MIS 302F Exam 3 | Tuttle, MIS Tuttle #3

STUDY
PLAY

Terms in this set (...)

What are the disadvantages of vertical integration?
can be risky because it increases the amount of responsibility on one firm
analytics
Using data to drive decisions and actions
data mining
using computers to identify hidden patterns and to build models from large data sets
expert system
artificial intelligence systems that leverage rules of examples to perform a task in a way that mimics applied human expertise (EX Medical Diagnosis)
legacy system
older information system that are often incompatible with other systems, technologies, and ways of conducting business

limited access to data, can't fit the needs of business and makes mergers difficult
volume, variety, velocity
3 V's that describe Big Data
volume
1/3 V's of Big Data: amount of data we are creating as companies and individuals greatly increases
Big Data
immense volume of diverse data that is increasing at an astronomical rate in our world from sources
variety
1/3 V's of Big Data: format and types of data greatly differs (ex. business, social etc.)
velocity
1/3 V's of Big Data" new data is being created every millisecond in our world
transactional data; consumers
Business Analytics leverages data from what source?
data is in too many places, data is "dirty," missing values, inconsistency and unmaintained data
What are the problems with transactional data?
legacy systems are a major roadblock from turning data to information; inhibits firm agility
What is the dilemma many companies are in that have multiple databases built on different incompatible systems?
provides information for improving decision making;
What is the overall purpose of a business intelligence system?
1. Reporting systems: analyzes data
2. Data mining systems: looks for patterns in data
3. Knowledge management systems: uses patterns to make decisions
4. Expert systems: shares information with business partners
What BI primary tools are available to turn data into valuable information? How do they add value?
patterns and relationships in data that helps predict future outcomes (non-intuitive data)
What kind of discoveries does a data mining system help us uncover?
1. Create value from intellectual capital
2. Collect and share human knowledge
3. Supported by 5 components of IS 4. Foster innovation
5. Increase company organizational responsiveness
How does Knowledge Management present a value to an organization?
lift
how much more likely that a person buys A + B, than a person who walks into a store and just buys B
clustering analysis
look at data points close together to find patterns based on different field patterns (descriptive method)
classification tree
tree-like diagram illustrating the choices available to a decision maker
How do you calculate confidence and lift?
Confidence = (A+B)/A
Benchmark ratio = % that B occurs overall
Lift = confidence/benchmark ratio
What it the difference between confidence and lift?
Confidence is the likelihood that a person buying one product will buy the other

Lift is how much more likely the person is to buy both products together rather than the second product?
Which should drive your decision on what products to cross-sell, confidence or lift?
lift; indicates the strength of an assocation
business process improvement
to improve an existing process that becomes faster and more efficient
business process innovation
Create an whole new process
Of the 5 parts of Porter's Information Security Model, what parts are the hardest to change usually and why?
People because of so many different opinions
5 parts of Porter's Information Security Model
hardware, software, data, process and people
How are business processes inherent in Information Systems?
they are found all throughout the information system;
How do business processes affect the way we design, use and maintain Information Systems?
technology is used to help make the process more efficient, so the process comes before the info systems

"strategy comes before technology"
What is the impact of process change as a process starts to cross between more than one division in a company?
The process becomes more difficult to implement
What is the difference between process innovation and process improvement? Which is harder to do and why?
process innovation creates a new process entirely, whereas process improvement uses the same process, but has slight improvements for efficiency; process innovation is harder to do and harder to copy
diseconomies of scale
forces that cause larger firms and governments to produce goods and services at increased per-unit costs
iterative development
feature code is designed, developed and tested in repeated cycles; with each iteration, additional features can be added until it's perfect for consumers
quality assurance (aka testing)
confirming it all works as expected, catch bugs before they get to users, critical to success
implementation/production phase
phase where you convert business activity from old system to a new one
design phase
phase where you develop and evaluate alternatives, hardware design determined by project team, software design depends on source
maintenance phase
phase where you fix or adapt the system
parallel installation
type of installation: secure but expensive; test the new system that runs in parallel with the old system on which provides easy feedback (ex. living in both your old and new house)
phased installation
type of installation: the new system is installed in phases; tested after each phase and continues until it's entirely installed (ex. entire family moves in the house but only stays in the living room)
pilot installation
type of installation: organization implements entire system to limited user base; if it fails, it doesn't affect everyone and it reduces exposure risk
What risks are associated with projects and scope creep?
losing time, resources and money
What is the key factor of project failures
resistance to change, lack of planning
What are the tasks associated with software PM phases? (Inception, Analyze, Design, Build, Test, Implement)
Inception: define system goals
Analyze: document requirements and determine functions of new system
Design: blueprint new system, develop and evaluate alternatives by looking at accurate requirements
Build: code and construct new system
Test: confirm new system works
Implement: convert business activity to new system
What is the user's role in the requirements phase? What happens if users do not participate in this phase?
users are interviewed so that they can let the creators know what they're looking for in a new system; everyone needs to agree on the goals of the project, because if they don't participate in this phase, they won't understand the changes
What are the trade-offs associated with system's development?
Scope, resources, time; changing one affects the other two

