Professional Documents
Culture Documents
Chapter
1
Information
Systems
in
Business
today
NBA
makes
a
slam
dunk
with
information
technology
Problem:
no
hard
data
usable
in
decision
making
processes,
costly
and
competitive
market
Solutions:
new
system
designed
to
collect
and
organize
data
using
video
clips,
video
tagging
with
descriptive
categories,
streaming
=
Innovation
and
improving
Business
Challenge
management
+
organization
+
technology
Informaton
System
Business
Solution
Role
of
IS
in
business
today
Capital
investment
in
IT,
hardware,
software,
communication
equipment,
grew
from
32%
to
52%
of
all
invested
capital
between
1980
and
2009
because
better
ROI
(return
on
investment).
As
manager
know
how
to
invest
this
money
wisely
on
IS
and
technology.
How
are
IS
transforming
business?
Increased
wireless
technology
use,
web
sites
Increased
business
use
of
web
2.0
tech
Cloud
computing,
mobile
digital
platform
allow
more
distributed
word,
decision-
making,
and
collaboration
Mobile
phones,
e-mail,
online
conferencing
(5
billion
cell
phone
subscribers
worldwide)
Why
are
more
parcels
distributed?
Just
in
time
production,
Lean
production,
As
little
inventory
as
possible
3
interrelated
changes
in
technology
(accuracy,
speed,
richness
of
decision
making)
1. Emerging
mobile
digital
platform
(desktop
PC
mobile
device
to
coordinate
work,
communicate,
provide
info
for
decision
making)
2. Growth
of
online
software
as
a
service
/SAAS
(wikis,
Web
2.0,
collaboration
tools
better
and
faster
decisions,
online
teams
and
projects
Input
(captures
raw
data)
Processing
(Classify,
Arrange,
Calculate)
(converts
raw
data
into
meaningful
form)
Output
(transfers
processed
information
to
people
or
activities
that
use
it)
Feedback
(output
returned
to
appropriate
members
of
organization
to
help
evaluate
or
correct
input
stage)
!
Computers
and
Software
are
only
part
of
an
IS!
(
=
technical
foundation
and
tools)
1.
2.
3.
Organizational
dimension
IS
=
integral
part
Key
elements:
people,
structure,
business
processes,
politics,
culture
Different
levels/specialties,
hierarchy
or
pyramid
structure
o Upper
level:
managerial,
professional,
technical
employees
o Lower
level:
operational
personnel
o Senior
Mgt.:
long-term
strategic
decisions,
financial
performance
o Middle
Mgt.:
carries
out
programs
and
plans
o Operational
Mgt.:
monitoring
daily
activities
Management
Make
decisions,
formulate
action
plans,
solve
organizational
problems
Perceive
business
challenges
,
strategy
to
respond,
allocate
resources
Creative
work
driven
by
knowledge
and
information
(new
products,
recreate
organization))
Information
Technology
(IT)
Computer
hardware
(input,
processing,
output,
several
linked
devices)
Computer
software
(details,
preprogrammed
instructions
to
control/coordinate)
Data
management
technology
(sotware
governing
organization
of
data
and
storage
media)
Networking
and
telecommunications
technology
(devices
and
software
linking
hardware
and
transferring
data)
o Network
links
computers
to
share
data
and
resources
(e.g.
printer)
o Internet
=
network
of
networks
(technology
platform)
o WWW
=
service
provide
by
Internet
All
these
technologies
=
resources
=
IT
infrastructure
IT
infrastructure
=
foundation
to
build
IS
(carefully
design
and
manage)
UPS
Package
Tracking
System
Organized
in
sales
and
production
functions
(delivery
is
the
product/service)
Procedures
for
identifying
packages,
inventory,
tracking
en
route,
status
reports
Also
provide
information
to
satisfy
needs
of
managers
and
workers
Trained
to
use
the
system
=
effective
+
efficient
Management:
monitors
service
level
and
costs
for
promoting
strategy
(low
costs,
high
service)
Decision
to
use
computer
systems
increase
ease
for
sending
and
updating,
reducing
costs,
increasing
sales
Technology:
handheld
computers,
bar
code
scanners,
communication
networks,
desktop
PCs,
data
center,
storage
technology,
tracking
software,
software
for
WWW
access
Business perspective
Business
information
value
chain
Raw
data
acquired
and
transformed
through
stages
that
add
value
to
that
information
Value
of
information
system
determined
in
part
by
extent
to
which
it
leads
to
better
decisions,
greater
efficiency,
and
higher
profits
An
IS
represents
an
organizational
and
management
solution,
based
on
IT,
to
a
challenge
or
problem
posed
by
the
environment.
PROFITABILITY
Complementary assets
Contemporary Approaches to IS
Multidisciplinary
field
IS
=
sociotechnical
systems
(machines,
devices,
physical
tech,
social,
organizational,
intellectual
investments
Technical
approach
Emphasizes
mathematically
based
models
Computer
science
(computability,
data
storage
+
access),
management
science,
operations
research
(transportation,
inventory
control,
transaction
costs)
Behavioral
approach
(development,
long-term
maintenance)
Behavioral
issues
(strategic
business
integration,
implementation,
design..)
Psychology
(human
perceive
and
use),
economics
(production,
dynamics
market)
,
sociology
(groups)
o IST
stimulus
for
behavioral
problem/issue
o Changes
in
attitudes,
management,
organizational
policy,
behavior
Four
main
actors
Suppliers
of
hardware
and
software
(technologists)
Business
firms
(investments,
seeking
value)
Managers
and
employees
Firms
environment
(legal,
social,
cultural
context)
Management
Information
Systems
(MIS)
o Combines
computer
science,
management
science,
operations
research
and
practical
orientation
with
behavioral
issues
Sociotechnical
view
Optimal
organizational
performance
achieved
by
jointly
optimizing
both
social
and
technical
systems
used
in
production
(technic
and
behavior)
Helps
avoid
purely
technological
approach
Mutual
adjustment
of
both
technology
and
organization
Chapter
2
Global
E-Business
and
Collaboration
Business Processes
Types of IS
Typical:
different
kinds
of
systems
supporting
processes
for
each
major
business
function
Large-scale
cross-functional
systems,
integrate
related
activities
Different
systems
supporting
decision
making
needs
management
groups
o Transaction
processing
system
o Management
information
system
o Decision-support
system
o System
for
business
intelligence
Management
information
systems
/
MIS
Specific
category
of
IS
to
serve
middle
management,
Are
things
working
well?
Provide
reports
on
firms
current
performance,
based
on
data
from
TPS,
monitor,
control,
predict
future
Provide
answers
to
routine
questions,
predefined
procedure
for
answering
Typically
have
little
analytic
capability,
low
flexibility
Business
intelligence
Class
of
software
applications
(organizing,
analyzing,
providing
access)
Analyze
current
and
historical
data
to
find
patterns
and
trends
and
aid
decision-
making
(long-term)
Used
in
systems
that
support
middle
and
senior
management
o Data-driven
DSS
o Executive
support
systems
(ESS)
Executive
support
systems
Support
senior
management
in
non-routine
decisions
(portal)
Requiring
judgment,
evaluation,
and
insight
Incorporate
data
about
external
events
(e.g.
new
tax
laws
or
competitors)
as
well
as
summarized
information
from
internal
MIS
and
DSS
Example:
Digital
dashboard
with
real-time
view
of
firms
financial
performance:
working
capital,
accounts
receivable,
accounts
payable,
cash
flow,
and
inventory
Enterprise applications
Business
benefits
of
collaboration
and
teamwork
Investments
in
collaboration
technology
can
produce
organizational
improvements
returning
high
ROI
Productivity,
Quality,
Innovation,
Customer
service,
Financial
performance
Requirement:
Building
a
collaborative
culture
and
business
processes
Command
and
control
organizations
(no
value
placed
on
teamwork
or
lower-
level
participation
in
decisions,
vertical
communication)
Collaborative
business
culture
o Senior
managers
rely
on
teams
of
employees
o Policies,
products,
designs,
processes,
systems
rely
on
teams
o Managers
purpose
is
to
build
teams,
giving
reward
to
teams,
and
indiv.
Tools
+
Technology
for
collaboration
and
teamwork
Social
Networking
Wikis
Information
systems
department
Formal
organizational
unit
responsible
for
information
technology
services
Headed
by
chief
information
officer
(CIO)
Other
senior
positions
include
chief
security
officer
(CSO),
chief
knowledge
officer
(CKO),
chief
privacy
officer
(CPO)
Programmers
(trained
technical,
specialists,
software
instructions)
Systems
analysts
(translate
business
problems
into
IS)
Information
systems
managers
(leaders
of
teams,
analysts,
project
managers,
facility
managers,
,
database
specilists)
End
users
Representatives
of
other
departments
for
whom
applications
are
developed
Increasing
role
in
system
design,
development
IT
Governance
Strategies
and
policies
for
using
IT
in
the
organization
Specifies
decision
rights
and
framework
for
accountability
Organization
of
information
systems
function
(centralized,
decentralized,
ROI,
monitoring
etc.)
Being
able
to
use
IT
efficiently
and
effectively
has
become
more
and
more
essential
to
a
business
success.
Chapter
3
Information
Systems,
Organizations,
and
Strategy
What
is
an
Organization?
Technical
definition:
o Stable,
formal
social
structure
that
takes
resources
from
environment
and
processes
them
to
produce
outputs
o 3
elements:
Capital
+
labor
production
factors
from
environment;
transformation
from
organization
into
products/services;
outputs
consumed
by
environment
o Formal
legal
entity
with
internal
rules
and
procedures,
as
well
as
a
social
structure
Behavioral
definition:
(more
realistic)
o Collection
of
rights,
privileges,
obligations,
and
responsibilities
that
is
delicately
balanced
over
a
period
of
time
through
conflict
and
conflict
resolution
o Working
people
develop
customary
ways
of
working,
attachments
to
existing
relationships,
arrangements
with
subordinates
and
superiors
about
how
to
work,
amount,
conditions
(informal)
Relation
to
IS:
technical
view:
easy
to
change
arrangement
of
workers
and
machines,
substitution
capital
and
labor;
but
behavior:
IS
change
balance
of
rights,
privileges,
obligations,
responsibilities,
feelings
time
and
resources
technical
behavioral
Features
of
Organizations
Use
of
hierarchical
structure
(specialists)
Accountability,
authority
in
system
of
impartial
+
universal
decision
making
(abstract
rules
or
procedures)
Promote
employees
on
basis
of
technical
qualification
+
professionalism
Adherence
to
principle
of
efficiency
(may
output,
min
input)
Routines
and
business
processes
Organizational
politics,
culture,
environments
and
structures
Routines
and
business
processes
o Routines
(standard
operating
procedure
SOP):
precise
rules,
procedures
and
practices
developed
tocope
with
all
expected
situations
productive/efficient
o Business
processes:
Collections
of
routines
o Business
firm:
Collection
of
business
processes
Organizational
politics
o Divergent
viewpoints
lead
to
political
struggle,
competition,
and
conflict
o Political
resistance
greatly
hampers
organizational
change
Organizational
culture
o Taken
for
granted,
Encompasses
set
of
assumptions
that
define
goal
and
product
(What
products
the
organization
should
produce,
how
and
where,
for
whom)
o May
be
powerful
unifying
force
as
well
as
restraint
on
change
Organizational
Environments
o Organizations
and
environments
have
a
reciprocal
relationship
o Open
to,
and
dependent
on,
the
social
and
physical
environment
o Organizations
can
influence
their
environments
o Environments
generally
change
faster
than
organizations
(new
products,
public
tastes,
values,
political
conflict,
raised
by
changes,
threat
to
closely
held
cultural
values,
inhibit
to
make
significant
changes)
o Information
systems
can
be
an
instrument
of
environmental
scanning,
act
as
a
lens
Disruptive
technologies
Technology/business
innovation
radical
change
in
business
landscape
+
environment
(industries
+
markets)
Substitute
product,
working
much
better
than
current
product
(e.g.
