Study Guide MIS 6341
Chapter 1 Introduction
Information System Components
• Collect (Input) • Process • Store • Distribute Info. For decision making (output)
Data
Stream of raw facts representing events in the environment
Information
Data shaped into form that is meaningful and useful
Management of Information Systems (MIS)
Combine:Comp. Science, Management Science Operations research
• Technology: – Comp. Harware/software, Data management technology, networking and telecommunications T.Internet, Intranet, extranet
• Management: – Decision making, design and deliver of new products
• Organizations: – People, business functions, culture, politics
Invest in IT as business strategy
• Operational excellence • New products, services • Customer relationship • Improved decision making • Competitive advantage • Survival
Organizational dimensions of Info. Systems
• People – Senior management – Middle management – Operational management – Knowledge workers – Data workers – Production or service workers
• Unique business processes, culture and politics • Separation of business functions
Complementary assets
Assets required to derive value from primary investment: – Organizational: business model and efficient business processes. – Managerial: Training, culture, incentives and teamwork – Social: infrastructure and standards
Approach to information systems
• Technical approach: Computer science, management science and operation research • Behavioral approach: behavioral issues, psychology, economics and sociology
Business model
Describes how a company produces, delivers, and sells a product or service to create wealth
Chapter 8 Security
Managing Security
Security
Policies, procedures, and technical measures used to prevent unauthorized access, alteration, theft, or physical damaged to information systems.
Controls
Methods, policies, and organizational procedures that ensure the safety of the organizations’s assets; accuracy and realibility of its records; and operational adherence to management standards
System Vulnerability
•Software/ Hardware malfunction •Disaster •Info. resides on networks and outside computers.
SSID
Service Set Identifier: identify access points in WiFi network
War Driving
Eavesdroppers drive by buildings or park outside and try to intercept wireless network traffic
WEP
Wired Equivalent Privacy Security standard for 802.11
Viruses
Program that attaches itself to other programs or data files in order to be executed.
Worms
Independent program that copies itself from one computer to another one over a network
Trojan
Program that appears to be benign but then does the unexpected
Spyware
Small programs that install themselves to monitor web activity and serve up advertising – Key loggers: record every keystroke
Hacker vs. Cracker
Hacker gain unauthorized access to a computer system. Cracker is a hacker with criminal intent. – System intrusion – Theft of goods and information – System damage – Cybervandalism
Spoofing
Misrepresenting onself by using fake email or redirecting a web link to a different address camouflaged as the intended one.
Sniffer
A program that monitors information traveling over a network
DenialOf Service (DOS) Attack
Flooding servers with thousands of false requests to crash the network
Distributed DenialOf Service (DDOS) attack
Uses numerous computers to launch DOS. – Bonet: “zombies” or infected PC’s to launch DOS attack
Computer crime
Any violations of criminal law that involve a knowledge of computer technology for their perpetration, investigations or prosecution. – Breaching confidentiality, Theft of trade secrets, using emails for threats or harassment
Phishing
Set up fake web sites and send emails to gain confidential personal data
Evil Twins
Wireless networks that pretend to offer trustworthy WiFi connections to the internet
Pharming
Redirects user to a bogus web page, even when the individual teypes the correct address into the browser.
Click fraud
Click an ad without any intention of learning more or making a purchase.
Global Threats Cyberterrorism and Cyberwarfare
Internet vulnerabilities make digital networks easy targets of terrorist or other group.
Internal Threat:
Employees
• Inside knowledge • Sloppy security procedures • Social engineering
Software Vulnerability
• Commercial software contains flaws • Patches to fix bugs
Lack of Security Consequences
• Loss of revenue • Lowered market value • Legal liability • Lowered employee productivity • Higher operational costs
Legal requirements
• HIPAA: Medical Security and privacy rules and procedures
• GrammLeachBliley Act: Financial institutions
• Sarbanes Oxley Act: Imposes responsibility to safeguard and accuracy of financial information.
General Controls
• Software controls • Hardware controls • Computer Operation controls • Datasecurity controls • Implementation controls • Administrative controls
Application controls
• Input controls (accuracy) • Processing controls (complete) • Output controls (properly distributed)
Risk Assesment
Determine the level of risks to firm if specific activity or process is not properly controlled.
Security Policy
Ranks information risks, identifies acceptable security goals, and identifies mechanisms for achieving these goals. – Acceptable use policy AUP – Authorization policies
Authorization Management Systems
Allow each user access only to portions of system according to his security profile
Disaster Recovery Plan
Devises a plans for restoration of disrupted services. Based on max downtime and which systems must be restored first
Business continuity Planning
Focuses on restoring business operations after disaster
MISÂ audit
Examines overall security environment. Review technologies, procedures, documentation, training and personnel.
Access Control
Policies and procedures to prevent improper access. • Authorization • Authentication – Password – Token (small gadget) – Smart Cards (card with chip) – Biometric authentication (finger print)
Firewall
Hardware/Sofware to prevent unauthorized access to private networks using screening technologies (packet filtering; Stateful inspections; Network Address Translation NAT; Application proxy filtering)
Unified Threat Management UTM
• Firewalls • Intrusion Detection • VPNs • Web content filtering • Antispam Software.
