Upgrade to remove ads
ISA 235 Strouble Final
Terms in this set (82)
Why is Introduction to MIS the most important class in the business school?
1. It will give you the background you need to assess, evaluate, and apply emerging information systems technology to business.
2. It can give you the ultimate in job security— marketable skills— by helping you learn abstraction, systems thinking, collaboration, and experimentation.
3. It introduces you to careers that will have strong job growth.
What are cost-effective business applications of Facebook and Twitter or whatever will soon appear?
Staying ahead of the crowd by adopting new technologies
How can Intro to MIS help you learn nonroutine skills?
By analyzing and creating charts based on business processes and developing an understanding of systems both individually and in a group.
What is an information system?
A group of components that interact to produce information.
What is MIS?
MIS is the management and use of information systems that help businesses achieve their strategies.
Management and use of information systems
Develop, maintain, and adapt the system to make use easier and more productive
Asking yourself questions about when to use a certain information system and the benefits/downfalls of that system at any point.
Why is the difference between information technology and information systems important to you?
The difference is important because with information everywhere these days and technologies to help spread and understand it, information systems are useful in nearly every aspect of life whether it be school or social relationships or jobs or even entertainment.
Five Component Framework/ IS components
What is your role in IS security?
Making sure I protect and use the IS data in the right manner
don't write it down or share it
Why does the GearUp team need to understand business processes?
To improve their business and get an understanding of the company as a whole.
How GearUp works
Finds products that are overstocked or left from prior years, buys in bulk from vendor and sells individually to bidders.
What is process quality?
Process quality can be measured in two dimensions: process effectiveness and process efficiency. An effective business process is one that enables the organization to accomplish its strategy.
Using information systems to improve process quality.
What Is Information?
Knowledge derived from data, where data is defined as recorded facts or figures
Data presented in a meaningful context
Processed data, or data processed by summing, ordering, averaging, grouping, comparing, or other similar operations
A difference that makes a difference
Where is information?
In our heads, we must conceive it ourselves after observing data.
What Data Characteristics Are Necessary for Quality Information?
Accurate - Correct and complete, crucial for management, can cross-check information to ensure accuracy
Timely - Produced in time for intended use
Relevant - To context and subject
Just sufficient - For purpose it is generated, avoids too much or extraneous information
Worth its cost - Relationship between cost and value; information systems cost money to develop, maintain, and use; must be worth that cost
Why do Business Processes need Management?
Processes are dynamic and often need to be changed
Improve process quality
Change in technology
Change in business fundamentals
Changes in Business Fundamentals
Market (e.g., new customer category, change in customer characteristics)
Company organization (e.g., merger, acquisition)
business process management ( BPM)
a cyclical process for systematically creating, assessing, and altering business processes.
Cycle begins by creating models of business processes.
Usually teams build an as-is model that documents the current situation.
How does organizational strategy determine information systems requirements?
organizations examine the structure of their industry and, from that, develop a competitive strategy. That strategy determines value chains, which, in turn, determine business processes
What five forces determine industry structure?
1.Competition from vendors of substitutes
2.Competition from new competitors
3.Competition from existing rivals
-Bargaining Power Forces
4.Bargaining power of suppliers
5.Bargaining power of customers
business functions that re-late directly to the production of the organization's products or services.
Outbound Logistics Sales
Marketing Customer Service
business functions that assist and facilitate the primary activities.
Manage Supplier Relationships ( Procurement)
Investigate New Designs ( Technology)
Hire & Support Employees ( Human Resources)
Manage Company Resources ( Firm Infrastructure
interactions across value activities.
uses sales forecasts to plan production; it then uses the production plan to determine raw material needs and then uses the material needs to schedule purchases. The end result is just- in- time inventory, which reduces inventory sizes and costs.
How does competitive strategy determine value chain structure?
A business with a differentiation strategy will add cost to an activity only as long as the activity has a positive margin-(The difference between the value that an activity generates and the cost of the activity)
How do value chains determine business processes and information systems?
business processes implement value chains or portions of value chains. Thus, each value chain is supported by one or more business processes.