iPods)
Industries
put
out
of
business,
extended
market
,
low-cost
competitors
Riding
with
the
wave
(create
technology),
adapt
business,
others
become
obsolete,
no
firms
benefit
only
customer
First
movers,
fast
followers
Organizational
Structure
(5
basic
kinds)
o Entrepreneurial
o Machine
bureaucracy
o Divisionalized
bureaucracy
o Adhocracy
Economic impacts
X=
cost
Y=size
Internet
and
organizations
Internet
increases
accessibility,
storage,
distribution
of
information
+
knowledge
for
organizations
Internet
can
greatly
lower
transaction
and
agency
costs
(distribution
manuals,
instant
price
info,
sales
info
+
replenishment
orders)
Simpler
business
processes,
fewer
employees,
flatter
organizations
IS
Design
consider:
Environment
Structure
(hierarchy,
routines,
business
processes)
Culture
and
politics
Organization
type,
leadership
style
Main
interest
groups
affected
by
system,
attitudes
of
end
users
Tasks,
decisions,
business
process
the
system
will
assist
Analyzing
various
stages
candidate
applications
of
IS
Decide
which
to
develop
first,
making
improvement
in
own
value
chain
Value
Web
(Extending
Value
Chain)
Collection
of
independent
firms
using
highly
synchronized
IT
to
coordinate
value
chains
to
produce
product
or
service
collectively
(industrial
standards,
higher
entry
costs,
lesser
substitution,
increase
efficiency,
networks))
Strategic
advantage:
link
own
value
chain
with
vc
of
other
partners
(Amazon:
Marketplace,
quick
paying,
shipment
system,
tracking)
More
customer
driven,
less
linear
operation
than
traditional
value
chain
Value
web
=
highly
synchronized
industry
value
chains,
flexible
+
adaptive
to
changes
in
supply/demand,
accelerate
time
to
market
+
customers
Synergies
Output
of
some
units
used
as
inputs
to
others,
organizations
pool
markets
and
expertise
Lower
costs,
generate
profits
(e.g.
merging
banks)
IT:
tie
together
operations
of
disparate
business
units
(act
as
whole)
Enhancing
core
competencies
Activity
for
which
firm
is
world-class
leader
Relies
on
knowledge,
experience,
and
sharing
this
across
business
units
Enhance
existence,
help
employees
become
aware
of
external
knowledge,
leverage
to
related
markets
Example:
Procter
&
Gambles
InnovationNet
and
directory
of
subject
matter
experts
Network-based
strategies
Take
advantage
of
firms
abilities
to
network
with
each
other
Include
use
of:
network
economics,
virtual
company
model,
business
ecosystems
Traditional
economics:
Law
of
diminishing
returns
o The
more
any
given
resource
is
applied
to
production,
the
lower
the
marginal
gain
in
output,
until
a
point
is
reached
where
the
additional
inputs
produce
no
additional
outputs
Network
economics:
o Marginal
cost
of
adding
new
participant
almost
zero,
with
much
greater
marginal
gain
o Value
of
community
grows
with
size
(e.g.
communities
customer
loyalty,
enjoyment)
Management Issues
Sustaining
competitive
advantage
Because
competitors
can
retaliate
and
copy
strategic
systems,
competitive
advantage
is
not
always
sustainable;
Systems
may
become
tools
for
survival,
required
to
stay
in
business
Globalization:
even
more
rapid
changes,
unpredictable
Aligning
IT
with
business
objectives
a. The
more
successfully
a
firm
can
align
IT
with
business
goals,
the
more
profitable
it
will
be
b. Only
one
quarter
of
firms
achieve
this
alignment
because
IT
takes
life
of
its
own,
doesnt
serve
management
interest,
instead
of
shaping
IZ
to
enterprise,
often
ignored
and
worked
around
Performing
strategic
systems
analysis
What
is
structure
of
industry?
competitive
forces,
new
entrants,
relative
power
of
suppliers,
customers,
substitute
products,
services,
prices
What
are
value
chains
for
this
firm,
businesses,
industry?
value
for
customer,
lower
prices,
better
quality,
using
best
practices,
maximum
advantage
of
SCM
+
CRM,
ERP,
leverage
core
competencies,
changes
beefit
or
harming,
strategic
partnerships,
value
webs,
where
greatest
value
of
IS
IT
aligned
with
business
strategy
and
goals?
correctly
articulated,
IT
improving
right
bp,
right
metrics
to
measure
Managing
strategic
transitions
Chapter
4
Ethical
and
Social
Issues
in
Information
Systems
Understanding
Ethical
and
Social
Issues
Lapses
in
management
ethical
and
business
judgment
Judges
sentence
executives
based
on
the
monetary
vale,
prevention,
hide
the
crime,
failure
to
corporate
Past
companies
often
paid
for
employees
in
civil
charges,
now
firms
cooperate
with
prosecutors
to
reduce
charges
against
entire
firm
Decide
as
a
manager
and
employee
about
ethical
and
legal
conduct
Ethics
=
principles
of
right
and
wrong
to
guide
behaviors
(free
moral
agents)
IS
opportunity
for
intense
social
change,
threatening
existing
distributions
of
power,
money,
right,
obligations,
new
kinds
of
crime
Used
to
achieve
social
progress,
commit
crimes,
threaten
social
values
(benefits
+
costs)
Concerns
about
appropriate
use
of
customer
information,
protection
privacy,
intellectual
property
Accountability
for
consequences
of
IS?,
standards?
Model
for
thinking
about
ethical,
social,
political
issues
Society
=
calm
pond
with
individuals,
institutions,
rules,
laws
New
IT:
rock
ripple
effect
raising
issues
5
moral
dimensions
of
the
information
age:
o Information
rights
and
obligations
(possessing,
protecting)
o Property
rights
and
obligations
(easy
ignoring,
protecting)
o System
quality
(standards
of
data)
o Quality
of
life
(values
reserved,
protect
institutions
from
violation,
cultural
values
and
practices)
o Accountability
and
control
(when
harm
done
to
so.)
time
to
respond
with
etiquette
and
laws
(legal
gray
area)
Ethics
in
Information
Society
Ethics
=
concern
of
humans
who
have
a
freedom
of
choice
Choosing
the
correct
moral
choice
responsibility
(key
element)
Responsibility:
accept
potential
costs,
duties,
obligations
Accountability:
feature
of
systems/social
institutions,
determine
who
is
responsible
Liability:
feature
of
political
systems,
body
of
laws,
permits
indiv.
recover
from
damages
Due
process:
Laws
are
well
known
and
understood,
with
an
ability
to
appeal
to
higher
authorities
You
can/will
be
held
accountable,
recover
through
set
of
laws
by
due
process
Ethical
Analysis
1. Identify
and
describe
clearly
the
facts
2. Describe
conflict
and
dilemma
and
identify
the
higher-order
values
involved
3. Identify
the
stakeholders
4. Identify
the
options
that
you
can
reasonably
take
5. Identify
the
potential
consequences
of
your
options
Ethical
Principles
(after
analysis)
Golden
Rule:
Do
unto
others
as
you
would
have
them
do
unto
you
(putting
yourself
in
the
place
of
others)
Categorical
Imperative
(Immanuel
Kant):
If
an
action
is
not
right
for
everyone
to
take,
it
is
not
right
for
anyone
Rule
of
Change
(Descartes):
If
an
action
cannot
be
taken
repeatedly
it
is
not
right
to
take
at
all.
Utilitarian
Principle:
Take
the
action
that
achieves
the
higher
or
greater
value
Risk
Aversion
Principle:
Take
the
action
that
produces
the
least
harm
or
the
least
potential
cost
Ethical
no
free
lunch
rule:
Assume
that
virtually
all
tangible
and
intangible
objects
are
owned
by
someone
else,
unless
there
is
a
specific
declaration
otherwise
Processional
Codes
of
Conduct
Professionals:
special
rights/obligations,
because
of
special
claims
knowledge,
wisdom,
respect
Codes
of
conduct
promulgated
(verknden)
by
associations
of
professionals
Codes
of
ethics
=
promises
to
regulate
themselves
in
interest
of
society
Real
world
ethical
dilemmas:
set
of
interests
pitted
against
another
EU:
1998
Commissions
Data
Protection
Directive,
costumer
must
consent
before
companies
legally
can
use
data,
disclosure
how
stored
and
used,
no
transfer
to
countries
without
similar
protection
Informed
consent
=
consent
given
with
knowledge
of
all
the
facts
needed
to
make
a
rational
decision
Safe
harbor
framework
=
private
self-regulating
policy
and
enforcement
mechanism,
meets
objectives
of
government
regulators
Internet
Challenges
to
Privacy
Cookies
=small
text
files,
identify
web
browser,
track
visits,
updated,
customize
Combining
data
from
different
sources
detailed
profile
Web
beacons
(Web
bugs)
=
tiny
object
invisibly
embedded
in
e-mail
messages,
to
monitor
behavior
(IP
address,
time,
how
long,
type
of
browser,
cookie
values
Spyware
secretly
install
itself
,
send
banner
ads,
report
activity
on
the
computer
GOOGLE:
used
by
75%
of
internet
users
largest
collection
of
personal
info
Behavioral
targeting:
target
ads
google
search,
gmail,
blogginh,
youtube
etc.
US
businesses
allowed
to
gather
and
use
info
without
informed
consenst
Technical
Solutions
Technologies
to
protect
privcy
(e.g
encryption,
anonymous,
prevent
cookies,
detect
and
eliminate
spyware)
Tools
to
determine
kind
od
extracted
date
P3P
(Platform
for
Privacy
Preferences):
o Allows
Web
sites
to
communicate
privacy
policies
to
visitors
Web
browser
user
o User
specifies
privacy
levels
desired
in
browser
settings
o E.g.
medium
level
accepts
cookies
from
first-party
host
sites
that
have
opt-in
or
opt-out
policies
but
rejects
third-party
cookies
that
use
personally
identifiable
information
without
an
opt-in
policy
Policies
need
to
be
codified
according
to
P3P
rules,
only
works
with
this
web
sites
Challenges
to
intellectual
property
rights
Digital
media
different
from
physical
media
(e.g.
books):
Ease
of
replication,
ease
of
transmission
(networks,
Internet).
Difficulty
in
classifying
software,
Compactness,
Difficulties
in
establishing
uniqueness
Easiy
to
share
files
online,
illegal,
piracy,
normal
for
songs
and
movies
developing
mechanism
to
sell
intellectual
property
legally
Digital
Millennium
Copyright
Act
(DMCA)
makes
it
illegal
to
circumvent
technology-based
protections
of
copyrighted
materials
Accountability,
Liability,
and
Control
Computer-related
liability
problems:
If
software
fails,
who
is
responsible?
If
seen
as
part
of
machine
that
injures
or
harms,
software
producer
and
operator
may
be
liable
If
seen
as
similar
to
book,
difficult
to
hold
author/publisher
responsible
(exception:
fraud,
defamation)
Software
different
from
book:
expectations
of
infallibility,
inspected,
perform
a
task,
people
depend
on
services,
liability
law
extending
to
include
software
System
Quality:
Data
Quality
and
System
Errors
What
is
an
acceptable,
technologically
feasible
level
of
system
quality?
Flawless
software
is
economically
unfeasible
Three
principal
sources
of
poor
system
performance:
o Software
bugs,
errors
o Hardware
or
facility
failures
o Poor
input
data
quality
(most
common
source
of
business
system
failure)
Quality
of
life:
Equity,
access,
and
boundaries
(Negative
social
consequences
of
systems)
Many
not
violations
of
property
crimes,
but
can
be
very
harmful,
potentially
can
destroy
valuable
elements
of
our
culture
and
society,
even
when
the
bring
benefits
Balancing
power:
Although
computing
power
decentralizing,
key
decision-
making
remains
centralized
Rapidity
of
change:
Businesses
may
not
have
enough
time
to
respond
to
global
competition
just
in
time
society,
jobs,
families,
vacations
Maintaining
boundaries:
Computing,
Internet
use
lengthens
work-day,
infringes
on
family,
personal
time
Dependence
and
vulnerability:
Public
and
private
organizations
ever
more
dependent
on
computer
systems
Computer
crime
and
abuse
o Computer
crime:
Commission
of
illegal
acts
through
use
of
compute
or
against
a
computer
system
computer
may
be
object
or
instrument
of
crime
o Computer
abuse:
Unethical
acts,
not
illegal
(e.g.