ex. increase in scope = need more time and $$$
ex. decrease in time = need to either decrease the scope, or increase the $$$
ex. decrease in resources = need more time and $$$
What needs to happen when you increase the scope in a project?
you need more time and $$$
What needs to happen when you decrease the time in a project?
you need to decrease the scope or increase $$$
What needs to happen when you decrease the resources in a project?
you need more time and $$$
What are the different methods of installation?
parallel (living in old and new house), phased (living in new house, but only in living room), pilot (only dad moves in)
Distributed Denial of Service (DDoS)
shutting down websites by overwhelming them with a crushing load of what seems like legitimate requests sent simultaneously by thousands of machines (Multiple computers)
When does project management get involved on a project?
from the start to the finish
What are the tasks of project management?
manage resources, monitor schedules and progress, manage risks and issues, handles communication, plans hand-offs between phases
How does an iterative (agile) approach different than the waterfall approach of a project management?
breaks down processes into smaller segments which makes it easier to achieve (waterfall is too structured)
contract manufacturing
outsourcing production to third-party firms; firms that do this don't own the plants or directly fund workers producing the goods (helps keep costs of goods low, leading to higher profit margins)
vertical integration
practice where a single business controls the entire process of a product, from raw materials to distribution (risky)
horizontal integration (contract manufacturing)
when a single firm owns all of its retail outlets, but does not own or control their supplier or distributor
point-of-sale systems
transaction processing systems that capture customer purchases information; trends are analyzed and production decisions and alterations are made
push demand
promotional strategy that works to create customer demand for your product or service through promotions
pull demand
promotional strategy that uses focuses on actual customer demand for a product or service
disintermediation
reduction in the use of intermediaries between producers and consumers
Why is inventory management so important? What happens when a retailer has too much/too little inventory?
inventory is lost money if not sold; too much inventory = loses value and the firm loses money, too little inventory = products can't be sold and can't make money
How does Zara's approach differ from the conventional wisdom in fashion retail?
they use PDAs and POS systems to track customer preference rather than guess on styles
What are the advantages of vertical integration?
reduces some risks by having one firm in charge, speeds up the process
What are the advantages of contract manufacturing (horizontal integration)?
reduces costs and risks by having other firms contribute; allows you to own many parts of your business
=What are the disadvantages of contract manufacturing (horizontal integration)?t
slows down response time, making you susceptible to the bullwhip effect
What are causes to the bullwhip effect?
demand forecast updating, order batching, price fluctuations, rationing
How can you reduce the bullwhip effect?
allow all participants to access consumer demand info, consider vertical integration or disintermediation
outsourcing
arrangement in which work is done by people from outside your company, usually by a company that is an expert in that type of work(ut email and google)
in-house
work done within the company
core competency
unique ability that a company acquires from its founders or develops and cannot be easily imitated (what gives a company one or more competitive advantages)
transaction costs
costs associated with the time and effort needed to search out, negotiate and consummate an exchange
production costs
costs associated with the actual production of goods or services (production + transaction = total)
...
In-house offshore, in-house onshore, outsource offshore, outsource onshore
when it's not in realm of core competencies, no face-to-face service required, high info content, internet enabled, low set-up barriers, low social networking requirement
What are specific qualities of a job that could make it a good candidate to be offshored?
it means "being handled by someone else," you can outsource easy jobs to be handled quickly and cheaply; you can also outsource experts who are more trained/skilled
Is outsourcing about hiring less-expensive people?
core competency, "secret sauce" in fear that your business can be overtaken
What types of activities, processes, or portions of your company do you not outsource?
savings in production costs outweigh transaction costs; the more you outsource, the higher risk you need to coordinate
Why do you consider transaction costs, even if your labor/production costs go down?
zombie networks (botnets)
hordes of surreptitiously infiltrated computers, linked and controlled remotely; networks of infiltrated and compromised machines controlled by a central command
phishing
a con executed using technology, typically targeted at acquiring sensitive information or tricking someone into installing malicious software (goal is to leverage reputation of a trusted firm into performing an action to reveal info)
social engineering
con games that trick employees into revealing information or performing other tasks that comprise a firm in security circles
dumpster diving
sifting through the trash in an effort to uncover valuable data or insights that can be stolen or used to launch a security attack
shoulder surfing
looking over someone's shoulder to glean a password or see other proprietary information that might be displayed on a worker's screen
disaster recovery planning
provisions to backup systems and data to off-site locales, to protect operations and provide a fall back in the case of disaster
business continuity plan
plan to continue operations if a business is affected by levels of disasters
No; white hat hackers
Are all hackers motivated by crime and theft?
Both
Do security threats come from inside or outside a firm, or both?
Who is responsible for protecting a company's IP and data?
Everyone; all employees and individuals under the company
leverages the reputation of a trusted firm or friend to trick the victim into revealing information; exposes private and sensitive info
How does a phishing scam work and what does it expose?
Hardware/software protections: made of technical safeguards like encryption and firewalls and malware protection

