Q1: What Is the Goal of Information Systems Security?
A threat is a person or organization that seeks to obtain or alter data or other IS assets illegally, without the owner's permission and often without the owner's knowledge. A vulnerability is an opportunity for threats to gain access to individual or organizational assets. A safeguard is some measure that individuals or organizations take to block the threat from obtaining the asset. Finally, the target is the asset that's desired by the threat. Sources of threats are human error, computer crime, and natural events and disasters. Types of security loss are unauthorized data disclosure, incorrect data modification, faulty service, denial of service, and loss of infrastructure.
Q2: How Big Is the Computer Security Problem?
The full extent of the financial and data losses due to computer security threats is unknown. The losses due to human error are enormous but few organizations compute these losses and even fewer publish them. Losses due to natural disasters are also enormous and impossible to compute. Furthermore, no one knows the cost of computer crime. Second, all studies on the cost of computer crime are based on surveys. Different respondents interpret terms differently, some organizations don't report all their losses, and some won't report computer crime losses at all.
Q3: How Should You Respond to Security Threats?
An intrusion detection system (IDS) is a computer program that senses when another computer is attempting to scan the disk or otherwise access a computer. Don't use any word as part of your password. Use passwords with a mixture of upper and lower case letters and numbers and special characters. Such nonword passwords are still vulnerable to brute force attack in which the password cracker tries every possible combination of characters. Use different passwords for different sites, never send passwords, credit card data, or any other valuable data in email or IM, buy only from reputable vendors, and remove high-value assets from your computers. Cookies are small files that your browser stores on your computer when you visit Web sites.
Q4: How Should Organizations Respond to Security Threats?
Senior management needs to address two critical security functions: security policy and risk management. Senior management must establish a company wide security policy that states the organization's posture regarding data that it gathers about its customers, suppliers, partners, and employees. Senior management must also proactively balance the trade-off between risk and cost.
Q5: How Can Technical Safeguards Protect Against Security Threats?
Technical safeguards involve the hardware and software components of an information system. Every information system today should require users to sign on with a user name and password. The user name identifies the user (the process of identification), and the password authenticates that user (the process of authentication). Passwords have important weaknesses. Because of these problems, some organizations choose to use smart cards and biometric authentication in addition to passwords.
Q6: How Can Data Safeguards Protect Against Security Threats?
Data safeguards protect databases and other organizational data. Data administration refers to an organization-wide function that is in charge of developing data policies and enforcing data standards. Database administration refers to a function that pertains to a particular database. ERP, CRM, and MRP databases each have a database administration function. Data administration should define data policies. Then data administration and database administrations work together to specify user data rights and responsibilities. Third, those rights should be enforced by user accounts that are authenticated at least by passwords.
Q7: How Can Human Safeguards Protect Against Security Threats?
Human safeguards involve the people and procedure components of information systems. In general, human safeguards result when authorized users follow appropriate procedures for system use and recovery. Security considerations for employees are positive definitions, hiring and screening, dissemination and enforcement, and termination. The administration of user accounts, passwords, and help-desk policies and procedures are account management, password management, and help-desk policies.
Q8: How Should Organizations Respond to Security Incidents?
Every organization should have an incident-response plan as part of the security programs. No organization should wait until some asset has been lost or compromised before deciding what to do. The plan should include how employees are to respond to security problems, whom they should further contact, the reports they should make, and steps they can take to reduce further loss. The plan should provide centralized reporting of all security incidents. Such reporting will enable an organization to determine if it is under systematic attack or whether an incident is isolated.
Monday, August 3, 2015
Chapter 11 Summary
Q1: What Are the Functions and Organization of the IS Department?
The major functions of the information systems department are plan the use of IS to accomplish organizational goals and strategy, manage outsourcing relationships, protect information assets, develop, operate, and maintain the organization's computing infrastructure, and develop, operate, and maintain applications. The title of the principal manager of the IS department is chief operating officer, or CIO. Most IS departments include a technology office that investigates new information systems technologies and determines how the organization can benefit from them. An individual called the chief technology officer, or CTO often heads the technology group.
Q2: How Do Organizations Plan the Use of IS?
The purpose of an information system is to help the organization accomplish its goals and objectives. In order to do so, all information systems must be aligned with the organization's competitive strategy. Adapting IS to new versions of business processes is neither easy nor quick. The CIO is the representative for IS and IT issues within the executive staff. The CIO must also ensure that priorities consistent with the overall organizational strategy are developed and then communicated to the IS department and at the same time, must also ensure that the department evaluates proposals and projects for using new technology in light of those communicated priorities. A steering committee, a group of senior managers from the major business functions that works with the CIO to set the IS priorities and decide among major IS projects and alternatives, serves as important communication function between IS and the users.
Q3: What Are the Advantages and Disadvantages of Outsourcing?
Outsourcing is the process of hiring another organization to perform a service. Outsourcing is done to save cost, to gain expertise, and to free management time. Outsourcing can be an easy way to gain expertise, it can reduce costs, and reduce risks. Outsourcing, however, can cause loss of control, the benefits are outweighed by long-term costs, and there's no easy exit.
Q4: What Are Your User Rights and Responsibilities?