Encryption
Transform data. – Secure Sockets Layer SSL – Transport Layer Security TLS – Secure HTTP https
Digital Certificate CA Certification Authority
Uses a CA to validate users’ identity Public key infrastructure PKI use public key cryptography with CA
Security Outsourcing
Managed Security Service Providers MSSP
Chapter 7 The Internet
Packet switching
Method of slicing digital messages into parcels called packets.
TCP/IP
Transmission Control Protocol: Handles the movement of data between computers Internet Protocol: Responsible for delivery of packets, disassemble and assemble packets.
Network connection types
POTS (Plain old telephone Service) DSL (Digital Subscriber Line) Cable Wireless
HTTP
Hypertext transfer protocol: Communication standard used to transfer pages on the web.
Web Servers
Software for locating and managing stored Web pages.
Chapter 10 ecommerce
e足commerce
Business transactions, marketing, advertising, customer support, delivery and payment using the internet, networks.
Categories of ecommerce
• B2C • B2B – Electronic Data Interchange EDI exchange of standard data of orders, shipments, invoices
• C2C • mcommerce – Location based services – Banking and Financial services – Wireless advertising – Wireless portals – Games and Entertainment – Data and small screen limitations
Business models
• Virtual storefront • Information broker • Transaction broker • Online marketplace • Content provider • Online Service Provider • Virtual community / socialnetwork • Portal
Efficiency of emarkets
• Price Levels (lower) • Price elasticity (sensitivity) • Menu costs (price adjusting) • Price dispersions (spread)
Drivers in ecommerce
• Leadership • Governance • Competencies • Technology
8 unique features of ecommerce
1. 2. 3. 4. 5. 6. 7. 8.
Ubiquity available everywhere Global Reach Universal Standards Richness Interactivity twoway communication Information density Personalization customization Social technology online communities
Digital markets Reduce
• Information assymetry • Search costs • Transaction costs • Menu costs
Digital Markets enable
• Price discrimination • Dynamic pricing • Disintermediation
Digital Goods
Delivered over the networks. Music, movies, video, software, news, books. Low marginal cost of Production and delivery.
Interactive marketing and personalization
Web sites can track consumer patterns to tailor offers: product/service, prices. – Clickstreaming tracking tools – Collaborative filtering
Blogs
Blog = Web log. Contains chronological entries Used by corporations to communicate with consumers
Private Industrial Network
Extranet to share (product info, marketing, production, inventory, graphics, emails)
with suppliers, distributor or key partners
Net marketplace (ehubs)
Single market in a specific industry for bidding process. – Catalogs – Sourcing – Automated purchasing – Processing and fulfillment
Exchange
Independently owned by thirdparty Net market place. Connect buyers and sellers for spot purchasing.
Types of electronic payment systems
• Digital wallet: credit card info stored • Accumulated balance digital payment systems. For micropayments <$10 • Stored value payment systems. Paypal P2P • Digital Checking • Electronic billing presentment and payment systems. Monthly Ebill paid with electronic transfers. • Digital payments for mcommerce – Mobile credit/Debit cards
Chapter 3 Competitive Advantage
Information technology and Organizations
Mediating factors • Environmet • Culture • Business processes • Politics • Management decisions
Organization
Technical Microeconomic Definition: Stable, formal structure that processes capital and labor to produce outputs
Behavioral Definition: Collection of rights, obligations and responsibilities
Routines
Rules, procedures, and practices developed to cope with virtually all expected situations.
Business Processes
Collection of routines
Business firm
Collection of business process
Organizational Politics
Divergent viewpoints lead to political struggle, competition and power.
Organizational culture
Set of assumptions that define goal or product
Organizational environment
Info. Systems filter information with environment: • • • • •
Government Competitors Customers Financial Institutions Culture
Disruptive Technologies
Technology that radically changes businesses, industries, markets.
Organizational structures
1. 2. 3. 4. 5.
Entrepreneurial structure S Machine Bureaucracy M Divisionalized burea.. L Professional bureaucracy Adhocracy
Economic Impact
The internet recuces transaction costs, agency costs (supervising) and increases accessability to quality of information.
New system Planning factors
• Environment • Structure • Culture and politics • Type of org. And leadership • End users • Business decisions and processes
5 competitive forces
1. 2. 3. 4. 5.
Competitors New market entrants Substitute prod./services Customer Suppliers
Information Systems Strategies
1. 2. 3. 4.
Lowcost leadershiip Product differentiation Focus on market niche Strengthen customer and supplier intimacy
Business Value Chain
Series of primary and secondary acitivities that add value to product or service.
Value Web
Collection of independent firms that synchronized IT to coordinate value chains and creat synergies.
Network based strategies
• Network economics: transaction and agency costs.
• Virtual company: use networks to link, people assets and ideas.
