Final Flashcards by L T

a group of components that interact to produce information

information system (IS)

How well did you know this?

Not at all

Perfectly

the five fundamental components of an information system that are present in every information system, from the simplest to the most complex

five-component framework

How well did you know this?

Not at all

Perfectly

five fundamental components of IS

computer hardware
software
data
procedures
people

How well did you know this?

Not at all

Perfectly

one of the five fundamental components of an information system

computer hardware

How well did you know this?

Not at all

Perfectly

instructions for computers. one of the five fundamental components of an information system

software

How well did you know this?

Not at all

Perfectly

recorded facts or figures. one of the five fundamental components of an information system

data

How well did you know this?

Not at all

Perfectly

instructions for humans. one of the five fundamental components of an information system

procedures

How well did you know this?

Not at all

Perfectly

as part of the five component framework, one of the five fundamental components of an information system; this components includes those who operate and service the computers, those who maintain the data, those who support the networks and whose who use the system

people

How well did you know this?

Not at all

Perfectly

computer programs

applications

How well did you know this?

Not at all

Perfectly

information systems that help businesses achieve their goals and objectives

management information systems (MIS)

How well did you know this?

Not at all

Perfectly

three key elements of MIS

development and use
information systems
goals and objectives

How well did you know this?

Not at all

Perfectly

the products, methods, inventions and standards that are used for the purpose of producing information

information technology (IT)

How well did you know this?

Not at all

Perfectly

provides products and services that other industries rely on to get their work done

information and communications technology (ICT) sector

How well did you know this?

Not at all

Perfectly

a law stating that the number of transistors per square inch on an integrated chip double every 18 months. this prediction has proved generally accurate in the 40 years since it was made. sometimes this law is stated that the speed of a computer chip doubles every 18 months. while not strictly true, this version gives the gist of the idea

moores law

How well did you know this?

Not at all

Perfectly

old technology being replaced by new

creative destruction

How well did you know this?

Not at all

Perfectly

a network of activities, resources, facilities and information that interact to achieve some business function

business process or business system

How well did you know this?

Not at all

Perfectly

components of business process (4)

activities
resources
facilities
info

How well did you know this?

Not at all

Perfectly

parts of a business process that transforms resources and information of one type into resources and information of another type; can be manual or automated

activities

How well did you know this?

Not at all

Perfectly

items of value, such as inventory or funds, that are part of a business process

resources

How well did you know this?

Not at all

Perfectly

structures used within a business process

facilities

How well did you know this?

Not at all

Perfectly

(1) knowledge derived from data, where the term data is defined as recorded facts or figures (2) data presented in a meaningful context (3) data processed by summing ordering, averaging, grouping, comparing or other similar opinions (4) a difference that makes a difference

information

How well did you know this?

Not at all

Perfectly

a standard set of terms and graphical notations for documenting business processes

business process modelling notation (bpmn)

How well did you know this?

Not at all

Perfectly

information that is factual and verifiable

accurate information

How well did you know this?

Not at all

Perfectly

information that is produced in time for its intended use

timely information

How well did you know this?

Not at all

Perfectly

information that is appropriate to both the contex and the subject

relevant

adequate information to perform the task

sufficient

information that meets the purpose for which it is generated, but just barely so

just barely so

when an appropriate relationship exists between the cost of information and it's value

worth it's cost

the process of generating information that will be useful for management and strategy decisions

business process management (bpm)

a business process improvement method focused on improving quality

total quality management (tqm)

a business process improvement method developed by Motorola that focuses on developing quality

six sigma

a manufacturing method focused on using resources as efficiently as possible

lean production

an information system in which the hardware and software components do most of the work

automated system

an information system in which the activity of processing information is done by people, without the use of automated processing

manual system

decisions that concern the day to day activities of an organization

operational decisions

an information systems that supports operational decision making

transaction processing system (tps)

decisions that concern the allocation and use of resources

managerial decisions

information systems that help business achieve their goals and objectives

management information systems (mis)

decisions that concern broader scope, organizational issues

strategic decisions

information systems that support strategic decision making

executive information systems (eis)

a type of decision for which there is a formalized and accepted method for making the decision

structured decision

a type of decision for which there is no agreed on decision making method

unstructured decision

decision making process steps (5)

``` intelligence gathering alternatives formulation choice implementation review ```

the first step in the decision making process in which decision makers determine what is to be decided, what the criteria for selection will be an what data is available

intelligence gathering

a step in the decision making process in which decision makers lay out various alternatives

alternatives formulation

a step in the decision making process in which decision makers analyze their alternatives and select one

choice

a step in the decision making process in which decision makers implement the alternative they have selected

implementation

the final step in the decision making process, in which decision makers evaluate results if their decision and, if necessary, repeat the process to correct or adapt the decision

review

labour productivity

GDP / total paid hours worked by Canadians

provides products and services that other industries rely on to get their work done

informations no communications technology (ict) sector

the lack of evidence of an increase in worker productivity associated with the massive increase in investment in information technology

productivity paradox | Stephen roach

the creation of business value

productivity

tangible benefits for organizations through either more efficient use of resources or more effective delivery of their sales to customers

business value

three ways in which value of IT can be realized

productivity structure of competition benefits to end customer

Rogers five characteristics: relative advantage, compatibility, complexity, trial ability and observability

innovation

a nonprofit organization created to support the development of skills for the information and computing technology industry

canadian coalition for tomorrow's ICT skills (ccict)

a category of skills focused on the ability to effectively innovate using information technology in organizations

business technology management (btm)

a set of skills thought to be useful for those employees focused on developing and maintaining information technology

skills framework for the Information Age (sfia)

a measure of productiveness also refers to accomplishing a business process either more quickly with the same resources or as quickly with fewer resources

efficiency

doing the right things

effectiveness

a network of value creating activities

value chain

process of making a tire goes from rubber to tire and gains value

value chain | Michael porter

the difference between value and cost

margin

in michael porters value chain model, the fundamental activities that create value - inbound logistics, operations, outbound logistics, marketing/sales ad service

primary activities

shipping raw material, designing tires, manufacturing tired, shipping tires and installing tires

primary activities

in michael porters value chain model, the activities that contemptible indirectly to value creation - procurement, technology, human resources and the firms initiative

support activities

paying the workers, buying machines, maintaining machines, scheduling shipping, keeping track of mechanics hours

support activities

a model proposed by michael porter that asses industry characteristics and profitability by means of five competitive forces - bargaining power of suppliers, threat of substitutions, bargaining power of customers, rivalry among firms and threat of new entrants

five forces model

five competitive forces