People have the right to have the computing resources they need to perform their work as proficiently as they want, they have the right to the computer hardware and programs that they need, and they have the right to reliable network and Internet services. People also have the right to a secure computing environment, the right to participate in requirements meetings for new applications that they will use and for major changes to applications they currently use. People have the right to reliable systems development and maintenance and the right to receive prompt attention to their problems and concerns. Finally, people have the right to effective training. People have responsibilities to learn basic computer skills and to learn the techniques and procedures for the applications they use. They have the responsibility to follow security and backup procedures, to use computer resources in a manner that's consistent with their employer's policy, and to make no unauthorized hardware modifications to their computer and to install only authorized programs.
The major functions of the information systems department are plan the use of IS to accomplish organizational goals and strategy, manage outsourcing relationships, protect information assets, develop, operate, and maintain the organization's computing infrastructure, and develop, operate, and maintain applications. The title of the principal manager of the IS department is chief operating officer, or CIO. Most IS departments include a technology office that investigates new information systems technologies and determines how the organization can benefit from them. An individual called the chief technology officer, or CTO often heads the technology group.
Q2: How Do Organizations Plan the Use of IS?
The purpose of an information system is to help the organization accomplish its goals and objectives. In order to do so, all information systems must be aligned with the organization's competitive strategy. Adapting IS to new versions of business processes is neither easy nor quick. The CIO is the representative for IS and IT issues within the executive staff. The CIO must also ensure that priorities consistent with the overall organizational strategy are developed and then communicated to the IS department and at the same time, must also ensure that the department evaluates proposals and projects for using new technology in light of those communicated priorities. A steering committee, a group of senior managers from the major business functions that works with the CIO to set the IS priorities and decide among major IS projects and alternatives, serves as important communication function between IS and the users.
Q3: What Are the Advantages and Disadvantages of Outsourcing?
Outsourcing is the process of hiring another organization to perform a service. Outsourcing is done to save cost, to gain expertise, and to free management time. Outsourcing can be an easy way to gain expertise, it can reduce costs, and reduce risks. Outsourcing, however, can cause loss of control, the benefits are outweighed by long-term costs, and there's no easy exit.
Q4: What Are Your User Rights and Responsibilities?
People have the right to have the computing resources they need to perform their work as proficiently as they want, they have the right to the computer hardware and programs that they need, and they have the right to reliable network and Internet services. People also have the right to a secure computing environment, the right to participate in requirements meetings for new applications that they will use and for major changes to applications they currently use. People have the right to reliable systems development and maintenance and the right to receive prompt attention to their problems and concerns. Finally, people have the right to effective training. People have responsibilities to learn basic computer skills and to learn the techniques and procedures for the applications they use. They have the responsibility to follow security and backup procedures, to use computer resources in a manner that's consistent with their employer's policy, and to make no unauthorized hardware modifications to their computer and to install only authorized programs.
Chapter 10 Summary
Q1: How Are Business Processes, IS, and Applications Developed?
An application is a combination of hardware, software, and data components that accomplishes a set of requirements. Business processes, information systems, and applications have different characteristics and components. The relationship of business processes to information systems is many-to-many. A business process need not relate to any information system, but an information system relates to at least one business process. Every IS has at least one application because every IS has a software component. A business analyst is someone who is well versed in Porter's models and in the organization's strategies and who focus, primarily, on ensuring that business processes and information systems meet the organization's competitive strategies. Systems analysts are IS professionals who understand both business and information technology.
Q2: How Do Organizations Use Business Process Management (BPM)?
A business process is a network of activities, repositories, roles, resources, and flows that interact to accomplish a business function. Roles are collections of activities, and resources, which are people or computer applications that are assigned to roles. A flow is either a control flow that directs the order of activities or a data flow that shows the movement of data among activities and repositories. Businesses need management to improve process quality, changes in technology, and changes in business fundamentals. A business process management (BPM) is a cyclical process for systematically creating, assessing, and altering business processes. This cycle begins by creating a model of the existing business process, called an as-is model.
Q3: How Is Business Process Modeling Notation (BPMN) Used to Model Processes?
Object Management Group (OMG), a software-industry standards organization, created a standard set of terms and graphical notations for documenting business processes. The swim-land layout gives each role in the business process is given its own lane. It simplifies the process diagram and draws attention to interactions among components of the diagram.
Q4: What Are the Phases in the Systems Development Life Cycle (SDLC)?
The systems development life cycle (SDLC) is the traditional process used to develop information systems and applications. The systems development life cycle consists of a five-phrase process: define systems, determine requirements, design system components, implement system, and maintain system. In defining systems, the first step is to define system goals and scope. The second step is to access feasibility. The third step is to form a project team. In determining requirements, the steps needed to be taken are determine sources of requirement, determine the role of a prototype, and approve requirements. In designing system components, each of the five components is designed in this stage. In system implementation, testing and system conversion are done. In maintaining systems, the work done is either to fix the system or adapt it to changes in requirements.
Q5: What Are the Keys for Successful SDLC Projects?
