ISA235 Final Exam Review

ISA235 Final Exam Review

Chapters and Number of questions on exam

Chapter 1 - 5

  • Why is Introduction to MIS the most important class in the business school?
    • What are cost-effective business applications of Facebook and Twitter and whatever will soon appear?
    • How can I attain job security?
    • How can Intro to MIS help you learn nonroutine skills? Abstract Reasoning, Systems Thinking, Collaboration, Ability to Experiment
    • Jobs
    • What is the bottom line?
  • What is an information system?
    • Hardware
    • Software
    • Data
    • Procedures
    • People
  • What is MIS?
    • Management of Information Systems: Management and use of information systems that help businesses achieve their strategies
  • Why is the difference between information technology and information systems important to you?
    • IT: Products, methods, inventions, and standards used to produce information
    • IT makes up the hardware, software, and data components of IS
    • You can buy IT, but can’t buy IS
  • What is your role in IS security?
    • Strong passwords
    • Password etiquette
    • Security can make or break a company’s reputation
      • Important to store customer information safely out of reach of hackers

Abstract reasoning - ability to make and manipulate models

Collaboration -activity of two or more people working together to achieve a common goal/result/work product

Experimentation - making a reasoned analysis of an opportunity, envisioning potential solutions, evaluating those possibilities, and developing the most promising ones, consistent with the resources you have

Information system (IS) - a group of components that interact to produce information

five-component framework: computer hardware, software, data, procedures, and people

Information technology (IT) - the products, methods, inventions and standards that are used for the purpose of producing information

Management information systems (MIS) - the management and use of information systems that help businesses achieve their strategies; management and use, information systems, and strategies

Moore’s Law - 1965 Gordon Moore - because of technology improvements in electronic chip design and manufacturing, the “number of transistors per square inch on an integrated chip doubles every 18 months” - not the speed

Strong password - has 10 or more characters (12 is better), does not contain your username/real name/company name, does not contain a complete dictionary word in any language, is different from previous passwords you have used, contain both upper/lower case letters/numbers/special characters

System - group of components that interact to achieve some purpose

Systems thinking - ability to model the components of the system to connect the inputs and outputs among those components into a sensible whole that reflects the structure and dynamics of the phenomenon observed

Chapter 2 and CE-18 - 3

  • Why does the AllRoad team need to understand business processes?
  • How can business process modeling help AllRoad?
    • How AllRoad works
    • The existing AllRoad process
    • How AllRoad processes must change to support 3D printing
  • How can information systems improve process quality?
    • What is process quality? can be measured by effectiveness and efficiency
    • Using information systems to improve process quality
  • What is information?
    • Definitions vary
    • Where is information?
  • What data characteristics are necessary for quality information?
    • Accurate
    • Timely
    • Relevant
    • Just barely sufficient
    • Worth its cost

(chapter 18 extension)

  • Why do organizations need to manage business processes?
    • Business Process: Network of activities, actors, roles, repositories, data and sequence flows that interact to accomplish a business function
    • BP’s are often dynamic and need to be changed frequently
      • Process Quality
        • Improving Efficiency: use of resources
        • Improving Effectiveness: accomplishing strategy
      • Changes in Technology
        • Keeping up to date with Tech
      • Change in Business Fundamentals:
        • Changes in the following warrant modifying BP
          • Market (new customers, change in customer characteristics)
          • Product Lines
          • Supply Chain
          • Company Policy
          • Company Organization (mergers/acquisitions)
          • Internationalization
          • Business Environment
        • What are the stages of business process management (BPM)?
          • BPM: cyclical process for systematically creating, assessing, and altering bus. processes
            • Create Process Components
            • Implement Processes
            • Assess Results
            • Model Processes
          • How do business processes and information systems relate?
            • Information systems elements are embedded within business processes
            • Business processes usually use more than one IS
            • IS’s can be used across different departments
          • Which comes first, business processes or information systems?
            • Business Process First
              • Works well for business processes but can cause problems later for other problems using the same IS
            • IS First
              • More established IS, but weaker business process; focus more on IS than BP
            • Answer: Business Process First is best in theory, in practice no clear answer
              • If a company licenses an application from vendor it’s better to start with BP
            • How is BPM practiced in the real world?
              • Defining the process problem
              • Designing the new process
              • Create process components
              • Implement new processes

Actor - in a business process, a person/group/department/organization or information system

Activities - a function in a business process that receives inputs and produces outputs. Any activity can be performed by a human, by a computer system, or by both

Business process - a network of activities, repositories, roles, resources, and flows that interact to achieve some business function (aka business system); network of activities that generate value by transforming inputs into outputs

Business process modeling notation - BPMN, standard set of terms and graphical notations for documenting business processes

(BPMN) Data -

Data flows - a BPMN symbol that documents the movement of data among activities and repositories in a business process

Efficiency - the ratio of benefits to costs

Information - 1) knowledge derived from data, where data is defined as recorded facts or figures, 2) data presented in a meaningful context, 3) data processed by summing, ordering, averaging, grouping, comparing, or other similar operations, 4) a difference that makes a difference

Repository - in a business process model, a collection of something like a database

Role - collection of activities in a business process

Swimlane format - a type of business process diagram, each role is shown in its own horizontal rectangle, can be used to simplify process diagrams and to draw attention to interactions among components of the diagram

As-is model - a model that represents the current situation and processes

Business process management (BPM) - a cyclical process for systematically creating, assessing, and altering business processes

Chapter 3 - 5

  • How does organizational strategy determine information systems requirements?
    • Organizations examine the structure of their industry and develop competitive strategies
  • What five forces determine industry structure?
    • Competitive Forces:
      • Competitions from vendors of substitutes
      • Competition from new competitors
      • Competition from existing rivals
    • Bargaining Power Forces
      • Bargaining power of suppliers
      • Bargaining power of customers
    • What is competitive strategy?
      • Competitive Strategy: Strategy employed by a company that differentiates it from competition
    • How does competitive strategy determine value chain structure?
      • Value chain linkages: Interactions across value activities
      • Primary activities:
        • Inbound Logistics: Receiving, Storing, and disseminating inputs to the product
        • Operations/Manufacturing: Transforming inputs into the final product
        • Outbound Logistics: Collecting, storing, and physically distributing the product to buyers
        • Sales and Marketing: Inducing buyers to purchase the product and providing a means for them to do so
        • Customer Service: Assisting customer’s use of the product and thus maintaining and enhancing the product’s value
      • Support activities:
        • Procurement: Finding the resources needed for operation; includes finding vendors and negotiating prices
        • Human Resources Management: Recruiting, hiring, training, retaining staff
        • Technological Development: Managing and processing information
        • Infrastructure: Company’s support systems, and the functions that allow it to maintain daily operations
      • How do value chains determine business processes and information systems?
        • Companies must make big changes if value margins are negative or low
      • How do information systems provide competitive advantages?
        • Competitive Advantage via Products
          • Product Implementations
            • Creating new products or services
            • Enhancing products or services
            • Differentiating products or services
          • Process Implementations
            • Lock in customers and buyers
            • Lock in suppliers
            • Raise barriers to market entry
            • Establish alliances
            • Reduce costs
          • Competitive Advantage via Business Processes
            • Switching Costs: Costs that cause difficulty or expense for customers to switch to another product
              • Creates barriers to entry
            • Establishing alliances w/ other organizations

