infrastructure planning. With over 100 expertly explained terms, our glossary supports better collaboration across departments, more effective vendor discussions, and a deeper understanding of the technologies driving innovation and operational excellence.

Whether you’re reviewing proposals, developing strategy, or simply trying to keep pace with change, our glossary will help you speak the language of modern IT with clarity and confidence.

Get in touch

Glossary of Terms

  1. Cloud Computing – The delivery of computing services—including servers, storage, databases, networking, software, analytics, and intelligence—over the internet (“the cloud”), offering flexibility and cost-efficiency.

  2. SaaS (Software as a Service) – A cloud service model in which software applications are hosted and managed by a provider and made available to customers over the internet.

  3. IaaS (Infrastructure as a Service) – A cloud computing service model that provides virtualised computing resources over the internet on a pay-as-you-go basis.

  4. PaaS (Platform as a Service) – A cloud computing model that offers a platform allowing customers to develop, run and manage applications without the complexity of building and maintaining infrastructure.

  5. FaaS (Function as a Service) – A cloud computing model where individual functions of an application are hosted and executed in a serverless environment, billed only for the compute time consumed.

  6. Hybrid Cloud – A computing environment that combines on-premises infrastructure, private cloud services, and a public cloud, allowing data and applications to be shared between them.

  7. Public Cloud – Cloud services offered by third-party providers over the public internet, available to anyone who wishes to purchase them.

  8. Private Cloud – Cloud computing services dedicated to a single organisation, offering greater control and security through a customised environment.

  9. Multi-Cloud – The use of multiple cloud computing and storage services in a single heterogeneous architecture, often from different providers to optimise performance or cost.

  10. Virtualisation – The process of creating a virtual (rather than actual) version of something, such as a server or storage device, thereby increasing resource efficiency.

  11. Containerisation – A lightweight form of virtualisation that packages an application and its dependencies in isolated units (containers) to ensure consistency across computing environments.

  12. Kubernetes – An open-source platform designed to automate the deployment, scaling, and management of containerised applications.

  13. Serverless Computing – A cloud computing model in which the cloud provider dynamically manages the allocation and provisioning of servers, enabling developers to focus on code rather than infrastructure.

  14. Microservices – An architectural style that structures an application as a collection of small, independent services that communicate over well-defined APIs.

  15. Edge Computing – A distributed computing paradigm that brings computation and data storage closer to the locations where they are needed, reducing latency and bandwidth use.

  16. Big Data – Refers to extremely large datasets that can be analysed computationally to reveal patterns, trends, and associations, especially relating to human behaviour and interactions.

  17. Data Analytics – The science of analysing raw data to make conclusions about that information, often through specialised systems and software.

  18. Internet of Things (IoT) – The network of physical objects embedded with sensors, software, and other technologies for the purpose of connecting and exchanging data with other devices and systems over the internet.

  19. Artificial Intelligence (AI) – The simulation of human intelligence processes by machines, particularly computer systems, used to perform tasks that normally require human intelligence.

  20. Machine Learning (ML) – A subset of AI focused on building systems that learn from data, identify patterns, and make decisions with minimal human intervention.

  21. Deep Learning – A specialised area within machine learning using neural networks with many layers to analyse various factors of data, often used for complex tasks like image and speech recognition.

  22. Blockchain – A decentralized and distributed digital ledger that records transactions across many computers in a way that prevents alteration once recorded.

  23. Virtual Private Network (VPN) – A technology that creates a secure, encrypted connection over a less secure network, such as the internet, to enable private communication.

  24. Cybersecurity – The practice of protecting systems, networks, and programs from digital attacks, ensuring the confidentiality, integrity, and availability of data.

  25. Encryption – The method of converting information or data into a code, especially to prevent unauthorized access.

  26. Identity and Access Management (IAM) – Frameworks and technologies for ensuring that the right individuals have the appropriate access to technology resources.

  27. Zero Trust Security – A security concept that assumes no implicit trust is granted to assets or user accounts based solely on their physical or network location; every access attempt must be verified.

  28. DevOps – A set of practices and cultural philosophies that aim to improve collaboration between software development and IT operations teams to accelerate development and deployment.

