Management

Information Systems (MIS)

Chapter 1
Information Systems in Business today

NBA makes a slam dunk with information technology
Problem: no hard data usable in decision making processes, costly and
competitive market
Solutions: new system designed to collect and organize data using video clips,
video tagging with descriptive categories, streaming
= Innovation and improving

Business Challenge management + organization + technology Informaton System
Business Solution

Role of IS in business today

Capital investment in IT, hardware, software, communication equipment, grew from
32% to 52% of all invested capital between 1980 and 2009 because better ROI (return
on investment). As manager know how to invest this money wisely on IS and technology.

How are IS transforming business?
Increased wireless technology use, web sites
Increased business use of web 2.0 tech
Cloud computing, mobile digital platform allow more distributed word, decision-
making, and collaboration
Mobile phones, e-mail, online conferencing (5 billion cell phone subscribers
worldwide)

Why are more parcels distributed?
Just in time production, Lean production, As little inventory as possible

 Resond to rapidly changing customer demand

Get to market faster, reduce overhead costs
A lot of digital information to store and handle.
Get news online, reading and writing blogs, social networking
Connect employees, customers, managers worldwide
Internet advertising and e-commerce continue to expand
Laws requiring to store this data for several years

3 interrelated changes in technology (accuracy, speed, richness of decision making)
1. Emerging mobile digital platform (desktop PC mobile device to coordinate
work, communicate, provide info for decision making)
2. Growth of online software as a service /SAAS (wikis, Web 2.0, collaboration tools
better and faster decisions, online teams and projects

3. Growth in cloud computing (rely on telework, remote work, distributed decision

making, outsource, collaborate with suppliers and customers to create new
products
Globalization opportunities and challenges
Internet has drastically reduced costs of operating on global scale
Communication is instant and virtually free (e.g. price information 24/7)
Presents both challenges and opportunities (outsourcing, offshoring, low wages,
fight for jobs and products, but expanding employment in IS, accelerated
development of new IS)
The world is flat The globalized world in the 21st century by Thomas L.
Friedman 10 Flatteners (advantage developed countries = past)
o Collapse of Berlin Wall
o Netscape (first browser of this company) and the Internet revolution,
connectivity through fiber-optic cables
o Workflow software
o Uploading
o Open sourcing
o Outsourcing
o Offshoring (e.g. India, cheaper, better know-how)
o Supply chaining, insourcing
o In-forming
o The Steroids
Employee: high level skills, firm: choice of markets
IS enables globalization

In the emerging fully digital firm
Business relationships are digitally enabled and mediated
Core business processes are accomplished through digital networks
o Business processes = logically related tasks/behaviors developed over
time to produce specific business results, e.g. creating an marketing plan
Key corporate assets (property, financial, human assets) are managed digitally

Greater flexibility in organization and management (time shifting = 24/7, space shifting
= global workplace) = anytime/anywhere, flexibility

IT is a foundation of doing business in the 21st century.

Growing interdependence between ability to use IT and ability to implement corporate

strategies and achieve corp. goals. (fig. 1.2)
6 strategic business objectives
1. Operational excellence (efficiency, productivity) Walmart RetailLink
2. New products, services, business models (how a company produces, delivers and
sells) iPod, iPhone
3. Customer supplier intimacy (engaging returning, e.g. track of preferences in a
database, JIT, lowers costs)
4. Improved decision making (right information, right time instead of
forecasts/luck Verizon digital dashboard for managers
5. Competitive advantage (faster, cheaper, superior, real time responses)
6. Survival (necessity) ATM

Depending on type and quality of IS!

IT= All the hardware + software to achieve business objectives

IS =
Set of interrelated components;
Collect, process, store, and distribute information; produce new information;
Support decision making, coordination, control;
Solve tasks automatically, create new products, analyze problems
Information about significant people, places, things

Information vs. data (fig. 1.3)
Data are streams of raw facts (supermarket checkout counter)
Information is data shaped into meaningful form (total unit sales of dish
detergent, total sales revenue for specific store)

Function of an IS (fig. 1.4)

Input (captures raw data) Processing (Classify, Arrange, Calculate) (converts raw
data into meaningful form) Output (transfers processed information to people or
activities that use it) Feedback (output returned to appropriate members of
organization to help evaluate or correct input stage)

! Computers and Software are only part of an IS! ( = technical foundation and tools)

Perspectives n IS (fig. 1.5) = IS literacy

1.
2.
3.

Computer literacy is only knowledge of IT

Organizations
Technology
Management

Organizational dimension
IS = integral part
Key elements: people, structure, business processes, politics, culture
Different levels/specialties, hierarchy or pyramid structure
o Upper level: managerial, professional, technical employees
o Lower level: operational personnel
o Senior Mgt.: long-term strategic decisions, financial performance
o Middle Mgt.: carries out programs and plans
o Operational Mgt.: monitoring daily activities

Separation business functions

Unique business processes with formal rules, developed over time to guide
employees (IS automate many business processes)
Unique culture = fundamental set of assumptions, values, ways to do things
IS come out of organizational conflicts

Management
Make decisions, formulate action plans, solve organizational problems
Perceive business challenges , strategy to respond, allocate resources
Creative work driven by knowledge and information (new products, recreate
organization))

Information Technology (IT)
Computer hardware (input, processing, output, several linked devices)
Computer software (details, preprogrammed instructions to control/coordinate)
Data management technology (sotware governing organization of data and
storage media)
Networking and telecommunications technology (devices and software linking
hardware and transferring data)
o Network links computers to share data and resources (e.g. printer)
o Internet = network of networks (technology platform)
o WWW = service provide by Internet
All these technologies = resources = IT infrastructure
IT infrastructure = foundation to build IS (carefully design and manage)

UPS Package Tracking System
Organized in sales and production functions (delivery is the product/service)
Procedures for identifying packages, inventory, tracking en route, status reports
Also provide information to satisfy needs of managers and workers
Trained to use the system = effective + efficient
Management: monitors service level and costs for promoting strategy (low costs,
high service)
Decision to use computer systems increase ease for sending and updating,
reducing costs, increasing sales
Technology: handheld computers, bar code scanners, communication networks,
desktop PCs, data center, storage technology, tracking software, software for
WWW access

Business perspective

Investment because IS (instrument) = real economic corporate value to the

business
ROI will be superior to other investments (buildings, machines etc.)
Increases in productivity, revenues ( stock market value), long-term strategic
positioning ( future revenues)
Decreases costs because of information for better decisions, better execution of
business processes.

Business information value chain
Raw data acquired and transformed through stages that add value to that
information
Value of information system determined in part by extent to which it leads to
better decisions, greater efficiency, and higher profits

An IS represents an organizational and management solution, based on IT, to a challenge
or problem posed by the environment.

 PROFITABILITY

Complementary assets

Some firms achieve better results with IS than others

Invest great deal or little a amount, receive low or much returns
IT investments alone are not enough
Organization and Management: supportive values, structures, behavior patterns
(= complementary assets)
Adopt right business model that suits the new technology
Complementary assets = assets required to derive value from a primary
investment receive superior returns
E.g. new business models, business processes, management behavior,
organizational culture, training
Investment in organizational and management capital
o Organizational assets, e.g.
Appropriate business model
Efficient business processes
o Managerial assets, e.g.
Incentives for management innovation
Teamwork and collaborative work environments
o Social assets (not by company, society in gerneal) e.g.
The Internet and telecommunications infrastructure
Technology standards

Contemporary Approaches to IS

Multidisciplinary field
IS = sociotechnical systems (machines, devices, physical tech, social,
organizational, intellectual investments

Technical approach
Emphasizes mathematically based models
Computer science (computability, data storage + access), management science,
operations research (transportation, inventory control, transaction costs)

Behavioral approach (development, long-term maintenance)
Behavioral issues (strategic business integration, implementation, design..)
Psychology (human perceive and use), economics (production, dynamics
market) , sociology (groups)
o IST stimulus for behavioral problem/issue
o Changes in attitudes, management, organizational policy, behavior

Four main actors
Suppliers of hardware and software (technologists)
Business firms (investments, seeking value)
Managers and employees
Firms environment (legal, social, cultural context)
Management Information Systems (MIS)
o Combines computer science, management science, operations research
and practical orientation with behavioral issues

Sociotechnical view
Optimal organizational performance achieved by jointly optimizing both social
and technical systems used in production (technic and behavior)
Helps avoid purely technological approach
Mutual adjustment of both technology and organization

Chapter 2
Global E-Business and Collaboration

Business Processes

= Unique manner in which work is organized, coordinated, focused to produce valuable

products and services
Workflows of material, information, knowledge (coordinated by Management
and Organization)
Performance depending on design and coordination of bp
Competitive strength, innovation (assets) or liabilities
Sets of activities, steps
May be tied to functional area or be cross-functional (e.g. fulfilling customer
order)
Businesses: collection of bp information must flow rapidly between
departments, supplier, customer, business partners

Information technology enhances business processes in two main ways:

o Increasing efficiency of existing processes
Automating steps that were manual
o Enabling entirely new processes that are capable of transforming the
businesses (new business models)
Change flow of information
Replace sequential steps with parallel steps
Eliminate delays in decision making

Types of IS

Typical: different kinds of systems supporting processes for each major business
function
Large-scale cross-functional systems, integrate related activities
Different systems supporting decision making needs management groups
o Transaction processing system
o Management information system
o Decision-support system
o System for business intelligence

Transaction processing systems / TPS

Perform and record daily routine transactions necessary to conduct business
(Examples: sales order entry, payroll, shipping)
Answer routine questions, flow of transactions
Allow managers to monitor status of operations and relations with external
environment
Serve operational levels (predefined tasks, resources, goals)
Serve predefined, structured goals and decision making
Producing information for other business functions

Management information systems / MIS
Specific category of IS to serve middle management, Are things working well?
Provide reports on firms current performance, based on data from TPS, monitor,
control, predict future
Provide answers to routine questions, predefined procedure for answering
Typically have little analytic capability, low flexibility

Decision support systems / DSS

Serve middle management, support non-routine decision making
Example: What is impact on production schedule if December sales doubled?
Often use external information as well from TPS and MIS
o Model driven DSS (Voyage-estimating systems)
o Data driven DSS (Intrawests marketing analysis systems)

Business intelligence
Class of software applications (organizing, analyzing, providing access)
Analyze current and historical data to find patterns and trends and aid decision-
making (long-term)
Used in systems that support middle and senior management
o Data-driven DSS
o Executive support systems (ESS)

Executive support systems
Support senior management in non-routine decisions (portal)
Requiring judgment, evaluation, and insight
Incorporate data about external events (e.g. new tax laws or competitors) as well
as summarized information from internal MIS and DSS
Example: Digital dashboard with real-time view of firms financial performance:
working capital, accounts receivable, accounts payable, cash flow, and inventory

Enterprise applications

Systems for linking the enterprise + span functional areas

Execute business processes across firm (customer, supplier, business partner)
Include all levels of management
Four major applications:
o Enterprise systems
o Supply chain management systems
o Customer relationship management systems
o Knowledge management systems

Enterprise systems / ERP

Collects data from different firm functions and stores data in single central data
repository (serves variety of groups)
Resolves problem of fragmented, redundant data sets and systems
Enable: coordination of daily activities, efficient response to customer orders
(production, inventory), Provide valuable information for improving
management decision making

Supply chain management (SCM) systems
Manage firms relationships with suppliers, interorganizational system
Share information about orders, production, inventory levels, delivery of
products and services
Goal: right amount of products to destination with least amount of time and
lowest cost

Customer relationship management systems / CRM
Provide information to coordinate all of the business processes that deal with
customers in sales, marketing, and service to optimize revenue, customer
satisfaction, and customer retention
Integrate firms customer-related processes and consolidate customer
information from multiple communication channels

Knowledge management systems (KMS)
Support processes for acquiring, creating, storing, distributing, applying,
integrating knowledge
How to create, produce, distribute products and services
Collect internal knowledge and experience within firm
Link to external sources of knowledge

Alternative tools that increase integration and expedite the flow of information
Intranets: Internal company Web sites accessible only by employees
Extranets: Company Web sites accessible externally only to vendors and
suppliers

E-business: Use of digital technology and Internet to drive major business processes
E-commerce: Subset of e-business; Buying and selling goods and services through
Internet
E-government: Using Internet technology to deliver information and services to
citizens, employees, and businesses

Systems for Collaboration and Teamwork

Work with others to achieve goals

o Short-lived or long-term
o Informal or formal (teams)
o Team: specific mission
Growing importance of collaboration:
o Changing nature of work (jobs with interaction)
o Growth of professional work interaction jobs (specialists)
o Changing organization of the firm (hierarchy teams/groups)

o Changing scope of the firm (multiple locations)

o Emphasis on innovation (= group process)
o Changing culture of work (diversity, crowdsourcing)

Business benefits of collaboration and teamwork
Investments in collaboration technology can produce organizational
improvements returning high ROI
Productivity, Quality, Innovation, Customer service, Financial performance
Requirement:

Building a collaborative culture and business processes
Command and control organizations (no value placed on teamwork or lower-
level participation in decisions, vertical communication)
Collaborative business culture
o Senior managers rely on teams of employees
o Policies, products, designs, processes, systems rely on teams
o Managers purpose is to build teams, giving reward to teams, and indiv.

