BUS220 - Week 1

Question 1

Organizational impacts of IT

Answer 1

To succeed in today’s environment, it is often necessary to change business models and strategies.
IT enables organizations to survive and thrive in the face of relentless business pressures.
IT may require a large investment over a long period of time.
Organizations can utilize their platforms to develop new Web-based applications, products, and services, as well as to provide superb customer service.

Question 2

business process

Answer 2

A collection of related activities that produce a product or a service of value to the organization, its business partners, and/or its customers.

Question 3

Impact of IT on organizations

Answer 3

• Need to change business modes & strategies
• IT enables orgs to survive & thrive under relentless pressures
• May require a large investment
• Orgs can utilize their platforms to develop new web-based applications, products and services/superb service

Question 4

business process management (BPM)

Answer 4

A management technique that includes methods and tools to support the design, analysis, implementation, management, and optimization of business processes.

Question 5

data items

Answer 5

An elementary description of things, events, activities, and transactions that are recorded, classified, and stored but are not organized to convey any specific meaning.

Question 6

.digital divide

Answer 6

he gap between those who have access to information and communications technology and those who do not.

Question 7

globalization

Answer 7

The integration and interdependence of economic, social, cultural, and ecological facets of life, enabled by rapid advances in information technology.

Question 8

individual social responsibility (see organizational social responsibility)
information

Answer 8

Data that have been organized so that they have meaning and value to the recipient.

Question 9

information systems (see management information systems)
information technology

Answer 9

Any computer-based tool that people use to work with information and support the information and information-processing needs of an organization.

Question 10

information technology (IT) architecture

Answer 10

A high-level map or plan of the information assets in an organization.

Question 11

information technology (IT) infrastructure

Answer 11

The physical facilities, IT components, IT services, and IT personnel that support an entire organization.

Question 12

knowledge

Answer 12

Data and/or information that have been organized and processed to convey understanding, experience, accumulated learning, and expertise as they apply to a current problem or activity.

Question 13

make-to-order

Answer 13

The strategy of producing customized products and services.

Question 14

management information systems (also information systems)

Answer 14

The planning, development, management, and use of information technology tools to help people perform all tasks related to information processing and management.

Question 15

mass customization

Answer 15

A production process in which items are produced in large quantities but are customized to fit the desires of each customer.

Question 16

organizational social responsibility (also individual social responsibility)

Answer 16

Efforts by organizations to solve various social problems.

Question 17

Differentiate among data, information, and knowledge.

Answer 17

Data items refer to an elementary description of things, events, activities, and transactions that are recorded, classified, and stored, but not organized to convey any specific meaning. Information is data that have been organized so that they have meaning and value to the recipient. Knowledge consists of data and/or information that have been organized and processed to convey understanding, experience, accumulated learning, and expertise as they apply to a current business problem.

Question 18

Describe business processes and discuss business process management.

Answer 18

A business process is a collection of related activities that produce a product or a service of value to the organization, its business partners, and/or its customers. A process has inputs and outputs, and its activities can be measured. Many processes cross functional areas in an organization, such as product development, which involves design, engineering, manufacturing, marketing, and distribution. Other processes involve only one functional area.
To a great degree, the performance of an organization depends on how well it manages its business processes. As a result, organizations emphasize business process management (BPM), which is a management technique that includes methods and tools to support the design, analysis, implementation, management, and optimization of business processes.

Question 19

A business process is a collection of related activities that produce a product or a service of value to the organization, its business partners, and/or its customers. A process has inputs and outputs, and its activities can be measured. Many processes cross functional areas in an organization, such as product development, which involves design, engineering, manufacturing, marketing, and distribution. Other processes involve only one functional area.
To a great degree, the performance of an organization depends on how well it manages its business processes. As a result, organizations emphasize business process management (BPM), which is a management technique that includes methods and tools to support the design, analysis, implementation, management, and optimization of business processes.

Answer 19

An organization’s information technology architecture is a high-level map or plan of the information assets in an organization. The IT architecture integrates the information requirements of the overall organization and all individual users, the IT infrastructure, and all applications. An organization’s information technology infrastructure consists of the physical facilities, IT components, IT services, and IT management that support the entire organization.

Question 20

Describe the global, Web-based platform and its relationship to today’s business environment.

Answer 20

The global, Web-based platform consists of the hardware, software, and communications technologies that comprise the Internet and the functionality of the World Wide Web. This platform enables individuals to connect, compute, communicate, compete, and collaborate everywhere and anywhere, anytime and all the time, and to access limitless amounts of information, services, and entertainment. This platform operates without regard to geography, time, distance, or even language barriers. The Web-based platform has created today’s business environment, which is global, massively interconnected, intensely competitive, 24/7/365, real-time, rapidly changing, and information-intensive.