Organizations can lock in customers by making it difficult or expensive for customers to switch to another product.
How does an actual company use IS to create competitive advantages?
By implementing competitive advantages using information systems to make all aspects of the business process work efficiently and easily for every person in the process
What do business professionals need to know about computer hardware?
hardware consists of electronic components and related gadgetry that input, process, output, and store data according to instructions ¬encoded in computer programs or software.
desktops, laptops, phones, iPads and other slates, Xbox and other games, etc.
What is the difference between a client and a server?
Server-side refers to operations that are performed by the server in a client-server relationship in computer networking. Typically, a server is a software program, such as a web server, that runs on a remote server, reachable from a user's local computer or workstation.
Client-side refers to operations that are performed by the client in a client-server relationship in a computer network. Typically, a client is a computer application, such as a web browser, that runs on a user's local computer or workstation and connects to a server as necessary.
What do business professionals need to know about operating systems software??
OPERATING SYSTEM/CLIENT: Programs that control the client computer's resources
OPERATING SYSTEM/SERVER: Programs that control the server computer's resources
APPLICATION PROGRAMS/CLIENT: Applications that are processed on client computers
APPLICATION PROGRAMS/SERVER: Applications that are processed on server computers
the process by which one computer hosts the appearance of many computers.
1) PC virtualization: able to use the same software to run both iOS and Windows 8, for example
2) Server virtualization: able to log on to two computers and have the same server, Follett for example
3) Desktop virtualization: able to acess the same server and desktop operating systems from any device
applications software Categories:
Horizontal- market: provides capabilities common across all organizations and industries. Examples: Word, Excell.
Vertical- market: serves the needs of a specific industry. can be altered or customized. Example: Kathari's ortho application software on the computers in this office.
One- of- a- kind: developed for a specific, unique need. Examples: IRS system, specific mobile apps like Vangaurds.
Applications software subcategories:
Applications that process code on both the client and the server are called client-server applications.
Thick-client application: is an application program that must be preinstalled on the client. Example: Microsoft office
Thin-client application: is one that runs within a browser and does not need to be preinstalled. Example: Microsoft word
which is software that runs on top of the operating system and performs particular services and functions.
How do organizations acquire application software?
By buying off-the-shelf software, off-the-shelf with alterations software, or tailor-made. Tailor-made software is called custom- developed software.
Firmware is computer software that is installed into devices such as printers, print servers, and various types of communication devices. (becomes a part of computers memory)
Open source succeeds because of collaboration. A programmer examines the source code(code written and understood by users) and identifies a need or project that seems interesting. He or she then creates a new feature, redesigns or reprograms an existing feature, or fixes a known problem. That code is then sent to others in the open source project who then evaluate the quality and merits of the work and add it to the product, if appropriate.
open source viable?
Whether open source works for a particular situation depends on the requirements and constraints of that situation and the users that are editing and creating the software.
Relationships among rows
Values in one table relate rows of that table to rows in a second table. Example: Primary key and foreign key in SQL
Metadata are data that describe data. Example: SQL page with "Field Name", "Data Type", and "Description"
What is a database management system (DBMS)?
a program used to create, process, and ad-minister a database. As with operating systems, almost no organization develops its own DBMS. Example: SQL
How do database applications make databases more useful?
A database application is a collection of forms, reports, queries, and application programs that process a database.
Use a query to find or operate on the data in your tables. With a query, you can display the records that match certain criteria (e.g. all the members called "Barry"), sort the data as you please (e.g. by First name), and even combine data from different tables.
These are screens for displaying data from and inputting data into your tables. The basic form has an appearance similar to an index card: it shows only one record at a time, with a different field on each line.
Reports are for output. Anything you plan to print deserves a report, whether it is a list of names and addresses, a financial summary for a period, or a set of mailing labels.
Connecting to the Internet
actually connecting to an Internet service provider (ISP) which:
Provides you with a legitimate Internet address.
Serves as your gateway to the Internet. (The ISP re-ceives the communications from your computer and passes them on to the Internet, and it receives communications from the Internet and passes them on to you.)
They collect money from their customers and pay access fees and other charges on your behalf.