Spam:
High
costs
for
businesses
in
dealing
with
spam
o Conduct
surveillance
of
employees
and
ordinary
citizens
Employment:
Reengineering
work/redesign
business
processes)
resulting
in
lost
jobs
Equity
and
access
the
digital
divide:
Certain
ethnic
and
income
groups
in
the
United
States
less
likely
to
have
computers
or
Internet
access
Health
risks:
o Repetitive
stress
injury
(RSI):
most
common,
largest
source
is
computer
keyboards,
Carpal
Tunnel
Syndrome
(CTS)
o Back,
neck
pain,
leg
stress,
foot
pain
o Computer
vision
syndrome
(CVS)
eyestrain
condition
o Technostress:
aggravations,
hostility
towards
humans,
impatience,
fatigue
o Role
of
radiation,
screen
emissions,
low-level
electromagnetic
fields
not
been
proved,
unknown
effects
o Digital
technologies
are
damaging
ability
to
think
clearly
and
focus,
try
to
multitask,
concentration,
interruptions
Chapter
5
IT
Infrastructure
and
Emerging
Technologies
IT
Infrastructure
Shared
technology
resources
providing
platform
for
specific
IS
applications
Investment
in
hardware,
software,
services
(consulting,
education,
training)
Foundation
for
serving
customers,
working
with
vendors,
managing
business
process
Set
of
physical
devices
and
software
required
to
operate
enterprise
Set
of
firmwide
services
o Computing
platforms
providing
computing
services
(e.g
desktop
computer,
laptop)
o Telecommunications
services
o Data
management
services
(+analyzing)
o Application
software
services
(ERP,
CRM,
SCM,
KMS)
o Physical
facilities
management
services
o IT
management
(plan
infrastr.
Coordinate
with
BU),
standards
(policies),
education
(training)
,
research
and
development
services
(future
investments)
Service
platform
perspective
more
accurate
view
of
value
of
investments
Evolution
of
IT
Infrastructure
General-purpose
mainframe
&
minicomputer
era:
1959
to
present
o 1958
IBM
first
mainframes
introduced
(centralized)
support
thousands
online
remote
terminals
connected
o 1965
Less
expensive
DEC
minicomputers
(more
decentralized)
Personal
computer
era:
1981
to
present
o 1981
Introduction
of
IBM
PC
o Proliferation
in
80s,
90s
resulted
in
growth
of
personal
software
o Wintel
PC
(95%)
Client/server
era:
1983
to
present
o Desktop
clients
networked
to
servers,
with
processing
work
split
between
clients
and
servers
o Network
may
be
two-tiered
or
multitiered
(N-tiered)
o Various
types
of
servers
(network,
application,
Web)
o Smaller,
inexpensive
machines,
costs
less,
computing
power
explosion
Technology
drivers
of
infrastructure
evolution
Moores
law
and
microprocessing
power
o Computing
power(2)/microprocessing
power
(1)
doubles
every
18
months;
the
price
for
computing
falls
by
half
every
18
months
(3)
o Nanotechnology:
Shrinks
size
of
transistors
to
size
comparable
to
size
of
a
virus,
width
of
several
atoms
Law
of
Mass
Digital
Storage
o The
amount
of
data
being
stored
each
year
doubles
o Cost
is
falling
at
an
exponential
rate
of
100%/year
Metcalfes
Law
and
network
economics
o Value
or
power
of
a
network
grows
exponentially
as
a
function
of
the
number
of
network
members
o As
network
members
increase,
more
people
want
to
use
it
(demand
for
network
access
increases)
Declining
communication
costs
and
the
Internet
o An
estimated
1.8
billion
people
worldwide
have
Internet
access
o As
communication
costs
fall
toward
a
very
small
number
and
approach
0,
utilization
of
communication
and
computing
facilities
explodes
fimrs
greatly
expand
Internet
connections,
power
of
their
networks
Technology
standards
and
network
effects
o Specifications
that
establish
the
compatibility
of
products
and
the
ability
to
communicate
in
a
network
o Unleash
powerful
economies
of
scale
and
result
in
price
declines
as
manufacturers
focus
on
the
products
built
to
a
single
standard
o E.g.
Win
OS,
Microsoft
office,
Unix
(enterprise
server),
Ethernet,
TCP/IP
7
main
IT
Infrastructure
components
1. Computer
hardware
platforms
(Dell,
IBM,
Sun,
HP;
Apple,
Linux)
o Client
machines
and
servers
(blade
servers:
ultrathin
computers
stored
in
racks)
o Mainframes:
IBM
mainframe
equivalent
to
thousands
of
blade
servers
o Top
chip
producers:
AMD,
Intel,
IBM
o Top
firms:
IBM,
HP,
Dell,
Sun
Microsystems
2. Operating
system
platforms
(Windows
75%
server
90%
clients,
Unix
+
Linux
-
25%
server,
Mac
OS
X,
Google
Chrome
cloud
computing,
iOs,
Android
for
handheld
devices)
3. Enterprise
software
applications
(SAP,
Oracle,
middleware
provider:
BEA,
Microsoft)
4. Data
management
and
storage
(IBM
DB2,
Oracle,
Microsoft
SQL
Server,
Sybase,
MySQL)
o Data
management
software:
responsible
for
organizing/managing
data,
efficiently
accessed
and
used
o Physical
Data
Storage:
EMC
Corp.
(large
scale),
Seagate,
Maxtor,
WD)
o Storage
area
networks
(SANs):
Connect
multiple
storage
devices
on
dedicated
network
5. Networking/telecommunications
platforms
(Linux,
Novell,
Cisco,
Alcatel-Lucent)
o Telecommunication
services
(cable,
telephones,
voice
lines,
Internet)
o Network
Operating
Systems
(Windows
Server,
Unix
)
o Network
hardware
providers
(Cisco,
Alcatel)
6. Internet
platforms
(Apache,
Unix,
Cisco,
Java)
o Hardware,
software,
management
services
to
support
company
Web
sites,
(including
Web
hosting
services)
intranets,
extranets
o Trend
to
server
consolidation,
reducing
number
by
increasing
power
o Internet
hardware
server
market:
Dell,
HP/Compaq,
IBM
o Web
development
tools/suites:
Microsoft
(FrontPage,
.NET)
IBM
(WebSphere)
Sun
(Java),
independent
software
developers:
Adobe,
RealMedia
7. Consulting
system
integration
services
(IBM,
EDS,
Accenture)
o Consulting
and
system
integration
services
o Even
large
firms
do
not
have
resources
for
a
full
range
of
support
for
new,
complex
infrastructure
o Software
integration:
ensuring
new
infrastructure
works
with
legacy
systems
o Legacy
systems:
older
Transaction
Processing
Systems
created
for
mainframes
that
would
be
too
costly
to
replace
or
redesign
7
Contemporary
Hardware
Platform
Trends
The
emerging
mobile
digital
platform
Cell
phones,
smartphones
with
data
transmission,
web
surfing,
e-mail,
and
IM
Netbooks,
low-cost
lightweight
notebooks
optimized
for
wireless
communication
and
core
computing
tasks
Tablets
and
networked
e-readers
Grid
computing
Connects
geographically
remote
computers
into
a
single
network
to
combine
processing
power
and
create
virtual
supercomputer
Provides
cost
savings,
speed,
agility
Virtualization
Allows
single
physical
resource
to
act
as
multiple
resources
(i.e.,
run
multiple
instances
of
OS)
Allows
multiple
physical
resources
to
appear
as
a
single
logical
resource
Reduces
hardware
and
power
expenditures,
facilitates
hardware
centralization,
higher
utilization
rates
Cloud
computing
On
demand
self
service
obtained
over
network
Ubiquitous
network
access
using
standard
network
and
internet
devices
Location
independent
resource
pooling
Rapid
elasticity
to
meet
changing
user
demand
Chapter
6
Foundations
of
Business
Intelligence:
Database
and
Information
Management
File
organization
concepts
Field:
Group
of
characters
as
word(s)
or
number
o Describes
an
entity
(person,
place,
thing
on
which
we
store
information)
o Attribute:
Each
characteristic,
or
quality,
describing
entity
Record:
Group
of
related
fields,
describing
entitiy
File:
Group
of
records
of
same
type
Database:
Group
of
related
files
Problems
with
traditional
file
environment
Traditional
approach:
files
maintained
separately
by
different
departments
with
unique
data
files
and
own
applications
Data
redundancy:
Presence
of
duplicate
data
in
multiple
files,
waste
storage
res.
Data
inconsistency:
Same
attribute
has
different
values,
or
names,
coding
systems
Program-data
dependence:
When
changes
in
program
requires
changes
to
data
accessed
by
program,
other
programs
dont
work
anymore
Lack
of
flexibility,
only
routine
scheduled
reports,
no
ad
hoc
requests
Poor
security,
not
knowing
who
has
access
and
changes
the
data
Lack
of
data
sharing
and
availability
(no
trust
in
accuracy)
Operations
of
a
Relational
DBMS
(Three
basic
operations
to
develop
useful
sets
of
data)
SELECT:
Creates
subset
of
data
of
all
records
that
meet
stated
criteria
JOIN:
Combines
relational
tables
to
provide
user
with
more
information
than
available
in
individual
tables
PROJECT:
Creates
subset
of
columns
in
table,
creating
tables
with
only
the
information
specified
Understand
organizations
data
and
how
it
should
be
represented
in
a
database
to
serve
business
well
with
your
data
model,
or
the
data
will
be
inaccurate,
incomplete,
and
difficult
to
retrieve!
Using
Databases
to
improve
business
performance
and
decision-making
Keep
track
of
basic
transactions
Provide
information
to
run
business
more
efficiently,
make
better
decisions
Very
large
databases
and
systems
require
special
capabilities,
tools
to
analyze
large
quantities
of
data,
to
access
data
from
multiple
systems
Data
warehousing,
data
mining,
tools
for
accessing
internal
databases
through
web
Data
warehousing
Stores
current
+
historical
data
from
many
core
operational
transaction
systems
Consolidates
and
standardizes
information
for
use
across
enterprise,
but
data
cannot
be
altered
Data
warehouse
system
will
provide
query,
analysis,
and
reporting
tools
E.g.
Catalina
Marketing
largest
loyalty
database
in
the
world,
US
Internal
Revenue
Service
(IRS)
with
Compliance
Data
Warehouse
consolidating
taxpayer
data
from
different
resources
into
relational
structure
(find
out
who
cheats)
Data
marts
Subset
of
data
warehouse,
smaller,
decentralized
Summarized
or
highly
focused
portion
of
firms
data
for
use
by
specific
population
of
users
Typically
focuses
on
single
subject
or
line
of
business,
constructed
more
rapidly,
lower
costs
E.g.
Barnes
and
Noble
point-of-sale,
college
bookstore,
online
sales
Business
Intelligence
Tools
for
consolidating,
analyzing,
and
providing
access
to
vast
amounts
of
data
to
help
users
make
better
business
decisions
(patterns,
relationships,
insights)
Principle
tools
include:
Software
for
database
query
and
reporting,
multidimensional
online
analytical
processing
(OLAP),
data
mining
Online
analytical
processing
(OLAP)
Supports
multidimensional
data
analysis:
Viewing
data
using
multiple
dimensions,
each
aspect
of
information
(product,
pricing,
cost,
region,
time
period)
is
different
dimension
OLAP
enables
rapid,
online
answers
to
ad
hoc
queries
Data
mining
More
discovery
driven
than
OLAP:
finds
hidden
patterns,
relationships
in
large
databases
and
infers
rules
to
predict
future
behavior
Applications
for
all
functional
areas
of
business,
government,
scientific
work
E.g.,
Finding
patterns
in
customer
data
for
one-to-one
marketing
campaigns
or
to
identify
profitable
customers.