Question 21

Types of Information Systems

Answer 21

(CBIS) use computer technology to perform some or all of their tasks and are composed of:
•A Network
•Procedures
•People
•Hardware
•Software
•A Database

Question 22

Capabilities of Information Systems

Answer 22

Perform high-speed, high-volume numerical computations
Provide fast, accurate communication and collaboration within and among organizations
Store huge amounts of information in small space
Allow quick, inexpensive access to vast amounts of information worldwide
Interpret vast amounts of data quickly and efficiently
Increase effectiveness and efficiency of people working in groups in one place or around the world
Automate semiautomatic business process and manual tasks

Question 23

Application Programs

Answer 23

An application program is a computer program designed to support a specific task, a business process or another application program.

Question 24

Breadth of Support of Information Systems

Answer 24

Functional area information systems
Enterprise resource planning systems
Transaction processing systems
Interorganizational information systems

Question 25

Information Systems Support for Organization Employees

Answer 25

``` Office automation systems Functional area information systems Business intelligence systems Expert Systems Dashboards ```

Question 26

Porter’s Competitive Forces Model

Answer 26

The best-known framework for analyzing competitiveness is Michael Porter’s competitive forces model (Porter, 1985). (Slide 70 Week 1)

Question 27

Strategies for Competitive Advantage

Answer 27

``` Cost Leadership Differentiation Innovation Operational Effectiveness Customer-orientation ```

Question 28

Why are Information Systems Important to Organizations & Society

Answer 28

IT will reduce the number of middle managers. IT will change the manager’s job. IT impacts employees at work. IT provides quality-of-life improvements.

Question 29

New (Consultative) IS Functions

Answer 29

Initiating and designing strategic information systems Incorporating the Internet and e-commerce into the business Managing system integration Educating non-IS managers about IT Educating IS staff about the business Supporting end-user computing Partnering with executives Managing outsourcing Innovate Ally with vendors and IS departments in other organizations (Traditional slide 80, Week 1)

Question 30

Privacy

Answer 30

Court decisions have followed two rules: (1) The right of privacy is not absolute. Your privacy must be balanced against the needs of society. (2) The public’s right to know is superior to the individual’s right of privacy.

Question 31

Factors Increasing the Threats to Information Security (continued)

Answer 31

International organized crime turning to cybercrime Downstream liability Increased employee use of unmanaged devices Lack of management support Decreasing Skill Necessary to be a Hacker

Question 32

Key Information Security Terms

Answer 32

``` Threat Exposure Vulnerability Risk Information system controls ```

Question 33

Categories of Threats to Information Systems

Answer 33

``` Unintentional acts Natural disasters Technical failures Management failures Deliberate acts ```

Question 34

Unintentional Acts

Answer 34

Human errors Deviations in quality of service by service providers (e.g., utilities) Environmental hazards (e.g., dirt, dust, humidity)

Question 35

Human Errors

Answer 35

``` Tailgating Shoulder surfing Carelessness with laptops and portable computing devices Opening questionable e-mails Careless Internet surfing Poor password selection and use And more ```

Question 36

Most dangerous employees

Answer 36

Human resources and MIS - Remember, these employees hold ALL the information

Question 37

Deliberate Acts (continued)

Answer 37

``` Software attacks –Virus –Worm •1988: first widespread worm, created by Robert T. Morris, Jr. •(see the rapid spread of the Slammer worm) –Trojan horse –Logic Bomb Phishing attacks •Phishing slideshow •Phishing quiz •Phishing example •Phishing example –Distributed denial-of-service attacks •See botnet Alien Software –Spyware (see video) –Spamware –Cookies --Keystroke Logger --Supervisory control and data acquisition (SCADA) attacks ```