There are five keys to success: create a work breakdown structure, estimate time and costs, create a project plan, adjust the plan via trade-offs, and manage development challenges. The key strategy for SDLC projects is to divide and conquer. Successful project managers break projects into smaller and smaller tasks until each task is small enough to estimate and to manage. Every task should culminate in one or more results called deliverables.
Q6: How Can Scrum Overcome the Problems of the SDLC?
According to the SDLC, progress goes in a linear sequence from requirements to design to implementation. Sometimes this is called the waterfall method because the assumption is that once you've finished a phase, you never go back. The SDLC is very risky. The people for whom the system is being constructed cannot see what they have until the very end. Numerous alternatives to the SDLC include rapid application development, the unified process, extreme processing, scrum, and others.
An application is a combination of hardware, software, and data components that accomplishes a set of requirements. Business processes, information systems, and applications have different characteristics and components. The relationship of business processes to information systems is many-to-many. A business process need not relate to any information system, but an information system relates to at least one business process. Every IS has at least one application because every IS has a software component. A business analyst is someone who is well versed in Porter's models and in the organization's strategies and who focus, primarily, on ensuring that business processes and information systems meet the organization's competitive strategies. Systems analysts are IS professionals who understand both business and information technology.
Q2: How Do Organizations Use Business Process Management (BPM)?
A business process is a network of activities, repositories, roles, resources, and flows that interact to accomplish a business function. Roles are collections of activities, and resources, which are people or computer applications that are assigned to roles. A flow is either a control flow that directs the order of activities or a data flow that shows the movement of data among activities and repositories. Businesses need management to improve process quality, changes in technology, and changes in business fundamentals. A business process management (BPM) is a cyclical process for systematically creating, assessing, and altering business processes. This cycle begins by creating a model of the existing business process, called an as-is model.
Q3: How Is Business Process Modeling Notation (BPMN) Used to Model Processes?
Object Management Group (OMG), a software-industry standards organization, created a standard set of terms and graphical notations for documenting business processes. The swim-land layout gives each role in the business process is given its own lane. It simplifies the process diagram and draws attention to interactions among components of the diagram.
Q4: What Are the Phases in the Systems Development Life Cycle (SDLC)?
The systems development life cycle (SDLC) is the traditional process used to develop information systems and applications. The systems development life cycle consists of a five-phrase process: define systems, determine requirements, design system components, implement system, and maintain system. In defining systems, the first step is to define system goals and scope. The second step is to access feasibility. The third step is to form a project team. In determining requirements, the steps needed to be taken are determine sources of requirement, determine the role of a prototype, and approve requirements. In designing system components, each of the five components is designed in this stage. In system implementation, testing and system conversion are done. In maintaining systems, the work done is either to fix the system or adapt it to changes in requirements.
Q5: What Are the Keys for Successful SDLC Projects?
There are five keys to success: create a work breakdown structure, estimate time and costs, create a project plan, adjust the plan via trade-offs, and manage development challenges. The key strategy for SDLC projects is to divide and conquer. Successful project managers break projects into smaller and smaller tasks until each task is small enough to estimate and to manage. Every task should culminate in one or more results called deliverables.
Q6: How Can Scrum Overcome the Problems of the SDLC?
According to the SDLC, progress goes in a linear sequence from requirements to design to implementation. Sometimes this is called the waterfall method because the assumption is that once you've finished a phase, you never go back. The SDLC is very risky. The people for whom the system is being constructed cannot see what they have until the very end. Numerous alternatives to the SDLC include rapid application development, the unified process, extreme processing, scrum, and others.
Wednesday, July 29, 2015
Chapter 9 Summary
Q1: How Do Organizations Use Business Intelligence (BI) Systems?
Business Intelligence systems are information systems that process operational, social, and other data to identify patterns, relationships, and trends for use by business professionals and other knowledge workers. These patterns, relationships, trends, and predictions are referred to as business intelligence. As information systems, BI systems have the five standard components: hardware, software, data, procedures, and people. The software component of a BI system is called a BI application. BI can be used just for informing, problem solving, or during project management.
Q2: What Are the Three Primary Activities in the BI Process?
Data acquisition is the process of obtaining, cleaning, organizing, relating, and cataloging source data. BI analysis is the process of creating business intelligence. The four fundamental categories of BI analysis are reporting, data mining, BigData, and knowledge management. Publish results is the process of delivering business intelligence to the knowledge workers who need it. Push publishing delivers business intelligence to users without any request from the users; the BI results are delivered according to a schedule or as a result of an event or particular data condition. Pull publishing requires the user to request BI results.
Q3: How Do Organizations Use Data Warehouses and Data Marts to Acquire Data?
A data warehouse is a facility for managing an organization's BI data. The functions of a data warehouse are to: obtain data, cleanse data, organize and relate data, and catalog data. The data warehouse takes data from the data manufacturers, cleans and processes the data, and locates the data on the shelves of the data warehouse. The data analysts who work with a data warehouse are experts at data management, data cleaning, data transformation, data relationships, and the like. A data mart is a data collection, smaller than the data warehouse, that addresses the needs of a particular department or functional area of the business. Users in the data mart obtain data that pertain to a particular business function from the data warehouse.
Q4: How Do Organizations Use Reporting Applications?