Competitive strategy - the strategy an organization chooses as the way it will succeed; there are four fundamental competitive strategies: cost leadership across an industry or within a particular industry segment and product or service differentiation across an industry or within a particular industry segment

Five forces model - model that assesses industry characteristics and profitability by means of five competitive forces - threat of substitution, rivalry among firms, threat of new entrants, bargaining power of suppliers, and bargaining power of customers

Margin - the difference between the value that an activity generates and the cost of the activity

Primary activities - activities that contribute directly to the production, sale, or service of a product; they are inbound logistics, operations/manufacturing, outbound logistics, sales and marketing, and customer service

Support activities - activities that contribute indirectly to value creation: procurement, technology, human resources, and the firm’s infrastructure

Switching costs - business strategy of locking in customers by making it difficult or expensive to change to another product or supplier

Value - the amount of money that a customer is willing to pay for a resources, product, or service

Value chain - a network of value-creating activities

Chapter 4 and CE-3 - 5

  • What do business professionals need to know about computer hardware?
    • Basic Components
      • Input Hardware: keyboards, mouses
      • Central Processing Unit (CPU): Brain of the computer; processor
      • Output Hardware: screen, printer, speakers
      • Storage Hardware: Hard drives, USB stick
    • Computer data - Bits: How computers represent data (0s and 1s)
      • Byte→Kilobyte→Megabyte→Gigabyte→Terabyte→Petabyte→Exabyte
        • 1024
      • How can new hardware affect competitive strategies?
        • The Internet of things
        • Self-driving cars
        • 3D printing
      • What do business professionals need to know about software?
        • What are the major operating systems?
          • Major Non-mobile Operating Systems:
            • Windows
            • Mac OS X
            • Unix
            • Linux
          • Major Mobile Operating Systems:
            • Blackberry OS
            • iOS
            • Android
          • Virtualization
            • PC virtualization: Computer hosts several operating systems
            • Server Virtualization: Server hosts different server computers
            • Desktop Virtualization: Server hosts many versions of desktop operating systems
          • Owning versus licensing
          • What types of applications exist, and how do organizations obtain them?
            • Horizontal-Market App: Software provides capabilities common across industries
              • Microsoft Office
            • Vertical-Market Application: Software serves the needs of a specific industry
              • Engineering Software to create models
            • One of a Kind App: Software is created for a specific, unique need
            • Thick-Client: Very large application that must be preinstalled to use
            • Thin-Client: Small application that is less expansive than Thick but can be run in browser
          • What is firmware?
        • Is open source software a viable alternative?
          • Why do programmers volunteer their services?
          • How does open source work? - available to public
          • So, is open source viable? - no clear answer

(chapter 3 extension)

  • What are mobile systems?
    • Mobile system: Information systems that support users in motion
  • Why are mobile systems important?
    • Market is huge; everyone has a smartphone or laptop
    • Hardware
      • PC sales decline as Mobile Systems sales increase
    • Data
      • More mobile systems means more new data that professionals use to analyze markets
      • Mobile systems can cause organizations to lose control over their data
      • Changes online marketing
    • Procedures
      • Mobile systems are constantly on
      • Just in time
    • People
      • We are constantly connected
    • How do native and web-based mobile applications compare?
      • Native: Thick-client app designed to work with a particular operating system
      • Developing Native apps
        • Object-oriented: dynamic
      • Developing Thin-Client
        • These applications run under the Safari (or whatever browser) app on a phone
        • Thin-clients can run on any operating system and mobile device; Thick cannot
        • Thin are far cheaper
      • What characterizes quality mobile user experiences?
        • Good User interface and User Experience
          • UI: presentation format of an application
          • UX: UI and the way that the application behaves within that UI
        • Feature Content
          • Chrome: refers to visual overhead in a computer display
            • Context-Sensitive Chrome: chrome pops up in the display when appropriate
          • Direct Interaction: using content to drive application behavior
          • By using the cloud, companies can harness power of software with limited development on their end
          • Push Data: data the server sends to or pushes onto the device
          • Pull Data: data that a device requests from the server
        • Provide animation and lively behavior
        • Design to scale and share
        • Use the cloud
      • What are the challenges of personal mobile devices at work?
        • BYOD Pros & Cons



Cost savings

Data loss or damage

Greater employee satisfaction

Loss of control

Reduced need for training

Compatibility problems

Higher productivity

Risk of infection

  • Survey of organizational BYOD policy

Android - a mobile operating system that is a version of Linux, Android runs on the Google Nexus 7 and the Amazon Kindle Fire as well as many other mobile devices

Application software - programs that perform a business function; some application programs are general purpose, (Excel/Word), and others are specific to a business function (accounts payable)

Bits - the means by which computers represent data - binary digits that are 1 or 0

Bytes - one 8-bit chunk of data and characters of data

Client - PCs, tablets, and smartphones that access servers via the cloud

Client-server applications -

Closed source - source code that is highly protected and only available to trusted employees and carefully vetted contractors

Desktop virtualization - client virtualization and PC virtualization; process of storing a user’s desktop on a remote server, enables users to run their desktop from many different client computers

iOS - the operating system used on the iPhone, iPod touch, and iPad

Linux - a version of Unix that was developed by the open source community; the open source community owns Linux, and there is no fee to use is; popular operating system for Web servers

Mac OS - an operating system developed by Apple computer Inc; the current version is Mac OS X Mavericks

Machine code - code that has been compiled from source code and is ready to be processed by a computer; cannot be understood by humans

Main memory - memory that works in conjunction with the CPU; stores data and instruction read by the CPU and stores the results of the CPUs computations

Microsoft Windows - most popular nonmobile client operating system, Windows server that competes with Linux

Nonvolatile - memory that preserves data contents even when not powered (magnetic and optical disks); you can turn a computer off and back on and the contents will be unchanged

Open source - 1) source code that is available for a community access 2) a collaborative effort by which software developers create a product such as Linux; developers often volunteer their times; the jointly developed product can be used without paying a license fee

Operating system (OS) - a computer program that controls the computer’s resources: it manages the contents of main memory, processes keystrokes and mouse movements, sends signals to the display monitor, reads and writes disk files, and controls the processing of other programs

PC virtualization - like desktop virtualization

RAM - random access memory; computer’s main memory

Self-driving car - an autonomous or driverless car that uses a variety of sensors to navigate like a traditional car but without human intervention

Server - a computer that provides some type of service, such as hosting a database, running a blog, publishing a website, or selling goods; server computers are faster, larger, and more powerful than client computers