Question 38

Communication or Network Controls

Answer 38

``` Firewalls Anti-malware systems Whitelisting and Blacklisting Intrusion detection systems Encryption Virtual private networking Secure Socket Layer (now transport layer security) Vulnerability management systems Employee monitoring systems ```

Question 39

Describe the components of computer-based information systems.

Answer 39

A computer-based information system (CBIS) is an information system that uses computer technology to perform some or all of its intended tasks. The basic components of a CBIS are hardware, software, database(s), telecommunications networks, procedures, and people. Hardware is a set of devices that accept data and information, process them, and display them. Software is a set of programs that enable the hardware to process data. A database is a collection of related files, tables, relations, and so on, that stores data and the associations among them. A network is a connecting system (wireline or wireless) that permits different computers to share resources. Procedures are the set of instructions about how to combine the above components in order to process information and generate the desired output. People are the individuals who work with the information system, interface with it, or use its output.

Question 40

Describe the various types of information systems by breadth of support.

Answer 40

The departmental information systems, also known as functional area information systems, each support a particular functional area in the organization. Two information systems support the entire organization: enterprise resource planning (ERP) systems and transaction processing systems (TPSs). ERP systems tightly integrate the functional area IS via a common database, enhancing communications among the functional areas of an organization. A TPS supports the monitoring, collection, storage, and processing of data from the organization’s basic business transactions. Information systems that connect two or more organizations are referred to as interorganizational information systems (IOSs). IOSs support many interorganizational operations; supply chain management is the best known. Electronic commerce systems enable organizations to conduct business-to-business (B2B) and business-to-consumer (B2C) electronic commerce. They are generally Internet-based.

Question 41

Identify the major information systems that support each organizational level.

Answer 41

At the clerical level, employees are supported by office automation systems and functional area information systems. At the operational level, managers are supported by office automation systems, functional area information systems, decision support systems, and business intelligence systems. At the managerial level, functional area information systems provide the major support. Middle managers are also supported by office automation systems, decision support systems, and business intelligence systems. At the knowledgeworker level, expert systems, decision support systems, and business intelligence systems provide support. Executives are supported primarily by dashboards.

Question 42

Describe strategic information systems (SISs) and explain their advantages.

Answer 42

Strategic information systems support or shape a business unit’s competitive strategy. An SIS can significantly change the manner in which business is conducted to help the firm gain a competitive advantage or reduce a competitive disadvantage.

Question 43

Describe Porter’s competitive forces model and his value chain model and explain how IT helps companies improve their competitive positions.

Answer 43

competitiveness. It identifies five major forces that can endanger a company’s position in a given industry: (1) the threat of new competitors entering the market, (2) the bargaining power of suppliers, (3) the bargaining power of customers (buyers), (4) the threat of substitute products or services, and (5) the rivalries among existing firms in the industry. Although the Porter competitive forces model is useful for identifying general strategies, organizations use his value chain model to identify specific activities which can use competitive strategies for greatest impact. The value chain model also shows points at which an organization can use information technology to achieve competitive advantage. According to Porter’s value chain model, the activities conducted in any organization can be divided into two categories: primary activities and support activities. The primary activities are those business activities that relate to the production and distribution of the firm’s products and services. The primary activities are buttressed by support activities. Unlike primary activities, support activities do not add value directly to the firm’s products or services. Rather, as their name suggests, they contribute to the firm’s competitive advantage by supporting the primary activities. The Internet has changed the nature of competition. Porter concludes that the overall impact of the Internet is to increase competition, which has a negative impact on profitability. competitiveness. It identifies five major forces that can endanger a company’s position in a given industry: (1) the threat of new competitors entering the market, (2) the bargaining power of suppliers, (3) the bargaining power of customers (buyers), (4) the threat of substitute products or services, and (5) the rivalries among existing firms in the industry. Although the Porter competitive forces model is useful for identifying general strategies, organizations use his value chain model to identify specific activities which can use competitive strategies for greatest impact. The value chain model also shows points at which an organization can use information technology to achieve competitive advantage. According to Porter’s value chain model, the activities conducted in any organization can be divided into two categories: primary activities and support activities. The primary activities are those business activities that relate to the production and distribution of the firm’s products and services. The primary activities are buttressed by support activities. Unlike primary activities, support activities do not add value directly to the firm’s products or services. Rather, as their name suggests, they contribute to the firm’s competitive advantage by supporting the primary activities. The Internet has changed the nature of competition. Porter concludes that the overall impact of the Internet is to increase competition, which has a negative impact on profitability.

Question 44

Describe five strategies that companies can use to achieve competitive advantage in their industries.

Answer 44

The five strategies are as follows: (1) cost leadership strategy—produce products and/or services at the lowest cost in the industry; (2) differentiation strategy—offer different products, services, or product features; (3) innovation strategy—introduce new products and services, put new features in existing products and services, or develop new ways to produce them; (4) operational effectiveness strategy—improve the manner in which internal business processes are executed so that a firm performs similar activities better than rivals; and (5) customer orientation strategy—concentrate on making customers happy.

Question 45