Types
of
information
obtainable
from
data
mining
o Associations,
occurrences
linked
to
a
single
event
(coke,
chips,
promotion)
o Sequences,
events
linked
over
time
(house
fridge,
oven)
o Classification,
inferring
set
of
rules,
patterns
that
describe
group
item
belongs
(discover
characteristics
of
customers
who
are
likely
to
leave)
o Clustering,
similar
to
classification
where
no
groups
defined
(partitioning
database
into
groups
of
customers
based
on
demographics)
o Forecasting,
use
series
of
existing
values
to
forecast
what
other
values
will
be
(finding
patterns
to
estimate
future
value
of
continuous
variables)
High
level
analyses
of
patterns
or
trends,
can
also
drill
down
and
provide
more
detail
when
needed
Predictive
analysis:
Uses
data
mining
techniques,
historical
data,
and
assumptions
about
future
conditions
to
predict
outcomes
of
events
(e.g.
probability
a
customer
will
respond
to
an
offer)
Text
mining
Extracts
key
elements
from
large
unstructured
data
sets
(e.g.,
stored
e-mails)
80%
of
organizations
useful
information
Discover
patterns,
relationships,
summarize
New
myriad
ways
unstructured
data
is
generated
by
consumers
and
the
business
uses
for
this
data
Web
mining
Discovery
and
analysis
of
useful
patterns
and
information
from
WWW
(E.g.,
to
understand
customer
behavior,
evaluate
effectiveness
of
Web
site)
Web
content
mining
(Knowledge
extracted
from
content
of
Web
pages)
Web
structure
mining
(E.g.,
links
to
and
from
Web
page)
Web
usage
mining
(User
interaction
data
recorded
by
Web
server)
Databases
and
the
Web
Companies
use
Web
to
make
some
internal
databases
available
to
customers
Typical
configuration
includes:
o Web
server
(accessed
via
web
browser,
client
computer),
o Application
server/middleware/CGI
scripts
(compact
program
using
Common
Gateway
Interface
specification
for
processing
data
on
a
web
server),
translation
HTML
to
SQL,
transfer
information,
handling
all
application
operations
incl.
transaction
processing,
data
access
btw.
Browser
and
database,
takes
requests,
runs
logic
process
transactions,
provides
connectivity
o Database
server
(hosting
DBM)
Managing
Data
Resources
Establishing
an
information
policy
Firms
rules,
procedures,
roles
for
sharing,
managing
(disseminating,
acquiring,
classifying,
inventorying),
standardizing
data/information
Specific
procedures
and
accountabilities
Data
administration:
Firm
function
responsible
for
specific
policies
and
procedures
to
manage
data
as
a
corporate
organizational
resource
(develop
info
policy,
planning
for
data,
overseeing
logical
database
design,
data
dictionary
development,
monitoring
usage)
Data
governance:
Policies
and
processes
for
managing
availability,
usability,
integrity,
and
security
of
enterprise
data,
especially
as
it
relates
to
government
regulations,
promoting
privacy,
security,
quality,
compliance
Database
administration:
Defining,
organizing,
implementing,
maintaining
database;
access
rules,
security
procedures,
performed
by
database
design
and
management
group
Ensuring
data
quality
More
than
25%
of
critical
data
in
Fortune
1000
company
databases
are
inaccurate
or
incomplete
leading
to
incorrect
decisions,
product
recalls,
financial
losses
Most
data
quality
problems
stem
from
faulty
input,
esp.
now
when
companies
move
business
to
web
and
customers/suppliers
enter
data
directly
Before
new
database
in
place,
need
to:
o Identify
and
correct
faulty
data
o Establish
better
routines
for
editing
data
once
database
in
operation
Data
quality
audit:
Structured
survey
of
the
accuracy
and
level
of
completeness
of
the
data
in
an
IS
(Survey
samples/entire
from
data
files,
or
Survey
end
users
for
perceptions
of
quality)
Data
cleansing
(scrubbing):
Software
to
detect
and
correct
data
that
are
incorrect,
incomplete,
improperly
formatted,
or
redundant
o Enforces
consistency
among
different
sets
of
data
from
separate
IS
Chapter
7
Telecommunications,
the
Internet
and
Wireless
Technology
Data
o Microwave:
high
frequencx,
high
vlume,
long
distance,
point
to
point,
fllow
straight
line
(station
every
37
miles)
o Satellites
for
TV
and
Internet
o Cellular
telephones:
radio
waves
+
protocols,
radio
antennas
(towers)
in
cells,
information
passing
from
cell
to
cell
Transmission
speed
(hertz
=
number
of
cycles
per
second,
bandwidth
=
range
of
frequencies
=
difference
between
highest
and
lowest
frequency
on
a
single
channel):
bits
per
second,
function
of
frequency
The
Global
Internet
Connection
by
subscribing
to
Internet
service
provider
(ISP)
with
permanent
connection
selling
temporary
access
Traditional
telephone
line
and
modem
(56.6
kbps),
Digital
subscriber
line
(DSL,
9
Mbps),
cable
(15
mbps),
satellite,
T
lines
(t1
=
1.54
mbps,
t3
=
45
mbps)
international
telephone
standards,
guaranteed
service
levels)
Internet
addressing
and
architecture
Internet
Protocol
(OP)
address
unique
per
computer
(4
stings
of
number,
32
bit)
Decomposed
message
into
packets
with
destination
address
using
TCP
protocol
The
Domain
Name
System
(DNS)
converts
domain
names
to
IP
addresses
o Hierarchical
structure
(top:
root
domains)
o Top-level
domains
(child
of
root),
.com,
.gov,
.edu,
.de
o Second
level
domain:
two
part,
addition
to
top
level
Internet
Architecture
and
Governance
o Transcontinental
high
speed
backbone
networks
owned
by
telephone
companies
(network
service
providers)
and
national
governments
o Local
connections
owned
by
regional
telephone/cable
comp.,
leasing
o Organization
pays
for
own
networks,
local
connections
services,
part
to
long
distance
trunk
line
owners,
individuals
subscription
fee
(flat)
o Payments
not
based
on
heaviness,
volume
network
neutrality
debate
o Network
access
pints
(NAP),
metropolitan
are
exchanges
(MAEs)
=
hubs
ton
intersection
backbone
and
regional/local
networks
o No
formal
management
but
policies
and
influences
by
IAB
(internet
architecture
board),
ICANN
(internet
corporation
for
assigned
names
and
numbers,
assigning
IP
addresses),
W3C
(world
wide
web
consortium,
HTML
standards)
o Goal
keeping
internet
operating
efficiently,
conform
to
laws
of
the
sovereign
nation-states,
technical
infrastructures
The
Future
Internet:
IPv6
(more
possibilities,
128bit)
and
Internet2
(=
Next
Generation
Internet
NGI)
->
working
on
new
robust,
performance
internet
(200
companies,
universities,
governments)
developing
new
technologies
routing
practices,
levels
of
service,
importance
of
data,
distributed
computing
VoIP
VPN
VoIP
reducing
communication
costs
by
20-30%
IP
network:
lowering
long
distance
costs,
eliminating
monthly
fees
for
private
lines,
single
voica
data
infrastructure
for
telecommunications
and
computing,
flexibility
(easy
adding
new
phones,
voce
and
email
combined
into
single
directory
(Bayer
did
that!))
Merge
disparate
communication
modes
into
a
single
universally
accessible
service
using
unified
communications
technology
Past:
dedicated
and
expensive
private
network
Today:
less
expensive
virtual
private
network
(VPN)
within
public
Internet
o Secure,
encrypted,
private
within
public
network
o Advantage
of
economies
of
scale
o Combining
voice
and
data
networks
o Point
to
Point
Tunneling
Protocol
(PPTP)
packets
encrypted
and
wrapped
inside
IP
packets
World
Wide
Web
Most
popular
Internet
service,
with
universally
accepted
standards
for
storing,
retrieving,
formatting,
and
displaying
information
Web
site
=
connection
web
pages
linked
to
a
home
page,
links
to
other
media
Searching
for
Information
on
the
Web
100
billion
web
pages
public
available,
but
also
deep
web
900
billion
additional
pages
cannot
be
visited
without
access
code,
protected
Search
engines
=
killer
app
of
Internet
era,
sift
through
different
files
Started
in
early
1990s
as
relatively
simple
software
programs
using
keyword
indexes,
now
Google
(page
rank
system),
Yahoo,
Bing
Major
source
of
Internet
advertising
revenue
via
search
engine
marketing,
using
complex
algorithms
and
page
ranking
techniques
to
locate
results
Sponsors,
paid
search
results
on
top
at
the
right
time
match
consumer
interes
Search
engine
optimization:
better
search
engine
recognitions,
higher
ranks,
on
top
of
the
search
result
list,
improve
quality
and
volume
of
Web
traffic,
popularity
(links
to
that
web
site)
Challenging
searching
videos
Intelligent
Agent
shopping
bots:
software
agents
with
built
in
intelligence,
gather
info,
perform
tasks
to
assist
users,
making
purchase
filter,
pricing
and
availability
Web
2.0
Collaboration,
sharing,
creating
new
services
4
defining
features:
Interactivity,
real-time
user
control,
social
participation,
user-generated
content
Technologies/services:
Cloud
computing,
Blogs/RSS,
Mashups
&
widgets
(mix
and
match
content
or
software
components,
e.g.
Flickr),
Wikis,
Social
networks
Blog:
chronological
entries,
blog
roll,
trackbacks,
comments,
Templates
(no
HTML
skills
needed)
blogosphere
RSS:
Rich
Site
Summary,
Really
Simple
Syndication
syndicates
content,
feeds,
subscribe
and
automatically
receive
new
content
Wikis:
collaborative
web
sites,
visitors
add,
modify
content,
monitoring
work
easy
to
share
information
Social
networks:
build
communities,
profiles.
Interactivity,
real
time
user
control,
opinions,
how
communicate,
stay
in
touch,
advertising,
+
application
development
platforms
Web
3.0/
future
Web
Effort
of
W3C
to
add
meaning
to
existing
Web
(woven
all
digital
information,
contacts
together
into
single
meaningful
experience)
=
Semantic
Web
Make
searching
more
relevant
to
user,
meaningful
+
productive
(better
results)
More
intelligent
computing,
analyze
and
manipulate,
reduce
amount
of
human
involvement
in
searching
and
processing
web
information
3D
Web
(walk
through
pages)
Pervasive
Web
(controls
everything,
managing)
Increase
in
cloud
computing,
SaaS,
Ubiquitous
connectivity
between
mobile
and
other
access
devices,
Make
Web
a
more
seamless
experience
Passive
RFID:
Range
is
shorter,
also
smaller,
less
expensive,
powered
by
radio
frequency
energy
Common
uses:
o Automated
toll-collection
o Tracking
goods
in
a
supply
chain
o E.g.