Server farm - a large collection of server computers that is organized to share work and compensate for one another’s failures

Server virtualization - the process of running two or more operating system instances on the same server; the host operating system runs virtual operating system instances as applications

Site license - a license purchased by an organization to equip all the computers on a site with certain software

Smart device - a device that has processing power, memory, network connectivity, and the ability to interconnect with other devices and applications

Source code - computer code written by humans and that is understandable by humans; source code must be translated into machine code before it can be processed

Thick-client application - software application that requires programs other than just the browser on a user’s computer; requires code on both client and server computers

Thin-client application - software application that requires nothing more than a browser

Unix - an operating system developed at Bell Labs in the 1970s; workhorse of the scientific and engineering communities

Virtualization - the process whereby multiple operating systems run as clients on a single host operating system; gives the appearance of many computers running on a single computer

Volatile - data that will be lost when the computer or device is not powered

Bring Your Own Device (BYOD) policy - an official organizational policy that states employees’ permissions and responsibilities when using personal mobile devices for organizational business

Just-in-time data - data delivered to the user at the time it is needed

Mobile device - a small, lightweight power-conserving computing device that is capable of wireless access

Native application - a thick-client application that is designed to work with a particular operating system and sometimes further limited to work only with a particular mobile device that runs that operating system

Chapter 5 - 5

  • What is the purpose of a database?
  • What is a database? self-describing collection of integrated records
    • Relationships among rows
      • Primary Key: uniquely identifying row in a Table
      • Foreign Key: Row that’s a Primary Key in another table
    • Metadata: Data that describes data
  • What is a database management system (DBMS)? Program used to create, process, and administer a database
  • How do database applications make databases more useful?
    • Database Application: Collection of forms, reports, queries, and application programs that
    • Database applications programs process logic that is specific to a given business need
    • Multi-User Processing
    • Enterprise DBMS: process large organizational and workgroup databases
    • Personal DBMS: Process smaller, simpler, database applications
  • What is a NoSQL DBMS? Software systems that support very high transaction rates, processing relatively simple data structures
    • Need to store new data types
    • Need for faster processing using many servers
    • Will NoSQL replace relational DBMS products?
    • NoSQL’s impact on the DBMS product market
    • What do nonrelational DBMS mean for you?

Columns - aka fields, or groups of bytes; a database table has multiple columns that are used to represent the attributes of an entity

Database - a self describing collection of integrated records

Database administration - a person or department that develops procedures and practices to ensure efficient and orderly multiuser processing of the database, to control changes to database structure and to protect the database

Database application - a collection of forms, reports, queries, and application programs that facilitates users’ processing of a database; can be processed by many different database applications

Database management system (DBMS) - a program for creating, processing, and administering a database; a DBMS is a large and complex program that is licensed like an operating system; Microsoft Access and Oracle are examples

Fields - columns

File - a group of similar rows or records - table

Foreign keys - a column or group of columns used to represent relationships; values of foreign keys match values of the primary key in a different table

Form - data entry forms used to read, insert, modify, and delete database data

Key - 1) a column or group of columns that identifies a unique row in a table (primary key); 2) a number used to encrypt data - encryption algorithm applies the key to the original message to produce the coded messages

Lost-update problem - a problem that exists in database applications in which two users update the same data item, but only one of those changes is recorded in the data; resolve by using locking

Metadata - data that describes data

Multi-user processing - the situation that exists when multiple users process the database at the same time

NoSQL DBMS - nonrelational databases that support very high transaction rates processing relatively simple data structures, replicated on many servers in the cloud

Primary Key - one or more columns in a relation whose values identify a unique row of that relation - key 121

Query - a request for data from a database

Records - rows; groups of columns in a database table

Relation - the more formal name for a database table

Relational database - databases that store data in the form of relations (tables with certain restrictions) and that represent record relationships using foreign keys

Report - a presentation of data in a structured, meaningful context

Rows - records;

Structured Query Language (SQL) - an international standard language for processing database data and metadata

Table - files; groups of similar rows or records in a database

Chapter 6 - 4

  • Why is the cloud the future for most organizations?
    • What is the cloud? elastic leasing of pooled computer resources that are accessed in Internet protocol
    • Positives
      • Small capital requirements, speedy development, flexibility, knowing costs
    • Negative
      • Loss of control, little visibility
    • The only time the cloud doesn’t make sense is when a company is required by law to maintain physical control of their data
  • How do organizations use the cloud?
    • Cloud services from cloud vendors
    • Content delivery networks
    • Use Web services internally
  • How can AllRoad Parts use the cloud?
    • SaaS services at AllRoad
    • PaaS services at AllRoad
    • IaaS services at AllRoad
  • How can organizations use cloud services securely?
    • Virtual Private Network: uses Internet to create the appearance of private point-to-point connections
      • VPN communications are secure because of encryption
    • Using a private cloud
    • Using a virtual private cloud
  • What does the cloud mean for your future?

Cloud - elastic leasing of pooled computer resources over the Internet

Elastic - in cloud computing. the situation that exists when the amount of resource leased can be dynamically increased or decreased, programmatically, in a short span of time, and organizations pay for just the resources that they use

Ethernet - another name of IEEE 802.3 protocol, a communications standard that specifies how messages are to be packaged, processed, and transmitted for wired transmission over a LAN

Infrastructure as a service (IAAS) - the cloud hosting of a bare server computer or data storage

Platform as a service (Paas) - vendors provide hosted computers, an operating system, and possibly a DBMS

Pooled - the situation in which many different organizations use the same physical hardware

Service-oriented architecture (SOA) - a design philosophy that dictates that all interactions among computing devices are defined as services in a formal, standardized way - makes the cloud possible

Software as a service (SaaS) - leasing hardware infrastructure, operating systems, and application programs to another organization

Tunnel - a virtual, private pathway over a public or shared network from the VPN client to VPN server

Virtual private network (VPN) - a WAN connection alternative that uses the Internet or a private internet to create the appearance of private point-to-point connections; virtual is something that appears to exist that does not exist in fact- VPN uses the public internet to create the appearance of a private connection