Describe how information resources are managed and discuss the roles of the information systems department and the end users.

Answer 45

The responsibility for managing information resources is divided between two organizational entities: the information systems department (ISD), which is a corporate entity, and the end users, who are located throughout the organization. Generally speaking, the ISD is responsible for corporate-level and shared resources whereas the end users are responsible for departmental resources

Question 46

application program (also called program)

Answer 46

A computer program designed to support a specific task or business process.

Question 47

business intelligence (BI) systems

Answer 47

Information systems that provide computer-based support for complex, non-routine decisions, primarily for middle managers and knowledge workers.

Question 48

competitive forces model

Answer 48

A business framework devised by Michael Porter that analyzes competitiveness by recognizing five major forces that could endanger a company’s position.

Question 49

computer-based information system (CBIS)

Answer 49

An information system that uses computer technology to perform some or all of its intended tasks.

Question 50

dashboards (also called digital dashboards)

Answer 50

Information systems that support all managers of the organization by providing rapid access to timely information and direct access to structured information in the form of reports.

Question 51

entry barrier

Answer 51

Product or service feature that customers expect from organizations in a certain industry; an organization trying to enter this market must provide this product or service at a minimum to be able to compete.

Question 52

expert systems (ES)

Answer 52

Information systems that attempt to duplicate the work of human experts by applying reasoning capabilities, knowledge, and expertise within a specific domain.

Question 53

information system (IS)

Answer 53

A process that collects, processes, stores, analyzes, and disseminates information for a specific purpose; most ISs are computerized.

Question 54

software

Answer 54

A set of programs that enables the hardware | to process data.

Question 55

strategic information systems (SISs)

Answer 55

Systems that help an organization gain a competitive advantage by supporting its strategic goals and/or increasing performance and productivity.

Question 56

supply chain

Answer 56

The flow of materials, information, money, and services from raw material suppliers through factories and warehouses to the end customers.

Question 57

support activities

Answer 57

Business activities that do not add value directly to a firm’s product or service under consideration but support the primary activities that do add value.

Question 58

transaction processing system (TPS)

Answer 58

An information system that supports the monitoring, collection, storage, processing, and dissemination of data from the organization’s basic business transactions.

Question 59

value chain model

Answer 59

Model that shows the primary activities that sequentially add value to the profit margin; also shows the support activities.

Question 60

value system

Answer 60

Includes the producers, suppliers, distributors, | and buyers, all with their value chains.

Question 61

virtual private network (VPN)

Answer 61

A private network that uses a public network (usually the Internet) to securely connect users by using encryption.

Question 62

secure socket layer (SSL) (see transport layer security)

Answer 62

An encryption standard used for secure transactions | such as credit card purchases and online banking.

Question 63

whitelisting

Answer 63

A process in which a company identifies acceptable software and permits it to run, and either prevents anything else from running or lets new software run in a quarantined environment until the company can verify its validity.

Question 64

tunneling

Answer 64

A process that encrypts each data packet to be sent and places each encrypted packet inside another packet.

Question 65

zero-day attack

Answer 65

An attack that takes advantage of a newly discovered, previously unknown vulnerability in a particular software product; perpetrators attack the vulnerability before the software vendor can prepare a patch for it or sometimes before the vendor is even aware of the vulnerability.

Question 66

digital dossier

Answer 66

An electronic description of a user and | his habits.

Question 67

denial-of-service attack

Answer 67

A cyber-attack in which an attacker sends a flood of data packets to the target computer with the aim of overloading its resources

Question 68

brute force attack

Answer 68

Attacks that use massive computing resources to try every possible combination of password options to uncover a password.

Question 69

Describe the major ethical issues related to information technology and identify situations in which they occur.

Answer 69

The major ethical issues related to IT are privacy, accuracy, property (including intellectual property), and accessibility to information. Privacy may be violated when data are held in databases or transmitted over networks. Privacy policies that address issues of data collection, data accuracy, and data confidentiality can help organizations avoid legal problems. Intellectual property is the intangible property created by individuals or corporations that is protected under trade secret, patent, and copyright laws. The most common intellectual property concerns related to IT deals with software. Copying software without paying the owner is a copyright violation, and it is a major problem for software vendors

Question 70

Identify the many threats to information security.

Answer 70

There are numerous threats to information security, which fall into the general categories of unintentional and intentional. Unintentional threats include human errors, environmental hazards, and computer system failures. Intentional threats include espionage, extortion, vandalism, theft, software attacks, and compromises to intellectual property. Software attacks include viruses, worms, Trojan horses, logic bombs, back doors, denial–of–service, alien software, phishing, and pharming. A growing threat is cyber-crime, which includes identity theft and phishing attacks.

Question 71

Understand the various defense mechanisms used to protect information systems.

Answer 71

Information systems are protected with a wide variety of controls such as security procedures, physical guards, and detection software. These can be classified as controls used for prevention, deterrence, detection, damage control, recovery, and correction of information systems. The major types of general controls include physical controls, access controls, administrative controls, and communications controls. Application controls include input, processing, and output controls.

Question 72

Explain IT auditing and planning for disaster recovery.

Answer 72

Information systems auditing is done in a similar manner to accounting/finance auditing— around, through, and with the computer. A detailed internal and external IT audit may involve hundreds of issues and can be supported by both software and checklists. Related to IT auditing is preparation for disaster recovery, which specifically addresses how to avoid, plan for, and quickly recover from a disaster.