A reporting application is a BI application that inputs data from one or more sources and applies reporting operations to that data to produce business intelligence. Reporting applications produce business intelligence using five basic operations: sorting, filtering, grouping, calculating, and formatting. RFM analysis, a technique readily implemented with basic reporting operations, is used to analyze and rank customers according to their purchasing patterns. Online analytical processing (OLAP), a second type of reporting application, is more generic than RFM. OLAP provides the ability to sum, count, average, and perform other simple arithmetic operations on groups of data.
Q5: How Do Organizations Use Data Mining Applications?
Data mining is the application of statistical techniques to find patterns and relationships among data for classification and prediction. Data mining techniques take advantage of developments in data management for processing the enormous databases that have emerged in the last 10 years. With unsupervised data mining, analysts do not create a model or hypothesis before running the analysis. One common unsupervised technique is cluster analysis. With supervised data mining, data miners develop a model prior to the analysis and apply statistical techniques to data to estimate parameters of the model. One such analysis is called regression analysis.
Q6: How Do Organizations Use BigData Applications?
MapReduce is a technique for harnessing the power of thousands of computers working in parallel. The basic idea is that the BigData collection is broken into pieces, and hundreds or thousands of independent processors search these pieces for something of interest.
Q7: What Is the Role of Knowledge Management Systems?
Knowledge management (KM) is the process of creating value from intellectual capital and sharing that knowledge with employees, managers, suppliers, customers, and others that need that capital. KM benefits organizations in two fundamental ways: improve process quality and increase team strength. Expert systems are rule-based systems that encode human knowledge in the form of If/Then rules. The program that process a set of rules are called expert systems shells.
Q8: What Are the Alternatives for Publishing BI?
Static reports are BI documents that are fixed at the time of creation and don't change. Dynamic reports are Bi documents that are updated at the time they are requested. A BI server is a Web server application that is purpose-built for the publishing of business intelligence. BI servers provide two major functions: management and delivery.
Business Intelligence systems are information systems that process operational, social, and other data to identify patterns, relationships, and trends for use by business professionals and other knowledge workers. These patterns, relationships, trends, and predictions are referred to as business intelligence. As information systems, BI systems have the five standard components: hardware, software, data, procedures, and people. The software component of a BI system is called a BI application. BI can be used just for informing, problem solving, or during project management.
Q2: What Are the Three Primary Activities in the BI Process?
Data acquisition is the process of obtaining, cleaning, organizing, relating, and cataloging source data. BI analysis is the process of creating business intelligence. The four fundamental categories of BI analysis are reporting, data mining, BigData, and knowledge management. Publish results is the process of delivering business intelligence to the knowledge workers who need it. Push publishing delivers business intelligence to users without any request from the users; the BI results are delivered according to a schedule or as a result of an event or particular data condition. Pull publishing requires the user to request BI results.
Q3: How Do Organizations Use Data Warehouses and Data Marts to Acquire Data?
A data warehouse is a facility for managing an organization's BI data. The functions of a data warehouse are to: obtain data, cleanse data, organize and relate data, and catalog data. The data warehouse takes data from the data manufacturers, cleans and processes the data, and locates the data on the shelves of the data warehouse. The data analysts who work with a data warehouse are experts at data management, data cleaning, data transformation, data relationships, and the like. A data mart is a data collection, smaller than the data warehouse, that addresses the needs of a particular department or functional area of the business. Users in the data mart obtain data that pertain to a particular business function from the data warehouse.
Q4: How Do Organizations Use Reporting Applications?
A reporting application is a BI application that inputs data from one or more sources and applies reporting operations to that data to produce business intelligence. Reporting applications produce business intelligence using five basic operations: sorting, filtering, grouping, calculating, and formatting. RFM analysis, a technique readily implemented with basic reporting operations, is used to analyze and rank customers according to their purchasing patterns. Online analytical processing (OLAP), a second type of reporting application, is more generic than RFM. OLAP provides the ability to sum, count, average, and perform other simple arithmetic operations on groups of data.
Q5: How Do Organizations Use Data Mining Applications?
Data mining is the application of statistical techniques to find patterns and relationships among data for classification and prediction. Data mining techniques take advantage of developments in data management for processing the enormous databases that have emerged in the last 10 years. With unsupervised data mining, analysts do not create a model or hypothesis before running the analysis. One common unsupervised technique is cluster analysis. With supervised data mining, data miners develop a model prior to the analysis and apply statistical techniques to data to estimate parameters of the model. One such analysis is called regression analysis.
Q6: How Do Organizations Use BigData Applications?
MapReduce is a technique for harnessing the power of thousands of computers working in parallel. The basic idea is that the BigData collection is broken into pieces, and hundreds or thousands of independent processors search these pieces for something of interest.
Q7: What Is the Role of Knowledge Management Systems?
Knowledge management (KM) is the process of creating value from intellectual capital and sharing that knowledge with employees, managers, suppliers, customers, and others that need that capital. KM benefits organizations in two fundamental ways: improve process quality and increase team strength. Expert systems are rule-based systems that encode human knowledge in the form of If/Then rules. The program that process a set of rules are called expert systems shells.
Q8: What Are the Alternatives for Publishing BI?