``` bargaining power of suppliers threat of substitutions bargaining power of customers rivalry among firms threat of new entrants ```

the strategy an organization chooses as the way it will succeed in it's industry. according to michael porter, there are four fundamental competitive strategies: cost leadership across an industry or within a particular industry segment and product differentiation across an industry it within a particular industry segment

competitive strategy

four fundamental competitive strategies

cost leadership across an industry or within a particular industry segment and product differentiation across and industry or within a particular industry segment

changes in technology that maintain the rate of improvement in customer value

sustaining technologies

vulcanization of rubber allowed tires to be produced faster and provide more comfortable rides

sustaining technology

a product that introduces a very new package of attribute from the accepted mainstream products

disruptive technology

MP3 player

disruptive technology

the process by which innovation is communicated through certain channels over times among the members of a social system

diffusion of innovation

Everett roberts five stages

``` knowledge persuasion decision implementation confirmation ```

the process of locking in customers by making it difficult or expensive for them to switch to another product

switching costs

the development of people and procedures that are well supported by the underlying technology

sustained competitive advantage

first digital computing device

1940s

first commercial computer

1950s

first personal computer

1980s

the first digital computing machine used in business and government

mainframes

smaller than mainframes, the precursor to personal computers

microcomputers

invention of WAN

1990s

electronic components and related gadgetry that input, process, output, store and communicate data according to instructions encoded in computer programs or software

hardware

four basic components of computer

input processing output storage

hardware devices that attach to a computer; for example, keyboards, mouse, document scanners and barcode (universal product code) scanners

input devices

computing technology that allow for the modification, storage or deletion of data

processing devices

selects instructions, process them, performs arithmetic and logical comparisons and stores results of operations in memory

central processing unit (CPU)

what CPU performance is measured and counted in

hertz or cycles | kilohertz, megahertz or gigahertz

a set of cells in which each cell holds a byte of data or instruction; each cell has an address and the CPU uses the addresses to identify particular data items

main memory

memory that is external to the processing unit that is used for primary working memory in a computing system

random access memory (ram)

relationship between CPU, ram, and main memory

CPU read data and instructions from ram | ram stores results in main memory which is often hard drive

hardware that displays the results of the computers processing. if it consists of video, printers, audio speakers, overhead projectors and other special purpose devices, such as large flatbed plotters

output devices

hardware that saves data and programs. magnetic disk is by far the most common storage device, although optical disks, such as CDs and DVDs, also are popular

storage hardware

cards that can be added to the computer to augment the computers basic capabilities

special function cards

video cards can be used to support additional monitor for two or three screens

special function cards

the means by which computers represent data; also called bits. it is either a zero or a one

binary digits

(1) a character of data (2) an 8-bit chunk

bytes

byte sizes

kilobyte → 1024 bytes megabyte → 1024 kilobytes gigabyte → 1024 megabytes terabyte → 1024 gigabytes

to run program

CPU transfers program or data from disk to main memory | moves instruction from main memory into CPU via data channel or bus

means by which CPU reads instructions and data from main memory and writes data to main memory

data channel

means by which CPU reads instructions from data from main memory and writes data to main memory

bus

a file on a domain name resolver that stores domain names and IP addresses that have been resolved. the, when someone else needs to resolve that same domain name, here is no need to go through the entire resolution process. instead, the resolver can supply the IP address from the local file

cache

a computer program that controls the computers resources; it manages the contents of main emperors, processes keystrokes and mouse movements, sends signals to the display monitor, reads and writes disk files and controls the processing of other programs

operating system (os)

the movement of programs and data into and out of memory if a computer has insufficient memory for its workload, such swapping will degrade system performance

memory swapping

data that will be lost when the computer or device is not powered

volatile | random access memory

memory that preserves data contents even when not powered (magnetic and optical disks). with such devices, you can turn the computer off and back on, and the contents will be unchanged

nonvolatile | read only memory

cycles of CPU speed

herts

a computer that provides word processing, spreadsheets, database access, and usually a network connection

client

computers hat provide certain types of service, such as hosting data base, running a blog, publishing a website, or selling goods. server computers are faster, larger and more powerful than client computers

servers

a large collection of server computers that coordinated the activities of the servers, usually for commercial purposes

server farm

customers do not necessarily own the computer they use. instead, hardware, software and applications are provided as a service, usually though a web browser. the cloud is a metaphor for the internet, which makes software and data services available from any location at any times

cloud computing

hotmail and google docs

cloud computing

the concept in which several computers are used to address a single problem at the same time. it uses software to divide and apportion pieces of a program among several computers, sometimes many thousands

grid computing

the collection os instructions that a computer can process

instruction set

four major operating systems

windows Mac OS Unix Linux

an operating system designed an sold by Microsoft. it is the most widely used operating system

windows

an operating system developed by apple computer, inc. for the macintosh. he current version is Mac OS X, macintosh computers are used primarily by graphic artists and workers in the arts community. Mac OS was developed for the PowerPC, but as of 2006 runs on intel processors as well

Mac OS

an operating system developed at bell labs in the 1970s. it has been the workhorse of the scientific and engineering communities since then

Unix

a version if unix that was developed by the open-source community. the open-source community owns Linux and there is no fee to use it. Linux is a popular operating system for web servers

Linux

a loosely coupled group of programmers who mostly volunteer their time to contribute codes to develop and maintain common software, Linux and MySQL are two prominent products developed by such a community

open sourced community

an agreement that stipulated how a program can be used. most specify the number of computers on which the program can be installed and sometimes the number of users that can connect to and use the program remotely. such agreements also stipulate limitations on the liability is the software vendor for the consequences of errors in the software

licence

programs that performs a business function. some application programs are general purpose, such as excel or word. other application programs are specific to a business function, such as accountants payable

application software

software that provides capabilities common across all organizations and industries: examples include work processors, graphics programs, spreadsheets and presentation programs

horizontal market applications

software that serves the needs of a specific industry. examples of such programs are those used by dental offices to schedule appointments and bill patients, those used by auto mechanics to keep track of customer data and customers automobile repairs, and those used by parts warehouses to track inventory, purchases and sales

vertical market application

software that is developed for a specific, unique need, usually for a particular company's operations

one of a kind application

commercial software

off the shelf

commercial software that has been modified for a particular organization

off the shelf with alterations

software adapted to a particular organizations needs

tailor made

software that is tailor made for a company or organization

custom developed software

a computer software that is installed on devices, such as printers, print services and various types of communication devices, the software is coded just like other software, but it is installed on special, programable memory of the printer or other device

firmware

an important piece of firmware used when a computer is initially booted up: the first thing the computer does is to load this from ROM and run through the commands provided by the firmware. it checks to make sure the memory and input devices are functional. once these are working, the operation system will be loaded

basic input/output system (bios)

a software application that requires nothing more then a browser and can be run on only the users computer

thin client

a software application that requires programs other than just the browser on a users computer - that is, that requires codes on both a client and server computers

thick client

a computer program that replaces itself; unchecked replication is like computer cancer, by which ultimately the virus consumes the computers resources. many viruses also take unwanted and harmful actions

virus

the program code of a virus that causes unwanted or hurtful actions, such as deleting programs or data, or even worse, modifying data in ways that are undetected by user

payload

viruses that attach themselves to word, excel, PowerPoint or other types of documents. when the infected document is opened, the virus places itself in the startup files of the application. after that, the virus infects every file that the application creates or processes

macro viruses

a virus that propagates itself using the internet of some other computer network. it is written specifically to infect another computer as quickly as possible

worm

subsequent computers infected with the worm or virus that infected an initial computer

zombies

a set of computers or applications that are coordinated through network and used to perform malicious tasks

botnet

a group of fixes for high priority failures that can be applied to existing copies of a particular product. software vendors supply these to fix security and other critical problems

patches

software that detects and possibly eliminates viruses

antivirus program

a form of creative endeavor that can be protected through a trademark, patent, copyright, industrial design or integrated circuit topography

intellectual property

an information system that tracts organizational documents, webpages, graphics and related materials

content management system (CMSs)

steps for employee loading content to website server (4)

employee loads content editor reviews document passed on to layout artisit who prepares it for presentation manager reviews and publishes it

a self-describing collection on integrated records

database

groups of bytes in a database table. a database table has multiples of these that are used to represent the attributes of an entity

columns | fields

groups of columns in a database table

rows | records

a group of similar rows or records in a databse

tables | file

describes structure of data

