resources
The glossary.
Plain-English definitions of the terms behind our products — compliance, estimating, and sourcing, without the jargon.
Compliance & security
- SBOM (Software Bill of Materials)
- A machine-readable inventory of every component in a product — the ingredient list regulators and customers now expect. See it →
- VEX (Vulnerability Exploitability eXchange)
- A statement of whether a known vulnerability actually affects your product, so effort goes to what's genuinely exploitable. See it →
- CVE
- A public identifier for a specific, disclosed software vulnerability.
- CVSS
- The 0–10 severity score assigned to a vulnerability.
- CRA (Cyber Resilience Act)
- The EU regulation setting cybersecurity requirements for products with digital elements. See it →
- Conformity assessment
- How you prove a product meets the CRA — self-assessment, or review by a notified body. See it →
- Support period
- How long a manufacturer must handle vulnerabilities — at least five years under the CRA, or the product's expected lifetime. See it →
Estimating
- BoQ (Bill of Quantities)
- An itemised, priced list of every material and labour item in a tender. See it →
- QTO (Quantity Take-off)
- Extracting the quantity of each item from the drawings and specifications. See it →
- ELV (Extra-Low Voltage)
- Building systems like CCTV, access control, structured cabling, and public address.
- Markup vs. margin
- Markup is added on top of cost; margin is a share of the selling price — they are not the same number. See it →
- Landed cost
- The true cost of an item once supplier discount, duty, and freight are applied. See it →
- Rate library
- A reusable catalog of priced items, so every estimate is built from the same consistent rates. See it →
- Provisional sum
- A ring-fenced allowance for work that's known but can't yet be fully priced. See it →
Sourcing
- RFQ (Request for Quotation)
- A formal request asking suppliers to price a clearly defined scope. See it →
- TCO (Total Cost of Ownership)
- The full cost of a purchase over its life — not just the sticker price. See it →
- Should-cost
- A model of what a part should cost to make, used to negotiate from evidence. See it →
- Kraljic matrix
- A framework that sorts spend by supply risk and profit impact to pick a sourcing strategy. See it →
- MOQ (Minimum Order Quantity)
- The smallest quantity a supplier is willing to sell. See it →
- Dual-sourcing
- Qualifying two suppliers for the same part to reduce single-source risk. See it →