Static reports are BI documents that are fixed at the time of creation and don't change. Dynamic reports are Bi documents that are updated at the time they are requested. A BI server is a Web server application that is purpose-built for the publishing of business intelligence. BI servers provide two major functions: management and delivery.
Monday, July 27, 2015
Chapter 8 Summary
Q1: What Is a Social Media Information System (SMIS)?
Social media (SM) is the use of information technology to support the sharing of content among network of users. Social media enables people to form communities, tribes, or hives, all of which are synonyms that refer to a group of people related by a common interest. A social media information system (SMIS) is an information system that supports the sharing of content among networks of users. There are three SMIS roles: user communities, social media sponsors, and social media application providers. Forming communities is a natural human trait. The key difference of SM communities is that they are formed based on mutual interests and transcend familial, geographic, and organizational boundaries. Because they are information systems, SMIS have the same five components as all IS: hardware, software, data, procedures, and people.
Q2: How Do SMIS Advance Organizational Strategy?
Social media is by its very nature dynamic; its flow cannot be designed or diagrammed, and, if it were, no sooner would the diagram be finished than the SM process would be changed. Therefore, it's important to back up a step and consider how value chains determine dynamic processes and thus set SMIS requirements. Gossieaux and Moran, creators of the hyper-social organization theory, identify two kinds of communities that are important to commerce: defenders of belief and seekers of truth. Defenders of belief share a common belief and form their hive around that belief. They seek conformity and want to convince others of the wisdom of their belief. Seekers of truth share a common desire to learn something, solve a problem, or make something happen. Social media contributes to the sales and marketing activity, customer service, inbound and outbound logistics, manufacturing and operations, and human resources.
Q3: How Do SMIS Increase Social Capital?
Capital is the investment of resources for future profit. Human capital is the investment in human knowledge and skills for future profit. Social capital is the investment in social relations with the expectation of returns in the marketplace. Social capital adds value in four ways: information, influence, social credentials, and personal reinforcement. The value of social capital is determined by the number of relationships in a social network, by the strength of those relationships, and by the resources controlled by those related. Social networking increases the number of relationships as well as the strength of those relationships.
Q4: What Roles Do SMIS Play in the Hyper-Social Organization?
A hyper-social organization is an organization that uses social media to transform its interactions with customers, employees, and partners into mutually satisfying relationships with them and their communities. In particular, a hyper-social organization is one that has made the four transitions called pillars. In the four pillars, customers become humans, market segments become tribes, channels become networks, and structure and control become messy.
Q5: How Do (Some) Companies Earn Revenue from Social Media?
Companies vary widely in their SM use. Some companies use it only internally and make no attempt to earn revenue from it. Others offer it to their customers as a service-again without an attempt to gain direct SM revenue. Some companies however, do earn revenue from SM activities. They use a revenue model that came into existence around the turn of this century and was then referred to as Web 2.0. Web 2.0 are Web-designed services and content that are paid for by advertising. Unlike traditional media such as newspapers, users can respond directly to Web ads by clicking on them. This is highly valued by advertisers because they can know the percentage of viewers who clicked on an ad and what action they took next.
Q6: How Can Organizations Manage the Risks of Social Media?
The first step any hyper-social organization should take is to develop and publicize a social media policy, which is a statement that delineates employees' rights and responsibilities. The more technical to the organization, the more open and lenient the social policies. User-generated content (UGC), which simply means content on your SM site that is contributed by nonemployee users, is the essence of SM relationships. UGC comments, as with any relationship, can be inappropriate or excessively negative in tone or otherwise problematic. The major sources of UGC problems are: junk and crackpot contributions, inappropriate content, unfavorable reviews, and mutinous movements. Once such content is found, organizations must have a plan for creating the organization's response. Three possibilities are: leave it, respond to it, or delete it.
Social media (SM) is the use of information technology to support the sharing of content among network of users. Social media enables people to form communities, tribes, or hives, all of which are synonyms that refer to a group of people related by a common interest. A social media information system (SMIS) is an information system that supports the sharing of content among networks of users. There are three SMIS roles: user communities, social media sponsors, and social media application providers. Forming communities is a natural human trait. The key difference of SM communities is that they are formed based on mutual interests and transcend familial, geographic, and organizational boundaries. Because they are information systems, SMIS have the same five components as all IS: hardware, software, data, procedures, and people.
Q2: How Do SMIS Advance Organizational Strategy?
Social media is by its very nature dynamic; its flow cannot be designed or diagrammed, and, if it were, no sooner would the diagram be finished than the SM process would be changed. Therefore, it's important to back up a step and consider how value chains determine dynamic processes and thus set SMIS requirements. Gossieaux and Moran, creators of the hyper-social organization theory, identify two kinds of communities that are important to commerce: defenders of belief and seekers of truth. Defenders of belief share a common belief and form their hive around that belief. They seek conformity and want to convince others of the wisdom of their belief. Seekers of truth share a common desire to learn something, solve a problem, or make something happen. Social media contributes to the sales and marketing activity, customer service, inbound and outbound logistics, manufacturing and operations, and human resources.
Q3: How Do SMIS Increase Social Capital?