Tools + Technology for collaboration and teamwork

Social Networking
Wikis

Virtual Worlds (SecondLife)

Internet-Based Collaboration Environments

Virtual meeting systems (telepresence)
Google Apps/Google sites
Microsoft SharePoint
Lotus Notes

Two dimensions of collaboration technologies
o Space (or location) remote or colocated
o Time synchronous or asynchronous

Six steps in evaluating software tools

1. What are your firms collaboration challenges?
2. What kinds of solutions are available?
3. Analyze available products cost and benefits (incl. training)
4. Evaluate security risks
5. Consult users for implementation and training issues
6. Evaluate product vendors

Information Systems Function

Responsibility for running described systems

Managing technology

Information systems department
Formal organizational unit responsible for information technology services
Headed by chief information officer (CIO) Other senior positions include chief
security officer (CSO), chief knowledge officer (CKO), chief privacy officer (CPO)
Programmers (trained technical, specialists, software instructions)
Systems analysts (translate business problems into IS)
Information systems managers (leaders of teams, analysts, project managers,
facility managers, , database specilists)

End users
Representatives of other departments for whom applications are developed
Increasing role in system design, development

IT Governance
Strategies and policies for using IT in the organization
Specifies decision rights and framework for accountability
Organization of information systems function (centralized, decentralized, ROI,
monitoring etc.)
Being able to use IT efficiently and effectively has become more and more
essential to a business success.

Chapter 3
Information Systems, Organizations, and Strategy

Organizations and Information Systems

Information technology and organizations influence one another

IS built by managers to serve interest of business firm
Orga must be open to IS to benefit from technologies
Complex interaction, influenced by mediating factors
Manager: decide which systems to build, what they will do + how they will be
implemented
Not all changes can be foreseen, results may or not meet expectations

What is an Organization?
Technical definition:
o Stable, formal social structure that takes resources from environment and
processes them to produce outputs
o 3 elements: Capital + labor production factors from environment;
transformation from organization into products/services; outputs
consumed by environment
o Formal legal entity with internal rules and procedures, as well as a social
structure
Behavioral definition: (more realistic)
o Collection of rights, privileges, obligations, and responsibilities that is
delicately balanced over a period of time through conflict and conflict
resolution
o Working people develop customary ways of working, attachments to
existing relationships, arrangements with subordinates and superiors
about how to work, amount, conditions (informal)
Relation to IS: technical view: easy to change arrangement of workers and
machines, substitution capital and labor; but behavior: IS change balance of
rights, privileges, obligations, responsibilities, feelings time and resources

technical

behavioral

Features of Organizations
Use of hierarchical structure (specialists)
Accountability, authority in system of impartial + universal decision making
(abstract rules or procedures)
Promote employees on basis of technical qualification + professionalism
Adherence to principle of efficiency (may output, min input)
Routines and business processes
Organizational politics, culture, environments and structures

Routines and business processes
o Routines (standard operating procedure SOP): precise rules, procedures
and practices developed tocope with all expected situations
productive/efficient
o Business processes: Collections of routines
o Business firm: Collection of business processes
Organizational politics
o Divergent viewpoints lead to political struggle, competition, and conflict
o Political resistance greatly hampers organizational change
Organizational culture
o Taken for granted, Encompasses set of assumptions that define goal and
product (What products the organization should produce, how and where,
for whom)
o May be powerful unifying force as well as restraint on change
Organizational Environments
o Organizations and environments have a reciprocal relationship
o Open to, and dependent on, the social and physical environment
o Organizations can influence their environments
o Environments generally change faster than organizations (new products,
public tastes, values, political conflict, raised by changes, threat to closely
held cultural values, inhibit to make significant changes)
o Information systems can be an instrument of environmental scanning, act
as a lens

Disruptive technologies
Technology/business innovation radical change in business landscape +
environment (industries + markets)
Substitute product, working much better than current product (e.g. iPods)
Industries put out of business, extended market , low-cost competitors
Riding with the wave (create technology), adapt business, others become
obsolete, no firms benefit only customer
First movers, fast followers

Organizational Structure (5 basic kinds)
o Entrepreneurial
o Machine bureaucracy
o Divisionalized bureaucracy
o Adhocracy

Other organizational features

o Goals (coercive, utilitarian, normative)
o Constituencies (benefiting members, clients, stockholders, public)
o Leadership styles (democratic, authoritarian)
o Tasks (routine, nonroutine)
o Surrounding environments

Economic impacts

IT changes relative costs of capital and the costs of information

IS technology is a factor of production, like capital and labor (also a substitute for
middle managers, buildings, machinery)
IT affects the cost and quality of information and changes economics of
information
Firms contract/shrink in size because IT can reduce transaction costs (cost
participating in markets, e.g. locating distant suppliers) outsourcing (same ore
more revenues with less employees)
Firms experience agency costs (cost of managing + supervising self-interested
parties = agents (employees)) (nexus of contracts) IT analyzes info, easier for
manager to oversee greater number of employees reducing costs

X= cost
Y=size

Organizational and behavioral impacts

IT flattens organizations
o Decision making pushed to lower levels (empowering, higher educational
level)
o Fewer managers needed (IT enables faster decision making and increases
span of control, eliminating middle managers)
Postindustrial organizations
o Organizations flatten because in postindustrial societies, authority
increasingly relies on knowledge and competence rather than formal
positions =self management
o Decentralization because knowledge also decentralized
o IT > task force networked organization, groups of professionals
o New approaches for evaluating, organizing, informing workers required
Organizational resistance to change
o IS bound up in organizational politics because influence access to a key
resource information
o IS potentially change organizations structure, culture, politics, and work
often considerable resistance
o Most common reason for failure of large projects is due to organizational
and political resistance to change

Internet and organizations
Internet increases accessibility, storage, distribution of information + knowledge
for organizations
Internet can greatly lower transaction and agency costs (distribution manuals,
instant price info, sales info + replenishment orders)
Simpler business processes, fewer employees, flatter organizations

IS Design consider:
Environment
Structure (hierarchy, routines, business processes)
Culture and politics
Organization type, leadership style
Main interest groups affected by system, attitudes of end users
Tasks, decisions, business process the system will assist

Using IS for competitive advantage

Firms do better than others (revenue growth, profitability, productivity)

higher stock market valuations
Access to special resources or use common resources more efficiently

Porters competitive forces model

Provides general view of firm, its competitors, and environment
Five competitive forces shape fate of firm
1. Traditional competitors (share market space with competitors with new
products, services, efficiencies, switching costs)
2. New market entrants (high barriers to entry, new companies with new
equipment, younger workers, innovation, little brand recognition)
3. Substitute products and services (when prices to high, lesser control about
prices and lower profit margins)
4. Customers (ability to attract and retain customers, switch to competitors
products?, price alone in transparent marketplace or product differentiation)
5. Suppliers (market power, when firm cannot raise prices as fast as suppliers)

4 strategies for dealing with competitive forces
Enabled by IT + IS
Low-cost leadership
Product differentiation
Focus on market niche
Strengthen customer and supplier intimacy

Low-cost leadership
o Produce products and services at a lower price than competitors while
enhancing quality and level of service
o Examples: Walmarts continuous replenishment system, high speed, no
large inventory, adjust purchases depending on demands =efficient
customer response system
Product differentiation
o Enable new products or services, greatly change customer convenience
and experience (IS to customize + personalize to fit precise specifications
mass customization
o Examples: Google, Nike (NIKEiD), Apple (iPod + iTunes)
Focus on market niche
o Use IS to enable a focused strategy on a single market niche; specialize,
analyzing, buying patterns, tastes, preferences marketing campaigns
o Example: Hilton Hotels OnQ guest preferences profitable customers
additional privileges , credit cards
Strengthen customer and supplier intimacy
o Use IS to develop strong ties and loyalty with customers and suppliers;
increase switching costs
o Example: Netflix, Amazon (recommended books)

Internets impact on competitive advantage
Transformation, destruction, threat to some industries, also opportunities
Competitive forces still at work, but rivalry more intense
Universal standards allow new rivals, entrants to market
New opportunities for building brands and loyal customer bases
Easier substitution, bargaining power, positioning

Business value chain model

Where to start to gain operational excellence
Views firm as series of activities that add value to products or services (primary
vs. support activities)
o Primary act.: Most directly related to production/distribution create value
for customer (inbound logistics, operations, outbound logistics, sales,
marketing, service)
o Supportive act.: make delivery of p.a. possible, organization
infrastructure, HR, technology, procurement)
Highlights activities where competitive strategies can best be applied (IS most
strategic impact)
At each stage, determine how information systems can improve operational
efficiency and improve customer and supplier intimacy
Utilize benchmarking (comparing efficiency, effectiveness), industry best
practices (consulting companies, research), result: SCMS, CRMS

Analyzing various stages candidate applications of IS
Decide which to develop first, making improvement in own value chain

Value Web (Extending Value Chain)
Collection of independent firms using highly synchronized IT to coordinate value
chains to produce product or service collectively (industrial standards, higher
entry costs, lesser substitution, increase efficiency, networks))
Strategic advantage: link own value chain with vc of other partners (Amazon:
Marketplace, quick paying, shipment system, tracking)
More customer driven, less linear operation than traditional value chain
Value web = highly synchronized industry value chains, flexible + adaptive to
changes in supply/demand, accelerate time to market + customers



Synergies
Output of some units used as inputs to others, organizations pool markets and
expertise
Lower costs, generate profits (e.g. merging banks)
IT: tie together operations of disparate business units (act as whole)

Enhancing core competencies
Activity for which firm is world-class leader
Relies on knowledge, experience, and sharing this across business units
Enhance existence, help employees become aware of external knowledge,
leverage to related markets
Example: Procter & Gambles InnovationNet and directory of subject matter
experts

Network-based strategies
Take advantage of firms abilities to network with each other
Include use of: network economics, virtual company model, business ecosystems
Traditional economics: Law of diminishing returns
o The more any given resource is applied to production, the lower the
marginal gain in output, until a point is reached where the additional
inputs produce no additional outputs
Network economics:
o Marginal cost of adding new participant almost zero, with much greater
marginal gain
o Value of community grows with size (e.g. communities customer
loyalty, enjoyment)

o Value of software grows as installed customer base grows

Virtual company strategy
o uses networks to ally with other companies to create and distribute
products without being limited by traditional organizational boundaries
or physical locations (link people, assets, ideas)
o when cheaper to acquire products, services, or when to move quickly
o E.g. Li & Fung manages production, shipment of garments for major
fashion companies, outsourcing all work to over 7,500 suppliers
Business ecosystems (modification Porter)
o Industry sets of firms (instead of only one industry) providing related
services and products, loosely coupled, but interdependent networks
o Theory: Value web but with many industries (not only firms) e.g
Walmart, Microsoft
o Keystone firms: Dominate ecosystem and create platform used by other
firms
o Niche firms: Rely on platform developed by keystone firm
o Individual firms can consider how IT will help them become profitable
niche players in larger ecosystems
o Use IS to develop into keystone firm
o E.g.: ecosystem mobile digital platform (device makers, wireless telefirms,
application providers, internet service providers

Management Issues

Strategic IS change organizationa, product, services, procedures, new behavioral

patterns
Success is a challenge, requiring precise coordination of techolgy, orga and mgt.

Sustaining competitive advantage
Because competitors can retaliate and copy strategic systems, competitive
advantage is not always sustainable;
Systems may become tools for survival, required to stay in business
Globalization: even more rapid changes, unpredictable


Aligning IT with business objectives
a. The more successfully a firm can align IT with business goals, the more profitable
it will be
b. Only one quarter of firms achieve this alignment because IT takes life of its own,
doesnt serve management interest, instead of shaping IZ to enterprise, often
ignored and worked around
Performing strategic systems analysis
What is structure of industry? competitive forces, new entrants, relative
power of suppliers, customers, substitute products, services, prices
What are value chains for this firm, businesses, industry? value for customer,
lower prices, better quality, using best practices, maximum advantage of SCM +
CRM, ERP, leverage core competencies, changes beefit or harming, strategic
partnerships, value webs, where greatest value of IS
IT aligned with business strategy and goals? correctly articulated, IT
improving right bp, right metrics to measure

Managing strategic transitions

Adopting strategic systems requires changes in business goals, relationships with

customers and suppliers, and business processes (= sociotechnical changes =
strategic transisions = movement between levels of sociotechnical systems
Blurring orga boundaries (external + internal)
Linked customers and suppliers, sharing responsibilities

Chapter 4
Ethical and Social Issues in Information Systems

Understanding Ethical and Social Issues
Lapses in management ethical and business judgment
Judges sentence executives based on the monetary vale, prevention, hide the
crime, failure to corporate
Past companies often paid for employees in civil charges, now firms cooperate
with prosecutors to reduce charges against entire firm
Decide as a manager and employee about ethical and legal conduct
Ethics = principles of right and wrong to guide behaviors (free moral agents)
IS opportunity for intense social change, threatening existing distributions of
power, money, right, obligations, new kinds of crime
Used to achieve social progress, commit crimes, threaten social values (benefits +
costs)
Concerns about appropriate use of customer information, protection privacy,
intellectual property
Accountability for consequences of IS?, standards?