People/process protections: training, education, safety procedures and things people can do without actually using a computer
What is the difference between hardware/software protections and people/process protections?
can educate people on how to store personal information (procedures)
How can non-IT management help lower threats?
don't want to invest millions of dollars in something that doesn't increase your revenue (should be like insurance)
Why is IS/IT security not always a top priority from a company's budgetary standpoint?
from the start to the finish
When does project management get involved on a project?
data warehouse
large database repository that helps unite information from an organization
knowledge management system
-collect and share human knowledge
-create value from intellectual capital
(Like a wiki for a specific job)
expert system
-produce if/then rules
-encapsulates experts knowledge

-EX: WebMD & Longevity game
Market based analysis / association rules
-data mining technique for determining sales patterns
-shows products customers tend to buy together
lift
-how much more likely it is that a person who buys products A & B together than the likelihood that anyone who walks into the store will buy product B
-confidence/BM (BM = % that happens overall)
confidence
possibilty that a person buying product A will also buy product B
data visualization
-Making a visual representation of data like the twitter maps.
business intelligence systems
use data created by other systems to provide information for improving decision making
-data that helps companies make decisions
descriptive methods
-way to understand your data
predictive methods
-look for patterns and relationships to anticipate events
business process management
-systematic way of creating, assessing, and altering business processes as needed
-many methods but concept stays the same
5 steps of business process management
1) create picture of current process; known as the as-is
2)identify areas where process is constraining strategy
3) redesign process or problematic portion of the process to help strategy be better realized; Known as the "to-be" (I.T can be leveraged here)
4)implement process change
5)Adjust and repeat Cycle create policy for ongoing effectiveness
Why care about bpm
-in order for businesses to evolve and adapt, we must understand how we do things and make them better