Web services - SOA-designed programs that comply with web service standards

Chapter Extension 8 - 2

  • What is a computer network? Collection of computers that communicate w/ one another wirelessly
  • What are the components of a LAN?
    • Wired connection
      • Switch: special-purpose computer that receives & transmits wired traffic
      • Network Interface Card: device that connects the computer’s/printer’s circuitry to network wires
      • Ethernet: Protocol for LAN
    • Wireless connection
      • Access Point: Processes wireless traffic and communicates with the wired switch
      • Bluetooth: Wireless phone calls
    • Connecting to the Internet
      • Internet Service Provider (ISP): Gateway to the Internet
      • Digital Subscriber Line: Provides internet through phone lines
      • Cable Lines: High speed data transmission using cable TV lines
    • How does the Internet work?
      • An Internet example
    • TCP/IP Protocol Architecture: protocol architecture having 5 layers
      • Layer 1: Physical Hardware
      • Layer 2: Data Link
      • Layer 3: Internet
        • IP: specifies the routing of the pieces of your message thru the networks
      • Layer 4: Transport
        • TCP: breaks up traffic into pieces and sends each piece along its way
      • Layer 5: Application
        • HTTP: protocol used between browsers and web servers
      • HTTPS: Secure version of HTTP
        • SMTP: Used for email
        • File Transfer Protocol: Used to move files over the Internet; used to maintain sites
      • Packet: Piece of a message that’s handled by programs that implement IP
      • Router: Special-purpose computer that moves packet traffic according to IP protocol
      • IP Addressing
        • IP Address: Number that identifies a particular device
        • Domain Name: Worldwide, unique name that’s affiliated with a public IP address
        • URL: Specific address on the Internet
        • Carriers and net neutrality
        • Processing on a web server
          • Web Servers: programs that run on a server-tier computer that manage HTTP traffic by sending and receiving web pages to and from clients
          • HTML: Most common language for defining the structure and layout of Web pages
        • How does the cloud work?
          • Service-oriented architecture (SOA)
          • Protocols supporting web services

10/100/1000 Ethernet - a type of ethernet that conforms to the IEEE 802.3 protocol and allows for transmission at a rate of 10, 100, or 1000 mbps (megabits per second)

Bluetooth - a common wireless protocol designed for transmitting over short distances, replacing cables

Commerce server - an application program that runs on a server tier computer, a typical commerce server obtains product data from a database, manages items in users’ shopping carts, and coordinates the checkout process

Database tier - in the 3 tier architecture, the tier that runs the DBMS and receives and processes requests to retrieve and store data

Digital subscriber line (DSL) - a communications line that operates on the same lines as voice telephones, but does so in such a manner that its signals do not interfere with voice telephone service

Domain name - a worldwide unique name that is registered in the domain name system (DNS) and is affiliated with public IP address

Ethernet -

ICANN (Internet Corporation for Assigned Names and Numbers) - the organization responsible for managing the assignment of public IP addresses and domain names for use on the Internet, each public IP address is unique across all computers on the internet

Internet - a private network of networks

Internet service provider (ISP) - an ISP provides a user with a legitimate internet address; it serves as the user’s gateway to the internet; and it passes communications back and forth between the user and the internet; ISPs also pay for the internet; they collect money from their customers and pay access fees and other charges on the users’ behalf

Intranet - a private internet used within a corporation or other organization

IP (Internet Protocol) -

IP address - a series of dotted decimals in a format like that identifies a unique device on a netowkr or internet

IPv4 - the most commonly used internet layer protocol; has a four decimal dotted notation

IPv6 - an internet layer protocol that uses 128-bit addresses and is gradually replacing IPv4

Local area network (LAN) - a network that connects computers that reside in a single geographic location on premises of the company that operates the LAN; the number of connected computers can range from 2 to several hundred

Net neutrality - the idea that all data should be treated equally as it passes between networks regardless of its type, source, or quantity

Network - a collection of computers that communicate with one another over transmission lines

Optical fiber cables -

Packet - a formatted message that passes through networks

Private IP address - a type of IP address used within private networks and internets; private IP addresses are assigned and managed by the company that operated the private network/internet

Protocol - a set of rules for packaging and processing traffic on a network

Public IP address - an IP address used to identify a particular device on the internet; assigned to major institutions in blocks by ICANN; each IP address is unique across all computers on the internet

Server tier - the tier that consists of computers that run web servers for generating web pages and responding to requests from browsers; also process application programs

TCP/IP Protocol architecture - a protocol architecture having 5 layers and one or more protocols defined at each layer; programs are written to implement the rules of a particular protocol

The Internet - the public collection of networks used for transmitting data worldwide

Three-tier architecture - architecture used by most e-commerce server applications; the tiers refer to three different classes of computers; the user tier = users’ computers that have browsers that request and process web pages; the server tier = computers that run web servers and in the process generate web pages and other data in response to requests from browsers; database tier = runs the DBMS that processes the database

URL (Uniform Resource Locator) - an address on the internet; consists of a protocol followed by a domain name or public IP address

User tier - the tier that consists of computers, phones, and other mobile devices that have browsers and request or process web pages and other services

Web servers - programs that run on a server-tier computer and that manage http traffic by sending and receiving web pages to and from clients and by processing client requests

Wide area network (WAN) - a network that connects computers at different geographic locations

Chapter 7, CE-9 (Q1-Q3), and

CE- 10 (omit Q5)

  • How do information systems vary by scope?
    • Personal Information Systems: IS used by one person
    • Workgroup IS: IS that facilitates the activities of a group
    • Enterprise IS: IS for an entire organization
    • Inter-Enterprise IS: IS used for more than one independent organizations
  • How do enterprise systems solve the problems of departmental silos?
    • What are the problems of information silos?
      • Data duplication: Having multiple copies of data
      • Disjointed Processes: Different departments having different values for the same information
      • Limited information and lack of integrated information
      • Isolated decisions lead to organizational inefficiencies
      • Increased expenses
    • How do organizations solve the problems of information silos?
      • Integrate all data into one database and revise applications to use it
    • An enterprise system for patient discharge
    • Business process reengineering
  • How do CRM, ERP, and EAI support enterprise systems?
    • CRM: Suite of applications, a database, and a set of inherent processes for managing all the interactions with the customer, from lead generation to customer service
      • Every contact and transaction w/ the customer is recorded in the CRM database
    • ERP: suite of applications, a database, and set of inherent processes for consolidating business operations into a single, consistent, computing platform
      • Forecast sales and create manufacturing plans
    • EAI: suite of software applications that integrates existing systems by providing layers of software that connect applications together
      • connects system islands via new layer of software
      • enables existing applications to communicate and share data
      • provides integrated info
      • leverages existing systems
      • enables gradual move to ERP
    • What are the challenges when implementing and upgrading enterprise systems?
      • Collaborative Management
        • No clear boss; no one to serve as an intermediary
      • Requirement gaps
        • Gaps b/t requirements of the organization & capabilities of the application
      • Transition problems
        • Moving from old to new
      • Employee resistance
        • Resistance to change
      • How do inter-enterprise IS solve the problems of enterprise silos?
        • By sharing databases, more information is available to prevent silos
  • What is the purpose of ERP systems?
    • ERP: Suite of applications, a database, and set of processes for supporting consolidated business processes w/ a single information system
    • ERP System: Information system based on an ERP technology
  • What are the elements of an ERP solution?
    • ERP Application Programs
      • Vendors design application programs to be dynamic in changing source code
    • ERP Databases
      • Trigger: computer program stored within the database that runs to keep the database consistent when a certain
      • Stored Procedure: computer program stored in the database that is used to enforce business rules
    • Business Process Procedures
      • Process Blueprints: inherent processes that are defined in the ERP solution
    • Training and Consulting
      • Train the Trainer: Training sessions where vendors train the organization’s employees, to become in-house trainers in order to improve training quality
    • How are ERP systems implemented and upgraded?
      • As-is Model: making adjustments to solve problems within the business processs