  29. Continuous Integration (CI) – The practice of merging all developers’ working copies to a shared mainline several times a day, improving software quality and reducing integration challenges.

  30. Continuous Deployment (CD) – An approach in software development where code changes are automatically prepared for a release to production, ensuring faster delivery and frequent updates.

  31. Agile Development – A methodology centred on iterative development, where requirements and solutions evolve through collaborative cross-functional teams.

  32. ITIL (Information Technology Infrastructure Library) – A set of detailed practices for IT service management (ITSM) that focuses on aligning IT services with the needs of business.

  33. Service Level Agreement (SLA) – A formal contract between a service provider and a client that defines the level of service expected, including performance metrics and responsibilities.

  34. DRaaS (Disaster Recovery as a Service) – A cloud-based service that enables organisations to back up their data and IT infrastructure in a third-party cloud environment and recover it in the event of a disaster.

  35. Cloud Storage – A model of data storage in which digital data is stored in logical pools, managed by a third-party provider and accessed over the internet.

  36. Data Backup and Recovery – Processes and technologies used to create copies of data that can be restored in the event of loss or corruption.

  37. Application Programming Interface (API) – A set of rules and protocols for building and interacting with software applications, allowing different systems to communicate with each other.

  38. Software Development Kit (SDK) – A collection of software development tools in one installable package, which allows the creation of applications for a specific platform.

  39. Low-code Development – A software development approach that requires little to no coding to build applications, using graphical user interfaces and configuration instead.

  40. No-code Development – An approach to application development that enables non-technical users to create software through graphical interfaces without writing traditional code.

  41. Business Intelligence (BI) – Technologies, applications and practices for the collection, integration, analysis, and presentation of business information to support better decision-making.

  42. Data Warehouse – A central repository for integrated data from one or more disparate sources, used for reporting and data analysis.

  43. Data Lake – A storage repository that holds a vast amount of raw data in its native format until it is needed for analysis.

  44. Content Delivery Network (CDN) – A geographically distributed network of servers that work together to provide fast delivery of internet content by caching copies closer to users.

  45. Load Balancer – A device or service that distributes network or application traffic across a cluster of servers to ensure reliability and performance.

  46. DevSecOps – An approach that integrates security practices within the DevOps process, emphasising security as a shared responsibility among all participants.

  47. Infrastructure as Code (IaC) – The management of infrastructure (networks, virtual machines, load balancers, etc.) in a descriptive model using code, enabling automated and scalable deployments.

  48. Orchestration – The automated arrangement, coordination, and management of complex computer systems, middleware, and services in order to streamline processes and workflows.

  49. Automation – The use of technology to perform tasks with minimal human intervention, improving efficiency and reducing errors.

  50. Service Mesh – A dedicated infrastructure layer for facilitating service-to-service communications between microservices, ensuring smooth and secure interactions.

  51. ChatOps – The integration of communication and operations tools (often via chat platforms) to facilitate collaborative problem-solving and real-time operational management.

  52. Robotic Process Automation (RPA) – The use of software robots or ‘bots’ to automate highly repetitive, routine tasks traditionally performed by humans.

  53. Legacy Systems – Outdated computing systems or applications that, although still in use, may lack integration capabilities with modern systems and technologies.

  54. End User Computing – Solutions and technologies that empower users to access and control computing environments, often through desktop virtualization or remote applications.

  55. Bring Your Own Device (BYOD) – A policy that allows employees to use their personal devices for work purposes, which can increase flexibility but may also introduce security challenges.

  56. SaaSOps – Operational processes and tools for managing the multitude of SaaS applications that organisations adopt, ensuring security, compliance, and cost control.

  57. FinOps (Cloud Financial Management) – The practice of bringing financial accountability to the variable spend model of cloud computing, enabling better cost optimisation and governance.

  58. Observability – The ability to measure a system’s internal state by analysing its outputs, often using logs, metrics and traces to monitor performance and troubleshoot issues.

  59. Log Management – The process of generating, storing, analysing, and managing log data from various sources within an organisation to support security and operational decisions.

  60. Scalability – The capacity of a system to handle a growing amount of work or its potential to be enlarged in order to accommodate growth.