• Business ecosystems: interdependent network of supplay chain members
Chapter 5 IT infrastructure
ITÂ infraestructure
Set of physical devices and software required to operate the enterprise
Evolution of IT
1. 2. 3. 4. 5.
Mainframe PC Cliente server Enterprise computing Cloud computing
Moore’s Law
Computing power doubles every 18 months
Law of mass digital storage
Every year the amount of data stored doubles
Metcalfe’s Law
Value of network increases as members grow, as well as more demand for network
IT infrastructure
Components
1. 2. 3. 4. 5. 6. 7.
Computer hardware platfomrs Operating systems platforms Enterprise software platforms Data management and storage Networking/communications Internet platforms Consulting system integration services.
Platform trends
• Smartphones • Netbooks • Grid computing. Multiple computers connected to create a super computer
• Cloud computing. Outsourcing of IT infrastructure.
• Autonomic computing. System can configure, optimized and heal themselves.
• Virtualization runs morethan one OS at the same
time on a single machine to boost utilization and save energy costs
• Web Services XML, SOAP, WSDL, UDDI, SOA • Mashups combination of 2 or more online applications
• Widgets small prog. Added to web pages or desktop to add functionality
Software Sources
1. Software packages and enterprise software 2. Software as a Service SaaS 3. Software outsourcing
Management issues
• Rent vs buy, outsourcing • Competitive forces – Market demand – Business strategy – IT strategy – IT assessment – Competitor services – Competitor IT investments
Chapter 6 Databases Business Intelligence
File Organization Terms
• Field: word, words, complete numbers
• Record: Group of fields that describes an entity (person, thing, event) with respective attributes. • File: group of records • Database: group of files
Problems w/ traditional filing
• Data redundancy and inconsistency: duplicates and different numbers • Programdata dependence • Lack of flexibility • Poor security • Lack of data sharing and availability
Database
Collection of data organized to serve many applications by • Controls redundancy • Eliminates inconsistency • Uncouples programs and data • Central data management and security
Relational DBMS
Field = columns Key field Primary Key gives unique ID to record
Foreing primary key used in a 2 nd table to look up data
Tuplets = records Functions: – Select: Filter – Join: combine tables – Project:
Object Oriented DBMS
OODBMS Database that stores multimedia objects. Data definition: characteristics of the field (integer) Data dictionary: store definitions of data elements (age)
Normalization
The process of creating small, flexible and stable data structures from complex groups of data
Entity relationship Diagram
Illustrates relationships between entities
Distributing databases
Stored in in more than one physical location. • Partitioned • Replicated
Database techniques
• Data warehousing • Data marts: subset • Data mining • Tools for accesing internal databases through the web
Business Intelligence
Analyze data to make business decisions – Software for database query SQL and reporting – Online analytical processing OLAP – Data mining: Find patterns – Predectivity amalysis – Text mining – Web mining • Web content mining (knowledge) • Web structure mining (links) • Web usage mining (history)
Managing data resources
• Information policy: Rules, procedures and accountabilities how data is organized and maintained. • Data administration: Policies and procedures through which data can be managed as a resource. • Data governance: Policies and procedure to manage availability, usability, integrity and security
ITIL
IT infrastructure library. It’s the standard for the best practice in the provision of IT service. – Service support – Service Delivery – Planning to Implement Service Management – ICT infrastructure – Applications management – Security management – The Business Perspective
Chapter 9 ERP Enterprise Resource Planning
System Categories
Enterprise wide systems Interorganizational Systems IOS
Enterprise Systems
Packaged applications Custom applications Legacy systems Integrated systems – Upstream =SCM – Downstream = CRM
ERPÂ selection
Control Business Requirements Best Practices Management Issues
Successful ERP
• Secure Executive sponsorship • Get help from outside experts • Thoroughly train users • Take a multidisciplinary approach to implementations
Implementation cycle
•Need •Vendor •Implementation (speed) •Go live & review •Improvement
Project responsabilities
• CEO / Managing director • Steering commitee • Project manager • Project team members • IT manager • Vendor project manager • Vendor consultant
Business value of ERP
•Improve efficieny •Support decision making •Enable rapid response •Include analytical to measure performance
SCM
Supply Chain Management: • Procuring Materials • Transform them into Prod. • Distributing the products Upstream: Firm’s suppliers, supplier’s suppliers, processess for managin relationships with them Downstream: Organization and processes responsible for dleivering the products to customers
Supply Chain planning systems
• Model existing supply chain • Demand planning • Optimize sourcing, manufacturing plants • Establishing inventory leves • Identifying transportation modes
Supply chain execution systems
Manage flow of products through distribution centers and warehouses.
Demand driven supply chains
• Pullbased model • Pushbased model • Sequential supply chains material and info flow sequentially from company to company
• Concurrent supply chains Information flows simultaneously among members
CRM Customer Relationship Management
• Capture customer data • Consolidate and analyze customer data • Distribute customer information • Single enterprise view of customers
CRMÂ packages
• Partner Relationship Management (PRM) • Employee relationship Management ERM • Salesforce Automation SFA • Customer Service • Marketing.