Business process reengineering - the activity of altering existing and designing new business processes to take advantage of new information systems technology

Customer relationship management (CRM) system - a suite of applications, a database, and a set of inherent processes for managing all the interactions with the customers, from lead generation to customer service

Data integrity - in a database or a collection of databases, the condition that exists when data values are consistent and in agreement with one another

Departmental information systems - workgroup information systems that support a particular department

Enterprise application integration (EAI) - a suite of software applications that integrates existing systems by providing layers of software and metadata that connect applications together

Enterprise information system - information systems that support cross-functional processes and activities in multiple departments

Enterprise resource planning (ERP) - a suite of applications called modules, a database, and a set of inherent processes for consolidating business operations into a single, consistent computing platform

Functional information system - workgroup information systems that support a particular business function

Information silo - a condition that exists when data are isolated in separate information silos - leads to data integrity problems

Inter-enterprise information system - information systems that support one or more inter-enterprise processes

Personal information system - information system used by a single individual

Workgroup information system - an information system that supports a particular department or workgroup

As-is model -

Enterprise resource planning (ERP) -

Modules - a suite of applications in an ERP system

Process blueprint - in an ERP application, comprehensive sets of inherent processes for all organizational activities, each of which is documented with diagrams that use a set of standardized symbols

Train the trainer - training sessions in which vendors train the organization’s employees called super users, to become in-house trainers in order to improve training quality and reduce expenses

  • What are typical inter-enterprise processes?
    • Inter-Enterprise IS: IS shared by two or more independent organizations
      • Automated Clearing House used by banks to process checks
    • What is a supply chain?
      • SC: Network of organizations and facilities that transform raw material into a product
    • What factors affect supply chain performance?
      • Four main drivers affect supply chain performance:
        • Facilities: Location, size, and operations methodology of the places where products are fabricated, assembled, or stored
        • Inventory: All materials in the supply chain including raw materials, in process work, and finished goods
        • Transportation: Movement of materials in the supply chain
          • Inventory Management decisions includes when to reorder products
        • Information: Affects the ways that organizations in the supply chain request, respond, and inform each other
          • Purpose: Transactional (orders, order returns) or Informational (sharing inventory and customer order data)
          • Availability: ways in which companies share their information
          • Means: Methods by which information is transmitted
        • How does supply chain profitability differ from organizational profitability?
          • SC Profitability: Difference b/t sum of revenue generated by SC and costs of SC
          • Profitability maximization doesn’t come from maximizing each step in the supply chain, some parts of chain running at less profitability actually raises overall profitability
        • How do information systems affect supply chain performance?
          • Reduce costs of buying and selling
          • Increase supply chain speed
          • Reduce costs and size of inventories
          • Improve delivery scheduling-enable Just-in-Time
          • Fix Bullwhip effect

Supply chain - a network for organizations and facilities that transforms raw materials into products delivered to customers

Supply chain profitability - the difference between the sum of the revenue generated by the supply chain and the sum of the costs that all organizations in the supply chain incue to obtain that revenue

Chapter 8 - 3

  • What is a social media information system (SMIS)?
    • SMIS: an information system that supports the sharing of content among networks of users
      • User communities
      • Social media sponsors: Companies that choose to support a presence on one or more SM sites
      • Social media application providers: Companies that operate SM sites
    • SMIS Components
      • Hardware: desktops, laptops, smartphones, tablets
      • Software: mobile applications
      • Data
        • Content Data: Data contributed from users and SM sponsors
        • Connection: Data about relationships
      • Procedures: Very informal
      • People: Drive the entire site; casual for everyone other than sponsors
      • Not Free: There are costs associated with running the business and maintenance
    • How do SMIS advance organizational strategy?
      • Defenders of belief: defend the hive mind
      • Seekers of truth: look to solve problems and make changes
      • Social Media & Marketing
        • Social CRM: relationship emerges in a dynamic process as both parties create and process content
        • Companies can reach new markets over internet
      • Social Media & Customer Service
        • Companies can reach out disgruntled customers and vice versa
      • Social Media & Inbound and Outbound Logistics
        • Seekers of the truth can provide solutions to problems via SM; loss of privacy
      • Social Media & Manufacturing and Operations
        • Crowdsourcing: employing users to participate in product design
      • Social Media & Human Resources
        • LinkedIn
      • How do SMIS increase social capital?
        • Value of Social Capital
          • Information about opportunities, alternatives, problems, and other factors
          • Influence decision makers
          • Social credential is a being linked to a network of highly regarded contacts
          • Personal reinforcement of the way you define yourself to the world
        • Social Networks Add value to business
          • Companies have social capital
            • Salespeople
            • PR
            • Presence on Facebook, LinkedIn, Twitter
          • Social Networks increase the strength of relationships
            • Strength of Relationship: likelihood that the entity in the relationship will do something that benefits the organization
            • Relationships don’t depreciate nearly as fast as other forms of capital
            • Strengthening relationships and hence increase social capital
          • How do (some) companies earn revenue from social media?
            • You are the product
            • Revenue models for social media - ads online
            • Does mobility reduce online ad revenue? - yes
          • How can organizations address SMIS security concerns?
            • Managing risk of employee communication
              • Social Media Policy: statement that delineates employees’ rights and responsibilities
              • Policies
                • Disclose (transparency)
                • Protect (corporate secrets)
                • Common Sense (keep it cool)
              • Managing risk of user-generated content
                • UGC: content provided by non-employees
                  • Problems
                • Junk and crackpot contributions
                • Inappropriate content
                • Unfavorable reviews
                • Mutinous movements
                • Responding Possibilities
                • Leave it
                • Respond
                • Delete
                • Where is social media taking us?