Model for thinking about ethical, social, political issues
Society = calm pond with individuals, institutions, rules, laws
New IT: rock ripple effect raising issues
5 moral dimensions of the information age:
o Information rights and obligations (possessing, protecting)
o Property rights and obligations (easy ignoring, protecting)
o System quality (standards of data)
o Quality of life (values reserved, protect institutions from violation, cultural
values and practices)
o Accountability and control (when harm done to so.)
time to respond with etiquette and laws (legal gray area)

Is for core production process dependence on system + vulnerability

Data storage_ cheap and effective, combine detailed info from different sources.
Electronic dossiers profiling (e.g. credit cards)
e.g DoubleClick (info about online visitors. Habits spending, computing
e.g. ChoicePoint (info police, criminal, motor vehicle records) = data broker
business
New technology: nonobvious relationship awareness (NORA) find hidden
connections
Data from Watch Lists, Incident and Arrest Systems, Customer Transactions
Systems, Telephone records, Human Resources Systems

Ethics in Information Society
Ethics = concern of humans who have a freedom of choice
Choosing the correct moral choice responsibility (key element)
Responsibility: accept potential costs, duties, obligations
Accountability: feature of systems/social institutions, determine who is
responsible
Liability: feature of political systems, body of laws, permits indiv. recover from
damages
Due process: Laws are well known and understood, with an ability to appeal to
higher authorities
You can/will be held accountable, recover through set of laws by due process

Ethical Analysis
1. Identify and describe clearly the facts
2. Describe conflict and dilemma and identify the higher-order values involved
3. Identify the stakeholders
4. Identify the options that you can reasonably take
5. Identify the potential consequences of your options

Ethical Principles (after analysis)
Golden Rule: Do unto others as you would have them do unto you (putting
yourself in the place of others)
Categorical Imperative (Immanuel Kant): If an action is not right for everyone to
take, it is not right for anyone
Rule of Change (Descartes): If an action cannot be taken repeatedly it is not right
to take at all.
Utilitarian Principle: Take the action that achieves the higher or greater value
Risk Aversion Principle: Take the action that produces the least harm or the least
potential cost

Ethical no free lunch rule: Assume that virtually all tangible and intangible
objects are owned by someone else, unless there is a specific declaration
otherwise

Processional Codes of Conduct
Professionals: special rights/obligations, because of special claims knowledge,
wisdom, respect
Codes of conduct promulgated (verknden) by associations of professionals
Codes of ethics = promises to regulate themselves in interest of society
Real world ethical dilemmas: set of interests pitted against another

Information Rights: privacy and freedom

Privacy: claim of individuals to be left alone/ free from surveillance/interference

from other individuals, organizations, state. Claim to be able to control
information about yourself
IT: threaten claims by making invasion cheap, profitable, effective
US privacy: First Amendment (freedom of speech), Fourth Amendment
(unreasonable search and seizure), Add. Federal statues (Privacy Act)
Most laws based on regime Fair Information Practices (FIP) = set of principles
governing the collection and use of information about individuals, guidelines to
drive changes in privacy legislation (advertising, personal identification
numbers)

EU: 1998 Commissions Data Protection Directive, costumer must consent before
companies legally can use data, disclosure how stored and used, no transfer to
countries without similar protection
Informed consent = consent given with knowledge of all the facts needed to make
a rational decision
Safe harbor framework = private self-regulating policy and enforcement
mechanism, meets objectives of government regulators

Internet Challenges to Privacy
Cookies =small text files, identify web browser, track visits, updated, customize
Combining data from different sources detailed profile
Web beacons (Web bugs) = tiny object invisibly embedded in e-mail messages, to
monitor behavior (IP address, time, how long, type of browser, cookie values
Spyware secretly install itself , send banner ads, report activity on the computer
GOOGLE: used by 75% of internet users largest collection of personal info
Behavioral targeting: target ads google search, gmail, blogginh, youtube etc.
US businesses allowed to gather and use info without informed consenst

Opt-out models permits use until request to stop

Preferred by advocates: opt-in models
Online industry preffering self-regulation to privacy legislation, Alliances
online seals (TRUSTe, Network Advertising Initiative)
Ebusiness do little to protect privacy, customers do not enough
Consumers want more access and control

Technical Solutions
Technologies to protect privcy (e.g encryption, anonymous, prevent cookies,
detect and eliminate spyware)
Tools to determine kind od extracted date
P3P (Platform for Privacy Preferences):
o Allows Web sites to communicate privacy policies to visitors Web
browser user
o User specifies privacy levels desired in browser settings
o E.g. medium level accepts cookies from first-party host sites that have
opt-in or opt-out policies but rejects third-party cookies that use
personally identifiable information without an opt-in policy
Policies need to be codified according to P3P rules, only works with this web sites

Property Rights: Intellectual Property

Intangible property created by individuals or corporations

IT difficult to protect, easy copied and distributed
Trade Secrets = any intellectual work product (formula, device, pattern,
compilation) used for business purpose, not in the public domain
Copyright: Statutory grant protecting intellectual property from being copied for
the life of the author, plus 70 years, corporate owned 95 years, not protecting the
idea, only the manifestation in a creative work, ideas and expression merge =
expression can not be copyrighted
Patents: Grants creator of invention an exclusive monopoly on ideas behind
invention for 20 years, machine, devices, methods full rewets, licensing;
criteria: nonobviousness, originality, novelty, years of waiting

Challenges to intellectual property rights
Digital media different from physical media (e.g. books): Ease of replication, ease
of transmission (networks, Internet). Difficulty in classifying software,
Compactness, Difficulties in establishing uniqueness
Easiy to share files online, illegal, piracy, normal for songs and movies
developing mechanism to sell intellectual property legally
Digital Millennium Copyright Act (DMCA) makes it illegal to circumvent
technology-based protections of copyrighted materials

Accountability, Liability, and Control
Computer-related liability problems: If software fails, who is responsible?
If seen as part of machine that injures or harms, software producer and operator
may be liable
If seen as similar to book, difficult to hold author/publisher responsible
(exception: fraud, defamation)
Software different from book: expectations of infallibility, inspected, perform a
task, people depend on services, liability law extending to include software


System Quality: Data Quality and System Errors
What is an acceptable, technologically feasible level of system quality? Flawless
software is economically unfeasible
Three principal sources of poor system performance:
o Software bugs, errors
o Hardware or facility failures
o Poor input data quality (most common source of business system failure)

Quality of life: Equity, access, and boundaries (Negative social consequences of systems)
Many not violations of property crimes, but can be very harmful, potentially can
destroy valuable elements of our culture and society, even when the bring
benefits
Balancing power: Although computing power decentralizing, key decision-
making remains centralized
Rapidity of change: Businesses may not have enough time to respond to global
competition just in time society, jobs, families, vacations
Maintaining boundaries: Computing, Internet use lengthens work-day, infringes
on family, personal time
Dependence and vulnerability: Public and private organizations ever more
dependent on computer systems
Computer crime and abuse
o Computer crime: Commission of illegal acts through use of compute or
against a computer system computer may be object or instrument of
crime
o Computer abuse: Unethical acts, not illegal (e.g. Spam: High costs for
businesses in dealing with spam
o Conduct surveillance of employees and ordinary citizens
Employment: Reengineering work/redesign business processes) resulting in lost
jobs
Equity and access the digital divide: Certain ethnic and income groups in the
United States less likely to have computers or Internet access
Health risks:
o Repetitive stress injury (RSI): most common, largest source is computer
keyboards, Carpal Tunnel Syndrome (CTS)
o Back, neck pain, leg stress, foot pain
o Computer vision syndrome (CVS) eyestrain condition
o Technostress: aggravations, hostility towards humans, impatience, fatigue
o Role of radiation, screen emissions, low-level electromagnetic fields not
been proved, unknown effects
o Digital technologies are damaging ability to think clearly and focus, try to
multitask, concentration, interruptions

Chapter 5
IT Infrastructure and Emerging Technologies

IT Infrastructure
Shared technology resources providing platform for specific IS applications
Investment in hardware, software, services (consulting, education, training)
Foundation for serving customers, working with vendors, managing business
process
Set of physical devices and software required to operate enterprise
Set of firmwide services
o Computing platforms providing computing services (e.g desktop
computer, laptop)
o Telecommunications services
o Data management services (+analyzing)
o Application software services (ERP, CRM, SCM, KMS)
o Physical facilities management services
o IT management (plan infrastr. Coordinate with BU), standards (policies),
education (training) , research and development services (future
investments)
Service platform perspective more accurate view of value of investments

Evolution of IT Infrastructure
General-purpose mainframe & minicomputer era: 1959 to present
o 1958 IBM first mainframes introduced (centralized) support thousands
online remote terminals connected
o 1965 Less expensive DEC minicomputers (more decentralized)
Personal computer era: 1981 to present
o 1981 Introduction of IBM PC
o Proliferation in 80s, 90s resulted in growth of personal software
o Wintel PC (95%)
Client/server era: 1983 to present
o Desktop clients networked to servers, with processing work split between
clients and servers
o Network may be two-tiered or multitiered (N-tiered)
o Various types of servers (network, application, Web)
o Smaller, inexpensive machines, costs less, computing power explosion

Enterprise computing era: 1992 to present

o Move toward integrating disparate networks, applications using Internet
standards and enterprise applications
o Free information flow, link different types of hardware, includes public
infrastructures, link applications, web services
Cloud and Mobile Computing: 2000 to present
o Refers to a model of computing where firms and individuals obtain
computing power and software applications over the Internet or other
network (shared pool of computing resources)
o Fastest growing form of computing

Technology drivers of infrastructure evolution
Moores law and microprocessing power
o Computing power(2)/microprocessing power (1) doubles every 18
months; the price for computing falls by half every 18 months (3)
o Nanotechnology: Shrinks size of transistors to size comparable to size of a
virus, width of several atoms
Law of Mass Digital Storage
o The amount of data being stored each year doubles
o Cost is falling at an exponential rate of 100%/year
Metcalfes Law and network economics
o Value or power of a network grows exponentially as a function of the
number of network members
o As network members increase, more people want to use it (demand for
network access increases)
Declining communication costs and the Internet
o An estimated 1.8 billion people worldwide have Internet access
o As communication costs fall toward a very small number and approach 0,
utilization of communication and computing facilities explodes fimrs
greatly expand Internet connections, power of their networks
Technology standards and network effects
o Specifications that establish the compatibility of products and the ability
to communicate in a network
o Unleash powerful economies of scale and result in price declines as
manufacturers focus on the products built to a single standard
o E.g. Win OS, Microsoft office, Unix (enterprise server), Ethernet, TCP/IP

7 main IT Infrastructure components
1. Computer hardware platforms (Dell, IBM, Sun, HP; Apple, Linux)
o Client machines and servers (blade servers: ultrathin computers stored in
racks)
o Mainframes: IBM mainframe equivalent to thousands of blade servers
o Top chip producers: AMD, Intel, IBM
o Top firms: IBM, HP, Dell, Sun Microsystems
2. Operating system platforms (Windows 75% server 90% clients, Unix + Linux -
25% server, Mac OS X, Google Chrome cloud computing, iOs, Android for
handheld devices)
3. Enterprise software applications (SAP, Oracle, middleware provider: BEA,
Microsoft)

4. Data management and storage (IBM DB2, Oracle, Microsoft SQL Server, Sybase,
MySQL)
o Data management software: responsible for organizing/managing data,
efficiently accessed and used
o Physical Data Storage: EMC Corp. (large scale), Seagate, Maxtor, WD)
o Storage area networks (SANs): Connect multiple storage devices on
dedicated network
5. Networking/telecommunications platforms (Linux, Novell, Cisco, Alcatel-Lucent)
o Telecommunication services (cable, telephones, voice lines, Internet)
o Network Operating Systems (Windows Server, Unix )
o Network hardware providers (Cisco, Alcatel)
6. Internet platforms (Apache, Unix, Cisco, Java)
o Hardware, software, management services to support company Web sites,
(including Web hosting services) intranets, extranets
o Trend to server consolidation, reducing number by increasing power
o Internet hardware server market: Dell, HP/Compaq, IBM
o Web development tools/suites: Microsoft (FrontPage, .NET) IBM
(WebSphere) Sun (Java), independent software developers: Adobe,
RealMedia
7. Consulting system integration services (IBM, EDS, Accenture)
o Consulting and system integration services
o Even large firms do not have resources for a full range of support for new,
complex infrastructure
o Software integration: ensuring new infrastructure works with legacy
systems
o Legacy systems: older Transaction Processing Systems created for
mainframes that would be too costly to replace or redesign

7 Contemporary Hardware Platform Trends

The emerging mobile digital platform
Cell phones, smartphones with data transmission, web surfing, e-mail, and IM
Netbooks, low-cost lightweight notebooks optimized for wireless communication
and core computing tasks
Tablets and networked e-readers
Grid computing
Connects geographically remote computers into a single network to combine
processing power and create virtual supercomputer
Provides cost savings, speed, agility
Virtualization
Allows single physical resource to act as multiple resources (i.e., run multiple
instances of OS)
Allows multiple physical resources to appear as a single logical resource
Reduces hardware and power expenditures, facilitates hardware centralization,
higher utilization rates
Cloud computing
On demand self service obtained over network
Ubiquitous network access using standard network and internet devices
Location independent resource pooling
Rapid elasticity to meet changing user demand

Measured service, charged for amount of resources used

Infrastructure as a service use spare capacity e.g. Amazon S3
Platform as a service use to develop own applications e.g. IBM, Salesforce.com
Software as a service use software over network e.g Google Apps
Cloud can be public or private
Allows companies to minimize IT investments (pay what you use = utility
computing, on demand computing), more flexibility
Drawbacks: Concerns of security, reliability, dependence
Green computing
Practices and technologies for manufacturing, using, disposing of computing and
networking hardware to minimize impact on environment
Reducing computer power consumption = high priority (power and cooling)
energy and greenhouse gases
Autonomic computing
Industry-wide effort to develop systems that can configure, heal themselves
when broken, and protect themselves from outside intruders
Similar to self-updating antivirus software; Apple and Microsoft both use
automatic updates
High performance, power-saving processors
Multicore processors (chip more processor cores enhancing performance,
reduced power consumption, efficient simultaneous processing of multiple tasks)