Why is the cloud the future for most organizations?
Easy to control, access, limit storage of data. Can hold massive amounts. Available anywhere from any device
Small capital requirements
Superior flexibility and adaptability to growing or fluctuating demand
Known cost structure
Possibly best-of-breed security/disaster preparedness
Industry-wide economies of scale, hence cheaper
Control of data location
In-depth visibility of security and disaster preparedness
Dependency on vendor
Loss of control over data location
Little visibility into true security and disaster preparedness capabilities.
Significant capital required
Significant cant development effort
Annual maintenance costs
Ongoing support costs
Staff and train personnel
Increased management requirements
Difficult to accommodate fluctuating demand
mobile native application (Thick)
is a thick-client application that is designed to work with a particular operating system, and sometimes even designed to work only with a particular mobile device that runs that operating system.
mobile browser based mobile apps:
is a thin client application that provides a consistent environment for the application; the details of operating systems and hardware are handled by the browser's code and hidden from the application.
Developing native mobile applications
Developed using serious, heavy-duty, professional programming languages. very complex to create but not as complex to use.
very secure. only run on the operating system for which they are programmed.
many workers who specialize in different skills.
Developing thin-client mobile applications
Run inside a browser such as Firefox or Chrome.
very easy to use and create. l
imited by the capabilities of the browser.
are unable to support very specialized and complex applications.
run on any operating system and mobile device. doesn't take many workers.
Advantages and disadvantages of employee use of mobile systems at work. Advantages:
Greater employee satisfaction,
Reduced need for training,
Reduced support costs.
Advantages and disadvantages of employee use of mobile systems at work. Disadvantages:
Data loss or damage,
Loss of control,
Risk of infection,
Greater support costs.
IS department functions
Plan the use of IS to accomplish organizational goals and strategy.
Manage outsourcing relationships.
Protect information assets.
Develop, operate, and maintain the organization's computing infrastructure.
Develop, operate, and maintain applications.
Align information systems with organizational strategy
for maximum and best results of the IS, developers must make sure information systems are aligned with the organization's competitive strategy.
is the representative for IS and IT issues within the executive staff. The CIO provides the IS perspective during discussions of problem solutions, proposals, and new initiatives. Example: when considering a merger, it is important that the company consider integration of information systems in the merged entities.
CIO must ensure that priorities consistent with the overall organizational strategy are developed and then communicated to the IS department. At the same time, the CIO must also ensure that the department evaluates proposals and projects for using new technology in light of those communicated priorities.
is a group of senior managers from the major business functions that works with the CIO to set the IS priorities and decide among major IS projects and alternatives.
steering committee meetings
are an important communication function between IS and the users.
IS department sets up the steering committee's schedule and agenda and conducts the meetings. Meetings allow for discussion of potential IS initiatives and provide a forum for users to express their needs, frustrations, and other issues with the IS department.
Outsourcing information systems
Avoid management problems.
Free management time.
Obtain part-time services.
Gain economies of scale.
Cap financial exposure.
Reduce implementation risk.
Hardware: IaaS cloud hosting
Software: Licensed software/Outsourced
People: Business function
Loss of control:
Vendor in driver's seat.
Potential loss of intellectual capital.
Product fixes, enhancements in wrong priority.
Vendor management, direction, or identity changes.
CIO superfluous (unnecessary)?
Benefits outweighed by long-term costs:
High unit cost, forever.
Paying for someone else's mismanagement.
In time, outsource vendor is de facto sole source.
May not get what you pay for but don't know it.
No easy exit:
Critical knowledge in minds of vendors, not employees.
Expensive and risky to change vendors.
Your user rights.
Computer hardware and programs that allow you to perform your job proficiently
Reliable network and Internet connections
A secure computing environment
Protection from viruses, worms, and other threats
Contribute to requirements for new system features and functions
Reliable systems development and maintenance
Prompt attention to problems, concerns, and complaints
Properly prioritized problem fixes and resolutions
Your user responsibilities.