Business-to-business (B2B) - relationships through which businesses generate new retail leads

Business-to-consumer (B2C) -relationships through which businesses market their products to end users

Communities - groups of people related by a common interest

Connection data - in social media systems, data about relationships

Content data - in social media systems, data and responses to data that are contributed by users and SM sponsors

Crowdsourcing - the dynamic social media process of employing users to participate in product design or redesign

Influencer - an individual in a social network whose opinion can force a change in others’ behavior and beliefs

Social capital - the investment in social relations with expectation of future returns in the marketplace

Social CRM - CRM that includes social networking elements and gives the customer much more power and control in the customer/vendor relationship

Social media (SM) - the use of information technology to support the sharing of content among networks of users

Social media providers - companies that provide platforms that enable the creation of social networks - Facebook, Twitter, LinkedIn, and Google

Strength of a relationship - in social media, the likelihood that a person or other organization in a relationship will do something that will benefit the organization

User generated content (UGC) - content on an organization’s social media presence that is contributed by nonemployee users

Value of social capital - value of social network that is determined by the number of relationships in a social network, the strength of those relationships, and the resources controlled by those related

Viral hook - an inducement that causes someone to share an ad, link, file, picture, movie, or other resource with friends and associates over the Internet

Chapter 9 - 4

  • How do organizations use business intelligence (BI) systems?
    • Tasks accomplished with BI systems
      • Project Management
      • Problem Solving
      • Deciding
      • Informing
    • What are the 3 primary activities in the BI process?
  • Acquire Data: through database
  • Analyze Data
  • Publish Results
  • Using business intelligence to find candidate parts at AllRoad
  • How do organizations use data warehouses and data marts to acquire data?
    • Data Warehouse: facility for managing an organization’s BI data
      • Obtain data
      • Cleanse data
      • Organize and relate data
      • Catalog data
    • Problems w/ Operational Data
      • Dirty data
      • Missing values
      • Inconsistent data
      • Data not integrated
      • Granularity: too detailed or not detailed enough
    • Data Warehouses vs. Data Marts
      • Data Warehouse: distributor in a supply chain
      • Data Mart: retail store in a supply chain
    • What are three techniques for processing BI data?
      • Reporting Analysis: Process of sorting, grouping, summing, filtering, and formatting structured data
        • Creating information about past performance
      • Data Mining: Application of statistical techniques to find patterns and relationships among data for classification and prediction
        • Classify and predict
      • BigData: Data collections that are characterized by huge volume, rapid velocity, and great variety
        • Find patterns and relationships in BigData
      • What are the alternatives for publishing BI?
        • Email
        • Web Server
        • SharePoint
        • BI server
        • What are the two functions of a BI server? Web server application that is purpose-built for the publishing of business intelligence
      • Management: Maintains metadata
      • Delivery: tracks what results are available

BI analysis - the process of creating business intelligence. The three fundamental categories of BI analysis are reporting, data mining, and BigData. Knowledge management is also sometimes considered a form of BI analysis

BigData - a term used to describe data collections that are characterized by huge volume, rapid velocity, and great variety

Business intelligence (BI) - the process of using operational and other data to create information that exposes patterns, relationships, and trends of importance to the organization

Cluster analysis - an unsupervised data mining technique whereby statistical techniques are used to identify groups of entities that have similar characteristics. A common use for cluster analysis is to find groups of similar customers in data about customer orders and customers demographics

Cookie - a small file that is stored on the user’s computer by a browser. Cookies can be used for authentication, for storing shopping cart contents and user preferences, and for other legitimate purposes. Cookies can also be used to implement spyware.

Data mart - a data collection, smaller than the data warehouse, that addresses the needs of a particular department or functional area of the business

Data mining - the application of statistical techniques to find patterns and relationships among data for classification and prediction

Data warehouse - a facility for managing an organization’s BI data

Decision support systems - an older term that is sometimes used as a synonym for decision-making BI systems

Dynamic reports - business intelligence documents that are updated at the time they are requested

Exception reports - reports produced when something out of predefined bounds occurs

Granularity - the level of detail in data. Customer name and account balance are large granularity data. Customer name, balance, and the order details and payment history of every customer order are smaller granularity.

Hadoop - an open source program supported by the Apache foundation that manages thousands of computers and that implements MapReduce

MapReduce - a two-phase technique for harnessing the power of thousands of computers working in parallel. During the first phase, the Map phase, computers work on a task in parallel; during the second phase, the reduce phase, the work of separate computers is combined, eventually obtaining a single result

Pull publishing - data that mobile or other computing devices request from the server

Push publishing - data that the server sends to or pushes onto mobile or other computing devices

Regression analysis - a type of supervised data mining that estimates the values of parameters in a linear equation. Used to determine the relative influence of variables on an outcome and also to predict future values of that outcome

Static reports - business intelligence documents that are fixed at the time of creation and do not change

Structured data - data in the form of rows and columns

Supervised data mining - a form of data mining in which data miners develop a model prior to the analysis and apply statistical techniques to data to estimate values of the parameters of the model

Unsupervised data mining - a form of data mining whereby the analysts do not create a model or hypothesis before running the analysis. Instead, they apply the data mining technique to the data and observe the results. With this method, analysts create hypotheses after the analysis to explain the patterns found

Chapter 10 - 4

  • What is the goal of information systems security?
    • Finding the trade-off b/t cost and risk
    • Security Threat Scenario
      • Threat: Person seeking to obtain or alter data illegally
      • Vulnerability: opportunity for threats to gain access to assets
      • Safeguard: Measure taken to block threat from the asset
      • Target: the asset desired by the threat
    • Sources of threat
      • Human error: accidents
      • Computer Crime: employees/ former employees who intentionally destroy data
        • Hackers
      • Natural Disasters: physical damage to hardware
    • Security Loss
      • Unauthorized Data Disclosure: threat obtains data that is supposed to be protected
      • Incorrect Data Modification: human error where employees follow procedures incorrectly
      • Faulty Service: problems resulting from incorrect system operation
      • Denial of Service: human error in following procedures or lack of procedures
      • Loss of Infrastructure: cords or physical hardware being damaged
    • Preventing Threats
  • How big is the computer security problem?
    • Computer crime in 2011 cost an estimated $388 B
    • IDS: computer program that senses when another computer is attempting to access another computer
  • How should you respond to security threats?
    • Strong passwords
    • Use security programs
  • How should organizations respond to security threats?
    • Security Policy: Set by senior management
    • Risk Management: Balancing trade off b/t risk and cost
  • How can technical safeguards protect against security threats?
    • Identification and Authentication
      • Usernames and Passwords
      • Smartcards: microchip
      • Biometric Authentication: eye scan, fingerprint, veins
    • Encryption: transforming clear text into unintelligible text for secure storage
      • Unlocked with a key
    • Most secure communication over the Internet uses HTTPS
    • Firewalls: prevents unauthorized network access
    • Malware Protection
      • Malware: Virus, Trojan horse, worm, spyware, adware
      • Safeguards
        • Install antivirus/antispyware programs
        • Scan computer frequently
        • Update Malware Definitions
        • Open emails attachments only from known sources
        • Install software updates
        • Browse only in reputable Internet neighborhoods
      • How can data safeguards protect against security threats?
        • Establishing Data Safeguards, Data Administration, Data Administration
        • Protecting sensitive data by storing it in encrypted form
        • Physical security
      • How can human safeguards protect against security threats?
        • Human safeguards: People and procedure components of information systems
          • Position definitions: job descriptions that determine how much power an employee has within IS
          • Hiring and Screening: background checks for people working around IS
          • Teaching: showing employees the security policies, procedures, & responsibilities
          • Termination: Deleting access to company data before letting them know they’ve been let go
        • Account Administration
          • Account Management: Creation of new user accounts, modification of account permissions and removing unneeded accounts
            • Unneeded accounts are a huge security threat
          • Password Management
            • Change passwords frequently, don’t disclose changes in plaintext emails
          • Help-Desk Policies
            • Security questions
          • How should organizations respond to security incidents?
            • Establish incident response plans
            • Run fake disasters to prepare for real situation