4 Contemporary Software Platform Trends

Linux and open-source software
Open-source software: Produced by community of programmers, free and
modifiable by user
Linux: Open-source software OS, integration, works on all major hardware
Software for the Web
Java: Object-oriented programming language, OS and processor-independent,
works on all devices,: Java Virtual machine, applets run on a web browser
Ajax: Asynchronous JavaScript and XML, Allows client and server to exchange
small pieces of data without requiring the page to be reloaded
Web Services
Software components that exchange information using Web standards and
languages, regardless of OS or code
XML: Extensible Markup Language, More powerful and flexible than HTML,
Tagging allows computers to process data automatically, classifying presentation
communication and storage of data
SOAP: Simple Object Access Protocol, Rules for structuring messages enabling
applications to pass data and instructions
Dollar Rent A
Car Webb
WSDL: Web Services Description Language, Framework for describing task
Services link
performed by Web service and capabilities
to other web
UDDI: Universal Description, Discovery, and Integration, Directory for locating
sites booking
system, no
Web services
new code
SOA: Service-oriented architecture: set of self-contained services that
required
communicate with each other to create a working software application,
Software developers reuse these services in other combinations to assemble
other applications as needed

Software outsourcing and cloud services

Three external sources for software:
Software packages (pre-written, commercially available) and enterprise software
(large scale, single integrated worldwide software system)
Software outsourcing (development, maintenance)
o Domestic: Primarily for middleware, integration services, software
support
o Offshore: Primarily for lower level maintenance, data entry, call centers,
although outsourcing for new-program development is increasing
Cloud-based software services
o Software as a service (SaaS) accessed with Web browser over Internet
o Ranges from free or low-cost services for individuals to business and
enterprise software
o Users pay on subscription or per-transaction e.g. Salesforce.com
o Service Level Agreements (SLAs): formal agreement with service
providers, performance measurement, support options
(Web) Mashups: Combinations of two or more online applications, such as
combining mapping software (Google Maps) with local content
Apps: Small pieces of software that run on the Internet, on computer, or cell
phone, Generally delivered over the Internet
o Success of mobile platform depends in lage part on quantity and quality of
apps, high switching costs

4 Management Issues

Dealing with platform and infrastructure change
As firms shrink or grow, IT needs to be flexible and scalable
Scalability: Ability to expand to serve larger numbers of users w/o break down
For mobile computing and cloud computing: new policies and procedures for
managing, Contractual agreements with firms running clouds and distributing
software required (SLA)

Management and governance
Who controls IT infrastructure?
How should IT department be organized?
o Centralized: Central IT department makes decisions
o Decentralized: Business unit IT departments make own decisions
How are costs allocated between divisions, departments?

Making wise infrastructure investments
Amount to spend on IT is complex question (too much = idle times, too less = no
delivering, outperforming competitors rent vs. buy, security
Total cost of ownership (TCO) model
o Analyzes direct and indirect costs
o Hardware, software account for only about 20% of TCO
o Other administration costs: Installation, training, support, maintenance,
infrastructure, downtime, space and energy
o TCO can be reduced through better management, use of cloud services,
greater centralization and standardization of hardware and software
resources

Competitive forces model for IT infrastructure investment

1. Market demand for firms services (inventory of current services meet needs of
groups of customers, suppliers, employees, complaining?)
2. Firms business strategy (analyze 5 year business strategy, requirement to
achieve strategic goals?)
3. Firms IT strategy, infrastructure, and cost (TCO analysis, 5 years IT strategy)
4. Information technology assessment (behind or on the bleeding edge to be
avoided, standards should be established, multiple cost competing vendors)
5. Competitor firm services (quantitative and qualitative measures to compare)
6. Competitor firm IT infrastructure investments (benchmark expenditures for IT
infrastructure)

Chapter 6
Foundations of Business Intelligence: Database and Information
Management

Effective IS provides accurate, timely and relevant information

Often: poorly organized and maintained data

File organization concepts
Field: Group of characters as word(s) or number
o Describes an entity (person, place, thing on which we store information)
o Attribute: Each characteristic, or quality, describing entity
Record: Group of related fields, describing entitiy
File: Group of records of same type
Database: Group of related files

Problems with traditional file environment
Traditional approach: files maintained separately by different departments with
unique data files and own applications
Data redundancy: Presence of duplicate data in multiple files, waste storage res.
Data inconsistency: Same attribute has different values, or names, coding systems
Program-data dependence: When changes in program requires changes to data
accessed by program, other programs dont work anymore
Lack of flexibility, only routine scheduled reports, no ad hoc requests
Poor security, not knowing who has access and changes the data
Lack of data sharing and availability (no trust in accuracy)

Database Approach to Data Management

Database
Serves many applications by centralizing data and controlling redundant data
using a DBMS
Database management system (DBMS)
Software to organize, centralize, manage data efficiently, provide access
Interfaces between applications and physical data files
Separates logical and physical views of data (user dont need to know where the
data actually is stored and organized (physical view), only see the data as they
would be perceived (logical view) available for different logical views
Solves problems of traditional file environment
o Controls redundancy by minimizing isolated files
o Eliminates inconsistency
o Uncouples programs and data
o Enables organization to centrally manage data and data security, reducing
costs, ad hoc queries
Relational DBMS
Keep track of entities, attributes, relationships
Represent data as two-dimensional tables called relations or files
Each table contains data on entity and its attributes
E.g. Microsoft Access = relational DBMS for desktop systems, MySQL
Table: grid of columns and rows
Rows (tuples): Records for different entities
Fields (columns): Represents attribute for entity
Key field: Field used to uniquely identify each record,
Primary key: Field in table used for key fields, cannot be duplicated
Foreign key: Primary key used in second table as look-up field to identify records
from original table

Operations of a Relational DBMS (Three basic operations to develop useful sets of data)
SELECT: Creates subset of data of all records that meet stated criteria
JOIN: Combines relational tables to provide user with more information than
available in individual tables
PROJECT: Creates subset of columns in table, creating tables with only the
information specified

Object-Oriented DBMS (OODBMS)

Stores data and procedures as objects, can be automatically retrieved and shared
Objects can be graphics, multimedia, Java applets, not only structured numbers
and characters, integrate from various sources
Relatively slow compared with relational DBMS for processing large numbers of
transactions
Hybrid object-relational DBMS: Provide capabilities of both OODBMS and
relational DBMS

Databases in the cloud
Typically less functionality than on-premises DBs
Now: used by web-focused start-ups, lower prices
Amazon Web Services (MySQL, license Oracle), Microsoft SQL Azure (integrating
with existing software)
Charged based on usage time, volume data stored, input requests, amount read or
written
Able to scale computing resources in response to real-time demand, costs low

Capabilities of Database Management Systems
Organize, Manage, Access data in the database
Data definition capability: Specifies structure of database content, used to create
tables and define characteristics of fields
Data dictionary: Automated or manual file storing definitions of data elements
and their characteristics (name, description, size, type, format, usage, ownership,
authorization, security, individuals, business functions, programs, reports)
Data manipulation language: Used to add, change, delete, retrieve data
o Structured Query Language (SQL)
o Large/midrange computers: DB2, Oracle, SQL Server employ SQL
o Microsoft Access use user-friendly tools of SQL for querying databases
Many DBMS have report generation capabilities for creating polished reports
(Crystal Reports = very popular report generator), developing system
applications for data entry screens, reports, logic for processing transactions

Designing Databases
Conceptual (logical) design: Abstract model from business perspective
Physical design: How database is arranged on direct-access storage devices
Understand relationship among data, type of data, grouping, usage, changes
Relationships among data elements, redundant database elements
Most efficient way to group data elements to meet business requirements, needs
of application programs
Normalization: Streamlining complex groupings of data to minimize redundant
data elements and awkward many-to-many relationships (small, stable, flexible
data structures)
Enforce referential integrity rules, ensure relationships remain consistent (e.g. no
parts from nonexistent suppliers)
Entity-relationship diagram: Used by database designers to document the data
model, Illustrates relationships between entities
Distributing databases: Storing database in more than one place
Partitioned: Separate locations store different parts of database
Replicated: Central database duplicated in entirety at different locations


Understand organizations data and how it should be represented in a database to serve
business well with your data model, or the data will be inaccurate, incomplete, and
difficult to retrieve!

Using Databases to improve business performance and decision-making
Keep track of basic transactions
Provide information to run business more efficiently, make better decisions
Very large databases and systems require special capabilities, tools to analyze
large quantities of data, to access data from multiple systems
Data warehousing, data mining, tools for accessing internal databases through
web

Data warehousing
Stores current + historical data from many core operational transaction systems
Consolidates and standardizes information for use across enterprise, but data
cannot be altered
Data warehouse system will provide query, analysis, and reporting tools
E.g. Catalina Marketing largest loyalty database in the world, US Internal Revenue
Service (IRS) with Compliance Data Warehouse consolidating taxpayer data from
different resources into relational structure (find out who cheats)

Data marts
Subset of data warehouse, smaller, decentralized
Summarized or highly focused portion of firms data for use by specific
population of users
Typically focuses on single subject or line of business, constructed more rapidly,
lower costs
E.g. Barnes and Noble point-of-sale, college bookstore, online sales

Business Intelligence
Tools for consolidating, analyzing, and providing access to vast amounts of data
to help users make better business decisions (patterns, relationships, insights)
Principle tools include: Software for database query and reporting,
multidimensional online analytical processing (OLAP), data mining

Online analytical processing (OLAP)
Supports multidimensional data analysis: Viewing data using multiple
dimensions, each aspect of information (product, pricing, cost, region,
time period) is different dimension
OLAP enables rapid, online answers to ad hoc queries

Building 3d cubes of data, can be nested within cubes complex views

Either multidimensional database or tool creating multidimensional views in
relational databases

Data mining
More discovery driven than OLAP: finds hidden patterns, relationships in large
databases and infers rules to predict future behavior
Applications for all functional areas of business, government, scientific work
E.g., Finding patterns in customer data for one-to-one marketing campaigns or to
identify profitable customers.
Types of information obtainable from data mining
o Associations, occurrences linked to a single event (coke, chips, promotion)
o Sequences, events linked over time (house fridge, oven)
o Classification, inferring set of rules, patterns that describe group item
belongs (discover characteristics of customers who are likely to leave)
o Clustering, similar to classification where no groups defined (partitioning
database into groups of customers based on demographics)
o Forecasting, use series of existing values to forecast what other values will
be (finding patterns to estimate future value of continuous variables)
High level analyses of patterns or trends, can also drill down and provide more
detail when needed
Predictive analysis: Uses data mining techniques, historical data, and
assumptions about future conditions to predict outcomes of events (e.g.
probability a customer will respond to an offer)

Text mining
Extracts key elements from large unstructured data sets (e.g., stored e-mails)
80% of organizations useful information
Discover patterns, relationships, summarize
New myriad ways unstructured data is generated by consumers and the business
uses for this data

Web mining
Discovery and analysis of useful patterns and information from WWW (E.g., to
understand customer behavior, evaluate effectiveness of Web site)
Web content mining (Knowledge extracted from content of Web pages)
Web structure mining (E.g., links to and from Web page)
Web usage mining (User interaction data recorded by Web server)

Databases and the Web
Companies use Web to make some internal databases available to customers
Typical configuration includes:
o Web server (accessed via web browser, client computer),
o Application server/middleware/CGI scripts (compact program using
Common Gateway Interface specification for processing data on a web
server), translation HTML to SQL, transfer information, handling all
application operations incl. transaction processing, data access btw.
Browser and database, takes requests, runs logic process transactions,
provides connectivity
o Database server (hosting DBM)

Advantages of using Web for database access:

o Ease of use of browser software
o Web interface requires few or no changes to database
o Inexpensive to add Web interface to system
Creating new efficiencies, opportunities, business models

Managing Data Resources
Establishing an information policy
Firms rules, procedures, roles for sharing, managing (disseminating, acquiring,
classifying, inventorying), standardizing data/information
Specific procedures and accountabilities
Data administration: Firm function responsible for specific policies and
procedures to manage data as a corporate organizational resource (develop info
policy, planning for data, overseeing logical database design, data dictionary
development, monitoring usage)
Data governance: Policies and processes for managing availability, usability,
integrity, and security of enterprise data, especially as it relates to government
regulations, promoting privacy, security, quality, compliance
Database administration: Defining, organizing, implementing, maintaining
database; access rules, security procedures, performed by database design and
management group

Ensuring data quality
More than 25% of critical data in Fortune 1000 company databases are
inaccurate or incomplete leading to incorrect decisions, product recalls, financial
losses
Most data quality problems stem from faulty input, esp. now when companies
move business to web and customers/suppliers enter data directly
Before new database in place, need to:
o Identify and correct faulty data
o Establish better routines for editing data once database in operation
Data quality audit: Structured survey of the accuracy and level of completeness of
the data in an IS (Survey samples/entire from data files, or Survey end users for
perceptions of quality)
Data cleansing (scrubbing): Software to detect and correct data that are
incorrect, incomplete, improperly formatted, or redundant
o Enforces consistency among different sets of data from separate IS

Chapter 7
Telecommunications, the Internet and Wireless Technology

Networking and communication trends

Convergence: Past: telephone networks (voice communication, voice
transmission tech) and computer networks (data traffic) now converging into
single digital network using Internet standards
Broadband access: more powerful (faster) and more portable (smaller), less
expensive
Broadband wireless: voice and data communication, cell phones..

