Authorising approved applications for use within organisations in order to protect systems from potentially harmful applications. Can also be known as ‘whitelisting’ across the industry.