Advanced persistent threat (APT) - a sophisticated, possibly long running computer hack that is perpetuated by large, well-funded organizations like governments; APTs are a means to engage in cyberwarfare

Adware - programs installed on the user’s computer without the user’s knowledge or permission that reside in the background and unknown to the user, observe the user’s actions and keystrokes, modify computer activity, and report the user’s activities to sponsoring organizations; most adware is benign in that it does not perform malicious acts or steal data; it does, however water user activity and produce pop-up ads

Asymmetric encryption - an encryption method whereby different keys are used to encode and to decode the message; one key encodes the messages, and the other key decodes the message; slower and more complicated than symmetric

Authentication - the process whereby an information system verifies a user

Biometric authentication - the user of personal physical characteristics (fingerprints, facial features, and retinal scans) the authenticate users

Brute force attack - a password-cracking program that tries every possible combination of characters

Cookies -

Denial of service (DOS) - security problem in which users are not able to access an information system; can be caused by human errors, natural disaster, or malicious activity

Email spoofing - phishing; technique for obtaining unauthorized data that uses pretexting via email; phisher pretends to be a legit company and sends email requests for confidential data; direct traffic to their sites under the guise of a legit business

Encryption - the process of transforming clear text into coded, unintelligible text for secure storage or communication

Firewall - computing devices located between public and private networks that prevent unauthorized access to or from the internal network; a firewall can be a special-purpose computer or it can be a program on a general purpose computer or on a router

Hacking - a form of computer crime in which a person gains unauthorized access to a computer system. although some people hack for the sheer joy, other hackers invade systems for malicious purposes - stealing or modifying data

https - indication that a web browser is using the SSL/TLS protocol to provide secure communications

Identification - the process whereby an information system identifies a user by requiring the user to sign on with a username and password

Internal firewalls - firewalls that sit inside the organizational network

IP spoofing - a type of spoofing whereby an intruder uses another site’s IP address as if it were that other site

Key - a number used to encrypt data; encryption algorithm applies the key to the original message to produce the coded message;

Key escrow - a control procedure whereby a trusted party is given a copy of a key used to encrypt database data

Key loggers - malicious spyware that captures keystrokes without the user’s knowledge; used to steal usernames, passwords, account numbers, and other sensitive data

Malware - viruses, worms, trojan horses, spyware, and adware

Perimeter firewall - a firewall that sits outside the organizational network - first device internet traffic encounters

Personal identification number (PIN) - a form of authentication whereby the user supplies a number that only he or she knows

Phishing - a technique for obtaining unauthorized data that uses pretexting via email

Pretexting - deceiving someone over the internet by pretending to be another person

Public key encryption - a special version of asymmetric encryption on the internet; such ip addresses are assigned to major institutions in blocks by the ICANN - unique across all computers over the internet

Smart cards - plastic cards similar to credit cards that have microchips; holds more data than a magnetic strip; requires a PIN

Sniffing - a technique for intercepting computer communications; with wire networks - requires a physical connection the network; wireless - no connection required

Spoofing - when someone pretends to be someone else with the intent of obtaining unauthorized data

Spyware - programs installed on the user’s computer without the user’s knowledge or permission that reside in the background and unknown to the user

SQL injection attack - the situation that occurs when a user obtains unauthorized access to data by entering a SQL statement into a form in which one is supposed to enter a name or other data; if the program is improperly designed, it will accept this statement and make it part of the SQL command that it issues to the DBMS

Symmetric encryption - an encryption method whereby the same key is used to encode and to decode the message

Trojan horses - viruses that masquerade as useful programs or files; typical trojan horse appears to be a computer game, an MP3 file, etc

Usurpation - occurs when unauthorized programs invade computer system and replace legit programs; shut down the system and substitute with their own processing to spy, steal, manipulate data or achieve other purposes

Virus - a computer program that replicates itself

Wardrivers - people who use computers with wireless connections to search for unprotected wireless networks

Worm - a virus that propagates itself using the internet or some other computer network; worm code is written specifically to infect another computer as quickly as possible

Chapter 11 - 3

  • What are the functions and organization of the IS department?
    • CIO heads the IT department
      • Technology department (Headed by CTO)
        • Evaluate new technologies, new ideas, and new capabilities
      • Operations department
        • Manage the computing infrastructure, including individual computers, in-house server farms, networks, and communications media
      • Development department
        • Manages the process of creating new information systems and maintaining old ones
      • Outsourcing Relations
        • Negotiate outsourcing deals, and keep up with progress from outsourcing firm
      • Data Administration
        • Protect data and information assets within a company
      • How do organizations plan the use of IS?
        • Align information systems with organizational strategy
          • CIO and IS dept. must constantly be vigilant to align IS w/ the org. strategy
        • Communication
          • CIO and IS dept. need to communicate concerns and issues with Execs
        • Sponsor a steering committee
          • Steering Committee: Group of senior managers from different business functions that work with the CIO to set the IS priorities
          • Incorporates more of the business with the IT side
        • What are the advantages and disadvantages of outsourcing?
          • Advantages:
            • Management Expertise
              • Hiring a company that devotes itself to a function means that you will get experts performing their duty for the company
            • Costs
              • It is cheaper to outsource than to hire internally
            • Risk reduction
              • Outsourcing puts a cap on financial risk
              • Outsourcing can reduce risk by ensuring a certain level of quality
              • Risk is given to the vendor
            • Disadvantages
              • Lose of control
                • Outsourcing involves giving up a business function to an outside vendor
                • This loss can include intellectual capital
              • No Easy Exit
                • It’s hard to leave a vendor who controls major facet of your business
              • What are your user rights and responsibilities?
                • Rights:
                  • Necessary computing resources
                  • Reliable Internet services
                  • Secure computing environment
                  • Right to participate in requirements meetings for new applications
                  • Reliable systems development
                • Responsibilities:
                  • Follow security and backup procedures
                  • Using the computer in a manner consistent w/ employer policy
                  • Install updates and fixes
                  • Treat them professionally

Chief information officer (CIO) - the title of the principal manager of the IS department

Chief technology officer (CTO) -the head of the technology group; filters new ideas and products to identify those that are most relevant to the organization; requires deep knowledge of information technology and the ability to envision how new IT could affect an organization over time

Green computing - environmentally conscious computing consisting of three major components: power management, virtualization, and e-waste management

Outsourcing - the process of hiring another organization to perform a service; save costs, to gain expertise, and to free up management time

Steering committee - a group of senior managers from a company’s major business functions that works with the CIO to set the IS priorities and decide among major IS projects and alternatives