  61. High Availability – A characteristic of a system that aims to ensure an agreed level of operational performance, usually uptime, even in the face of component failures.

  62. Latency – The delay between a request and the corresponding response in a system, a critical factor in performance-sensitive applications.

  63. Resilience – The ability of a system or network to recover quickly from disruptions, ensuring continuity of service despite failures or attacks.

  64. Cloud Native – An approach to building and running applications that fully exploit the advantages of the cloud computing delivery model, often through microservices, containers, and continuous delivery.

  65. Service-Oriented Architecture (SOA) – A design principle that organisational systems use to provide services to other components via a communication protocol, often over a network.

  66. API Gateway – A server that acts as an intermediary for requests from clients seeking access to backend services, handling tasks such as routing, rate limiting and authentication.

  67. Elasticity – The ability of a system to dynamically acquire and release resources to match changing workload demands, a key benefit of cloud environments.

  68. Virtual Private Cloud (VPC) – A secure, isolated portion of a public cloud that is dedicated to a single organisation, offering enhanced control over its resources and networking.

  69. Data Centre – A physical facility that organisations use to house their critical applications and data, including servers, storage systems and networking equipment.

  70. Colocation – The practice of housing privately-owned servers and networking equipment in a third-party data centre, benefitting from robust infrastructure and security.

  71. Hybrid IT – An environment that combines traditional on-premises IT with modern cloud-based services to create a more flexible and responsive computing ecosystem.

  72. Managed Services – Outsourced IT services provided by a third-party provider, encompassing network, application, system, and management services.

  73. IT Governance – The framework that ensures IT investments support business objectives, aligning IT strategy with business goals and managing risks and resources.

  74. Regulatory Compliance – The process by which organisations ensure their IT systems and data handling practices adhere to laws, regulations, and industry standards.

  75. Penetration Testing – An authorised simulated cyber-attack on a computer system or network to evaluate its security, identify vulnerabilities and determine potential impact.

  76. Threat Intelligence – The collection and analysis of information about potential or current attacks that threaten an organisation, used to guide security decisions.

  77. Security Information and Event Management (SIEM) – A comprehensive solution that provides real-time analysis of security alerts generated by applications and network hardware.

  78. Cloud Migration – The process of moving data, applications, and IT processes from on-premises systems to a cloud environment, often to improve agility and cost-efficiency.

  79. Legacy Modernisation – The process of updating and transforming outdated systems to leverage new technologies and architectures, improving performance, security, and scalability.

  80. CapEx vs OpEx – A financial framework distinguishing between capital expenditure (CapEx, upfront investments in assets) and operational expenditure (OpEx, recurring costs), particularly relevant when evaluating cloud services.

  81. Cloud Management Platform (CMP) – A suite of integrated tools that help manage, monitor, and govern multi-cloud environments, streamlining deployment and operations.

  82. Multi-Tenancy – An architecture in which a single instance of a software application serves multiple customers (tenants), ensuring data isolation and cost efficiency.

  83. Quantum Computing – An advanced computing paradigm that utilises quantum-mechanical phenomena to perform operations on data at speeds unimaginable with classical computers, although still largely experimental.

  84. Software-Defined Networking (SDN) – An approach to networking that decouples the control plane from the data plane, making it easier to manage, configure, and optimise networks through software.

  85. Network Function Virtualisation (NFV) – The abstraction of network services from proprietary hardware appliances to virtual machines, promoting scalability, flexibility and reduced capital expenditure.

  86. Remote Desktop Services (RDS) – A service that allows a user to remotely access and work on a computer system or desktop environment from a different location over the internet.

  87. Container Security – The practices and technologies used to secure containerised applications, including image scanning, runtime protection and secure configuration.

  88. Edge Analytics – The processing and analysis of data at the edge of the network, near the data source, to reduce latency and bandwidth usage before sending summarised data to the cloud.

  89. Digital Transformation – The integration of digital technology into all areas of a business, resulting in fundamental changes to how organisations operate and deliver value to customers.

  90. Infrastructure Security – Measures and technologies to protect the physical and virtual components of IT infrastructure from threats, ensuring system integrity and availability.

  91. Identity Federation – A system that allows the sharing of identity information across multiple organisations or domains to streamline access to interconnected systems.