Walmart
combining
data
point
of
sale
systems
with
RFID
data
to
determine
which
items
will
soon
be
depleted,
automatically
generates
lists
Requires
companies
to
have
special
hardware
and
software,
massive
amount
of
data
Software
to
filter
and
aggregate,
applications
designed
to
accept
large
data
and
share
it
with
other
applications
Reduction
in
cost
of
tags
making
RFID
viable
for
many
firms
Wireless
sensor
networks
(WSNs)
Networks
of
hundreds
or
thousands
of
interconnected
wireless
devices
embedded
into
physical
environment
to
provide
measurements
of
many
points
over
large
spaces
Devices
(nodes)
have
built-in
processing,
storage,
and
radio
frequency
sensors
and
antennas
Require
low-power,
long-lasting
batteries
and
ability
to
endure
in
the
field
without
maintenance
Used
to
monitor
building
security,
detect
hazardous
substances
in
air,
monitor
environmental
changes,
traffic,
or
military
activity
Data
flowing
to
a
server
with
grater
processing
power,
gateway
to
network
based
on
Internet
technology
Chapter
8
Securing
Information
Systems
System
Vulnerability
and
Abuse
Security:
Policies,
procedures
and
technical
measures
to
prevent
unauthorized
access,
alteration,
theft,
or
physical
damage
Controls:
Methods,
policies,
and
organizational
procedures
ensure
safety
of
organizations
assets;
accuracy
and
reliability
of
accounting
records;
and
operational
adherence
to
management
standards
Vulnerability
through
technical,
organizational
and
environmental
factors,
poor
management
decisions,
communication
layers
Accessibility
of
networks
Hardware
problems
(breakdowns,
configuration
errors,
damage
from
improper
use
or
crime)
Software
problems
(programming
errors,
installation
errors,
unauthorized
changes)
Disasters
(fires,
floods..)
Use
of
networks/computers
outside
of
firms
control
Loss
and
theft
of
portable
devices
Internet
vulnerabilities
Network
open
to
anyone,
Size:
abuses
can
have
wide
impact
Use
of
fixed
Internet
addresses
creates
fixed
targets
hackers
Unencrypted
VOIP
(no
use
of
VPN)
E-mail,
P2P,
IM:
Interception,
Attachments
with
malicious
software,
Transmitting
trade
secrets
Wireless
security
challenges
Radio
frequency
bands
easy
to
scan
SSIDs
(service
set
identifiers):
Identify
access
points,
Broadcast
multiple
times
War
driving:
Eavesdroppers
drive
by
buildings
and
try
to
detect
SSID
and
gain
access
to
network
and
resources,
set
up
rogue
access
points
WEP
(Wired
Equivalent
Privacy)
WPA2
(WiFi
Protected
Access)
o Security
standard
for
802.11;
use
is
optional
o Uses
shared
password
for
both
users
and
access
point
Internal
threats:
employees
Security
threats
often
originate
inside
an
organization
leaking
Inside
knowledge
Sloppy
security
procedures,
User
lack
of
knowledge
Social
engineering:
Tricking
employees
into
revealing
their
passwords
by
pretending
to
be
legitimate
members
of
the
company
in
need
of
information
End
users
entering
faulty
data,
not
following
instructions
IS
specialists:
errors
in
design,
development,
maintenance
Software
vulnerability
Commercial
software
contains
flaws
that
create
security
vulnerabilities
Hidden
bugs
(program
code
defects),
Zero
defects
cannot
be
achieved
because
complete
testing
is
not
possible
with
large
programs
Flaws
can
open
networks
to
intruders,
impede
performance
Patches:
Vendors
release
small
pieces
of
software
to
repair
flaws
(patch
management
by
users),
However
exploits
often
created
faster
than
patches
be
released
and
implemented
Business
Value
of
Security
and
Control
Failed
computer
systems
can
lead
to
significant
or
total
loss
of
business
function
Confidential
personal
and
financial
data,
Trade
secrets,
new
products,
strategies
A
security
breach
may
cut
into
firms
market
value
almost
immediately
Inadequate
security
and
controls
also
bring
forth
issues
of
liability
Strong
security:
high
ROI,
employees
productivity,
lower
operational
costs
Legal
and
regulatory
requirements
for
electronic
records
management
and
privacy
protection
Protection
data
from
abuse,
exposure,
unauthorized
access
HIPAA:
Medical
security
and
privacy
rules
and
procedures
Gramm-Leach-Bliley
Act:
Requires
financial
institutions
to
ensure
the
security
and
confidentiality
of
customer
data
Sarbanes-Oxley
Act:
Imposes
responsibility
on
companies
and
their
management
to
safeguard
the
accuracy
and
integrity
of
financial
information
that
is
used
internally
and
released
externally
Electronic
evidence
Evidence
for
white
collar
crimes
often
in
digital
form
Data
on
computers,
e-mail,
instant
messages,
e-commerce
transactions
Proper
control
of
data
can
save
time
and
money
when
responding
to
legal
discovery
request
Computer
forensics:
Scientific
collection,
examination,
authentication,
preservation,
and
analysis
of
data
from
computer
storage
media
for
use
as
evidence
in
court
of
law
Includes
recovery
of
ambient
and
hidden
data,
plan
needed
MIS
audit
Examines
firms
overall
security
environment
as
well
as
controls
governing
individual
information
systems,
data
quality
Reviews
technologies,
procedures,
documentation,
training,
and
personnel
Simulate
disaster
to
test
response
of
technology,
IS
staff,
other
employees
Lists
and
ranks
all
control
weaknesses
and
estimates
probability
of
their
occurrence,
Assesses
financial
and
organizational
impact
of
each
threat
Technologies
and
Tools
for
Protecting
Information
Resources
Identity
management
software
Automates
keeping
track
of
all
users
and
privileges
Authenticates
users,
protecting
identities,
controlling
access
Authentication:
Password
systems,
Tokens,
Smart
cards,
Biometric
Firewall:
Combination
of
hardware
and
software
that
prevents
unauthorized
users
from
accessing
private
networks
Static
packet
filtering:
examines
selected
fields
in
headers
of
individual
packets
Stateful
inspections:
track
info
over
multiple
packets,
part
of
approved
conversation,
legitimate
connection
Network
address
translation
(NAT):
conceals
ip
addresses
of
internal
host
computers
Application
proxy
filtering:
examines
app
content
of
packets
Intrusion
detection
systems:
Monitor
hot
spots
on
corporate
networks
to
detect
and
deter
intruders
Examines
events
as
they
are
happening
to
discover
attacks
in
progress
Raises
alarm
or
shuts
down
sensitive
network
part
Antivirus
and
antispyware
software:
Checks
computers
for
presence
of
malware
and
can
often
eliminate
it
as
well
Require
continual
updating
Unified
threat
management
(UTM)
systems:
firewalls,
VPNs,
IDS,
web
content
filtering,
anti
spam
software
Securing
wireless
networks
WEP
security
can
provide
some
security
by
Assigning
unique
name
to
networks
SSID
and
not
broadcasting
SSID,
Using
it
with
VPN
technology
Wi-Fi
Alliance
finalized
WAP2
specification,
replacing
WEP
with
stronger
standards:
Continually
changing
keys,
Encrypted
authentication
system
with
central
server
Encryption
Transforming
text
or
data
into
cipher
text
that
cannot
be
read
by
unintended
recipients,
encryption
key
Secure
Sockets
Layer
(SSL)
and
successor
Transport
Layer
Security
(TLS)
between
2
computers
Secure
Hypertext
Transfer
Protocol
(S-HTTP)
limited
to
individual
messages
Symmetric
key
encryption:
Sender
and
receiver
use
single,
shared
key
Public
key
encryption:
Uses
two,
mathematically
related
keys:
Public
key
and
private
key,
Sender
encrypts
message
with
recipients
public
key,
Recipient
decrypts
with
private
key
Digital
certificate:
Data
file
used
to
establish
the
identity
of
users
and
electronic
assets
for
protection
of
online
transactions
Uses
a
trusted
third
party,
certification
authority
(CA),
to
validate
a
users
identity
CA
verifies
users
identity,
stores
information
in
CA
server,
which
generates
encrypted
digital
certificate
containing
owner
ID
information
and
copy
of
owners
public
key
Public
key
infrastructure
(PKI)
Use
of
public
key
cryptography
working
with
certificate
authority
Widely
used
in
e-commerce
Ensuring
system
availability:
Online
transaction
processing
requires
100%
availability,
no
downtime
Fault-tolerant
computer
systems:
Contain
redundant
hardware,
software,
and
power
supply
components
that
create
an
environment
that
provides
continuous,
uninterrupted
service
High-availability
computing
o Helps
recover
quickly
from
crash,
Minimizes
not
eliminates
downtime
o Backup
servers,
multiple
server
distribution,
high
capacity
storage,
god
disaster
recovery
and
business
continuity
plans
Recovery-oriented
computing:
Designing
systems
that
recover
quickly
with
capabilities
to
help
operators
pinpoint
and
correct
of
faults
in
multi-component
systems
Controlling
network
traffic:
Deep
packet
inspection
(DPI)
Video
and
music
blocking,
using
prioritizing
Security
outsourcing:
Managed
security
service
providers
(MSSPs)
Security
in
the
cloud
Responsibility
for
security
resides
with
company
owning
the
data
Firms
must
ensure
providers
provides
adequate
protection
Service
level
agreements
(SLAs)
including
controls
Securing
mobile
platforms
Security
policies
should
include
and
cover
any
special
requirements
for
mobile
devices
Tools
to
authorize
all
devices
in
use,
maintain
inventory
records,
updates,
lock
Ensuring
software
quality
(software
metrics
and
testing)
Software
metrics:
Objective
assessments
of
system
in
form
of
quantified
measurements,
identify
problems
as
they
occur
Carefully
designed,
formal,
objective,
used
consistently
Examples:
Number
of
transactions,
Online
response
time,
Payroll
checks
printed
per
hour,
Known
bugs
per
hundred
lines
of
code
Early
and
regular
testing
to
uncover
errors
Walkthrough:
Review
of
specification
or
design
document
by
small
group
of
qualified
people
Debugging:
Process
by
which
errors
are
eliminated
Chapter
9
Achieving
Operational
Excellence
and
Customer
Intimacy:
Enterprise
Applications
Enterprise
Systems
=
Enterprise
Resource
Planning
Systems
(ERP)
Suite
of
integrated
software
modules
and
a
common
central
database
Collects
data
from
many
divisions
of
firm
for
use
in
internal
business
activities
Information
entered
in
one
process
is
immediately
available
for
other
processes
Enterprise
Software
Built
around
thousands
of
predefined
business
processes
that
reflect
best
practices
Finance/accounting,
Human
resources,
Manufacturing/production,
Sales/marketing
To
implement,
firms:
Select
functions
of
system
they
wish
to
use,
Map
business
processes
to
software
processes,
Use
softwares
configuration
tables
for
customizing
Leading
ES
vendors:
SAP,
Oracle,
Infor
Global
Solutions,
Microsoft
Communicate
with
customers,
suppliers,
other
entities
Business
value
of
enterprise
systems
Increase
operational
efficiency
Provide
firm
wide
information
to
support
decision
making
Enforce
standard
practices
and
data
Enable
rapid
responses
to
customer
requests
for
information
or
products,
reduce
cycle
time
and
costs,
centralize
Include
analytical
tools
to
evaluate
overall
organizational
performance,
improved
decision
making
Supply
Chain
Management
Systems
Supply
Chain
Network
of
organizations
and
processes
for:
o Procuring
raw
materials
(procurement)
o Transforming
them
into
products
(manufacturing)
o Distributing
the
products
(distribution)
Flow
of
materials,
information,
payments
in
both
directions
Primary,
secondary,
tertiary
suppliers
(tier
1,2,3)
Upstream
supply
chain:
Firms
suppliers,
suppliers
suppliers,
processes
for
managing
relationships
with
them
Downstream
supply
chain:
Organizations
and
processes
responsible
for
delivering
products
to
customers
Supply
chain
management
software
Supply
chain
planning
systems:
Model
existing
supply
chain
o Demand
planning
(determine
amount
of
products
to
satisfy
demands)
o Optimize
sourcing,
manufacturing
plans
o Establish
inventory
levels
o Identifying
transportation
modes
Supply
chain
execution
systems:
Manage
flow
of
products
through
distribution
centers
and
warehouses,
efficiency
Global
Supply
Chains
and
the
Internet
Global
supply
chains
typically
span
greater
geographic
distances
and
time
differences
Different
performance
standards
More
complex
pricing
issues
(local
taxes,
transportation,
etc.)