Capital is the investment of resources for future profit. Human capital is the investment in human knowledge and skills for future profit. Social capital is the investment in social relations with the expectation of returns in the marketplace. Social capital adds value in four ways: information, influence, social credentials, and personal reinforcement. The value of social capital is determined by the number of relationships in a social network, by the strength of those relationships, and by the resources controlled by those related. Social networking increases the number of relationships as well as the strength of those relationships.
Q4: What Roles Do SMIS Play in the Hyper-Social Organization?
A hyper-social organization is an organization that uses social media to transform its interactions with customers, employees, and partners into mutually satisfying relationships with them and their communities. In particular, a hyper-social organization is one that has made the four transitions called pillars. In the four pillars, customers become humans, market segments become tribes, channels become networks, and structure and control become messy.
Q5: How Do (Some) Companies Earn Revenue from Social Media?
Companies vary widely in their SM use. Some companies use it only internally and make no attempt to earn revenue from it. Others offer it to their customers as a service-again without an attempt to gain direct SM revenue. Some companies however, do earn revenue from SM activities. They use a revenue model that came into existence around the turn of this century and was then referred to as Web 2.0. Web 2.0 are Web-designed services and content that are paid for by advertising. Unlike traditional media such as newspapers, users can respond directly to Web ads by clicking on them. This is highly valued by advertisers because they can know the percentage of viewers who clicked on an ad and what action they took next.
Q6: How Can Organizations Manage the Risks of Social Media?
The first step any hyper-social organization should take is to develop and publicize a social media policy, which is a statement that delineates employees' rights and responsibilities. The more technical to the organization, the more open and lenient the social policies. User-generated content (UGC), which simply means content on your SM site that is contributed by nonemployee users, is the essence of SM relationships. UGC comments, as with any relationship, can be inappropriate or excessively negative in tone or otherwise problematic. The major sources of UGC problems are: junk and crackpot contributions, inappropriate content, unfavorable reviews, and mutinous movements. Once such content is found, organizations must have a plan for creating the organization's response. Three possibilities are: leave it, respond to it, or delete it.
Wednesday, July 22, 2015
Chapter 7 Summary
Q1: What Are the Basic Types of Processes?
Processes are divided into two broad categories. Structured processes are formally defined, standardized processes that involve day-to-day operations: accepting a return, placing an order, purchasing raw materials, and so forth. Dynamic processes are flexible, informal, and adaptive processes that normally involve strategic and less structured managerial decisions and activities such as deciding whether to open a new store location and how best to solve the problem of excessive product returns. Processes are used at three levels of organizational scope: workgroup, enterprise, and inter-enterprise. A workgroup process exists to enable workgroups to fulfill the charter, purpose, and goals of a particular group or department. Enterprise processes span an organization and support activities in multiple departments. Inter-enterprise information systems support one or more inter-enterprise processes.
Q2: How Can Information Systems Improve Process Quality?
The two dimensions of process quality are efficiency and effectiveness. Process efficiency is a measure of the ratio of process outputs to inputs. Process effectiveness is a measure of how well a process achieves organizational strategy. Organizations can improve the quality of a process in one of three ways: change the process structure, change the process resources, or change both process structure and resources. Information systems can be used to improve process quality by: performing an activity, augmenting a human who is performing an activity, or controlling data quality and process flow.
Q3: How Do Information Systems Eliminate the Problems of Information Silos?
An information silo is the condition that exists when data are isolated in separated information systems. It's completely natural for workgroups to develop information systems solely for their own needs, but over time, the existence of these separate systems will result in information silos that cause numerous problems. When an organization has inconsistent duplicated data, it's said to have a data integrity problem. Additionally, when applications are isolated, business processes are disjointed. A consequence of such disjointed activities is the lack of integrated enterprise information.
Q4: How Do CRM, ERP, and EAI Support Enterprise Processes?
Organizations realized that their existing business processes needed to change so businesses went through projects called business process reengineering which is the activity of altering existing and designing new business processes to take advantage of new information systems. Over time, three categories of enterprise applications emerged: customer relationship management, enterprise resource planning, and enterprise application integration. A customer relationship management (CRM) system is a suite of applications, a database, and a set of inherent processes for managing all the interactions with the customer, from lead generation to customer service. Enterprise resource planning (ERP) is a suite of applications called modules, a database, and a set of inherent processes for consolidating business operations into a single, consistent, computing platform. Enterprise application integration (EAI) is a suite of software applications that integrates existing systems by providing layers of software that connect applications together.
Q5: What Are the Elements of an ERP System?
For a product to be considered a true ERP product it must include applications that integrate: supply chain, manufacturing, CRM, human resources, and accounting. An ERP solution consists of application programs, databases, business process procedures, and training and consulting. ERP vendors design application programs to be configurable so that the development teams can alter them to meet an organization's requirements without changing program code. An ERP solution includes a database design as well as initial configuration data. It doesn't contain the company's operational data. Large organization databases contain two types of program code. The first, a trigger, is a computer program stored within the database that runs to keep the database consistent when certain conditions arise. The second, a stored procedure, is a computer program stored in the database that is used to enforce business rules.
Q6: What Are the Challenges of Implementing and Upgrading Enterprise Information Systems?