metadata

(1) a column or group of columns that identifies a unique row in a table

key

a column or group of columns used to represent relationships. values of the foreign key match values of the primary key in a different (foreign) table

foreign keys

databases that carry their data in the form of tables and that represent relationships using foreign keys

relational databases

a more formal name for a database dable

relation

occurs when tow or more people work together to achieve a common goal, result or product

collaboration

critical factors for collaboration (4)

communication skills and culture communication systems content management workflow control

email, virtual private networks, instant messaging and more sophisticated communication systems, dependent on the network technology available in an organization

communication systems

a process of procedure in which content is created, edited, used and disposed

workflow

the larger the number of people using a network, the more valuable the network becomes

network externality | network effect

when this point is hit, it grows at a faster rate

critical mass

a collection of computers that communicate with one another over transmission lines

network

physical media, such as copper cable and optical fibre (glass fibre) cable, or wireless media transmitting light or radio frequencies (including cellular and satellite systems) which transmit electronic signals

transmission media

a network that connects computers that reside in a single geographical location on the premises of the company that operates the LAN. the number of connected computers can range from two to several hundred

local area network (LAN)

a network that connects computers located at different geographical locations

wide area networks (WANs)

a private network of networks

internet

the public network

Internet

a standardized means for coordinating an activity between two or more entities

protocol

a special purpose computer that receives and transmits data across a network

switch

a hardware component on each device on a network (computer, printer, etc.) that connects the devices circuitry to the communications line. this works together with programs in each device to implement layers 1 and 2 of the TCP/IP-OSI hybrid protocol

network interference card (NIC)

a built in NIC

onboard NIC

a permanent address given to each network interface card at the factory. this address enables o the device to access the network via a level 2 protocol. by agreement among computer manufacturers, these addresses are assigned in such a way that no two NIC devices will ever have the same address

MAC (media access control) address

a type of cable used to connect the computers, printer, switches and other devices on a LAN. this cable has four pairs of twisted wire. a device called an RJ-45 connector is used to connect this cable into NIC devices

unshielded twisted pair (UTP) cable

a type of cable used to connect the computers, printers, switches and other devices on a LAN. the signals on such cables are light rays, and they are reflected inside the glass core of the optical fibre cable. the core is surrounded by a cladding to contain the light signals, and the cladding, in turn, is wrapped with an outer layer to protect it

optical fibre cables

this standard is a network protocol that operates at layer 1 and 2 of the TCP/IP-OSI architecture. ethernet, the worlds most popular LAN protocol, is used on WANs as wekk

IEEE 802.3 protocol

a network protocol that operates at layer 1 and 2 of the TCP/IP-OSI architecture.

ethernet

a type of ethernet that conforms to the IEEE 802.3 protocol and allows for transmission at a rate of 10. 100 or 1000 megabits per second

10/100/1000 ethernet

phones that combine a powerful processor with sophisticated operating systems and cellular network technology to provide a host of applications to their users including voice, text, email, web browsing and much more

smartphone

devices that enable wireless networks by communicating with wireless access points. such devices can be cards that slide into the PCMA slot or they can be built in, onboard devices. they operate according to the 802.11 protocol

wireless NIC (WNIC)

points in a wireless network that facilitate communication among wireless devices and serve as points of interconnection between wireless and wired networks. these must be able to process messages and communicate with wired networks using the 802.3 protocol

access points (APs)

devices used to amplify and reflect signals

repeaters and reflectors

short for mobile commerce, its applications allow mobile phones to conduct certain kinds of transactions, such as mobile banking and mobile ticket purchases at movie theaters and sporting events

M-commerce

a special purpose computer that moves network traffic from one node on a network to another

router

provides a user with a legitimate Internet address; it serves as the users gateway to the Internet; and it passes communications back and forth between the user and the Internet. they also pay for the Internet. they collect money form their customers and pay access fees and other charges on the user's behalf

internet service providers (ISP)

consists of sites and users that process HTTP

web

a layer-5 protocol used to process webpages

hypertext transfer protocol (HTTP)

a program that processes the HTTP protocol; receives, displays and processes HTML documents; and transmits responses

browsers

a documents address on the web. URLs begin on the right with a top level domain and moving left, include a domain name and than are followed by optional data that locates a document within that domain

uniform resource locator (URL)

a series of dotted decimals in a format, such as 192.168.2.28, which identifies a unique device on a network or internet. with the IPv4 standard, theses have 32 bits. with the IPv6 standard, they have 128 bits. today, IPv4 is more common but will likely be supplanted by IPv6 in the future. with IPv4, the decimal between that dots can never exceed 225

IP addresses

a system that converts user friendly names into their IP addresses. any registered, valid name is called a domain name

domain name system (DNS)

a continuously variable electronic signal. must be converted to digital signal before its sent

analog

short for modulator/demodulator, it converts te computers digital data into signals that can be transmitted over telephone cable lines

modem

a special telephone line that connects home and small business computers to an ISP

digital subscriber line (DSL)

DSL line that has different upload and download speeds

asymmetrical digital subscriber lines (ADSL)

DSL lines that have the same upload and download speeds

symmetric digital subscriber lines (SDSL)

a type of modem that provides high-speed data transmission using cable television lines. the cable company installs a fast, high capacity optical fibre to a distribution center in each neighborhood that it serves. at the distribution center, the optical fibre cable connects to regular cable television cables that run to subscribers homes or businesses. cable models modualte in such a way that their signals do not interfere with TV signals. like DSL lines, they are always on

cable modem

internet communication lines that have transmission speeds of 56 kbps or less. a dial up modem provides this access

narrowband

internet communication lines that have speeds in excess of 256 kbps. DSL and cable modems provide this access

boradband

a modem that performs the conversation between analog and digital in such a way that the signal can be carried on a regular telephone line

dial up modem

provides definition and specification of the network layers

transmission control program/internet protocol (TCP/IP)

network access layer describes equipment used for communications, signal used and protocols transmission within single network

layer 1

internet layer works with IP addresses and controls packet organization and timing constraints transmission across internet

layer 2

transport layer deals with opening connection and maintaining them and uses transmission control program to ensure packets are received with correct content transmission across internet

layer 3

application layer data passed between programs and transport layer programs for mail, web browsing, file transfer

layer 4

a system in which messages are first disassembled into small packets, then sent though the network and reassembled at the destination

packet switching network

a computing device located between a firms internal and external networks that prevents an unauthorized access to or from the internal network. it can be a special purpose computer or it can be a program on a general purpose computer or on a router

firewall

a number used to uniquely identify a transaction over a network

port

a list that encodes the rules stating which packets are to be allowed through a firewall and which are to be prohibited

access control list (ACL)

employees blocked from certain websites

access control list (ACL)

a firewall that examines each packet and determines whether to let the packet pass. to make this decision, it examines the source address, the destination address and other data

packet-filtering firewalls

the process of transforming clear text into coded, unintelligible text for secure storage or communication

encryption

a WAN connection alternative that uses the internet or a private internet to create the appearance of private point to point connections

virtual private network (VPN)

a virtual, private pathway over a public or shared network from the VPN client to the VPN server

tunnel

a software program that browses web in a very methodical way

webcrawler

comparing

benchmarking

organizations that expand into activities that affect raw materials

upstream

organizations that move closer to the end customer

downstream

applications, having the standard five components, that make database data more accessible and useful. users employ a database application that consists of forms, formatted reports, queries and application programs. each of these, in turn, calls on the database management system to process the database tables

database application system

a program used to create, process, and administer a database

database management system (DBMS)

a popular, enterprise class DBMS product from IBM

DB2

a popular personal and small workplace DBMS product from microsoft

access

a popular enterprise-class DBMS product from microsoft

SQL server

a popular enterprise class DBMS product from oracle corporations

oracle

a popular open source DBMS product that is licence free for most applications

my SQL

application use DBMS for four operations

read insert modify delete data

an international standard language for processing database data

structured query language (SQL)

a collection of forms, reports, queries and application programs that process a databse

database applications

data entry forms that are used to read, insert, modify and delete database data

forms

a presentation of data in a structured or meaningful context

report

a request for data from a database

query

when multiple users process the database at the same time

multiuser processing

an issue in multiuser database processing, in which two or more users try to make changes to the data but the database cannot make all the changes because it was not designed to process changes form multiple users

lost update problem

a product that processes large organizational and workgroup databases. these products support many users, perhaps thousands and many different database applications. such DBMS products support 24/7 operations and can manage databases that span dozens of different magnetic disks with hundreds of gigabytes or more of data.

enterprise DBMS

DBMS products designed for smaller, simpler database applications. such products are used for personal or small workgroup applications that involve fewer than 100 users and normally fewer then 15

personal DBMS

a thing whose status is relevant to the operation and management of the organization

entity