Learn basic computer skills
Learn standard techniques and procedures for the applications you use
Follow security and backup procedures
Protect your password(s)
Use computers and mobile devices according to your employer's computer use policy
Make no unauthorized hardware modifications
Install only authorized programs
Apply software patches and fixes when directed to do so
Respond completely to requests for requirements for new system features and functions
Avoid reporting trivial problems
IS security threat/loss
A threat is a person or organization that seeks to obtain or alter data or other assets illegally, without the owner's permission and often without the owner's knowledge.
A vulnerability is an opportunity for threats to gain access to individual or organizational assets.
A safeguard is some measure that individuals or organizations take to block the threat from obtaining the asset.(some threats achieve their goal despite safeguards).
A target is the asset that is desired by the threat.
IS security threat/loss sources
Human error, Computer crime, Natural disasters
IS security loss types
Unauthorized data disclosure: a threat obtains data that is supposed to be protected
Incorrect data modification: can occur through human error when employees follow procedures incorrectly or when procedures have been designed incorrectly.
Faulty service: problems that result because of incorrect system operation.
Denial of service: Caused by human error in following procedures or a lack of procedures. results in a failure of the system. Examples: running a computationally intensive app that shuts down a Web server or corporate gateway router. Hackers sending millions of fake requests to occupy a server.
Loss of infrastructure: stolen equipment, broken equipment from human error or terrorism, broken equipment from a natural disaster
IS security goal
to find an appropriate trade- off between the risk of loss and the cost of implementing safeguards.
IS security threats: business
address two critical security functions: security policy and risk management. response
IS security threats: safeguards
Technical safeguards involve the hardware and software components of an information system.
Can protect against security threats by implementing an Identification and authentication process, Encrypting data, Setting up Firewalls, Using Malware protection, and designing secure apps.
IS security threats: Technical safeguards
Identification and authentication
Identification: user enters name to identify themselves
Authentication: user enters password to authenticate themselves.
Single sign-on for multiple systems
Today's operating systems have the capability to allow the user to be identified and authenticated after only the initial sign-in and does not require multiple sign-in processes.
Encryption is the process of transforming clear text into coded, unintelligible text for secure storage or communication.
A computing device that prevents unauthorized network access.
Can be a special-purpose computer or a program on a general-purpose computer or on a router.
Malware is viruses, worms, Trojan horses, spyware, and adware.
A virus is a computer program that replicates itself. The program code that causes unwanted or harmful activity is called the payload.
Trojan horses are viruses that masquerade as useful programs or files.
A worm is a virus that propagates using the Internet or other computer network.
Spyware programs are installed on the user's computer without the user's knowledge or permission.
Adware is similar to spyware but it watches user activity and produce pop-up ads.
IS security threats: data safeguards
Data safeguards protect databases and other organizational data.
Data administration refers to an organization-wide function that is in charge of developing data policies and enforcing data standards.
Database administration refers to a function that pertains to a particular database.
Both data and database administration establish safeguards such as: Define data policies, Data rights and responsibilities, Rights enforced by user accounts authenticated by passwords, Data encryption, Backup and recovery procedures, Physical security.
IS security threats: Human safeguards
Human safeguards involve the people and procedure components of information systems. In general, human safeguards result when authorized users follow appropriate procedures for system use and recovery.
IS security threats: Human safeguards for employees
Human safeguards for employees
Position definitions: should provide a separation of duties and authorities.
Hiring and screening: interview potential employees.
Dissemination and Enforcement: make employees aware of their security policies, procedures, and responsibilities.
Termination: discontinue access to company records, infrastructure, etc and remove passwords and accounts and encryption keys from employee
another important human safeguard. Consists of account management, password management, and help desk policies regarding sensitive information that could cause a security issue.
IS security threats: Systems procedures
Procedures of each type should exist for each information system. The definition and use of standardized procedures reduces the likelihood of computer crime and other malicious activity by insiders. It also ensures that the system's security policy is enforced.
YOU MIGHT ALSO LIKE...
COB204 Exam 3
Info System in Management Ch9-Ch12
OTHER SETS BY THIS CREATOR
COM 135 Exam 1
PHY 111 Final
ISA 235 Strouble Real Final
ISA 235 Final Strouble