Implementing new enterprise systems is challenging, difficult, expensive, and risky. It's not unusual for enterprise system projects to be well over budget and a year or more late. In addition to new ERP implementations, numerous organizations now need to upgrade their ERP installation to meet new requirements. Whether from a new implementation or an upgrade, expense and risks arise from four primary factors: collaborative management, requirements gaps, transition problems, and employee resistance.
Q7: How Do Inter-enterprise IS Solve the Problems of Enterprise Silos?
Providers keep track of information in their system. At home, individuals generate data and that information is recorded in mobile devices. Systems like this are referred to as distributed systems because applications processing is distributed across multiple computing devices. Standards such as http, https, html5, css3, JavaScript, and SOA using Web services enable programs to receive data from and display data to a variety of mobile and desktop services.
Processes are divided into two broad categories. Structured processes are formally defined, standardized processes that involve day-to-day operations: accepting a return, placing an order, purchasing raw materials, and so forth. Dynamic processes are flexible, informal, and adaptive processes that normally involve strategic and less structured managerial decisions and activities such as deciding whether to open a new store location and how best to solve the problem of excessive product returns. Processes are used at three levels of organizational scope: workgroup, enterprise, and inter-enterprise. A workgroup process exists to enable workgroups to fulfill the charter, purpose, and goals of a particular group or department. Enterprise processes span an organization and support activities in multiple departments. Inter-enterprise information systems support one or more inter-enterprise processes.
Q2: How Can Information Systems Improve Process Quality?
The two dimensions of process quality are efficiency and effectiveness. Process efficiency is a measure of the ratio of process outputs to inputs. Process effectiveness is a measure of how well a process achieves organizational strategy. Organizations can improve the quality of a process in one of three ways: change the process structure, change the process resources, or change both process structure and resources. Information systems can be used to improve process quality by: performing an activity, augmenting a human who is performing an activity, or controlling data quality and process flow.
Q3: How Do Information Systems Eliminate the Problems of Information Silos?
An information silo is the condition that exists when data are isolated in separated information systems. It's completely natural for workgroups to develop information systems solely for their own needs, but over time, the existence of these separate systems will result in information silos that cause numerous problems. When an organization has inconsistent duplicated data, it's said to have a data integrity problem. Additionally, when applications are isolated, business processes are disjointed. A consequence of such disjointed activities is the lack of integrated enterprise information.
Q4: How Do CRM, ERP, and EAI Support Enterprise Processes?
Organizations realized that their existing business processes needed to change so businesses went through projects called business process reengineering which is the activity of altering existing and designing new business processes to take advantage of new information systems. Over time, three categories of enterprise applications emerged: customer relationship management, enterprise resource planning, and enterprise application integration. A customer relationship management (CRM) system is a suite of applications, a database, and a set of inherent processes for managing all the interactions with the customer, from lead generation to customer service. Enterprise resource planning (ERP) is a suite of applications called modules, a database, and a set of inherent processes for consolidating business operations into a single, consistent, computing platform. Enterprise application integration (EAI) is a suite of software applications that integrates existing systems by providing layers of software that connect applications together.
Q5: What Are the Elements of an ERP System?
For a product to be considered a true ERP product it must include applications that integrate: supply chain, manufacturing, CRM, human resources, and accounting. An ERP solution consists of application programs, databases, business process procedures, and training and consulting. ERP vendors design application programs to be configurable so that the development teams can alter them to meet an organization's requirements without changing program code. An ERP solution includes a database design as well as initial configuration data. It doesn't contain the company's operational data. Large organization databases contain two types of program code. The first, a trigger, is a computer program stored within the database that runs to keep the database consistent when certain conditions arise. The second, a stored procedure, is a computer program stored in the database that is used to enforce business rules.
Q6: What Are the Challenges of Implementing and Upgrading Enterprise Information Systems?
Implementing new enterprise systems is challenging, difficult, expensive, and risky. It's not unusual for enterprise system projects to be well over budget and a year or more late. In addition to new ERP implementations, numerous organizations now need to upgrade their ERP installation to meet new requirements. Whether from a new implementation or an upgrade, expense and risks arise from four primary factors: collaborative management, requirements gaps, transition problems, and employee resistance.
Q7: How Do Inter-enterprise IS Solve the Problems of Enterprise Silos?
Providers keep track of information in their system. At home, individuals generate data and that information is recorded in mobile devices. Systems like this are referred to as distributed systems because applications processing is distributed across multiple computing devices. Standards such as http, https, html5, css3, JavaScript, and SOA using Web services enable programs to receive data from and display data to a variety of mobile and desktop services.
Chapter 6 Summary
Q1: Why Is the Cloud the Future for Most Organizations?
The cloud is the elastic leasing of pooled computer resources over the Internet. The term cloud is used because most early diagrams of three-tier and other Internet-based systems used a cloud symbol to represent the Internet and organizations came to view their infrastructure as being "somewhat in the cloud." The term elastic means that the computing resources leased can be increased or decreased dynamically, programmatically, in a short span of time and that organization pay for just the resources that they use. Cloud sources are pooled because many different organizations use the same physical hardware; they share that hardware through virtualization. Cloud vendors dynamically allocate virtual machines to physical hardware as customer needs increase or decrease.