``` a change (transaction) in the status of at least one entity ```

event

a controlled, self contained grouping of | information resources that can be accessed within a single company using Web browsers

intranet

similar to an Intranet but is designed to facilitate communications between two or more business partners

extranet

help us to send mail messages across the web

simple mail transfer protocol (SMTP)

help us receive mail messages across the web

post office protocol (POP)

help us to send files across the network

file transfer protocol (FTP)

information (4)

knowledge derived from data, where the term data is defined as recorded facts or figures data presented in a meaningful context data processed by summing ordering, averaging, grouping, comparing or other similar opinions a difference that makes a difference

characteristics of good information (5)

accurate timely relevant just barely sufficient worth its cost

how innovations in business processes are developed

by integrating IT into the business process

types of decisions at each level

operational - structured managerial - both strategic - unstructured

may be critical reason for observed lack of productivity from IT investments

measurement error

allows company to create more or better output from same input and create them faster than before

productivity

alters the way corporations compete

structure of competition

helps make process more efficient and changes the nature of the competition which makes final goods cheaper to the customer

benefits to end customer

innovation (5)

relative advantage compatibility complexity trialability observability

ways to gain competitive advantage via business processes (4)

switching costs create entry barriers establish alliances reduce costs

difference between business process and work flow

business process focuses on delivering a good or service externally yo the customer workflow focuses on delivering a good or service internally to employees

the second era of information systems. The goal of such systems was to facilitate the work of a single department or function. Over time, in each functional area, companies added features and functions to encompass more activities and to provide more value and assistance

functional systems

an organizational area (such as marketing or finance) that operates without considering other organizational areas

functional silos

the third type of computing systems. In this type, systems are designed not to facilitate the work

Cross-Department Or Cross-Functional Systems

information systems processing of routine transactions between two or more organizations

interorganizational systems

primary activities (5)

marketing and sales inbound logistics operations or maufacturing outbound logistics service and support

support activities (3)

human resources accounting and infrastructure procurement and technology

product management, lead tracking, sales forecasting, customer managemnt

marketing and sales

order entry, order management, inventory management, customer service

operations

inventory, planning, scheduling, manufacturing operations

manufacturing

payroll and compensation, recruiting, assessement, development and training, human resources planning

human resources

general ledger, financial reporting, accounts receivables, accounts payables, cost accounting, budgeting, cash management, treasury management

accounting and finance

problems encountered with isolated functional systems (4)

data duplication, data inconsistency disjointed processes limited information and lack of integrated information isolated decisions lead to inefficient overall activities