What is a computer network?
Two or more connected computers
Major components in simple network:
Client computer and Server computer (perform important network functions,
serving web pages, storing data and NOS),
Network interfaces (cards: NICs) build in motherboard,
Connection medium (telephone wire, coaxial cable, radio signal),
Network operating system (NOS, routes and manages communication,
coordinates network resources), Windows Server, Linux, Novell
Hub (simple device, send data to all connected devices) or switch (more
intelligence, filter and forward data to specific destination) acting as a connection
point
Routers: Device used to route packets of data through different networks,
ensuring that data sent gets to the correct address

Networks in large companies (problem: coherent system, integrations)
Hundreds of local area networks (LANs) linked to firmwide corporate network
Various powerful servers (Website, Corporate intranet, extranet, Backend)
Mobile wireless LANs (Wi-Fi networks)
Videoconferencing system
Separate Telephone network + Wireless cell phones

Key networking technologies (3)
Client/Server computing
Distributed computing model
Powerful Clients linked through network controlled by server computer
Server sets rules of communication, provides client with an address
Has largely replaced centralized mainframe computing
The Internet: Largest implementation of client/server computing

Packet Switching
Slicing digital messages into parcels (packets), sending packets along different
communication paths as they become available, reassembling packets at
destination
Previous circuit-switched networks required assembly of complete point-to-
point circuit (expensive, wasting capacity)
More efficient use of networks communications capacity

Data

TCP/IP and connectivity

Connectivity between computers (different hardware and software) enabled by
protocols (Rules that govern transmission of information between two points)
Transmission Control Protocol/Internet Protocol (TCP/IP): Common worldwide
standard that is basis for Internet
TCP: handles movement of data, establishes connection, sequences transfer of
packets
IP: responsible for delivery of packets, dissembling and reassembling of packets
during transmissions
Four layers (department of defense reference model)
o Application layer (enables apps access to other layers, exchange data
protocol like HTTP (hyper Text Transfer Protocol)
o Transport layer (provide app layer with communication and packet
services, TCP and other protocols)
o Internet layer (addressing, routing, IP datagrams (packaging data packets)
o Network interface layer (bottom, placing packets, receiving them from
network medium)

Signals: digital vs. analog
Analog: continuous waveform, used for voice communications
Digital: discrete, binary waveform, strings of two discrete states (1 + 0), on and
off electrical pulses
Modem: translates digital signals into analog forms (computing to telephone lines
and cables) modulator-demodulator

Types of networks
Local-area networks (LANs)
Connect personal and other digital devices within 500m radius
1 dedicated network file server, providing access to shared resources, determine
who gets access, in which sequence, large: various dedicated servers
Router connects LAN to other networks (external information exchange)
Ethernet = dominant LAN Standard, physical
Peer-to-peer = treat all processors equally, exchange data by direct access, charge
peripheral devices without server (Windows: workgroup, not domain network)
Topologies (way components are connected): star (single hub), bus (single
transmission segment, both directions, most common, same signals), ring (closed
loop, ones station transmits at a time)
Campus-area networks (CANs), 1000m radius
Wide-area networks (WANs) e.g. Internet
Metropolitan-area networks (MANs)

Physical transmission media
Twisted wire (modems), telephone analog communication, but also usable for
digital (copper) 100m, up to 1 Gbps
Coaxial cable, larger volume, 1 Gbps, longer distances (insulated copper)
Fiber optics and optical networks (bound strands glass fiber, pulses of light)
o Faster, lighter, more durable for large volumes, expensive
o Dense wavelength division multiplexing (DWDM)
Wireless transmission media and devices (radio signals)

o Microwave: high frequencx, high vlume, long distance, point to point, fllow
straight line (station every 37 miles)
o Satellites for TV and Internet
o Cellular telephones: radio waves + protocols, radio antennas (towers) in
cells, information passing from cell to cell
Transmission speed (hertz = number of cycles per second, bandwidth = range of
frequencies = difference between highest and lowest frequency on a single
channel): bits per second, function of frequency

The Global Internet
Connection by subscribing to Internet service provider (ISP) with permanent
connection selling temporary access
Traditional telephone line and modem (56.6 kbps), Digital subscriber line (DSL, 9
Mbps), cable (15 mbps), satellite, T lines (t1 = 1.54 mbps, t3 = 45 mbps)
international telephone standards, guaranteed service levels)

Internet addressing and architecture
Internet Protocol (OP) address unique per computer (4 stings of number, 32 bit)
Decomposed message into packets with destination address using TCP protocol
The Domain Name System (DNS) converts domain names to IP addresses
o Hierarchical structure (top: root domains)
o Top-level domains (child of root), .com, .gov, .edu, .de
o Second level domain: two part, addition to top level
Internet Architecture and Governance
o Transcontinental high speed backbone networks owned by telephone
companies (network service providers) and national governments
o Local connections owned by regional telephone/cable comp., leasing
o Organization pays for own networks, local connections services, part to
long distance trunk line owners, individuals subscription fee (flat)
o Payments not based on heaviness, volume network neutrality debate
o Network access pints (NAP), metropolitan are exchanges (MAEs) = hubs
ton intersection backbone and regional/local networks
o No formal management but policies and influences by IAB (internet
architecture board), ICANN (internet corporation for assigned names and
numbers, assigning IP addresses), W3C (world wide web consortium,
HTML standards)
o Goal keeping internet operating efficiently, conform to laws of the
sovereign nation-states, technical infrastructures
The Future Internet: IPv6 (more possibilities, 128bit) and Internet2 (= Next
Generation Internet NGI) -> working on new robust, performance internet (200
companies, universities, governments) developing new technologies routing
practices, levels of service, importance of data, distributed computing

Internet Services and Communication Tools

VoIP
VPN

Implemented by one or more software programs

Run on single server computer or different machine
Increase work productivity but not always the case
Monitoring or regulating online activity, ethical and privacy concerns

VoIP reducing communication costs by 20-30%
IP network: lowering long distance costs, eliminating monthly fees for private
lines, single voica data infrastructure for telecommunications and computing,
flexibility (easy adding new phones, voce and email combined into single
directory (Bayer did that!))
Merge disparate communication modes into a single universally accessible
service using unified communications technology
Past: dedicated and expensive private network
Today: less expensive virtual private network (VPN) within public Internet
o Secure, encrypted, private within public network
o Advantage of economies of scale
o Combining voice and data networks
o Point to Point Tunneling Protocol (PPTP) packets encrypted and
wrapped inside IP packets

World Wide Web
Most popular Internet service, with universally accepted standards for storing,
retrieving, formatting, and displaying information
Web site = connection web pages linked to a home page, links to other media

HTML (Hypertext Markup Language): Formats documents for display on Web,

incorporates dynamic links to other media
Hypertext Transfer Protocol (HTTP): Communications standard used for
transferring Web pages
Uniform resource locators (URLs): Addresses of Web pages
Web servers: Software for locating and managing Web pages, most common:
open source Apache HTTP Server (54%)

Searching for Information on the Web
100 billion web pages public available, but also deep web 900 billion
additional pages cannot be visited without access code, protected
Search engines = killer app of Internet era, sift through different files
Started in early 1990s as relatively simple software programs using keyword
indexes, now Google (page rank system), Yahoo, Bing
Major source of Internet advertising revenue via search engine marketing,
using complex algorithms and page ranking techniques to locate results
Sponsors, paid search results on top at the right time match consumer interes
Search engine optimization: better search engine recognitions, higher ranks, on
top of the search result list, improve quality and volume of Web traffic, popularity
(links to that web site)
Challenging searching videos
Intelligent Agent shopping bots: software agents with built in intelligence, gather
info, perform tasks to assist users, making purchase filter, pricing and availability

Web 2.0
Collaboration, sharing, creating new services
4 defining features: Interactivity, real-time user control, social participation,
user-generated content
Technologies/services: Cloud computing, Blogs/RSS, Mashups & widgets (mix
and match content or software components, e.g. Flickr), Wikis, Social networks
Blog: chronological entries, blog roll, trackbacks, comments, Templates (no HTML
skills needed) blogosphere
RSS: Rich Site Summary, Really Simple Syndication syndicates content, feeds,
subscribe and automatically receive new content
Wikis: collaborative web sites, visitors add, modify content, monitoring work
easy to share information
Social networks: build communities, profiles. Interactivity, real time user control,
opinions, how communicate, stay in touch, advertising, + application
development platforms

Web 3.0/ future Web
Effort of W3C to add meaning to existing Web (woven all digital information,
contacts together into single meaningful experience) = Semantic Web
Make searching more relevant to user, meaningful + productive (better results)
More intelligent computing, analyze and manipulate, reduce amount of human
involvement in searching and processing web information
3D Web (walk through pages)
Pervasive Web (controls everything, managing)
Increase in cloud computing, SaaS, Ubiquitous connectivity between mobile and
other access devices, Make Web a more seamless experience

The Wireless Revolution

Cell phones, laptops, handheld devices portable computing platforms,
performing tasks we used to do at our desks
Stay in touch with customers, suppliers, employees
Flexible arrangements for organizing works
Creation of new products, services, sales channels
Smartphones: email, messaging, wireless Internet, digital photography, personal
information management small mobile computers

Cellular Systems
Competing standards for cellular service
o CDMA(Code Division Multiple Access): United States (Verizon, Sprint),
transmits several frequencies, entire spectrum
o GSM (Global System for Mobile Communication): Rest of world, plus AT&T
and T-Mobile, international roaming capability
Third-generation (3G) networks: Suitable for broadband Internet access , 144
Kbps 2Mbps, special cards for PCs
4G networks: Entirely packet-switched, 100 Mbps 1Gbps, premium quality,
high security Pre-4G: Long Term Evolution (LTE), mobile WiMax

Wireless computer networks and Internet access
Bluetooth (802.15)
o Links up to 8 devices in 10-m area, low power radio signals
o Useful for personal are networking (PANs) and in business to transmit
data from handheld devices to other transmitters
Wi-Fi (802.11)
o Set of standards: 802.11a, 802.11b (11 mbps, 30-50 m), 802.11g (54
mbps), 802.11n (100 mbps)
o Used for wireless LAN and wireless Internet access
o Use access points: bridge device with radio receiver/transmitter, antennas
for connecting wireless devices to a wired LAN, router, hub
o Hotspots: Access points in public place to provide maximum wireless
coverage for a specific area
o Provide low, costs wireless LANs and internet access
o Weak security features, vulnerable to intruders
o Susceptibility to interference from nearby systems, solved by n-standard:
multiple antennas, MIMO (multiple input, multiple output)
WiMax (802.16) Worldwide Interoperability for Microwave Access
o Wireless access range of 31 miles, 75 mbps
o Require WiMax antennas
o Sprint Nextel building WiMax network as foundation for 4G networks

Radio Frequency identification (RFID)
Use tiny tags with embedded microchips containing data about an item and
location, and antenna
Tags transmit radio signals over short distances to special constantly
transmitting RFID readers, which send data over network to computer for
processing
Active RFID: Tags have batteries, data can be rewritten, range is hundreds of feet,
more expensive

Passive RFID: Range is shorter, also smaller, less expensive, powered by radio
frequency energy
Common uses:
o Automated toll-collection
o Tracking goods in a supply chain
o E.g. Walmart combining data point of sale systems with RFID data to
determine which items will soon be depleted, automatically generates lists
Requires companies to have special hardware and software, massive amount of
data Software to filter and aggregate, applications designed to accept large
data and share it with other applications
Reduction in cost of tags making RFID viable for many firms

Wireless sensor networks (WSNs)
Networks of hundreds or thousands of interconnected wireless devices
embedded into physical environment to provide measurements of many points
over large spaces
Devices (nodes) have built-in processing, storage, and radio frequency sensors
and antennas
Require low-power, long-lasting batteries and ability to endure in the field
without maintenance
Used to monitor building security, detect hazardous substances in air, monitor
environmental changes, traffic, or military activity
Data flowing to a server with grater processing power, gateway to network based
on Internet technology

Chapter 8
Securing Information Systems

System Vulnerability and Abuse
Security: Policies, procedures and technical measures to prevent unauthorized
access, alteration, theft, or physical damage
Controls: Methods, policies, and organizational procedures ensure safety of
organizations assets; accuracy and reliability of accounting records; and
operational adherence to management standards
Vulnerability through technical, organizational and environmental factors, poor
management decisions, communication layers
Accessibility of networks
Hardware problems (breakdowns, configuration errors, damage from improper
use or crime)
Software problems (programming errors, installation errors, unauthorized
changes)
Disasters (fires, floods..)
Use of networks/computers outside of firms control
Loss and theft of portable devices

Internet vulnerabilities
Network open to anyone, Size: abuses can have wide impact
Use of fixed Internet addresses creates fixed targets hackers
Unencrypted VOIP (no use of VPN)
E-mail, P2P, IM: Interception, Attachments with malicious software, Transmitting
trade secrets

Wireless security challenges
Radio frequency bands easy to scan
SSIDs (service set identifiers): Identify access points, Broadcast multiple times
War driving: Eavesdroppers drive by buildings and try to detect SSID and gain
access to network and resources, set up rogue access points
WEP (Wired Equivalent Privacy) WPA2 (WiFi Protected Access)
o Security standard for 802.11; use is optional
o Uses shared password for both users and access point

Malware (malicious software)