Process comes before Info System
automation of process of Information Systems
-moves work from the human side to the technology side
-technology side = hardware & software
-human side = process & people
-processes are turned into code
transformation of processes of Information Systems
-transformation changes the human side to fit the technology side
-processes are redesigned and restructured to fit the logic within software
business process innovation
-to completely redesign the process
organizational inertia
companies that stay stagnant and do not improve or change
-bad for companies because they are ensuring a faster death
iterative development
-easier to achieve than waterfall process because all goes live at the end
prototyping
-creating a model/mock up of a product
scope creep
-exploring different avenues for scope of project
-triangle where if you increase scope, you must increase time or resources
Direct/Big Bang Installation
install new process/software and discontinue old
analysis phase
-determine and document features and functions
-less expensive to change system in this phase
-closer to "go-live" an issue is found, harder and more expensive to change
incremental development
-build parts at a time
inception phase
-define system goals
-determine project scope
-assess feasibility of project/proof of concept
contract manufacturing
-signing a contract to mass produce a product you are hoping will be successful
-placing a big bet of huge order
just-in-time manufacturing
-producing small batches of a product
bull whip effect
variability in order size and oder timing increase at each stage up the supply chain
offshoring outsourcing
same company doing the work, just in a location abroad
onshoring
company relocating to a different location in the same country
in house
-no third party company hired, all the same company doing their own work
total costs
= production savings/(gains +transaction costs)
white hat hacker
hack for good, do not exploit information
black hat hacker
-bad hacker
-spreading viruses and infected software
hacktivist
-hack to protest government websites or other organization
malware
-dangerous software that helps hackers
detailed logging
-logs all activity on a server
biggest risk to IT security
HUMANS
different ways to mitigate the threats
-technical safeguards
-data safeguards
-human safeguards
most threats come from
inside the company
• A person not working with Company A is looking to gain access to sensitive information that Company A posses. He does not have access to the company nor any knowledge of individuals working with Company A. What method is he most likely to use to gain access?
-dumpster diving
• BPM provides strategies for managing??
o "Business processes from an end-to-end perspective." This is because process management deals with all parts of Porter's Value Chain. With each part,you can utilize BPM to improve it
• To achieve the desired level of process performance and deliver customer value, business process metrics must
o Be monitored and controlled." This is because you must have a standard process that is organized and structured to be able to receive data and be free from any interference that can contaminate the process and/or products.
o One of the members of your team is sick, and on that same day, the client adds more objectives to the project. As team manager, you would
ask the client to extend the deadline
o What was not an issue in the ERP implementation article?
the project in idaho experienced scope creep
o What makes development difficult?
high probability in misinterpretation between the client and developer
• Zara negates the risk of maintaining high inventory by:
having limited production runs
• Zara's staff members regularly collect data from customers at its stores. This data is used to:
-plan styles and issue rebuy orders
o Zara is a clothing retailer based from Spain and has a branch in NYC, New York, USA that employs American citizens and still under Zara control. What is the NY branch an example of
• A. In-house, Off-shoring. Since the branch is still under Zara control, it is considered in-house instead of outsourcing (hiring an outside company to do work for your company)
o Company A has hired your IT consulting company. During the consulting meeting, Company A wants you to add additional features to the base package software that it will implement to manage supply inventory. What is this an example of?
scope creep
What are the 5 parts of and Information System
-Hardware
-Software
-Data
-Pocess
-People
What parts of Information System model is the hardest to change
Process & people (The Human Side)
How Did Progressive Grow It's profit
-Decreased the time to get the claim process going
-Lowered the price
-24hr time to set up inspection
-Showed competitors prices
What are ways to innovate
- Look for role models outside your company
-Defy constraining assumptions
Inventory =
Death
In House Offshoring
Work inside the company, but have a separate branch in another country. Ex Wal-mart Japan Branch
Reasons to consider Outsourcing
Saves cost on infrastructure
Quickly gain expertise you don't have in house
Less people to manage
Refocus on what you're good at doing.
Share opertational risk to another org
Reasons not to Outsource
- Less managerial control
-You can get locked in by that company
-Some things can be secret to the compay
-What do you do if someone mess something up?
Reasons to consider Offshoring
Look at slides
Reasons not to Offshore
Look at slides
What are some trends companies are seeing
-Software applications moving to web
-Outside access to company networks increasing (Working from home, consumer who wants to get their data)
-Many employees are not educated on types of attacks and become vulnerabilities
-BYOD(Bring Your Own Device)
-Employees using their own devices now to connect to your systems
What are some impacts of being hacked
-Loss of Customer Trust
-Impact to financial
-Lawsuit
CIA Framework
Confidentiality
Integrity
Availability
Confidentiality
Look on tuttle's website
Integrity
*Look on tuttle's website
Integrity Vulnerabilities
-Sql injections
Look on tuttle's website
Accessibility Integrity Vulnerabilities
Look on tuttle's website
Confidentially Vulnerabilities
Look on tuttle's website
What is DDOS
*Look on CH 13 in TX book
A flooding of a server making it fail
What is Business Continuity Planning
- Think of all the things that can go wrong, and how probable it is to happen.
_If so how can we prevent it.
-How will your business continue in light of a disaster?
Script Kiddies
-Term to describe unskilled hackers who can use easily downloadable tools to create DOS attacks

(Ut student using Ion cannon to attack registar )
Firewall
Combo of Hardware/software intended to prevent unauthorized access to a company internal computer systems