Q2: What Network Technology Supports the Cloud?
A computer network is a collection of computers that communicate with one another over transmission lines or wirelessly. A local area network (LAN) connects computers that reside in a single geographic location on the premises of the company that operates the LAN. A wide are network (WAN) connects computers at different geographic locations. The computers in two separated company sites must be connected using a WAN. The single versus multiple site distinction is important. With a LAN, an organization can place communications lines wherever it wants because all lines reside on its premises. An internet is a network of networks. Internets connect LANs, WANs, and other internets. The most famous internet is "the internet", the collection of networks that you use when you send email.
Q3: How Does the Cloud Work?
An Internet address is called an IP address, which is a number that identifies a particular device. Public IP addresses identify a particular device on the public Internet. Because public IP addresses must be unique, worldwide, their assignment is controlled by a public agency known as ICANN (Internet Corporation for Assigned Names and Numbers). Private IP addresses identify a particular device on a private network, usually on a LAN. IP addresses have two formats. The most common form, called IPv4 has a four decimal dotted notation. the second called IPv6 has a longer format and will not concern us here.
Q4: How Do Organizations Use the Cloud?
An organization that provides software as a service (SaaS) provides not only hardware infrastructure, but also an operating system and application programs as well. The second category of cloud hosting is platform as a service (PaaS) whereby vendors provide hosted computers, an operating system, and possibly a DBMS. The most basic cloud offering is infrastructure as a service (IaaS) which is the cloud hosting of a bare server computer or data storage. A content delivery network (CDN) is a system of hardware and software that stores user data in many different geographical locations and makes those data available on demand.
Q5: How Can AllRoad Parts Use the Cloud?
AllRoad Parts is a small company with a very small IT department. Software as a service requires little investment in the hardware and software system components. AllRoads leases hardware and operating systems in the cloud from the cloud vendor.
Q6: How Can Organizations Use Cloud Service Security?
A virtual private network (VPN) uses the Internet to create the appearance of private, secure connections. A private cloud is a cloud that is owned and operated by an organization for its own benefit. A virtual private cloud (VPC) is a subset of a public cloud that has highly restricted, secure access. An organization can build its own VPC on top of public cloud infrastructure like AWS or that provided by other cloud vendors.
The cloud is the elastic leasing of pooled computer resources over the Internet. The term cloud is used because most early diagrams of three-tier and other Internet-based systems used a cloud symbol to represent the Internet and organizations came to view their infrastructure as being "somewhat in the cloud." The term elastic means that the computing resources leased can be increased or decreased dynamically, programmatically, in a short span of time and that organization pay for just the resources that they use. Cloud sources are pooled because many different organizations use the same physical hardware; they share that hardware through virtualization. Cloud vendors dynamically allocate virtual machines to physical hardware as customer needs increase or decrease.
Q2: What Network Technology Supports the Cloud?
A computer network is a collection of computers that communicate with one another over transmission lines or wirelessly. A local area network (LAN) connects computers that reside in a single geographic location on the premises of the company that operates the LAN. A wide are network (WAN) connects computers at different geographic locations. The computers in two separated company sites must be connected using a WAN. The single versus multiple site distinction is important. With a LAN, an organization can place communications lines wherever it wants because all lines reside on its premises. An internet is a network of networks. Internets connect LANs, WANs, and other internets. The most famous internet is "the internet", the collection of networks that you use when you send email.
Q3: How Does the Cloud Work?
An Internet address is called an IP address, which is a number that identifies a particular device. Public IP addresses identify a particular device on the public Internet. Because public IP addresses must be unique, worldwide, their assignment is controlled by a public agency known as ICANN (Internet Corporation for Assigned Names and Numbers). Private IP addresses identify a particular device on a private network, usually on a LAN. IP addresses have two formats. The most common form, called IPv4 has a four decimal dotted notation. the second called IPv6 has a longer format and will not concern us here.
Q4: How Do Organizations Use the Cloud?
An organization that provides software as a service (SaaS) provides not only hardware infrastructure, but also an operating system and application programs as well. The second category of cloud hosting is platform as a service (PaaS) whereby vendors provide hosted computers, an operating system, and possibly a DBMS. The most basic cloud offering is infrastructure as a service (IaaS) which is the cloud hosting of a bare server computer or data storage. A content delivery network (CDN) is a system of hardware and software that stores user data in many different geographical locations and makes those data available on demand.
Q5: How Can AllRoad Parts Use the Cloud?
AllRoad Parts is a small company with a very small IT department. Software as a service requires little investment in the hardware and software system components. AllRoads leases hardware and operating systems in the cloud from the cloud vendor.
Q6: How Can Organizations Use Cloud Service Security?
A virtual private network (VPN) uses the Internet to create the appearance of private, secure connections. A private cloud is a cloud that is owned and operated by an organization for its own benefit. A virtual private cloud (VPC) is a subset of a public cloud that has highly restricted, secure access. An organization can build its own VPC on top of public cloud infrastructure like AWS or that provided by other cloud vendors.
Subscribe to:
Posts (Atom)