  92. Data Sovereignty – The concept that data is subject to the laws and governance structures within the nation in which it is collected or stored, which impacts cloud storage decisions.

  93. General Data Protection Regulation (GDPR) – A comprehensive data protection law in the European Union that regulates the processing of personal data and imposes strict compliance requirements on businesses.

  94. Virtual Desktop Infrastructure (VDI) – A technology that hosts desktop environments on a centralised server, enabling users to access their desktop remotely, usually through a thin client or web browser.

  95. Application Modernisation – The process of updating older legacy applications to more current, cloud-friendly architectures, ensuring they remain secure, maintainable and scalable.

  96. Incident Response – The procedures and practices undertaken to prepare for, detect, contain, and recover from security breaches or IT incidents.

  97. Digital Twin – A virtual replica of a physical device, process, or system that is used to simulate, analyse and optimise performance using real-time data.

  98. Log Aggregation – The process of collecting logs from multiple sources into a centralised platform for analysis, monitoring and troubleshooting.

  99. Data Integration – The practice of combining data from different sources to provide a unified view, which is essential for analytics, reporting and decision-making.

  100. IT Service Management (ITSM) – A strategic approach to planning, delivering, operating and controlling IT services in order to meet the needs of an organisation and its customers.

Common Acronyms

  1. ACL – Access Control List; a set of rules used to control network traffic and determine which users or systems are granted access to resources.

  2. AI – Artificial Intelligence; technology enabling machines to mimic human cognitive functions such as learning and problem solving.

  3. AIOps – Artificial Intelligence for IT Operations; the application of machine learning and data science to automate and enhance IT operational processes.

  4. API – Application Programming Interface; a set of protocols that allows different software applications to communicate with one another.

  5. BaaS – Backup as a Service; a subscription-based cloud service for backing up and restoring data and systems.

  6. BCP – Business Continuity Planning; the process of developing procedures to continue business operations in the event of a disruption or disaster.

  7. BI – Business Intelligence; systems and tools that analyse and present business data to support decision making.

  8. BPM – Business Process Management; a systematic approach to improving an organisation’s workflow and operational processes.

  9. BDR – Backup and Disaster Recovery; solutions that ensure critical data is backed up and systems can be restored following an outage or disaster.

  10. BYOD – Bring Your Own Device; a policy that allows employees to use their personal devices for work purposes.

  11. CaaS – Container as a Service; a cloud service model that delivers container orchestration and management tools.

  12. CDN – Content Delivery Network; a geographically distributed network of servers designed to quickly deliver web content to users.

  13. CD – Continuous Deployment (or Delivery); an automated approach to releasing code changes into production environments.

  14. CI – Continuous Integration; a development practice where code changes are frequently merged into a shared repository and automatically tested.

  15. CMP – Cloud Management Platform; an integrated suite of tools for managing and monitoring multiple cloud environments.

  16. CRM – Customer Relationship Management; software systems that help manage a company’s interactions with current and prospective customers.

  17. CSP – Cloud Service Provider; a company that offers cloud computing services and infrastructure to organisations.

  18. CTO – Chief Technology Officer; the executive responsible for overseeing technological developments and strategies within a company.

  19. DaaS – Desktop as a Service; a cloud-hosted virtual desktop solution that allows users to access their desktop environments remotely.

  20. DBaaS – Database as a Service; managed cloud-based databases that relieve organisations from handling database administration tasks.

  21. DDoS – Distributed Denial of Service; a type of cyber-attack where multiple systems overwhelm a target, rendering services unavailable.

  22. DNS – Domain Name System; the system that translates human-friendly domain names into IP addresses used by computers.

  23. DLP – Data Loss Prevention; a strategy and suite of tools used to prevent sensitive data from leaving an organisation’s network.

  24. DRaaS – Disaster Recovery as a Service; cloud-based solutions for recovering IT infrastructure and data after a disruptive event.

  25. EDR – Endpoint Detection and Response; tools that monitor endpoints to detect and respond to potential security threats.

  26. EOL – End of Life; the point at which a product is no longer supported or updated by its vendor.

  27. EULA – End User Licence Agreement; a legal contract between software producers and users outlining usage rights and restrictions.

