Knight-- "IT" in my case is on a separate subnet and is isolated from the other elements of the business and yet is part of one VLAN. When mitigating security risks for 'SNMP vulnerabilities' one of the documented mitigating factors is to create a "management network". Another example is when setting up an IDS system with centralized logging, recommendations includes making the centralized log server a part of the "management network".
This may be a matter of semantics. This is what I am trying to figure out :-). Your explanation makes sense and it is the path I am going down, but I want to make sure there are others that are defining this the same as I am interpreting it. If this is not the case then I need to be educated.