Viruses: Rogue software program that attaches itself to other software programs
or data files in order to be executed, deliver payload, spread through humans
Worms: Independent computer programs that copy themselves from one
computer to other computers over a network
Trojan horses: Software program that appears to be benign but then does
something other than expected, does not replicate
Computers, mobile devices, web 2.0 applications
SQL injection attacks: Hackers submit data to Web forms that exploits sites
unprotected software and sends rogue SQL query to database
Spyware: Small programs install themselves surreptitiously on computers to
monitor user Web surfing activity and serve up advertising
Key loggers: Record every keystroke on computer to steal serial numbers,
passwords, launch Internet attacks

Hackers and computer crime
Hackers vs. crackers (criminal intent): unauthorized access, weakness in security
protections
System intrusion + System damage
Cybervandalism: Intentional disruption, defacement, destruction of Web site or
corporate information system
Spoofing
o Misrepresenting oneself by using fake e-mail addresses or masquerading
as someone else
o Redirecting Web link to address different from intended one, with site
masquerading as intended destination
Sniffer
o Eavesdropping program that monitors information traveling over
network
o Enables hackers to steal proprietary information such as e-mail, company
files, etc.
Denial-of-service attacks (DoS): Flooding server with thousands of false requests
to crash the network.
Distributed denial-of-service attacks (DDoS): Use of numerous computers to
launch a DoS
Botnets: Networks of zombie PCs infiltrated by bot malware
Computer crime: any violations of criminal law that involve a knowledge of
computer technology for their perpetration, investigation, or prosecution
o Computer may be target of crime, e.g.: Breaching confidentiality of
protected data, Accessing a computer system without authority
o Computer may be instrument of crime, e.g.: Theft of trade secrets, Using e-
mail for threats or harassment
Identity theft: Theft of personal Information (social security id, drivers license or
credit card numbers) to impersonate someone else
Phishing: Setting up fake Web sites or sending e-mail messages that look like
legitimate businesses to ask users for confidential personal data.
Evil twins: Wireless networks that pretend to offer trustworthy Wi-Fi
connections to the Internet (e.g log credit card numbers)
Pharming: Redirects users to a bogus Web page, even when individual types
correct Web page address into his or her browser (possible when they gain

access to the Internet Address Information stored by internet service providers

to speed up web browsing and the ISP companies have flawed software in their
servers, hack into and change addresses)
Click fraud: Occurs when individual or computer program fraudulently clicks on
online ad without any intention of learning more about the advertiser or making
a purchase
Global threats: Cyberterrorism and Cyberwarfare, targeting software that runs
electrical power grids, air traffic control systems, networks of major banks

Internal threats: employees
Security threats often originate inside an organization leaking Inside knowledge
Sloppy security procedures, User lack of knowledge
Social engineering: Tricking employees into revealing their passwords by
pretending to be legitimate members of the company in need of information
End users entering faulty data, not following instructions
IS specialists: errors in design, development, maintenance
Software vulnerability
Commercial software contains flaws that create security vulnerabilities
Hidden bugs (program code defects), Zero defects cannot be achieved
because complete testing is not possible with large programs
Flaws can open networks to intruders, impede performance
Patches: Vendors release small pieces of software to repair flaws (patch
management by users), However exploits often created faster than patches be
released and implemented

Business Value of Security and Control
Failed computer systems can lead to significant or total loss of business function
Confidential personal and financial data, Trade secrets, new products, strategies
A security breach may cut into firms market value almost immediately
Inadequate security and controls also bring forth issues of liability
Strong security: high ROI, employees productivity, lower operational costs

Legal and regulatory requirements for electronic records management and privacy
protection
Protection data from abuse, exposure, unauthorized access
HIPAA: Medical security and privacy rules and procedures
Gramm-Leach-Bliley Act: Requires financial institutions to ensure the security
and confidentiality of customer data
Sarbanes-Oxley Act: Imposes responsibility on companies and their management
to safeguard the accuracy and integrity of financial information that is used
internally and released externally
Electronic evidence
Evidence for white collar crimes often in digital form Data on computers, e-mail,
instant messages, e-commerce transactions
Proper control of data can save time and money when responding to legal
discovery request
Computer forensics:
Scientific collection, examination, authentication, preservation, and analysis of
data from computer storage media for use as evidence in court of law
Includes recovery of ambient and hidden data, plan needed

Establishing a Framework for Security and Control

Where company at risk, what controls must be in place, security policy, plans for
keeping business running if IS not operational
Information systems controls
Manual and automated controls
General and application controls

General controls
Govern design, security, and use of computer programs and security of data files
in general throughout organizations IT infrastructure.
Apply to all computerized applications
Combination of hardware, software, and manual procedures to create overall
control environment
Types of general controls: Software controls, Hardware controls, Computer
operations controls, Data security controls, Implementation controls,
Administrative controls

Application controls
Specific controls unique to each computerized application, such as payroll or
order processing
Include both automated and manual procedures
Ensure that only authorized data are completely and accurately processed by
that application
Input controls: authorization, conversion, editing, error handling
Processing controls: updating
Output controls

Risk assessment
Determines level of risk to firm if specific activity or process is not properly
controlled
Determine value of info assets, points of vulnerability, likely frequency of the
problem, potential for damage
Concentration on the control points with greatest vulnerability and potential for
loss

Security policy
Ranks information risks, identifies acceptable security goals, and identifies
mechanisms for achieving these goals, most important assets
Acceptable use policy (AUP): Defines acceptable uses of firms information
resources and computing equipment, unacceptable, consequences
Authorization policies: Determine differing levels of user access to information
assets
Identity management
Business processes and tools to identify valid users of system and control access:
Identifies and authorizes different categories of users, Specifies which portion of
system users can access, Authenticating users and protects identities
Identity management systems: Captures access rules for different levels of users

Disaster recovery planning: Devises plans for restoration of disrupted services
Business continuity planning: Focuses on restoring business operations after disaster

MIS audit
Examines firms overall security environment as well as controls governing
individual information systems, data quality
Reviews technologies, procedures, documentation, training, and personnel
Simulate disaster to test response of technology, IS staff, other employees
Lists and ranks all control weaknesses and estimates probability of their
occurrence, Assesses financial and organizational impact of each threat

Technologies and Tools for Protecting Information Resources
Identity management software
Automates keeping track of all users and privileges
Authenticates users, protecting identities, controlling access
Authentication: Password systems, Tokens, Smart cards, Biometric

Firewall: Combination of hardware and software that prevents unauthorized users from
accessing private networks
Static packet filtering: examines selected fields in headers of individual packets
Stateful inspections: track info over multiple packets, part of approved
conversation, legitimate connection
Network address translation (NAT): conceals ip addresses of internal host
computers
Application proxy filtering: examines app content of packets

Intrusion detection systems:
Monitor hot spots on corporate networks to detect and deter intruders
Examines events as they are happening to discover attacks in progress
Raises alarm or shuts down sensitive network part
Antivirus and antispyware software:
Checks computers for presence of malware and can often eliminate it as well
Require continual updating
Unified threat management (UTM) systems: firewalls, VPNs, IDS, web content filtering,
anti spam software

Securing wireless networks
WEP security can provide some security by Assigning unique name to networks
SSID and not broadcasting SSID, Using it with VPN technology
Wi-Fi Alliance finalized WAP2 specification, replacing WEP with stronger
standards: Continually changing keys, Encrypted authentication system with
central server

Encryption
Transforming text or data into cipher text that cannot be read by unintended
recipients, encryption key
Secure Sockets Layer (SSL) and successor Transport Layer Security (TLS)
between 2 computers
Secure Hypertext Transfer Protocol (S-HTTP) limited to individual messages
Symmetric key encryption: Sender and receiver use single, shared key
Public key encryption: Uses two, mathematically related keys: Public key and
private key, Sender encrypts message with recipients public key, Recipient
decrypts with private key

Digital certificate:
Data file used to establish the identity of users and electronic assets for
protection of online transactions
Uses a trusted third party, certification authority (CA), to validate a users
identity
CA verifies users identity, stores information in CA server, which generates
encrypted digital certificate containing owner ID information and copy of
owners public key
Public key infrastructure (PKI)
Use of public key cryptography working with certificate authority
Widely used in e-commerce

Ensuring system availability: Online transaction processing requires 100% availability,
no downtime
Fault-tolerant computer systems: Contain redundant hardware, software, and
power supply components that create an environment that provides continuous,
uninterrupted service
High-availability computing
o Helps recover quickly from crash, Minimizes not eliminates downtime
o Backup servers, multiple server distribution, high capacity storage, god
disaster recovery and business continuity plans
Recovery-oriented computing: Designing systems that recover quickly with
capabilities to help operators pinpoint and correct of faults in multi-component
systems
Controlling network traffic: Deep packet inspection (DPI) Video and music
blocking, using prioritizing
Security outsourcing: Managed security service providers (MSSPs)

Security in the cloud
Responsibility for security resides with company owning the data
Firms must ensure providers provides adequate protection
Service level agreements (SLAs) including controls

Securing mobile platforms
Security policies should include and cover any special requirements for mobile
devices
Tools to authorize all devices in use, maintain inventory records, updates, lock

Ensuring software quality (software metrics and testing)
Software metrics: Objective assessments of system in form of quantified
measurements, identify problems as they occur
Carefully designed, formal, objective, used consistently
Examples: Number of transactions, Online response time, Payroll checks printed
per hour, Known bugs per hundred lines of code
Early and regular testing to uncover errors
Walkthrough: Review of specification or design document by small group of
qualified people
Debugging: Process by which errors are eliminated

Chapter 9
Achieving Operational Excellence and Customer Intimacy: Enterprise
Applications

Enterprise Systems = Enterprise Resource Planning Systems (ERP)
Suite of integrated software modules and a common central database
Collects data from many divisions of firm for use in internal business activities
Information entered in one process is immediately available for other processes

Enterprise Software
Built around thousands of predefined business processes that reflect best
practices
Finance/accounting, Human resources, Manufacturing/production,
Sales/marketing
To implement, firms: Select functions of system they wish to use, Map business
processes to software processes, Use softwares configuration tables for
customizing
Leading ES vendors: SAP, Oracle, Infor Global Solutions, Microsoft
Communicate with customers, suppliers, other entities

Business value of enterprise systems
Increase operational efficiency
Provide firm wide information to support decision making
Enforce standard practices and data
Enable rapid responses to customer requests for information or products, reduce
cycle time and costs, centralize
Include analytical tools to evaluate overall organizational performance, improved
decision making

Supply Chain Management Systems
Supply Chain
Network of organizations and processes for:
o Procuring raw materials (procurement)
o Transforming them into products (manufacturing)
o Distributing the products (distribution)
Flow of materials, information, payments in both directions
Primary, secondary, tertiary suppliers (tier 1,2,3)
Upstream supply chain: Firms suppliers, suppliers suppliers, processes for
managing relationships with them
Downstream supply chain: Organizations and processes responsible for
delivering products to customers

Information and supply chain management

Inefficiencies caused by inaccurate/untimely information cut into operating costs
Just-in-time strategy: Components arrive as they are needed, Finished goods
shipped after leaving assembly line
Safety stock: Buffer for lack of flexibility in supply chain
Bullwhip effect: Information about product demand gets distorted as it passes
from one entity to next across supply chain, more inventory, ripples, magnifying
change excess inventory, production, warehousing, shipping costs
Tamed by reducing uncertainties by demand and supply, accurate and up-to date
information, share dynamic info

Supply chain management software
Supply chain planning systems: Model existing supply chain
o Demand planning (determine amount of products to satisfy demands)
o Optimize sourcing, manufacturing plans
o Establish inventory levels
o Identifying transportation modes
Supply chain execution systems: Manage flow of products through distribution
centers and warehouses, efficiency

Global Supply Chains and the Internet
Global supply chains typically span greater geographic distances and time
differences
Different performance standards
More complex pricing issues (local taxes, transportation, etc.)
Foreign government regulations, cultural differences
Internet helps companies manage many aspects of global supply chains: sourcing,
transportation, communications, international finance (no slow downs, errors,
uncertainty) outsourcing to third party logistic providers, contract
manufacturing

Supply chain management systems
Push-based model (build-to-stock): Schedules based forecasts of demand
Pull-based model (demand-driven, build-to-order): Customer orders trigger
events in supply chain
Sequential supply chains: Information and materials flow sequentially from
company to company
Concurrent supply chains: Information flows in many directions simultaneously
among members of a supply chain network
Future Internet driven: digital logistics nervous system

Business value of SCM systems

Streamline internal and external supply chain processes
Match supply to demand
Reduce inventory levels
Improve delivery service
Speed product time to market
Use assets more effectively
Reduced supply chain costs lead to increased profitability
Increased sales

Customer Relationship Management Systems
In large businesses, too many customers and too many ways customers interact
with firm
Capture and integrate customer data from all over the organization
Consolidate and analyze customer data
Distribute customer information to various systems and customer touch points
(contact point) across enterprise
Provide single enterprise view of customers to increase sales and service

Customer Relationship Management Software
CRM packages range from niche tools to large-scale enterprise applications
Partner relationship management (PRM)
o Integrating lead generation, pricing, promotions, order configurations,
and availability
o Tools to assess partners performances
Employee relationship management (ERM)
o E.g. Setting objectives, employee performance management, performance-
based compensation, employee training
Major vendors: Siebel Systems (Oracle), PeopleSoft, SAP, Salesforce.com,
Microsoft Dynamics CRM