  28. ETL – Extract, Transform, Load; the process of extracting data, transforming it to suit operational needs, and loading it into a target system.

  29. FaaS – Function as a Service; a serverless computing model that executes code in response to events, billing only for the compute time used.

  30. FISMA – Federal Information Security Management Act; US legislation outlining information security standards that influence IT governance frameworks.

  31. GDPR – General Data Protection Regulation; a stringent EU law governing personal data protection and privacy for individuals.

  32. GPU – Graphics Processing Unit; specialised hardware designed to accelerate the rendering of images and parallel processing tasks.

  33. GRC – Governance, Risk and Compliance; a framework for aligning IT practices with business objectives while managing risks and ensuring regulatory compliance.

  34. HA – High Availability; the design of systems to ensure a high level of operational performance and minimal downtime.

  35. HCI – Hyper-Converged Infrastructure; an IT framework that combines computing, storage, and networking into a unified system.

  36. HIPAA – Health Insurance Portability and Accountability Act; US legislation that sets standards for protecting sensitive patient health information.

  37. IaaS – Infrastructure as a Service; a cloud computing model that delivers virtualised computing resources over the internet.

  38. IAM – Identity and Access Management; the policies and technologies that ensure the right users have the right access to resources.

  39. IDaaS – Identity as a Service; cloud-based solutions for identity and access management, simplifying user authentication and authorisation.

  40. IoT – Internet of Things; a network of connected physical devices embedded with sensors and software to exchange data.

  41. ITIL – Information Technology Infrastructure Library; a set of best practices for IT service management to align IT services with business needs.

  42. ITSM – IT Service Management; a discipline focused on designing, delivering, managing, and improving IT services in an organisation.

  43. KPI – Key Performance Indicator; measurable values that indicate how effectively an organisation is achieving its objectives.

  44. KMS – Key Management Service; a system for creating, distributing, storing, and managing cryptographic keys securely.

  45. KVM – Kernel-based Virtual Machine; a Linux-based virtualisation technology that enables multiple virtual machines to run on a single physical server.

  46. LAN – Local Area Network; a computer network that interconnects devices within a limited geographical area, such as an office building.

  47. LAMP – Linux, Apache, MySQL, PHP; a widely used open-source software stack for developing web applications.

  48. LDAP – Lightweight Directory Access Protocol; an application protocol for accessing and maintaining distributed directory information services.

  49. LOB – Line Of Business; a classification for a specific business unit or area of expertise within an organisation.

  50. ML – Machine Learning; a subset of AI that enables systems to learn and improve from experience without being explicitly programmed.

  51. MDM – Mobile Device Management; software solutions that secure and manage mobile devices within an organisation.

  52. MCP – Microsoft Certified Professional; a certification indicating expertise in Microsoft technologies and solutions.

  53. MDR – Managed Detection and Response; outsourced services that provide threat monitoring, detection, and response capabilities.

  54. MSP – Managed Service Provider; a third-party company that remotely manages a customer’s IT infrastructure and end-user systems.

  55. NAT – Network Address Translation; a method that maps one set of IP addresses to another, often used to allow multiple devices to share a single public IP.

  56. NOC – Network Operations Centre; a centralised facility that monitors and manages an organisation’s network infrastructure.

  57. NFV – Network Functions Virtualisation; the virtualisation of network services that traditionally ran on proprietary hardware.

  58. NGFW – Next-Generation Firewall; an advanced firewall solution that integrates additional security features such as intrusion prevention and application awareness.

  59. NIST – National Institute of Standards and Technology; a US agency whose standards and guidelines are widely adopted for IT and cybersecurity best practices.

  60. NVMe – Non-Volatile Memory Express; a high-performance interface protocol for accessing solid-state storage devices.

  61. OIDC – OpenID Connect; an authentication protocol based on the OAuth 2.0 family of specifications that enables identity verification.

  62. OAuth – Open Authentication; an open standard for access delegation that enables applications to access user data without revealing passwords.

  63. OS – Operating System; software that manages computer hardware, software resources, and provides common services for applications.