Changes in product data in one system may take days to reach other systems

duplicated data and data inconsistency

Different systems labeling the same product differently. results in converting data

disjointed processes

when a customer asks about an order, several systems may need to be queried

limited information and lack of integrated information

possible ways t improve business processes without technological change (3)

adding resources (such as more workers) adding increased specialization (such as more skilled workers) changing /eliminating unproductive activities

the creation of new, usually cross-departmental business practices during information systems development. With this, organizations do not create new information systems to automate existing business practices. Rather, they use technology to enable new, more efficients business processes

business process design

combining functional systems, which uses layers of software as a bridge to connect different functional systems together (2)

enterprise application integration (EAI)

one central database is combined with set of standard business processes built on top of the database to ensure integration between functional areas. uses a prebuilt software and removes existing functional systems

enterprise resource planning (ERP)

two approaches to integration

enterprise application integration enterprise resource planning

three main reasons that process design projects and expensive and difficult

business processes often more complex and require many people to agree on changes lots of detailed work to determine what to change many experts from different part of organization are needed

processes built into business applications from companies such as Oracle or SAP

industry standard processes

a software product licensed by German company SAP that integrates business activities into inherent processes across an organization

SAP R/3

advantages (2) and disadvantages (2) or industry standard processes

more then one company bares cost of design effort saves time and money may be very different from existing process and requires alot of change hard to differentiate themselves

the integration of all the organizations principal processes. it is an outgrowth of MRP II manufacturing systems, and most users are manufacturing companies

enterprise resources planning (ERP) systems

ERP characteristics (5)

provides cross functional process view of the organization has formal approach based on formal business models maintains data in centralized database offers large benefits but is difficult, fraught with challenges and can be slow to implement often very expensive

in an ERP product, a comprehensive set of inherent processes for organizational activities

process blueprint

potential benefits of ERP (6)

efficient business processes inventory reduction lead time reduction improved customer service greater, real time insight into organization higher profitability

an information system that maintains data about customers and all their interactions with the organization

customer relationship management (CRM) systems

taken as a whole, the processes of marketing, customer acquisition, relationship management and loss/churn that must be managed by CRM systems

customer life cycle

solicitation (3)

generate prospects via messages to target market use email, websites and other IS messaging media support direct mail, catalog, other traditional promotion

relationship management (3)

maximize the value of existing customer base sales management application customer support applications

prioritize customers using purchasing history, increase sales of existing customers, focus reselling on high-value customers, win back lost high value customers

sales management application

manage orders, track customers problems and problem resolutions, prioritize responses accourding to customer value, gather data for product improvement

customer support applications

interorganizational systems that enable companies to efficiently handle the flow of goods from suppliers to customers

supply chain management (SCM) systems

a network or organizations and facilities that transforms raw materials into products delivered to customers

supply chain

elimination of one or more middle layers in the supply chain

disintermediation

four major factors that affect the supply chain

facilities inventory transportation information

three factors of information

purpose availability means

can be transactional (orders and order returns) or informational (sharing inventory and customer data)

purpose

ways in which organizations share their information. which organizations have access to which information and when

availability

methods by which information is transmitted

means

an information system that integrates the primary inbound logistics business activity

supply chain management

three fundamental information systems involved in supply chain

supplier relationship management (SRM) inventory customer relationship management (CRM)

a business process for managing all contacts between an organization and its suppliers

supplier relationship management (SRM)

three basic procedures that SRM support

source purchase settle

source (4)

find vendors assess capabilities negotiate terms and conditions make contract

purchase (3)

request information, quotation, proposal approve purchase create an order

settle (3)

receive goods resolve receivables to order pay according to terms and policy

benefits of IS on supply chain performance (4)

reduce costs of buying and selling increase supply chain speed reduce size and cost of inventories improve delivery scheduling - enable just in time inventory

the result of outcomes are deemed good or likely to lead to good outcomes

rational decision

we are simply not capable of thinking through all the various options and permutation that are available to us. instead of seeking optimal solution, we sacrifice or chose the most reasonable and availale solution rather than the perfect choice

bounded rationality

ackoffs three assumptions

managers will have no problem making decisions if they get the data they need poor decisions are made because managers lack relevant information managers know what data they need

an overabundance of irrelevant data

information overload

10^15 bytes

petabytes

10^18 bytes

exabytes

probloems with using operational data for business intelligence systems (6)

dirty data missing value inconsistent data data not integrated wrong granularity too much data

problematic data. Examples are a value of B for customer gender and a value of 213 for customer age. Other examples are a value of 999-999-9999 for a North American phone number, a part color of green and an email address of WhyMe@GuessWhoIAM.org. All these values are problematic when data mining

dirty data

the level of detail in data. Customer name and account balance is large granularity data. Customer name, balance and the order detail and payment history of every customer order is smaller granularity

granularity

e-commerce data that describe a customers clicking behavior. Such data include everything the customer does at the website

clickstream data

collecting data electronically and processing transactions online

online transaction processing (OLTP)

the system waits until it has a batch of transactions before the data are processed and the information is updated

batch processing

occurs when data are collected in OLTP but are not used to improve decision making

data resource challenge

systems that focus on making data collected in OLTP useful for decision making

decisions support systems (DSSs)

a dynamic type of reporting systems that provides the ability to sum, count, average and perform other simple arithmetic operations on groups of data. Such reports are dynamic because users can change the format of the reports while viewing them

online analytic processing (OLAP)

item of interest normally summed or averaged total sales, average sales, average costs

measure

characteristic of measure purchase data, customer type, customer location, sales region

dimension

with an OLAP report, to further divide the data into more detail

drill down

a system that provides the right information, to the right user, at the right time. A tool produces the information, but the system ensures that the right informaiton is delivered to the right user at the right time

business intelligence (BI) system

five categories of BI systems

group decision support systems (GDSSs) reporting systems data mining systems knowledge management systems expert systems

an application that enables more than one individual to undertakes a decision. Often includes voting and brain storming functions

group decision support systems (GDSS)

systems that create information from disparate data sources and deliver that information to the proper users on a timely basis

reporting systems

the application of statistical techniques to find patterns and relationships among data and to classify and predict

data mining systems

a data mining technique for determining sales patterns. A market-basket analysis shows the products that customers tend to buy together

market basket analysis

information systems for storing and retrieving organizational knowledge, whether that knowledge is in the form of data, documents or employee know how. supported by the five components of IS

knowledge management (KM) systems

knowledge sharing systems that are created by interviewing experts in a given business domain and codifying the rules used by those experts. stated by if/then rules

expert systems

a way of analyzing and ranking customers according to their purchasing patterns

RFM analysis

a facility that prepares, stores and manages data specifically for reporting and data mining. data is stored using DBMS

data warehouse

a database that prepares, stores and manages data for reporting and data mining for specific business functions