Chapter 12 and CE-17 - 7

  • What is systems development?
    • Process of creating and maintaining information systems
    • Involves all five components (hardware, software, data, people, procedures)
  • Why is systems development difficult and risky?
    • Requirements are difficult to determine
      • Broad and detailed requirements must be established
      • Requirements change as the system is developed making it at least a little bit obsolete by the time it is completed
        • The longer the project, the more the requirements change
      • Scheduling and budgeting are hard to determine when requirements aren’t adequately established
      • Technology is constantly changing (obsolete)
    • Diseconomies of scale: Development teams must remain small enough for productivity to be high
    • Is it really so bleak?
  • What are the five phases of the SDLC?
    • Systems Definition
    • Requirements Analysis
    • Component Design
    • Implementation
    • Maintenance
  • How is system definition accomplished?
    • Assess Feasibility
      • Cost: Assessment of the cost of the project
      • Schedule: Mapping out the timetable of the project
      • Technical: Determining if the project requires a higher level of Information Technology available
      • Organizational: Determining if the new system fits the organization’s customer, culture, charter or legal requirements
    • If the project is feasible, form a project team
      • Team includes business analysts (Business) and systems analysts (IT)
    • What is the users’ role in the requirements phase?
      • Determining Requirements
        • Requirements are the contents and format of Web pages and the functionality
      • Prototypes
        • Building a prototype helps to discover positives and negatives of the project while working on it
      • How are the five components designed?
        • Hardware design
          • Determining hardware specifications; where to store data
        • Software design
        • Procedure design
          • System developers must determine procedures for development team and users
        • Job descriptions
          • Development team must determine the role of each member of the team and how to divvy up the work
        • How is an information system implemented?
          • System Testing
            • Test Plan: sequences of actions that users will take when using the new system
            • PQA: personnel construct the test plan and work with users
            • Beta Testing: Allowing users to work with an early version of the project
          • System Conversion: Converting business activity from the old system to the new one
            • Pilot: Implementing the entire system on a limited portion of the business
            • Phased: Implementing the new system across the entire organization
            • Parallel: New system runs in parallel with the old one until the new one is fully functional
            • Plunge: The organization turns off the old system and starts the new system
          • What are the tasks for system maintenance?
            • Patch: Group fixes for high-priority failures in the software
            • Making sure things are running smoothly
          • What are some of the problems with the SDLC?
            • SDLC Waterfall: SDLC can’t be completed step-by-step; backtracking is necessary
            • Requirements Documentation Difficulty
              • Documenting too much (Analysis Paralysis) vs. too little
            • Scheduling and Budgeting Difficulties

Analysis paralysis - when so much time is spent documenting project requirements that the project comes to a halt

Beta testing - the process of allowing future system users to try out the new system on their own; used to locate program failures just prior to program shipments

Brooks’ Law - the famous adage that states: Adding more people to a late project makes the project later; is true not only because a large staff requires increased coordination but also because new people need to be trained; the only people who can train the new employees are the existing team members, who are taken off productive tasks - costs can overwhelm benefits

Business analyst - a person who understands business strategies, goals, and objectives and who helps businesses develop and manage business processes and IS

Component design - the third phase in the SDLC, in which developers determine hardware and software specifications, design the database (if applicable), design procedures, and create job descriptions for users and operations personnel

Cost feasibility - an assessment of the cost of an IS development project that compares estimated costs the values delivered; can also compare the estimated costs to the available budget

Implementation - phase following the design phase consisting of tasks to build, test, and convert users to the new system

Maintenance - to fix the system to do what it was supposed to do in the first place or to adapt the system to a change in requirements

Organizational feasibility - whether an information system fits within an org’s customer, culture, and legal requirements

Parallel installation - a type of system conversion in which the new system runs in parallel with the old one and the results of the two are reconciled for consistency; parallel installation is expensive because the org incurs the costs of running both systems, but it is the safest form of installation

Patch - a group of fixes for high priority failures that can be applied to existing copies of a particular product; software vendors supply patches to fix security and other critical problems

Phased installation - a type of system conversion in which the new system is installed in pieces across the organization; one a given piece works, then the org installs and tests another piece of the system

Pilot installation - a type of system conversion in which the org implements the entire system on a limited portion of the business; advantage of this is that if the system fails, the failure is contained within a limited boundary; reduces exposure of the business and also protects the new system from developing a negative rep through the org

Plunge installation - system conversion in which the org shuts off the old system and starts the new system; if new system fails, the orf is in trouble; nothing can be done until either the new system is fixed of the old system is reinstalled - avoid this

Requirements analysis - the second phase in the SDLC, in which developes conduct user interviews; evaluate existing systems; determine new forms/reports/queries; identify new features and functions including security and create the data model

Schedule feasibility - whether an IS will be able to be developed on the timetable needed

Service packs - a large group of fixes that solve low priority software problems; users apply service packs in much the same way that they apply patches except these can fixes thousands of problems

System conversion - the process of converting business activity from old to new system

System definition - the first phase in the SDLC, developers with the help of users define the new system’s goals and scope, assess its feasibility, firm a project team, and plan the project

Systems analyst - IS professionals who understand both business and technology; they are active throughout the systems development process and play a key role in moving the project from conception to conversion and maintenance; integrate the work of programmers, testers, other team members, and users;

Systems development - the process of creating and maintaining information systems

Systems development life cycle (SDLC) - the classical process used to develop information systems; the basic tasks are combined into the following phases: systems definition, requirements analysis, component design, implementation, and system maintenance;

Technical feasibility - whether existing information technology will be able to meet the needs of a new IS

Test plan - groups of action and usage sequences for validating the capability of new using software

Waterfall -used to describe the nature of the SDLC, refers to the idea that system development operates in a sequence of nonrepetitive phases

  • Why is the SDLC losing credibility?
  • What are the principles of agile development methodologies?
  • What is the scrum process?
    • Scrum essentials
    • When are we done?
    • Key roles
  • How do requirements drive the scrum process?
    • Creating requirements tasks
    • Scheduling tasks
    • Committing to finish tasks
    • Hocus-pocus?

Agile development - an adaptive project management process based on the principles listed; can be used for the management of many types of projects - IS development

Just-in-time design - rather than design the complete, overall system at the beginning, only those portions of the design that are needed to complete the current work are done; common for agile development techniques such as scrum

Paired programming - the situation in which two computer programmers share the same computer and develop a computer program together

Product owner - on a scrum project, the business professional who provides the requirements and is available for clarification and testing; the only person on a scrum team who has the authority to add, delete, or change requirements and their priority

Scrum master - an expert in scrum processes whose function is to keep the development process on track and to protect team members from external distractions and influences

Stand-up - in scrum, a 15-min meeting in which each team member states what he or she has done in the past day, what he or she will do in the coming day, and any factors that are blocking his or her progress

Velocity - in scrum, the total number of points of work that a team can accomplish in each scrum period

Waterfall method - the assumption that one phase of the SDLC can be complete in its entirety and the project can progress, without any backtracking, to the next phase of the SDLC - seldom that simple and backtracking is normally required