Glossary
This appendix provides definitions of terms used throughout the TQS specification. Terms are organized by certification-related terms and technical terms.
35.1.1. Certification-Related Terms
This section defines terms related to the TQS certification system and external certifications. It includes TQS-specific terms, international/domestic certification names, and audit procedure-related terms.
| Term | Description |
|---|---|
| TQS | TIENIPIA QUALIFIED STANDARD. TIENIPIA's proprietary certification standard |
| TQS-S/W | TQS software certification category |
| TQS-H/W | TQS hardware certification category |
| TQS-Infra | TQS infrastructure certification category |
| TQS Mark | The certification mark granted to products that have passed TQS certification |
| TQS Full Certified | Full certification achieved by passing TQS-S/W, TQS-H/W, and TQS-Infra |
| Gap analysis | An analysis method that identifies differences between the current state and target criteria |
| RACI matrix | A matrix that defines roles and responsibilities (Responsible, Accountable, Consulted, Informed) |
| Maturity model | A framework that defines the development stages of an organization or process |
| PDCA | Plan-Do-Check-Act. A cyclical management methodology for continuous improvement |
| ISO 27001 | International standard for Information Security Management Systems (ISMS) |
| ISMS-P | Information Security and Personal Information Protection Management System certification. Operated by KISA |
| ISO 9001 | International standard for Quality Management Systems (QMS) |
| CMMI | Capability Maturity Model Integration |
| SOC 2 | Service Organization Controls 2. Audit criteria for service organization controls |
| AICPA | American Institute of Certified Public Accountants |
| ISACA | Information Systems Audit and Control Association |
| KISA | Korea Internet & Security Agency |
| SCAMPI | Standard CMMI Appraisal Method for Process Improvement. The official CMMI assessment method |
| CB | Certification Body. The organization that conducts certification audits |
| Annex A | ISO 27001 Annex A. List of information security control items |
| Trust Services Criteria | The 5 trust service principles of SOC 2 (Security, Availability, Processing Integrity, Confidentiality, Privacy) |
| Conditional pass | A determination that grants certification conditional on remediation of some non-compliant items |
| Expedited audit | An audit that verifies only changes based on previous audit results |
35.1.2. Technical Terms
This section defines technology-related terms used in the TQS specification.
35.1.2.1. General Technical Terms
| Term | Description |
|---|---|
| SFC | Single File Component. Vue.js .vue file format |
| SLA | Service Level Agreement |
| SPOF | Single Point of Failure |
| RBAC | Role-Based Access Control |
| SemVer | Semantic Versioning |
| BOM | Bill of Materials. Dependency version management manifest |
| CVSS | Common Vulnerability Scoring System |
| CVE | Common Vulnerabilities and Exposures |
| At-Rest | Data at rest. Data stored on disk, databases, etc. |
| In-Transit | Data in transit. Data moving through a network |
| Failover | A mechanism that automatically switches to a standby system upon failure |
| DDL | Data Definition Language. SQL for schema definition such as table creation, modification, and deletion |
| DML | Data Manipulation Language. SQL for data insertion, retrieval, modification, and deletion |
35.1.2.2. Backend Technical Terms
| Term | Description |
|---|---|
| jOOQ | Java Object Oriented Querying. A type-safe SQL builder library |
| DSLContext | The core interface of jOOQ. The entry point for writing and executing SQL queries |
| codegen | Code generation. The process of automatically generating Java classes from database schemas |
| Flyway | A database migration tool. SQL script-based schema version management |
| HikariCP | A high-performance JDBC connection pool library. The default connection pool in Spring Boot |
| Testcontainers | A Java library for managing Docker containers for testing |
35.1.2.3. Frontend Technical Terms
| Term | Description |
|---|---|
| Composable | A reusable logic encapsulation function in Vue 3. Prefixed with use |
| Pinia | The official state management library for Vue 3. Successor to Vuex |
| Vue Router | The official client-side routing library for Vue.js |
| Axios | A Promise-based HTTP client library |
| Tailwind CSS | A utility-first CSS framework |
| Vitest | A Vite-based unit testing framework |
| Vue Test Utils | A utility library for Vue component testing |
| vue-i18n | An internationalization plugin for Vue.js |
| Playwright | A cross-browser E2E testing framework |
35.1.2.4. Performance and Accessibility Terms
| Term | Description |
|---|---|
| Core Web Vitals | Google's core web performance metrics (LCP, INP, CLS) |
| LCP | Largest Contentful Paint. Measures the loading time of the main content |
| INP | Interaction to Next Paint. Measures interaction delay until the next paint |
| CLS | Cumulative Layout Shift. Measures visual stability |
| WCAG | Web Content Accessibility Guidelines |
| ARIA | Accessible Rich Internet Applications |
35.1.3. Term Usage Principles
The following principles must be observed when using terms in the TQS specification.
35.1.3.1. Abbreviation Notation Rules
- Technical abbreviations must include the full name when first appearing in a document. Only the abbreviation is used thereafter.
- The full name notation format follows the
Abbreviation (Full Name)format. - Examples:
RBAC (Role-Based Access Control),CVSS (Common Vulnerability Scoring System)
35.1.3.2. TQS-Specific Term Rules
- TQS-specific terms such as TQS, TQS-S/W, TQS-H/W, TQS-Infra, TQS Mark, and TQS Full Certified must always be used in their original form.
- TQS-specific terms are not translated and must retain their original form in multilingual versions.
- Addition or modification of TQS-specific terms must be approved by the TQS Committee.
35.1.3.3. Obligation Level Expression Rules
The TQS specification follows the keyword definitions of RFC 2119 when expressing obligation levels.
| Expression | RFC 2119 Equivalent | Meaning |
|---|---|---|
| must | MUST | Absolute obligation |
| should | SHOULD | Strong recommendation |
| may | MAY | Optional |
35.1.3.4. Technical Term Preservation Rules
- Technical terms whose meaning becomes unclear when translated must be used in their original language.
- Examples of preserved terms: At-Rest, In-Transit, Failover, Composable, codegen
- Since separate multilingual versions exist, English annotations must not be included alongside titles or general descriptions.