data mart

a form of data mining whereby the analysts do not create a model or hypothesis before running the analysis. Instead they apply the data-mining technique to the data and observe the results. With this method, analysts create hypotheses after the analysis to explain the patterns found

unsupervised data mining

an unsupervised data mining technique whereby statistical techniques are used to identify groups of entities that have similar characteristics. A common use for cluster analysis is to find groups of similar customers in data about customer orders and customer demographics

cluster analysis

a form in data mining in which data miners develop a model prior to the analysis and apply statistical techniques to data estimate values of the parameters of the model

supervised data mining

a type of supervised data mining that estimates the values of parameters in a linear equation. Used to determine the relative influence of variables on an outcome and also the predict future values of that outcome

regression analysis

a popular supervised data mining technique used to predict values and make classifications, such as "good prospect" or "poor prospect"

neural networks

a data mining technique for determining sales patterns. it shows products customers tend to buy together

market based analysis

relying on another company to provide you with products or services that you are either unable or unwilling to develop yourself

outsourcing

five basic ways to acquire a software application

buy it and use it as is buy it and customize it rent or lease it build it yourself outsource it

provides project managers, sponsors and team leaders with a large array of accepted project management techniques and practices

project management body of knowledge (PMBOK)

projects of all shapes and sizes that renew and adapt IT infrastructure

IT projects

the collection of techniques and methods that project managers use to plan, coordinate and complete IT projects

information technology project management (ITPM)

guide to PMBOK suggests there are five process groups in any project

initiating planning executing controlling and monitoring closing

each process group can be related to one of nine project knowledge areas

integration management scope management time management cost management quality management human resources management communications management risk management procurement management

individuals certified by Product Management Institute as having product management sills

project management professionals (PMPS)

service, maintanance, protection and management of IT infrastructure

IT operations

the entire sets of systems that support operations

production systems

key words in IT operations (5)

stability predictability accountability reliability security

a well-recognized collection of books providing a framework of best practice approaches to IT operations. ITIL provides a large set of mangement procedures that are designed to support businesses in achieving value from IT operations

information technology infrastructure library (ITIL)

It project risks (7)

lack of experience in the team lack of support from top management lack of participation from system users unclear and uncertain project requirements a high level of technical complexity changes in the project environment lack of a good model

the classic process used to develop information systems. These basic tasks of systems development are combined into the following phases; system definition, requirements analysis, component design, implementation and system maintenance (fix or enhance)

Systems Development Life Cycle (SDLC)

phases of basic tasks of system development (5)

system definition requirements analysis component design implementation system maintenance (fix or enhance)

the process of creating and maintaining information systems. It is sometimes called systems analysis and design

systems development

development methods, such as rapid application development (RAD), object-oriented systems development (OOD), and extreme programming (XP)

agile methods

the process of creating and maintaining information systems. It is sometimes called systems development

systems analysis

the first phase in the SDLC, in which devlopers, with the help of eventual users, define the new systems goals and scope, assess its feasibility, form a project team, and plan the project

systems definition phase

four dimension of feasibility

cost feasibility schedule feasibility technical feasibility organizational feasibility

considers whether the organization has the money to complete project

cost feasibility

considers whether the organization has the time to complete project

schedule feasibility

whether existing information technology is likely to be able to meet the needs of the new system

technical feasibility

whether the new system fits within the organizations customs, culture, charter and legal requirements

organizational feasibility

the second phase in the SDLC, in which developers conduct interviews, evaluate existing systems, determine new forms/reports/queries, identify new features and functions, including security and create the data model. team normally exists of IT personnel and user representatives

requirements analysis phase

information systems professionals that understand both business and technology. They are active throughout the systems development process and play a key role in moving the project from conception to conversion and, ultimatley, maintenance. Systems analysts integrate the work of the programmers, testers and users

system analysts

analysts who develop the business case for a newly proposed system and develop the requirements for the system

business analysts

people involved in requirements definition design and implementation integrated testing and conversion

mainly business and systems analysts programmers, testers and database designers testers and business users

easiest and cheapest time to alter IS

requirements phase

when discrepancies are identified with IS software (3)

modify the software modify the organizational procedures and data live withthe problems

determine hardware specifications, determine software specifications (depends on source), design the database, design procedures, create job definitions

component design

procedures for using the system to accomplish business tasks like procedures for starting, shopping and operating the system

normal processing

user procedures for backing up data and other resources

backup

procedures to continue operations when the system fails and procedures to convert back to the system after recovery

failure recovery

build system components, conduct unit test, integrate components, conduct integrated test, convert to new system

implementation

groups of sequences of actions that users will take when using the new system

test plan

the testing of a system. PQA personnel usually contruct a test plan with the advice and assistance of users. PQA test engineers perform testing, and they also supervise user-test activity. Many PQA professionals are programmers who write automated test programs

product quality assurance (PQA)

the process of allowing future system users to try out the new system in their own. Used to locate program failures just prior to program shipment. usually the last stage of testing

beta testing

the process of converting a business activity from the old system to the new

system conversion

four ways to implement a system conversion

pilot phased parallel plunge

a type of system conversion in which the organization implements the entire on a lined portion of the business. The advantages are that if the system fails, the failure is contained within a limited boundary. This reduces exposure of the business and also protects the new system from developing a negative reputation throughout the organizations

pilot installation

a type of system converison in which the new system is installed in pieces across the organizations. Once a given piece works, then the organization installs and tests another piece of the system, until the entire system has been installed

phased installation

a type of system conversion in which the new system runs parallel with the old one for a while. it is expensive because the organization incurs the costs of runing both systems

parallel instalation

sometimes called direst installation, a type of system conversion in which the organization shuts off the old system and starts the new system. If the new system fails, the organization is in trouble: nothing can be done until either the new system is fixed or the old system is reinstalled. Because of the risk, organizations should avoid this conversation style if possible

plunge installation

last part of the SDLC, which starts the process all over again. record requests for change: failures and enhancements, prioritize requests and fix falures: patches, service packs and new releases

maintenence phase

a group of fixes for high-priority failures that can be applied to existing copies of a particular product. Software vendors supply patches to fix security and other critical problems

patch

a large group of fixes that solve low-priority software problems. Users apply service packs in much the same way that they apply patches, except that service packs typically involve fixes to hundreds or thousands of problems

service packs

a sequence of nonrepetitive phases

waterfallmethod

when too much time is spent documenting project requirements

analysts paralysis

the process of hiring another organization to perform a service. Outsourcing is done to save costs, to gain expertise and to free up managements time

outsourcing

when outsourced vendor is overseas

offshoring

outsourcing risks (3)

loss control benefits outweighed by ling term costs no easy exist

a special form of outsourcing, in which an organization contracts with a vendor to "rent" aplications from the vendor comany on a fee-for-service basis