Foreign
government
regulations,
cultural
differences
Internet
helps
companies
manage
many
aspects
of
global
supply
chains:
sourcing,
transportation,
communications,
international
finance
(no
slow
downs,
errors,
uncertainty)
outsourcing
to
third
party
logistic
providers,
contract
manufacturing
Supply
chain
management
systems
Push-based
model
(build-to-stock):
Schedules
based
forecasts
of
demand
Pull-based
model
(demand-driven,
build-to-order):
Customer
orders
trigger
events
in
supply
chain
Sequential
supply
chains:
Information
and
materials
flow
sequentially
from
company
to
company
Concurrent
supply
chains:
Information
flows
in
many
directions
simultaneously
among
members
of
a
supply
chain
network
Future
Internet
driven:
digital
logistics
nervous
system
Business
value
of
CRM
Increased
customer
satisfaction
Reduced
direct-marketing
costs
More
effective
marketing
Lower
costs
for
customer
acquisition/retention
Increased
sales
revenue
Reduce
churn
rate
o Number
of
customers
who
stop
using
or
purchasing
products
or
services
from
a
company.
o Indicator
of
growth
or
decline
of
firms
customer
base
Enterprise
Application
Challenges
Highly
expensive
to
purchase
and
implement
Require
Technological
changes
Require
Business
process
changes
Require
Organizational
changes
Switching
costs,
dependence
on
software
vendors
Data
standardization,
management,
cleansing
Next-generation
enterprise
applications
Move
is
to
make
applications
more
flexible,
Web-enabled,
integrated
with
other
systems
Enterprise
suites
o Software
to
enable
CRM,
SCM,
and
enterprise
systems
work
together
and
with
suppliers
and
client
systems
o Utilize
Web
services,
SOA
(Service
Oriented
Architecture)
Open
source
&
on-demand
solutions
Mobile
compatible;
Web
2.0
capabilities
Complementary
analytics
products
Service
platform
Integrates
multiple
applications
to
deliver
a
seamless
experience
for
all
parties,
E.g.
Order-to-cash
process
Portal
software:
Used
to
integrate
information
from
enterprise
applications
and
legacy
systems
and
present
it
as
if
coming
from
a
single
source
Chapter
10
E-commerce:
Digital
Markets,
Digital
Goods
E-commerce
today:
Use
of
the
Internet
and
Web
to
transact
business;
digitally
enabled
transactions
Began
in
1995
and
grew
exponentially,
still
growing
even
in
a
recession
Companies
that
survived
the
dot-com
bubble
burst
and
now
thrive
E-commerce
revolution
is
still
in
its
early
stages,
increasing
number
of
online
products,
broadband
access
Reduced
Transaction
costs
Lower
Market
Entry
Cost,
Search
cost
Price
Cost
Trans
Parenc
Y
Price
Discrim
ination
Content
provider:
includes
intellectual
property,
podcasting
(subscribe),
streaming
Web
site
budgets
Several
thousand
to
millions
/
year
50%
of
a
budget
is
system
maintenance
and
content
creation
Chapter
11
Managing
Knowledge
The
Knowledge
Management
Landscape
Knowledge
management
systems
among
fastest
growing
areas
of
software
investment
Knowledge
and
information
related,
useful
and
actionable
when
shared,
major
source
of
wealth
Substantial
part
of
a
firms
stock
market
value
is
related
to
intangible
assets:
knowledge,
brands,
reputations,
and
unique
business
processes
Well-executed
knowledge-based
projects
can
produce
extraordinary
ROI,
difficult
to
measure
Data
=
flow
of
events/transactions,
info
=
organized
data,
knowledge
=
additional
resources
to
discover
patterns,
wisdom
=
Collective
and
individual
experience
of
applying
to
solve
problems,
Involves
where,
when,
and
how
to
apply
knowledge
Both
individual
and
collective
attribute
Cognitive,
psychological
eent
inside
peoples
heads
Tacit
(not
documented)
and
explicit
(documented)
knowledge
Has
a
locations,
sticky,
not
universally
applicable,
situational,
contextual
Important
asset
of
firm,
Knowing
how
to
do
things
effectively
and
efficiently
in
ways
others
cannot
duplicate
is
prime
source
of
profit
and
competitive
advantage
Knowledge
acquisition
Documenting
tacit
and
explicit
knowledge
o Storing
documents,
reports,
presentations,
best
practices
o Unstructured
documents
(e.g.,
e-mails)
o Developing
online
expert
networks
Creating
knowledge
(discover
patterns,
knowledge
workstations)
Tracking
data
from
TPS
(sales,
payments,
inventory,
customers),
external
sources
Knowledge
storage
Databases,
expert
systems
corporate
in
business
processes
Document
management
systems
Role
of
management:
o Support
development
of
planned
knowledge
storage
systems
o Encourage
development
of
corporate-wide
schemas
for
indexing
documents
o Reward
employees
for
taking
time
to
update
and
store
documents
properly
Knowledge
dissemination
Portals,
Push
e-mail
reports,
Search
engines,
Collaboration
tools
A
deluge
of
information
Training
programs,
informal
networks,
and
shared
management
experience
help
managers
focus
attention
on
important
information
Knowledge
application
To
provide
return
on
investment,
organizational
knowledge
must
become
systematic
part
of
management
decision
making
and
become
situated
in
decision-support
systems
Create
New
business
practices,
New
products
and
services,
New
markets
New
organizational
roles
and
responsibilities
Chief
knowledge
officer
executives
Dedicated
staff
/
knowledge
managers
Communities
of
practice
(COPs)
o Informal
social
networks
of
professionals
and
employees
within
and
outside
firm
who
have
similar
work-related
activities
and
interests
o Activities
include
education,
online
newsletters,
sharing
experiences
and
techniques
o Facilitate
reuse
of
knowledge,
discussion
o Reduce
learning
curves
of
new
employees
3
major
types
of
knowledge
management
systems
(CAD
=
computer
aided
design)
Three
major
types
of
knowledge
in
enterprise
Structured
documents
(formal
docs
and
rules)
Semistructured
documents
Unstructured,
tacit
knowledge
(+
semi
=
80%)
Enterprise
content
management
systems
Help
capture,
store,
retrieve,
distribute,
preserve
Corporate
repositories
ans
capabilities
to
collect
and
organize
semistructured
Bring
in
external
sources
(News
feeds,
research)
Tools
for
communication
and
collaboration
Key
problem
Developing
taxonomy
=
classification
scheme
(Knowledge
objects
must
be
tagged
with
categories
for
retrieval)
Digital
asset
management
systems:
Specialized
content
management
systems
for
classifying,
storing,
managing
unstructured
digital
data
like
Photographs,
graphics,
video,
audio
Knowledge
network
systems
(expertise
location
and
management
systems)
Provide
online
directory
of
corporate
experts
in
well-defined
knowledge
domains
Collaboration
Tools
Enterprise
knowledge
portals:
Access
to
external
and
internal
information
(News
feeds,
research,
Capabilities
for
e-mail,
chat..)
Use
of
consumer
Web
technologies
(Blogs,
Wikis,
Social
bookmarking
user-
created
taxonomies
for
shared
bookmarks
=
folksonomies)
Learning
Management
Systems
(LMS)
Provide
tools
for
management,
delivery,
tracking,
and
assessment
of
various
types
of
employee
learning
and
training
Support
multiple
modes
of
learning
Automates
selection
and
administration
of
courses
Assembles
and
delivers
learning
content
Measures
learning
effectiveness
Knowledge
Work
Systems
=
Systems
for
knowledge
workers
to
help
create
new
knowledge
and
integrate
that
knowledge
into
business
Knowledge
workers
=
Researchers,
designers,
architects,
scientists,
engineers
who
create
knowledge
for
the
organization
1. Keeping
organization
current
in
knowledge
2. Serving
as
internal
consultants
regarding
their
areas
of
expertise
3. Acting
as
change
agents,
evaluating,
initiating,
and
promoting
change
projects
Requirements
of
knowledge
work
systems
Hardware
Platform:
knowledge
workstation
Substantial
computing
power
for
graphics,
complex
calculations
Powerful
graphics
and
analytical
tools
Communications
and
document
management
Access
to
external
databases
User-friendly
interfaces
Optimized
for
tasks
to
be
performed
(design
engineering,
financial
analysis)
Examples
of
knowledge
work
systems
CAD
(computer-aided
design):
o Automate
creation
and
revision
of
design
o Creation
of
engineering
or
architectural
designs
Virtual
reality
systems:
o Simulate
real-life
environments
o 3-D
medical
modeling
for
surgeons
o Augmented
reality
(AR)
systems
additional
info
to
enhance
the
perception
of
reality,
more
interactive
and
meaningful
o VRML
(virtual
realty
modeling
language)
=
set
of
specifications
for
interactive
3D
modeling
on
the
WWW,
can
organize
multiple
media
types
Investment
workstations
in
financial
industry
=
Streamline
investment
process
and
consolidate
internal,
external
data
for
brokers,
traders,
portfolio
managers
Neural
networks
Find
patterns
and
relationships
in
massive
amounts
of
data
too
complicated
for
humans
to
analyze
Learn
patterns
by
searching
for
relationships,
building
models,
and
correcting
over
and
over
again
(construct
hidden
layer
of
logic)
Humans
train
network
by
feeding
it
data
inputs
for
which
outputs
are
known,
to
help
neural
network
learn
solution
by
example
Used
in
medicine,
science,
and
business
for
problems
in
pattern
classification,
prediction,
financial
analysis,
and
control
and
optimization
only
as
aids!
E.g
Visa
Credit
Card
Fraud
monitoring
transactions
Machine
learning:
Related
AI
technology
allowing
computers
to
learn
by
extracting
information
using
computation
and
statistical
methods
Used
in
data
mining
Genetic
algorithms
Useful
for
finding
optimal
solution
for
specific
problem
by
examining
very
large
number
of
possible
solutions
for
that
problem
Conceptually
based
on
process
of
evolution:
Search
among
solution
variables
by
changing
and
reorganizing
component
parts
using
processes
such
as
inheritance,
mutation,
and
selection
Used
in
optimization
problems
(minimization
of
costs,
efficient
scheduling,
optimal
jet
engine
design)
in
which
hundreds
or
thousands
of
variables
exist
Able
to
evaluate
many
solution
alternatives
quickly
Hybrid
AI
systems
Genetic
algorithms,
fuzzy
logic,
neural
networks,
and
expert
systems
integrated
into
single
application
to
take
advantage
of
best
features
of
each
E.g.,
Matsushita
neurofuzzy
washing
machine
that
combines
fuzzy
logic
with
neural
networks
Intelligent
agents
Work
in
background
to
carry
out
specific,
repetitive,
and
predictable
tasks
for
user,
process,
or
application
Use
limited
built-in
or
learned
knowledge
base
to
accomplish
tasks
or
make
decisions
on
users
behalf
(Deleting
junk
e-mail,
Finding
cheapest
airfare)
Agent-based
modeling
applications:
o Systems
of
autonomous
agents
o Model
behavior
of
consumers,
stock
markets,
and
supply
chains;
used
to
predict
spread
of
epidemics
Chapter
12
Enhancing
Decision
Making
Types
of
decisions:
Unstructured:
Decision
maker
must
provide
judgment,
evaluation,
and
insight
to
solve
problem,
novel,
non-routine
and
important
decisions
Senior
management
Structured:
Repetitive
and
routine;
involve
definite
procedure
for
handling
so
they
do
not
have
to
be
treated
each
time
as
new
operational
management
Semistructured:
Only
part
of
problem
has
clear-cut
answer
provided
by
accepted
procedure
Middle
management
The
4
stages
of
the
decision
making
process
1. Intelligence:
Discovering,
identifying,
and
understanding
the
problems
occurring
in
the
organization
2. Design:
Identifying
and
exploring
solutions
to
the
problem
3. Choice:
Choosing
among
solution
alternatives
4. Implementation:
Making
chosen
alternative
work
and
continuing
to
monitor
how
well
solution
is
working
Managers
and
Decision
making
in
the
real
world
Information
systems
can
only
assist
in
some
of
the
roles
played
by
managers
Classical
model
of
management:
5
functions
=
Planning,
organizing,
coordinating,
deciding,
and
controlling
More
contemporary
behavioral
models
=
less
systematic,
more
informal,
less
reflective,
more
reactive,
and
less
well
organized
than
in
classical
model
Great
del
of
work
at
unrelenting
pace,
fragmented
activities,
prefer
current
and
specific
information,
prefer
oral
forms
of
communication,
maintain
complex
web
of
contacts
Managerial
roles
=
expectations
of
the
activities
that
managers
should
perform
Business
intelligence
and
analytics
capabilities
Goal
is
to
deliver
accurate
real-time
information
to
decision-makers
Main
functionalities
of
BI
systems
1. Production
reports
(pre-defined,
based
on
industry
requirements)
2. Parameterized
reports
(user
enters
different
parameters
to
filter
data)
3. Dashboards/scorecards
(visual
tools,
presenting
performance
data)
4. Ad
hoc
query/search/report
creation
(create
own
report
based
on
queries,
searches)
Business
intelligence
users
80%
are
casual
users
relying
on
production
reports
Senior
executives
Use
monitoring
functionalities
Middle
managers
and
analysts
Ad-hoc
analysis
Operational
employees
Prepackaged
reports
(E.g.
sales
forecasts,
customer
satisfaction,
loyalty
and
attrition,
supply
chain
backlog,
employee
productivity)
Examples
of
BI
applications
mostly
pre-packaged
production
reports
Predictive
analytics:
Use
patterns
in
data
to
predict
future
behavior
(E.g.