CRM packages typically include tools for:
Sales force automation (SFA): increase productivity, focusing on profitable
customers E.g. sales prospect and contact information, and sales quote
generation capabilities, personalized recommendations
Customer service: increase efficiency call center, help desks, support staff, E.g.
assigning and managing customer service requests; Web-based self-service
capabilities
Marketing: support direct marketing campaigns E.g. capturing prospect and
customer data, opportunities for cross selling (complementary products)

Operational and Analytical CRM

Operational CRM: Customer-facing applications, E.g. sales force automation, call
center and customer service support, and marketing automation
Analytical CRM: Analyze customer data output from operational CRM
applications, Based on data warehouses populated by operational CRM systems
and customer touch points (online analytical processing OPLAP), Customer
lifetime value (CLTV)

Business value of CRM
Increased customer satisfaction
Reduced direct-marketing costs
More effective marketing
Lower costs for customer acquisition/retention
Increased sales revenue
Reduce churn rate
o Number of customers who stop using or purchasing products or services
from a company.
o Indicator of growth or decline of firms customer base

Enterprise Application Challenges
Highly expensive to purchase and implement
Require Technological changes
Require Business process changes
Require Organizational changes
Switching costs, dependence on software vendors
Data standardization, management, cleansing

Next-generation enterprise applications
Move is to make applications more flexible, Web-enabled, integrated with other
systems
Enterprise suites
o Software to enable CRM, SCM, and enterprise systems work together and
with suppliers and client systems
o Utilize Web services, SOA (Service Oriented Architecture)
Open source & on-demand solutions
Mobile compatible; Web 2.0 capabilities
Complementary analytics products

Service platform
Integrates multiple applications to deliver a seamless experience for all parties,
E.g. Order-to-cash process
Portal software: Used to integrate information from enterprise applications and
legacy systems and present it as if coming from a single source

Chapter 10
E-commerce: Digital Markets, Digital Goods

E-commerce today:
Use of the Internet and Web to transact business; digitally enabled transactions
Began in 1995 and grew exponentially, still growing even in a recession
Companies that survived the dot-com bubble burst and now thrive
E-commerce revolution is still in its early stages, increasing number of online
products, broadband access

Reduced
Transaction
costs

Lower
Market
Entry
Cost,
Search
cost

Price
Cost
Trans
Parenc
Y
Price
Discrim
ination

Key concepts in e-commerce

Digital markets reduce
o Information asymmetry
o Search costs
o Transaction costs
o Menu costs (merchants costs of changing prices)
Digital markets enable
o Price discrimination
o Dynamic pricing based on market conditions
o Disintermediation (removal of organizations, layers in value chain)
Reduce or increase switching costs, may cause extra delay in gratification

Digital goods
Goods that can be delivered over a digital network
Cost of producing first unit almost entire cost of product: marginal cost of 2nd
unit is about zero
Costs of delivery over the Internet very low
Marketing costs remain the same; pricing highly variable
Industries with digital goods are undergoing revolutionary changes (publishers,
record labels, etc.)

Types of e-commerce
Business-to-consumer (B2C)
Business-to-business (B2B)
Consumer-to-consumer (C2C)
Mobile commerce (m-commerce)

Content
provider:
includes
intellectual
property,
podcasting
(subscribe),
streaming

E-commerce revenue models

Advertising (retain user attention higher rates) (Google)
Sales (+ micropayments) (ITunes)
Subscription (Netflix)
Free/Freemium (Flickr)
Transaction Fee (Ebay)
Affiliate (receive referential fees, Blogs)

Most popular Web 2.0 service: social networking
Social networking sites sell banner ads, user preference information, and music,
videos and e-books
Social shopping sites: Swap shopping ideas with friends (Kaboodle, ThisNext)
Wisdom of crowds/crowdsourcing: Large numbers of people can make better
decisions about topics and products than a single person
Prediction markets: Peer-to-peer betting markets on specific outcomes
(elections, sales figures, designs for new products)

E-commerce marketing
Internet provides marketers with new ways of identifying and communicating
with customers
Long tail marketing: Ability to reach a large audience inexpensively
Behavioral targeting: Tracking online behavior of individuals on thousands of
Web sites, privacy concerns
Advertising networks profiling
Advertising formats include search engine marketing, display ads, rich media,
and e-mail

Administrative overhead: processing paper, approving puchase decisions, telephone, fax
machines, search for products, arrange purchases, arranging and shipping, receiving
goods 100$ for each curporate purchase order for supporting products

Business-to-business e-commerce
Promise: reduce costs, prices, increase productivity, economic wealth
Challenge: chahing existing patterns and systems of procurement, designing and
implementing new Internet-based B2B solutions
Electronic data interchange (EDI)
Computer-to-computer exchange of standard transactions such as invoices,
purchase orders
Major industries have EDI standards that define structure and information fields
of electronic documents for that industry
More companies increasingly moving away from private networks to Internet for
linking to other firms E.g. Procurement: Businesses can now use Internet to
locate most low-cost supplier, search online catalogs of supplier products,
negotiate with suppliers, place orders, etc.
Private industrial networks (private exchanges)
Large firm using extranet to link to its suppliers, distributors and other key
business partners
Owned by buyer, eg. Volkswagen Group Supply
Permits sharing of: Product design and development, Marketing, Production
scheduling and inventory management, Unstructured communication

Net marketplaces (e-hubs)

Single market for many buyers and sellers
Industry-owned or owned by independent intermediary
Generate revenue from transaction fees, other services
Use prices established through negotiation, auction, RFQs, or fixed prices
May focus on direct or indirect goods
May be vertical or horizontal marketplaces
E.g. Exostar long term contract purchasing, aero defense industry, Elemica
serving chemical industry
Exchanges
Independently owned third-party Net marketplaces
Connect thousands of suppliers and buyers for spot purchasing
Typically provide vertical markets for direct goods for single industry (food,
electronics)
Proliferated during early years of e-commerce; many have failed: Competitive
bidding drove prices down and did not offer long-term relationships with buyers
or services to make lowering prices worthwhile

M-commerce
Location-based services (Loopt, Wikitude)
Software application sales
Entertainment downloads
Mobile display advertising
Banking and financial services
Wireless advertising and retailing
Games and entertainment

Building an E-Commerce Web Site
Developing a clearunderstanding of your business objectives
Knowing how to choose the right technology to achieve those objectives
Assembling a team with the skills required to make decisions about:
o Technology
o Site design
o Social and information policies
o Hardware, software, and telecommunications infrastructure
Customers demands should drive the sites technology and design
Business decisions drive the technology not the reverse
Business objectives: Capabilities the site should have, E.g. execute a transaction
payment
System functionality : Technological capability to achieve this objective, E.g. a
shopping cart or other payment system
Information requirements,E.g. secure credit card clearing, multiple payment
options

The Building Decision
Pre built template, least costly and simple solution, limited
Build yourself_ customization, variety of tools, risky complexity, delays
Packages to customize

The Hosting Decision

Outsource, pay monthly fee, vendor responsible
Co-location: purchase Web server and locate in a vendors physical facility,
Rent capabilities of cloud computing center
Fees based on size of website, bandwidth, storage, support

Web site budgets
Several thousand to millions / year
50% of a budget is system maintenance and content creation

Chapter 11
Managing Knowledge

The Knowledge Management Landscape
Knowledge management systems among fastest growing areas of software
investment
Knowledge and information related, useful and actionable when shared, major
source of wealth
Substantial part of a firms stock market value is related to intangible assets:
knowledge, brands, reputations, and unique business processes
Well-executed knowledge-based projects can produce extraordinary ROI, difficult
to measure
Data = flow of events/transactions, info = organized data, knowledge = additional
resources to discover patterns, wisdom = Collective and individual experience of
applying to solve problems, Involves where, when, and how to apply knowledge
Both individual and collective attribute
Cognitive, psychological eent inside peoples heads
Tacit (not documented) and explicit (documented) knowledge
Has a locations, sticky, not universally applicable, situational, contextual
Important asset of firm, Knowing how to do things effectively and efficiently in
ways others cannot duplicate is prime source of profit and competitive advantage

Organizational learning (Process in which organizations learn)

Gain experience through collection of data, measurement, trial and error, and
feedback
Adjust behavior to reflect experience: Create new business processes, Change
patterns of management decision making

The Knowledge Management Value Chain
Knowledge management: Set of business processes developed in an organization
to create, store, transfer, and apply knowledge
Knowledge management value chain: Each stage adds value to raw data and
information as they are transformed into usable knowledge

Knowledge acquisition
Documenting tacit and explicit knowledge
o Storing documents, reports, presentations, best practices
o Unstructured documents (e.g., e-mails)
o Developing online expert networks
Creating knowledge (discover patterns, knowledge workstations)
Tracking data from TPS (sales, payments, inventory, customers), external sources
Knowledge storage
Databases, expert systems corporate in business processes
Document management systems
Role of management:
o Support development of planned knowledge storage systems
o Encourage development of corporate-wide schemas for indexing
documents
o Reward employees for taking time to update and store documents
properly
Knowledge dissemination
Portals, Push e-mail reports, Search engines, Collaboration tools
A deluge of information
Training programs, informal networks, and shared management experience help
managers focus attention on important information

Knowledge application
To provide return on investment, organizational knowledge must become
systematic part of management decision making and become situated in
decision-support systems
Create New business practices, New products and services, New markets

New organizational roles and responsibilities
Chief knowledge officer executives
Dedicated staff / knowledge managers
Communities of practice (COPs)
o Informal social networks of professionals and employees within and
outside firm who have similar work-related activities and interests
o Activities include education, online newsletters, sharing experiences and
techniques
o Facilitate reuse of knowledge, discussion
o Reduce learning curves of new employees

3 major types of knowledge management systems (CAD = computer aided design)

Three major types of knowledge in enterprise
Structured documents (formal docs and rules)
Semistructured documents
Unstructured, tacit knowledge (+ semi = 80%)

Enterprise content management systems
Help capture, store, retrieve, distribute, preserve
Corporate repositories ans capabilities to collect and organize semistructured
Bring in external sources (News feeds, research)
Tools for communication and collaboration
Key problem Developing taxonomy = classification scheme (Knowledge objects
must be tagged with categories for retrieval)
Digital asset management systems: Specialized content management systems for
classifying, storing, managing unstructured digital data like Photographs,
graphics, video, audio
Knowledge network systems (expertise location and management systems)
Provide online directory of corporate experts in well-defined knowledge domains

Use communication technologies to make it easy for employees to find

appropriate expert in a company
May systematize solutions developed by experts and store them in knowledge
database (Best-practices, Frequently asked questions (FAQ) repository)

Collaboration Tools
Enterprise knowledge portals: Access to external and internal information
(News feeds, research, Capabilities for e-mail, chat..)
Use of consumer Web technologies (Blogs, Wikis, Social bookmarking user-
created taxonomies for shared bookmarks = folksonomies)
Learning Management Systems (LMS)
Provide tools for management, delivery, tracking, and assessment of various
types of employee learning and training
Support multiple modes of learning
Automates selection and administration of courses
Assembles and delivers learning content
Measures learning effectiveness

Knowledge Work Systems = Systems for knowledge workers to help create new
knowledge and integrate that knowledge into business
Knowledge workers = Researchers, designers, architects, scientists, engineers who
create knowledge for the organization
1. Keeping organization current in knowledge
2. Serving as internal consultants regarding their areas of expertise
3. Acting as change agents, evaluating, initiating, and promoting change projects

Requirements of knowledge work systems
Hardware Platform: knowledge workstation
Substantial computing power for graphics, complex calculations
Powerful graphics and analytical tools
Communications and document management
Access to external databases
User-friendly interfaces
Optimized for tasks to be performed (design engineering, financial analysis)

Examples of knowledge work systems
CAD (computer-aided design):
o Automate creation and revision of design
o Creation of engineering or architectural designs
Virtual reality systems:
o Simulate real-life environments
o 3-D medical modeling for surgeons
o Augmented reality (AR) systems additional info to enhance the
perception of reality, more interactive and meaningful
o VRML (virtual realty modeling language) = set of specifications for
interactive 3D modeling on the WWW, can organize multiple media types
Investment workstations in financial industry = Streamline investment process
and consolidate internal, external data for brokers, traders, portfolio managers

Intelligent techniques: Used to capture individual and collective knowledge and to

extend knowledge base
To capture tacit knowledge: Expert systems, case-based reasoning, fuzzy logic
Knowledge discovery: Neural networks and data mining
Generating solutions to complex problems: Genetic algorithms
Automating tasks: Intelligent agents
Artificial intelligence (AI) technology: Computer-based systems that emulate human
behavior

Expert systems:
Capture tacit knowledge in very specific and limited domain of human expertise
Capture knowledge of skilled employees as set of rules in software system that
can be used by others in organization
Typically perform limited tasks that may take a few minutes or hours, e.g.
Diagnose malfunctioning machine, Determining whether to grant credit for loan
Used for discrete, highly structured decision-making
How expert systems work
Knowledge base: Set of hundreds or thousands of interconnected rules
Inference engine: Strategy used to search knowledge base
o Forward chaining: Inference engine begins with information entered by
user and searches knowledge base to arrive at conclusion
o Backward chaining: Begins with hypothesis and asks user questions until
hypothesis is confirmed or disproved
Benefits: improved decisions, reduced errors, reduced costs, and training time,
higher levels of quality and service
Successful expert systems
Con-Way Transportation built expert system to automate and optimize planning
of overnight shipment routes for nationwide freight-trucking business
Most expert systems deal with problems of classification
Have relatively few alternative outcomes
Possible outcomes are known in advance
Many expert systems require large, lengthy, and expensive development and
maintenance efforts Hiring or training more experts may be less expensive