application service providers

risks of application service providers (3)

client company loses physical control over corporate data stored in vendors machines failure of internet potential lock in → may not allow corporate data to be easily ported to competitors sites

the buying and selling of goods and services over public and private computer networks

e-commerce

in e-commerce, companies that take title to the goods they sell. They buy goods and resell them

merchant companies

e-commerce companies that arrange for the purchase and sale of goods without ever owning or taking title to those goods

nonmerchant companies

three main types of merchant companies

those that sell directly to customers those that sell to companies those that sell to government

e-commerce sales between a supplier and a retail customer (the customer)

business to customer (B2C)

in e-commerce, a web-based application that enables customers to enter and manage their orders

web storefront

e-commerce sales between companies

business to business (B2B)

e-commerce sales between companies and government organizations

business to government (B2G)

applications that match buyers and sellers by using an e-commerce version of a standard auction. This e-commerce application enables the auction company to offer goods for sale and to support a competitive bidding process

e commerce auctions

entities that provide goods and services at a stated price, price and arrange for the delivery of the goods but never take title to the goods

clearinghouses

sites that facilitate the matching of buyers and sellers; the business process is similar to that of a stock exchange. Sellers offer goods at a given price through the electronic exchange, and buyers make offers to purchase over the same exchange. Price matches result in transactions from which the exchange takes a commission

electronic exchanges

elimination of one or more middle layers in the supply chain. creates higher revenues for manufacturers and lower consumer prices

disintermediation

New players insert themselves into the sales and distribution processes

intermediation or re intermediation

a measure of the sensitivity in demand to changes in price. It is the ratio

price elasticity

companies need to consider following economic factors with e commerce (6)

channel conflict price conflict logistics expense customer service expense showrooming taxation

a customer visits a store to check out a product but then purchases the product online

showrooming

a structure of individuals and organizations that are realted to each other in some way

social network

is the process by which individuals use relationships to communicate with others in a social network

social networking

three types of social capital

physical capital human capital social capital

the investment of resources for future profit Factories, machines, manufacturing equipment

physical capital

the investment of human knowledge and skills for future profit

human capital

the investment in social relations with the expectation of returns in the marketplace

social capital

social capital adds value in four ways

information influence social credentials personal reinforcement

the term used to describe applications and platforms on the Web. Referred to as the integration and interaction of products and services such as smartphones, user created content, social networking, location and context based services and dynamic marketplaces

web 2.0

new features are released and vendors wait for users to spread the news to one another

virtual marketing

refers to website content that is contributed by users

user generated content

users can provide customer support to one another or even participate in the creation of product specifications, designs and complete products

crowdsourcing

when the output from two or more websites is combined into a single user experience

mashups

difference between traditional sites and web 2.0

traditional sites are about publishing web 2.0 is about participation

vendors pay Google certain amount for particular search words

adwords

the title of the principal manager of the IT department. Other common titles are vice-president of information services, director of information services, and, less commonly, director of computer services

chief information officer

investigates new IS system technologies and determines how the organization can benefit from them

technology office

the head of the technology group. The CTO sorts through new ideas and products to identify those that are most relevant to the organization. The CTO's job requires deep knowledge of information technology and the ability to envision how new IT will affect the organization over time

chief technology officer (CTO)

analysts who develop the business case for a newly proposed system and develop the requirements for the system

business analysts

the process of creating and maintaining information systems. It is sometimes called systems development

system analysts

exists in organizations that have negotiated outsourcing agreements with other companies to provide equipment, applications or other services. require constant attention

outsourcing relations

protects data and information assets by establishing daa standards and data management practices and policies

data administration

people involved in designing a website (4)

project manager lead designer/analyst developer technical architect

responsible for interacting with the client and moving the project successfully toward completion

project manager

responsible for understanding client needs and developing the overall look and feel of the site and all the design elements (colors, navigation, graphics, buttons, animation)

lead designer/analyst

responsible for taking the design and creating the functioning site; usually specializes in static content (information that is not automatically updated)

devloper

responsible for making decisions about technical issues related to the site, including server/browser support, database integration, administrator access and any scripting issues

technical architect

the strategy an organization chooses as the way it will succeed in its industry. According to Michael Porter, ther are four fundamental competitive strategies: cost leadership aross an industry or within a particular industry segment, and prodct differentiation across an industry or within a particular industry segment

competitive strategy

the basic framework for all the computers, systems and information management that support organizational services

IT architecture

manages the companys complex information systems

enterprise architect

usually a long document with many sections that include quite complicated diagrams as well as management policies (such as privacy, sourcing and security) and discussion of future changes to the architecture

architecture

conceived by John Zachman at IBM in the 1980s, it divides systems into two dimensions: one is based on six reasons for communication (what-data, how-function, where-network, who-people, when-time, why-motivation) and the other is based on a stakeholder groups (planner, owner, designer, builder, implementer and worker). The intersection of these two dimensions helps to provide a relativelty holistic view of the enterprise

zachman framework

the ongoing, continually evolving challenge of fitting IT architecture to business objective

alignment

using a committee to decide on expectations for performance, to authorize appropriate resources and power to meet expectations and perhaps eventually to verify whether expectations have been met. goal is to improve benefits to organizations IT investments

governance

law passed by the US Congress in 2002 that governs the reporting requirements of publicity held companies. Among other things, it strengthened requirements for internal controls and mangement's responsibility for accurate financial reporting

sarbanes oxley act (SOX)

law enforcing compliance with standards for collecting, reporting and disclosing information. requires management to create internal controls, a statement saying it did and an external auditor to issue an opionion of quality of it

bill 198 or budget measures act

an audit focusing on inforamtion resources that are used to collect, store, process and retreive information

informaiton systems audit

a key organiaztion in developing knowledge and standards relating to information systems audit and information systems governance

information systems audit and control association

a globally recognized certification earned by more than 50 000 professionals; members have job titles like inormation systems auditor, consultant, informaiton systems security professional, regulator, chief information officer and internal auditor

certified information systems auditor (CISA)

concern for the lives that can be affected by our actions, and not by the computers that complete the actions

information systems ethica

using information technology resources to better support the triple bottom line for organizations

green IT

a concept that expands the notion of traditional financial reports, which are based solely on financial performance, to take into account ecological and social performance

triple bottom line

primary goals of IT green (3)

improve energy efficiency promote recyclability reduce the use of material that are ahzardous to the environment

an internatinal government industry partnership that is intended to produce equipment that meets high energy efficiency specifications or promotes the use of such equipment

energy star

the recyling of electronic materials

e cycling

electronic garbage

e waste

stealing, misrepresenting, or hijacking the identity of another person or business

identity theft

in Canada, PIPEDA gives individuals the right to know why an organization collects, uses or discloses their personal information