Credit
card
companies
determine
customers
at
risk
for
leaving,
screen
potential
customers,
prediction
how
customer
respond
to
price
changes)
Data
visualization:
Help
users
see
patterns
and
relationships
that
would
be
difficult
to
see
in
text
lists
Geographic
information
systems
(GIS):
Ties
location-related
data
to
maps,
modeling
capabilities
(e.g.
calculate
response
times
to
natural
disasters,
best
locations
for
new
ATMs
2
Management
strategies
for
developing
BI
and
BA
capabilities
Competitive
market
place
and
given
to
hyperbole
1. One-stop
shopping
(totally
integrated
solution)
Hardware
firms
sell
software
that
run
optimally
on
their
hardware
Makes
firm
dependent
on
single
vendor
(but
on
a
global
scale)
switching
costs
+
pricing
power
2. Multiple
best-of-breed
solution
Software
firms:
encourage
firms
to
adopt
best
of
breed
software,
chose
package
from
vendor
you
believe
is
best
Greater
flexibility
and
independence
Potential
difficulties
in
integration
with
own
hardware
and
other
software
Must
deal
with
multiple
vendors
Chapter
13
Building
Information
Systems
Structural
organizational
changes
enabled
by
IT
1. Automation
Increases
efficiency
and
effectively
assisting
employees
Replaces
manual
tasks
2. Rationalization
of
procedures
Streamlines
standard
operating
procedures
Revealed
bottlenecks
due
to
automatization
Often
found
in
programs
for
making
continuous
quality
improvements
o Total
quality
management
(TQM)
achieving
quality
as
goal
and
responsibility
of
all
employees
o Six
sigma
=
specific
measure
of
quality
(3.6
defects
per
million
opportunities)
usually
just
a
goal
3. Business
process
redesign
(more
powerful,
higher
risk)
Analyze,
simplify,
and
redesign
business
processes
Reorganize
workflow,
combine
steps,
eliminate
repetition
and
sometimes
jobs
Ambitious
and
new
vision
how
to
organize
process
4. Paradigm
shifts
(often
fail,
high
rewards)
Rethink
nature
of
business,
radical,
reengineering
strategies
Define
new
business
model
Change
nature
of
organization
Business
Process
Redesign
Business
Process
Management
(BPM)
Variety
of
tools,
methodologies
to
analyze,
design,
optimize
processes
Used
by
firms
to
manage
business
process
redesign
Never
concluded
continual
change
Barrier:
organizational
culture,
resisting
change,
not
simple
1. Identify
processes
for
change:
what
processes
are
important
and
how
improving
these
will
help
performance
2. Analyze
existing
processes:
modeled
and
documented,
identify
redundant
steps
and
inefficiencies,
existing
processes
measured
in
times
and
cost
3. Design
the
new
process:
improve
processes
by
designing
new
one,
to-be
process
comparison
streamlined
processes,
justifying
by
reducing
time,
cost,
enhancing
service
and
value
4. Implement
the
new
process:
translation
in
new
set
of
procedures
and
rules,
implement
IS
to
support,
uncover
and
address
problems,
recommended
improvements
5. Continuous
measurement:
employees
fall
back
in
old
methods,
processes
lose
effectiveness
due
to
other
changes
Variety
of
tools
for
BPM,
to
Identify
and
document
existing
processes,
Identify
inefficiencies
Create
models
of
improved
processes
Capture
and
enforce
business
rules
for
performing
processes
Integrate
existing
systems
to
support
process
improvements
Systems
development
Activities
that
go
into
producing
an
information
system
solution
to
an
organizational
problem
or
opportunity
Systems
analysis
Analysis
of
problem
to
be
solved
by
new
system
Defining
the
problem
and
identifying
causes,
Specifying
solutions
(Systems
proposal
report
identifies
and
examines
alternative
solutions),
Identifying
information
requirements
Analyst:
creates
roadmap
of
existing
organization,
identifying
primary
owners
of
data,
hardware,
software
examining
problem
areas
and
objectives
Includes
feasibility
study:
financial,
technical,
organizational
standpoint,
good
investment,
skills?
Written
systems
proposal:
costs,
benefits,
disadvantages,
advantages
of
each
alternative
Establishing
information
requirements
o Who
needs
what
information,
where,
when,
and
how
o Define
objectives
of
new/modified
system
o Detail
the
functions
new
system
must
perform
Faulty
requirements
analysis
is
leading
cause
of
systems
failure
and
high
systems
development
cost
Systems
design
Describes
system
specifications
that
will
deliver
functions
identified
during
systems
analysis
form
and
structure
(blueprint)
Should
address
all
managerial,
organizational,
and
technological
components
of
system
solution
fulfill
user
requirements
Completing
System
Development
Process
Translate
solution
specifications
into
operational
info
system
Programming:
Translate
System
specifications
into
software
program
code
Testing:
Ensures
system
produces
right
results
o Unit
(program)
testing:
Tests
each
program
in
system
separately
o System
testing:
Test
functioning
of
system
as
a
whole
o Acceptance
testing:
system
is
ready
to
be
used
in
production
setting
(evaluated
by
users,
reviewed
by
management)
o Test
plan:
All
preparations
for
series
of
tests,
general
condition
tested
=
record
change
Conversion
=
Process
of
changing
from
old
system
to
new
system
1. Parallel
strategy:
both
old
and
new
systems
run
together
=
safe
and
expensive
2. Direct
cutover:
total
replacement
on
an
appointed
day
=
risky
3. Pilot
study:
introduction
to
limited
area
4. Phased
approach:
introduction
in
stages
(by
functions,
units)
Requires
end-user
training
Finalization
of
detailed
documentation
showing
how
system
works
from
technical
and
end-user
standpoint
Production
and
maintenance
=
System
reviewed
to
determine
if
revisions
needed
May
include
post-implementation
audit
document
Maintenance:
Changes
in
hardware,
software,
documentation,
or
procedures
to
a
production
system
to
correct
errors,
meet
new
requirements,
or
improve
processing
efficiency
o 20%
debugging,
emergency
work
o 20%
changes
to
hardware,
software,
data,
reporting
o 60%
of
work:
User
enhancements,
improving
documentation,
recoding
for
greater
processing
efficiency
2.
Object-Oriented
Development
Object
=
basic
unit
of
systems
analysis
and
design
Object:
Combines
data
and
the
processes
that
operate
on
those
data
Data
encapsulated
in
object
can
be
accessed
and
modified
only
by
operations,
or
methods,
associated
with
that
object
Object-oriented
modeling
based
on
concepts
of
class
and
inheritance
o Objects
belong
to
a
certain
class
and
have
features
of
that
class
o May
inherit
structures
and
behaviors
of
a
more
general,
ancestor
class
More
iterative
and
incremental
than
traditional
structured
development
o Systems
analysis:
Interactions
between
system
and
users
analyzed
to
identify
objects
o Design
phase:
Describes
how
objects
will
behave
and
interact;
grouped
into
classes,
subclasses
and
hierarchies
o Implementation:
Some
classes
may
be
reused
from
existing
library
of
classes,
others
created
or
inherited
Objects
=
reusable
can
potentially
reduce
time
and
cost
of
development
Computer-aided
software
engineering
(CASE)
Software
tools
to
automate
development
and
reduce
repetitive
work,
including
Facilitate
creation
of
clear
documentation
+
coordination
of
team
development
efforts
Graphics
facilities
for
producing
charts
and
diagrams,
Screen
and
report
generators,
reporting
facilities,
Analysis
and
checking
tools,
Data
dictionaries,
Code
and
documentation
generators
Increase
productivity
and
quality
Support
iterative
design
by
automating
revisions
and
changes
and
providing
prototyping
facilities
Require
organizational
discipline
to
be
used
effectively
Alternative
Systems-building
Approaches
Traditional
systems
lifecycle
Oldest
method
for
building
information
systems
Phased
approach
divides
development
into
formal
stages
Waterfall
approach:
Tasks
in
one
stage
finish
before
another
stage
begins
Formal
division
of
labor
between
end
users
and
information
systems
specialists
Emphasizes
formal
specifications
and
paperwork
Still
used
for
building
large
complex
systems
Can
be
costly,
time-consuming,
and
inflexible
Prototyping
Building
experimental
system
rapidly
and
inexpensively
for
end
users
to
evaluate
Prototype:
Working
but
preliminary
version
of
information
system
Approved
prototype
serves
as
template
for
final
system
Iterative
Steps
in
prototyping
(can
be
repeated)
1. Identify
user
requirements
2. Develop
initial
prototype
3. Use
prototype
4. Revise
and
enhance
prototype
Advantages
Disadvantages
Useful
if
some
uncertainty
in
May
gloss
over
essential
steps
requirements
or
design
solutions
May
not
accommodate
large
Often
used
for
end-user
interface
quantities
of
data
or
large
number
design
of
users
More
likely
to
fulfill
end-user
May
not
undergo
full
testing
or
requirements
documentation
End-user
development:
Uses
fourth-generation
languages
to
allow
end-users
to
develop
systems
with
little
or
no
help
from
technical
specialists
Fourth
generation
languages:
Less
procedural
than
conventional
programming
Require:
cost-justification
of
end-user
system
projects,
Establish
hardware,
software,
and
quality
standards
Advantages
Disadvantages
More
rapid
completion
of
projects
Not
designed
for
processing-
intensive
applications
High-level
of
user
involvement
and
satisfaction
Inadequate
management
and
control,
testing,
documentation
Loss
of
control
over
data
Application
software
packages
Save
time
and
money:
pre-written,
designed,
tested,
maintenance
Many
offer
customization
features
Evaluation
criteria
for
systems
analysis
include:
Functions
provided
by
the
package,
flexibility,
user
friendliness,
hardware
and
software
resources,
database
requirements,
installation
and
maintenance
efforts,
documentation,
vendor
quality,
and
cost
Request
for
Proposal
(RFP):
Detailed
list
of
questions
submitted
to
packaged-
software
vendors,
Used
to
evaluate
alternative
software
packages
Outsourcing
Cloud
and
SaaS
providers:
Subscribing
companies
use
software
and
computer
hardware
provided
by
vendors
External
vendors:
Hired
to
design,
create
software
o Domestic:
Driven
by
firms
need
for
additional
skills,
resources,
assets
o Offshore:
Driven
by
cost-savings,
better
assets,
skills
Advantages
Disadvantages
Allows
organization
flexibility
in
IT
Hidden
costs,
e.g.