  64. OPEX – Operational Expenditure; the ongoing costs for running IT services and maintaining infrastructure.

  65. PaaS – Platform as a Service; a cloud computing model that provides a platform allowing customers to develop, run, and manage applications without the complexity of maintaining infrastructure.

  66. PCI DSS – Payment Card Industry Data Security Standard; security standards designed to ensure that all companies that accept, process, store, or transmit credit card information maintain a secure environment.

  67. PII – Personally Identifiable Information; any data that could potentially identify a specific individual.

  68. PMO – Project Management Office; a department that standardises project-related governance processes and facilitates project execution.

  69. PoC – Proof of Concept; a demonstration to verify that certain concepts or theories have the potential to be developed into a viable product or service.

  70. QoS – Quality of Service; the overall performance of a network or service, often measured by factors such as latency, bandwidth, and error rates.

  71. RPA – Robotic Process Automation; software technology that automates repetitive and routine tasks traditionally performed by humans.

  72. ROI – Return on Investment; a performance measure used to evaluate the efficiency or profitability of an investment.

  73. RTO – Recovery Time Objective; the maximum acceptable time period for restoring IT services after a disruption.

  74. RPO – Recovery Point Objective; the maximum acceptable amount of data loss measured in time before a disruption occurs.

  75. RMM – Remote Monitoring and Management; tools and processes that allow IT service providers to remotely oversee and manage systems and networks.

  76. SaaS – Software as a Service; a delivery model whereby software applications are hosted by a vendor and made available to customers over the internet.

  77. SDN – Software-Defined Networking; a networking approach that separates the control plane from the data plane, enabling more flexible and programmable networks.

  78. SASE – Secure Access Service Edge; a network architecture that combines wide-area networking with comprehensive cloud-delivered security functions.

  79. SAML – Security Assertion Markup Language; an XML-based protocol used for exchanging authentication and authorisation data between parties.

  80. SDK – Software Development Kit; a collection of tools, libraries, and documentation for creating applications for a specific platform or service.

  81. SIEM – Security Information and Event Management; solutions that provide real-time analysis of security alerts generated by applications and network hardware.

  82. SLA – Service Level Agreement; a contractual commitment that defines the expected level of service between a provider and a customer.

  83. SKU – Stock Keeping Unit; a unique identifier for each distinct product or service, often used in inventory management systems.

  84. SOC – Security Operations Centre; a facility or team responsible for monitoring and protecting an organisation’s security posture.

  85. SMB – Small and Medium-sized Businesses; a classification of businesses that are typically the target for specific IT and cloud solutions.

  86. TaaS – Testing as a Service; the practice of outsourcing software testing tasks to third-party providers via cloud-based tools.

  87. TCO – Total Cost of Ownership; the complete cost of acquiring, operating, and maintaining a product or system over its lifecycle.

  88. TDD – Test-Driven Development; a software development approach in which test cases are written before coding begins.

  89. TLS – Transport Layer Security; a cryptographic protocol designed to provide secure communication over a computer network.

  90. TPM – Trusted Platform Module; a secure crypto-processor that is designed to secure hardware through integrated cryptographic keys.

  91. UAT – User Acceptance Testing; a phase in the software development process where end users test the system to ensure it meets business requirements.

  92. UI – User Interface; the means through which a user interacts with a computer system, software application, or device.

  93. UDP – User Datagram Protocol; a communication protocol used for time-sensitive transmissions that emphasise speed over reliability.

  94. UEM – Unified Endpoint Management; a comprehensive approach to managing and securing a variety of endpoint devices across an organisation.

  95. UPS – Uninterruptible Power Supply; equipment that provides emergency power to a load when the main power source fails.

  96. URL – Uniform Resource Locator; the address used to access resources on the internet.

  97. VDI – Virtual Desktop Infrastructure; technology that hosts desktop operating systems on a centralised server, enabling remote access.

  98. VPC – Virtual Private Cloud; a logically isolated section of a public cloud that is dedicated to a single organisation.

  99. VoIP – Voice over Internet Protocol; technology that delivers voice communications and multimedia sessions over the internet.

  100. WAF – Web Application Firewall; a security solution that monitors, filters, and blocks HTTP traffic to and from a web application to protect against attacks.