Personal Information Protection And Electronic Documents Act (PIPEDA)

three sources of security threats

human error and mistakes malicious human activity natural events and distasters

a problem with the security of information or the data therein, caused by human error, malicious activity or natural disasters

security threats

unwanted email messages

spam

five types of security problems

unauthorized data disclosure incorrect data modification faulty service denial of service loss of infrastructure

can occur because of human error when someone inadvertently releases data in violation of policy, or when employees unknowingly or carelessly release proprietary data to competitors or the media

unauthorized data disclosure

a technique for gathering unauthorized information in which someone pretends to be someone else. A common scam involves a telephone caller who pretends to be from a credit card company and claimed to be checking the validity of credit card numbers. Phishing is also a form of pretexting

pretexting

a technique for obtaining unauthorized data that uses pretexting via email. The phisher pretends to be a legitimate company's and sends an email requesting confidential data, such as account numbers, social insurance numbers, account passwords and so forth

phishing

when someone pretends to be someone else with the intent of obtaining unauthorized data. If you pretend to be your professor, you are spoofing your professor

spoofing

a type of spoofing whereby an intruder uses another sites IP address as if it were that other site

IP spoofing

a synonym for phishing. A technique for obtaining unauthorized data that uses pretexting via email. The phisher pretends to be a legitimate company and sends email requests for confidential data, such as account numbers, social insurance numbers, account passwords and so forth. Phishers direct traffic to their sites under the guise of a legitimate business

email spoofing

a technique for intercepting computer communications. With wired networks, sniffling requires a physical connection to the network. With wireless networks, no such connection is required

sniffling

people who take computers with wireless connections through an area and search for unprotected wireless networks in an attempt to gain free Internet access or to gather unauthorized data

drive by snifflers

occurs when a person gains unauthorized access to a computer system. Although some people hack for the sheer joy of doing it, other hackers invade systems for the malicious purpose of stealing or modifying data

hacking

problems that result because of incorrect system operations

faulty service

security problem in which users are not able to access and information system; can be caused by human errors, natural disasters or malicious activity

denial of service (DOS)

three components of a security program

senior management involved safeguards of various kinds incident response

protections against security threats

safeguards

identification and authentication, encryption, firewalls, malware protection, application design

hardware and software technical safeguards

data right and responsibilities, passwords, encryption, backup and recovery, physical security

data safeguards

hiring, training, education, procedure design, administration, assessment, compliance, accountability

procedures and people human safeguards

safeguards that involve the hardware and software components of an information system

technical safeguards

the process whereby an information system identifies a user by requiring the user to sign on with a username and password

identification

the process whereby an information system approves (authenticates) a user by checking the users password

authentication

three categories of authentication methods

what you know (password or PIN) what you have (smart card) where you are (biometric)

passwords have several weaknesses

users tend to be careless in their use users tend to be free in sharing their passwords with others many choose ineffective, simple passwords or use the same password for many systems

a plastic card similar to a credit card that has a microchip. The microchip, which holds much more data then a magnetic strip. Is loaded with identifying data. Normally it requires a PIN

smart card

a form of authentication whereby the user supplies a number that only he or she knows

personal identification number (PIN)

the use of personal physical characteristics, such as fingerprints, facial features and retinal scans, to authenticate users

biometric authentication

viruses, worms, spyware and adware

malware

programs installed on the user's computer without the users knowledge or permission that reside in the background and, unknown to the user, observe the users actions and keystrokes, modify computer activity and report the user's activities to sponsoring organizations. Malicious ones captures keystrokes to obtain user names, passwords, account numbers and other sensitive information. Other ones are used for marketing analyses, observing what users do, websites visited, products examined and purchased, and so forth

spyware

programs installed on the user's computer without the users knowledge or permission that reside in the background and, unknown to the user, observe the users actions and keystrokes, modify computer activity and report the user's activities to sponsoring organizations. Most is benign in that it does not perform malicious acts or steal data. It does, however, watch user activity and produce pop-up ads

adware

spyware and adware symptoms (6)

slow system startup sluggish system performance many pop up advertisements suspicious browser homepage changes suspicious changes to the taskbar and other system interfaces unusual hard disk activity

safeguards that can possibly avoid most malware (6)

install antivirus and anti-spyware programs on your computer set up your anti-malware programs to scan your computer frequently update malware definitions open email attachments only from known sources promptly install software updates from legitimate sources browse only in reputable Internet neighborhoods

patterns that exist in malware code. Anti-malware vendors update these definitions continuously and incorporate them in their products in order to better fight against malware

malware definitions

steps taken to protect databases and other organizational data, by means of data administration and database administration

data safeguards

a staff function that pertains to all of an organizations data assets, typical data administration tasks are setting data standards, developing data policies, and providing for data security

data administration

the management, development, operation and maintenance of the database so as to achieve the organizations objectives. This staff function requires balancing conflicting goals; protecting the database while maximizing its availability for authorized use. In smaller organizations, this function usually is served by a single person. Larger organizations assign several people to an office or database administration

database administration

a control procedure whereby a trusted party is given a copy of a key used to encrypt database data

key escrow

steps taken to protect against security threats by establishing appropriate procedures for users to follow for system use

human safeguards

human safeguards for employees (3)

position definitions hiring and screening dissemination and enforcement

the process of taking extraordinary measures to reduce a systems vulnerability. these sites use special versions of the operating system, and they lock down or eliminate operating systems features and functions that are not required by the application. it is a technical safeguard

hardening

the creation of new user accounts, modification of existing account permissions and removal of unneeded accounts

account management

important monitoring functions (3)

activity log analyses security testing and investigating learing from security incidents

disaster preparedness guidelines (5)

locate infrastructure in safe location identify mission critical system identify resources needed to run those systems prepare remote backup facilities train and rehearse

systems without which the organization cannot carry on and which, if lost for any period, could cause the organizations failure

mission critical systems

remote processing centers, run by commercial disaster-recovery services, that provide equipment that companies would need to continue operations after natural disasters

hot sites

remote processing centers that provide office space, but no computer equipment, for use by companies that need to continue operations after a natural disaster

cold sites

factors in incidence response (4)

have a plan in place centralized reporting specific responses practice

should include how employees are to respond to security problems, whom they should contact, the reports they should make and steps they can take to reduce further loss

incident response plan

sending an email steps (4)

getting internet access and pressing "send/receive" break apart message and get ready for transport send and receive packets reassemble packets and display message

Final Flashcards

(505 cards)