Identifying
and
needs
selecting
vendor,
Transitioning
to
vendor
Usually
at
least
15%
cost
saving
even
in
worst
case
scenario
Opening
up
proprietary
business
processes
to
third
party
Chapter
14
Managing
Projects
The
Importance
of
Project
Management
Runaway
projects:
30%
-
40%
IT
projects:
Exceed
schedule,
budget,
Fail
to
perform
as
specified,
less
benefits
Types
of
system
failure
o Fail
to
capture
essential
business
requirements
o Fail
to
provide
organizational
benefits
o Complicated,
poorly
organized
user
interface
o Inaccurate
or
inconsistent
data
Project
management
Project:
planned
series
of
related
activities
for
achieving
specific
business
objective
Activities:
planning
work,
assessing
risk,
estimating
resources
required,
organizing
work,
assigning
tasks,
controlling
project
execution,
reporting
progress,
analyzing
results
Five
major
variables
o Scope
what
work
to
(not)
include
o Time
amount
to
complete
project,
schedule
o Cost
hr,
hardware,
software,
work
space
o Quality
result
satisfies
specified
objectives
o Risk
potential
problems
threatening
success
Selecting
Projects
Scoring
models
Selecting
projects
where
many
criteria
must
be
considered
Assigns
weights
to
various
features
of
system
and
calculates
weighted
totals
Most
important:
not
score
but
agreement
on
criteria
to
judge
system
Requires
experts
understanding
issue
and
technology
Used
to
confirm,
rationalize
and
support
decisions
Establishing
the
business
value
of
Information
Systems
Information
Systems
Costs
and
Benefits
Tangible
benefits
(cost
savings):
Can
be
quantified
and
assigned
monetary
value
Systems
that
displace
labor
and
save
space:
Transaction
and
clerical
systems
Intangible
benefits:
Cannot
be
immediately
quantified
but
may
lead
to
quantifiable
gains
in
the
long
run
Systems
that
influence
decision
making:
ESS,
DSS,
collaborative
work
systems
Capital
budgeting
models:
Measure
value
of
investing
in
long-term
capital
investment
projects
Rely
on
measures
the
firms
o Cash
outflows:
Expenditures
for
hardware,
software,
labor
o Cash
inflows:
Increased
sales,
Reduced
costs
Difference
out-
und
in
flows
used
for
calculating
financial
worth
of
investment
Various
capital
budgeting
models
used
for
IT
projects:
Payback
method,
accounting
rate
of
return
on
investment,
net
present
value,
internal
rate
of
return
(IRR)
Real
options
pricing
models
(ROPM)
Can
be
used
when
future
revenue
streams
of
IT
projects
are
uncertain
and
up-
front
costs
are
high
Use
concept
of
options
valuation
borrowed
from
financial
industry
(option
=
right
but
not
obligation
to
act
at
some
future
date,
buy
at
fixed
rate)
Initial
expenditure
on
technology
creates
right
(not
obligation)
to
obtain
the
benefits
associated
with
further
development
and
deployment
of
the
technology
as
long
as
management
has
freedom
to
cancel,
defer,
restart,
or
expand
project
Gives
managers
flexibility
to
stage
IT
investment
or
test
the
waters
with
small
pilot
projects
or
prototypes
to
gain
more
knowledge
about
risks
before
investing
in
entire
implementation
Disadvantage:
estimating
all
ley
variables
affecting
option
value
Limitations
of
financial
models
Do
not
take
into
account
social
and
organizational
dimensions
that
may
affect
costs
and
benefits
No
consideration
costs
from
organizational
disruptions
(training,
learning
curves)
Overlooked
benefits
like
enhanced
employee
learning
and
expertise
Dimensions
of
Project
Risk
level
influenced
by
Project
size:
Indicated
by
cost,
time,
number
of
organizational
units
affected,
Organizational
complexity
also
an
issue
Project
structure:
Structured,
defined
requirements
run
lower
risk
Experience
with
technology
Change
Management
Required
for
successful
system
building
New
information
systems
have
powerful
behavioral
and
organizational
impact
Changes
lead
to
new
distributions
of
authority
and
power
Internal
organizational
change
breeds
resistance
and
opposition
Implementation:
All
organizational
activities
working
toward
adoption,
management,
and
routinization
of
an
innovation
Change
agent:
One
role
of
systems
analyst
o Redefines
the
configurations,
interactions,
job
activities,
and
power
relationships
of
organizational
groups
o Catalyst
for
entire
change
process
o Responsible
for
ensuring
that
all
parties
involved
accept
changes
created
by
new
system
Role
of
end
users:
With
high
levels
of
user
involvement
o System
more
likely
to
conform
to
requirements
o Users
more
likely
to
accept
system
User-designer
communication
gap:
Users
and
information
systems
specialists
o Different
backgrounds,
interests,
and
priorities
o Different
loyalties,
priorities,
vocabularies
o Different
concerns
regarding
a
new
system
Management
support
and
commitment
o Positive
perception
by
both
users
and
technical
staff
o Ensures
sufficient
funding
and
resources
o Enforcement
of
required
organizational
changes
Very
high
failure
rate
among
enterprise
application
and
BPR
projects
(up
to
70%
for
BPR)
Poor
implementation
and
change
management
practices
Mergers
and
acquisitions:
Similarly
high
failure
rate
of
integration
projects
Merging
of
systems
of
two
companies
requires:
Considerable
organizational
change,
Complex
systems
projects
Controlling
risk
factors
1st
step
in
managing
project
risk:
identifying
nature
and
level
of
risk
of
project
Each
project
managed
with
tools
and
risk-management
approaches
geared
to
level
of
risk
Managing
technical
complexity
Internal
integration
tools
o Project
leaders
with
technical
and
administrative
experience
o Highly
experienced
team
members
o Frequent
team
meetings
o Securing
of
technical
experience
outside
firm
if
necessary
Formal
planning
and
formal
control
tools:
GANTT
and
PERT
charts
o Gantt
chart
lists
project
activities
and
corresponding
start
and
completion
dates,
visually
representing
timing
and
duration
+
hr
o Pert
charts
(Program
Evaluation
and
Review
Technique)
graphically
depicts
project
task
and
interrelationships
in
a
network
diagram
o Determine
bottlenecks,
impact
problems
will
have
External
integration
tools:
ways
to
link
work
of
implementation
team
to
users
at
all
organizational
levels
(Active
involvement
of
users,
teams
responsiveness)
User
resistance
to
organizational
change:
believe
change
is
detrimental
to
their
interests,
counter
implementation:
strategy
to
thwart
implementation
of
an
IS
Designing
for
the
organization
Information
system
projects
must
address
ways
in
which
organization
changes
with
new
system
Planning:
Procedural
changes,
Job
functions,
Organizational
structure,
Power
relationships,
Work
structure
Ergonomics:
Interaction
of
people
and
machines
in
work
environment
including
Design
of
jobs,
Health
issues,
End-user
interfaces
Organizational
impact
analysis:
explains
how
system
will
affect
organizational
structure,
attitudes,
decision
making,
operations
Sociotechnical
design:
Addresses
human
and
organizational
issues
o Separate
sets
of
technical
and
social
design
solutions
o Final
design
is
solution
that
best
meets
both
technical
and
social
objectives
higher
job
satisfaction
and
productivity
Project
management
software
Can
automate
many
aspects
of
project
management
Capabilities
for
Defining,
ordering,
editing
tasks,
Assigning
resources
to
tasks,
Tracking
progress
Microsoft
Project
2010
=
Most
widely
used
project
management
software,
capabilities
of
producing
PERT,
Gantt
Charts,
critical
path
analysis
Increase
in
SaaS,
open-source
project
management
software
more
flexile,
collaborative
and
user-friendly
Project
portfolio
management:
helps
organizations
manage
portfolios
of
projects
and
dependencies
among
them
Chapter
15
Managing
Global
Systems
Growth
of
International
Information
Systems
Global
economic
system
and
global
world
order
driven
by
advanced
networks
and
information
systems
Growth
of
international
trade
radically
altered
domestic
economies
around
globe
Developing
an
International
Information
Systems
Architecture
1. Understand
global
environment:
Business
drivers
pushing
your
industry
toward
global
competition,
Inhibitors
creating
management
challenges
2. Develop
corporate
strategy
for
competition:
How
firm
should
respond
to
global
competition
3. Develop
organization
structure
and
division
of
labor:
Where
will
production,
marketing,
sales,
etc.,
be
located
4. Consider
management
issues:
Design
of
business
procedures,
reengineering,
managing
change
5. Consider
technology
platform
Global
drivers
General
cultural
factors
lead
toward
internationalization
and
result
in
specific
business
globalization
factors
Business
Challenges
State
of
the
art
Most
companies
have
inherited
patchwork
international
systems
using
1960s-
era
batch-oriented
reporting,
manual
entry
of
data
from
one
legacy
system
to
another,
and
little
online
control
and
communication
Global
strategies
and
business
organization
Three
main
kinds
of
organizational
structure
o Centralized:
In
the
home
country
o Decentralized/dispersed:
To
local
foreign
units
o Coordinated:
All
units
participate
as
equals
Four
main
global
strategies
o Domestic
exporter:
heavy
centralization
of
corporate
activities
in
the
home
country
of
origin
(often
starting
point)
o Multinational:
concentrate
financial
management
and
control
out
of
home
base,
decentralizing
production,
sales,
marketing,
adapted
products
to
local
market
conditions
o Franchisers:
mix
of
old
and
new,
design
in
home
country,
further
production
foreign
personnel
o Transnational:
stateless,
truly
globally
managed
firms
with
many
regional
headquarters,
frame
of
reference:
globe
Global
systems
to
fit
the
strategy
Configuration,
management,
and
development
of
systems
tend
to
follow
global
strategy
chosen
4
main
types
of
systems
configuration
1. Centralized:
Systems
development
and
operation
totally
at
domestic
home
base
2. Duplicated:
Development
occurs
at
home
base
but
operations
are
handed
over
to
autonomous
units
in
foreign
locations
3. Decentralized:
Each
foreign
unit
designs
own
solutions
and
systems
4. Networked:
Development
and
operations
in
coordinated
fashion
across
all
units
Typical
scenario:
Disorganization
on
a
global
scale
Traditional
multinational
consumer-goods
company
based
in
U.S.
and
operating
in
Europe
would
like
to
expand
into
Asian
markets
World
headquarters
and
strategic
management
in
U.S.,
Only
centrally
coordinated
system
is
financial
controls
and
reporting
Separate
regional,
national
production
and
marketing
centers
Foreign
divisions
have
separate
IT
systems
E-mail
systems
are
incompatible
Each
production
facility
uses
different
ERP
system,
different
hardware
and
database
platforms,
etc.
Global
systems
strategy
Share
only
core
systems:
Core
systems
support
functionality
critical
to
firm
Partially
coordinate
systems
that
share
some
key
elements
(Do
not
have
to
be
totally
common
across
national
boundaries,
Local
variation
desirable)
Peripheral
systems:
Need
to
suit
local
requirements
only
1. Define
core
business
processes
(business
process
analysis)
+
best
performer
2. Identify
core
systems
to
coordinate
centrally
3. Choose
an
approach
(best:
salami
strategy)
Piecemeal
and
grand
design
approaches
tend
to
fail
Evolve
transnational
applications
incrementally
from
existing
applications
4. Make
benefits
clear
Global
flexibility
Gains
in
efficiency
Global
markets
and
larger
customer
base
unleash
new
economies
of
scale
at
production
facilities
Optimizing
corporate
funds
over
much
larger
capital
base
Software
Localization
Integrating
new
systems
with
old
(+
testing)
Human
interface
design
issues,
languages
mastered
quickly
Software
localization:
converting
software
to
operate
in
second
language