Case-based reasoning (CBR)
Descriptions of past experiences of human specialists (cases), stored in
knowledge base
System searches for cases with problem characteristics similar to new one, finds
closest fit, and applies solutions of old case to new case
Successful and unsuccessful applications are grouped with case
Stores organizational intelligence: Knowledge base is continuously expanded and
refined by users
CBR found in: Medical diagnostic systems, Customer support

Fuzzy logic systems
Rule-based technology that represents imprecision used in linguistic categories
(e.g., cold, cool) that represent range of values (Doppeldeutig)
Describe a particular phenomenon or process linguistically and then represent
that description in a small number of flexible rules

Provides solutions to problems requiring expertise that is difficult to represent

with IF-THEN rules
o Autofocus in cameras
o Detecting possible medical fraud
o Sendais subway system acceleration controls

Neural networks
Find patterns and relationships in massive amounts of data too complicated for
humans to analyze
Learn patterns by searching for relationships, building models, and correcting
over and over again (construct hidden layer of logic)
Humans train network by feeding it data inputs for which outputs are known,
to help neural network learn solution by example
Used in medicine, science, and business for problems in pattern classification,
prediction, financial analysis, and control and optimization only as aids!
E.g Visa Credit Card Fraud monitoring transactions
Machine learning: Related AI technology allowing computers to learn by
extracting information using computation and statistical methods
Used in data mining

Genetic algorithms
Useful for finding optimal solution for specific problem by examining very large
number of possible solutions for that problem
Conceptually based on process of evolution: Search among solution variables by
changing and reorganizing component parts using processes such as inheritance,
mutation, and selection
Used in optimization problems (minimization of costs, efficient scheduling,
optimal jet engine design) in which hundreds or thousands of variables exist
Able to evaluate many solution alternatives quickly

Hybrid AI systems
Genetic algorithms, fuzzy logic, neural networks, and expert systems integrated
into single application to take advantage of best features of each
E.g., Matsushita neurofuzzy washing machine that combines fuzzy logic with
neural networks

Intelligent agents
Work in background to carry out
specific, repetitive, and predictable
tasks for user, process, or application
Use limited built-in or learned
knowledge base to accomplish tasks or
make decisions on users behalf
(Deleting junk e-mail, Finding cheapest
airfare)
Agent-based modeling applications:
o Systems of autonomous agents
o Model behavior of consumers,
stock markets, and supply
chains; used to predict spread of epidemics

Chapter 12
Enhancing Decision Making

Types of decisions:
Unstructured: Decision maker must provide judgment, evaluation, and insight to
solve problem, novel, non-routine and important decisions Senior
management
Structured: Repetitive and routine; involve definite procedure for handling so
they do not have to be treated each time as new operational management
Semistructured: Only part of problem has clear-cut answer provided by accepted
procedure Middle management

The 4 stages of the decision making process
1. Intelligence: Discovering, identifying, and understanding the problems occurring
in the organization
2. Design: Identifying and exploring solutions to the problem
3. Choice: Choosing among solution alternatives
4. Implementation: Making chosen alternative work and continuing to monitor how
well solution is working

Managers and Decision making in the real world
Information systems can only assist in some of the roles played by managers
Classical model of management: 5 functions = Planning, organizing, coordinating,
deciding, and controlling
More contemporary behavioral models = less systematic, more informal, less
reflective, more reactive, and less well organized than in classical model
Great del of work at unrelenting pace, fragmented activities, prefer current and
specific information, prefer oral forms of communication, maintain complex web
of contacts
Managerial roles = expectations of the activities that managers should perform

3main reasons why investments in information technology do not always produce

positive results
1. Information quality: High-quality decisions require high-quality information
(accuracy, integrity, consistency, completeness, validity, timeliness, accessibility)
2. Management filters: Managers have selective attention and have variety of biases
that reject information that does not conform to prior conceptions
3. Organizational inertia and politics: Strong forces within organizations resist
making decisions calling for major change

High velocity automated decision-making
Made possible through computer algorithms precisely defining steps for a highly
structured decision
Humans taken out of decision, E.g. High-speed computer trading programs
Require safeguards to ensure proper operation and regulation

Business intelligence: Infrastructure for collecting, storing, analyzing data produced by
business (warehousing, integrating, reporting, analyzing data); Databases, data
warehouses, data marts
Business analytics: Tools and techniques for analyzing data; OLAP (online analytical
processing), statistics, models, data mining
Business intelligence vendors: Create business intelligence and analytics purchased
by firms (SAP, Oracle, IBM, SAS Institute, Microsoft), market: 10.5billion, growing 20%

Business intelligence and analytics capabilities
Goal is to deliver accurate real-time information to decision-makers
Main functionalities of BI systems
1. Production reports (pre-defined, based on industry requirements)
2. Parameterized reports (user enters different parameters to filter data)
3. Dashboards/scorecards (visual tools, presenting performance data)
4. Ad hoc query/search/report creation (create own report based on queries,
searches)

5. Drill down (from high-level summary to detailed view)

6. Forecasts, scenarios, models (analyze using standard statistical tools)

Business intelligence users
80% are casual users relying on production reports
Senior executives Use monitoring functionalities
Middle managers and analysts Ad-hoc analysis
Operational employees Prepackaged reports (E.g. sales forecasts, customer
satisfaction, loyalty and attrition, supply chain backlog, employee productivity)

Examples of BI applications mostly pre-packaged production reports
Predictive analytics: Use patterns in data to predict future behavior (E.g. Credit
card companies determine customers at risk for leaving, screen potential
customers, prediction how customer respond to price changes)
Data visualization: Help users see patterns and relationships that would be
difficult to see in text lists
Geographic information systems (GIS): Ties location-related data to maps,
modeling capabilities (e.g. calculate response times to natural disasters, best
locations for new ATMs

2 Management strategies for developing BI and BA capabilities
Competitive market place and given to hyperbole
1. One-stop shopping (totally integrated solution)
Hardware firms sell software that run optimally on their hardware
Makes firm dependent on single vendor (but on a global scale) switching costs +
pricing power
2. Multiple best-of-breed solution
Software firms: encourage firms to adopt best of breed software, chose package
from vendor you believe is best
Greater flexibility and independence
Potential difficulties in integration with own hardware and other software
Must deal with multiple vendors

Business Intelligence Constituencies

Operational and middle managers
Monitor day to day business performance (e.g down-time machines, hourly sales)
Make fairly structured decisions
Use MIS output = set of routine production reports based on data from
transaction processing systems (TPS)
Increased online usage with queries
Super user and business analysts
Use more sophisticated analysis to find patterns in data,
Create customized reports, relying heavily on modeling
Use DSS (decision support systems) support semistructured decision making
Decision support systems
Use mathematical or analytical models
Allow varied types of analysis
o What-if analysis (working forward from known conditions, test results
to predict outcomes)
o Sensitivity analysis (repeated what if questions to predict range of
outcomes, when variables changed multiple times)
o Backward sensitivity analysis (helps with goal seeking)
o Multidimensional analysis / OLAP (E. g. pivot tables)
Decision-support for senior management
Executive support systems (ESS) help executives focus on important
performance information affect overall profitability and success
Balanced scorecard method: (methodology for understanding really important
information) Measures outcomes on four dimensions:
o Financial, Business process, Customer, Learning & growth
o Key performance indicators (KPIs) measure each dimension

Business performance management (BPM)

Translates firms strategies (e.g. differentiation, low-cost producer, scope of
operation) into operational targets
KPIs developed to measure progress towards targets
Stronger strategy flavor than balanced scorecard
Data for ESS
Internal data from enterprise applications (ERP, SCM, CRM)
External data such as financial market databases, economic information
Drill-down capabilities
Enhancing effectiveness: organizational performance, track activities of
competitors, recognize changing market conditions, identify problems and
opportunities
Decentralized decision making, taking place on lower operating levels, increase
span of control
= Information driven management or management by facts real-time

Group Decision Support Systems (GDSS)
Interactive system to facilitate solution of unstructured problems by group
Specialized hardware and software; typically used in conference rooms
o Overhead projectors, display screens
o Software to collect, rank, edit participant ideas and responses
o May require facilitator and staff
Enables increasing meeting size and increasing productivity
Promotes collaborative atmosphere, guaranteeing anonymity
Uses structured methods to organize and evaluate ideas

Chapter 13
Building Information Systems

Structural organizational changes enabled by IT
1. Automation
Increases efficiency and effectively assisting employees
Replaces manual tasks
2. Rationalization of procedures
Streamlines standard operating procedures
Revealed bottlenecks due to automatization
Often found in programs for making continuous quality improvements
o Total quality management (TQM) achieving quality as goal and
responsibility of all employees
o Six sigma = specific measure of quality (3.6 defects per million
opportunities) usually just a goal
3. Business process redesign (more powerful, higher risk)
Analyze, simplify, and redesign business processes
Reorganize workflow, combine steps, eliminate repetition and sometimes jobs
Ambitious and new vision how to organize process
4. Paradigm shifts (often fail, high rewards)
Rethink nature of business, radical, reengineering strategies
Define new business model
Change nature of organization

Business Process Redesign
Business Process Management (BPM)
Variety of tools, methodologies to analyze, design, optimize processes
Used by firms to manage business process redesign
Never concluded continual change
Barrier: organizational culture, resisting change, not simple

1. Identify processes for change: what processes are important and how improving
these will help performance
2. Analyze existing processes: modeled and documented, identify redundant steps and
inefficiencies, existing processes measured in times and cost
3. Design the new process: improve processes by designing new one, to-be process
comparison streamlined processes, justifying by reducing time, cost, enhancing
service and value
4. Implement the new process: translation in new set of procedures and rules,
implement IS to support, uncover and address problems, recommended
improvements
5. Continuous measurement: employees fall back in old methods, processes lose
effectiveness due to other changes

Variety of tools for BPM, to
Identify and document existing processes, Identify inefficiencies
Create models of improved processes
Capture and enforce business rules for performing processes
Integrate existing systems to support process improvements

Analytics to Verify that new processes have improved

Measure impact of process changes on key business performance indicators
Automate some parts of business process and enforce business rules perform
more consistently and efficiently
Help integrate existing systems to support process improvements

Systems development
Activities that go into producing an information system solution to an organizational
problem or opportunity

Systems analysis
Analysis of problem to be solved by new system
Defining the problem and identifying causes, Specifying solutions (Systems
proposal report identifies and examines alternative solutions), Identifying
information requirements
Analyst: creates roadmap of existing organization, identifying primary owners of
data, hardware, software examining problem areas and objectives
Includes feasibility study: financial, technical, organizational standpoint, good
investment, skills?
Written systems proposal: costs, benefits, disadvantages, advantages of each
alternative
Establishing information requirements
o Who needs what information, where, when, and how
o Define objectives of new/modified system
o Detail the functions new system must perform
Faulty requirements analysis is leading cause of systems failure and high systems
development cost

Systems design
Describes system specifications that will deliver functions identified during
systems analysis form and structure (blueprint)
Should address all managerial, organizational, and technological components of
system solution fulfill user requirements

Role of end users

o User information requirements drive system building
o Users must have sufficient control over design process to ensure system
reflects their business priorities and information needs
o Insufficient user involvement in design effort is major cause of system
failure

Completing System Development Process
Translate solution specifications into operational info system
Programming: Translate System specifications into software program code
Testing: Ensures system produces right results
o Unit (program) testing: Tests each program in system separately
o System testing: Test functioning of system as a whole
o Acceptance testing: system is ready to be used in production setting
(evaluated by users, reviewed by management)
o Test plan: All preparations for series of tests, general condition tested =
record change
Conversion = Process of changing from old system to new system
1. Parallel strategy: both old and new systems run together = safe and expensive
2. Direct cutover: total replacement on an appointed day = risky
3. Pilot study: introduction to limited area
4. Phased approach: introduction in stages (by functions, units)
Requires end-user training
Finalization of detailed documentation showing how system works from
technical and end-user standpoint
Production and maintenance = System reviewed to determine if revisions needed
May include post-implementation audit document
Maintenance: Changes in hardware, software, documentation, or procedures to a
production system to correct errors, meet new requirements, or improve
processing efficiency
o 20% debugging, emergency work
o 20% changes to hardware, software, data, reporting
o 60% of work: User enhancements, improving documentation, recoding for
greater processing efficiency

Modeling and Designing System

1. Structured Methodologies
Structured: Techniques are step-by-step, progressive, top-down
Process-oriented: Focusing on modeling processes/actions that manipulate data
data flow (no well modeling of data, only processes)
Separate data from processes (real world: unnatural)
Data flow diagram: Primary tool for representing systems component processes
and flow of data between them (ANALYSIS)
o Offers logical graphic model of information flow
o High-level and lower-level diagrams can be used to break processes down
into successive layers of detail
Data dictionary: Defines contents of data flows and data stores
Process specifications: Describe transformation occurring within lowest level of
data flow diagrams (logic for each process)
Structure chart: Top-down chart, showing each level of design, relationship to
other levels, and place in overall design structure (DESIGN)

2. Object-Oriented Development
Object = basic unit of systems analysis and design
Object: Combines data and the processes that operate on those data
Data encapsulated in object can be accessed and modified only by operations, or
methods, associated with that object
Object-oriented modeling based on concepts of class and inheritance
o Objects belong to a certain class and have features of that class
o May inherit structures and behaviors of a more general, ancestor class
More iterative and incremental than traditional structured development
o Systems analysis: Interactions between system and users analyzed to
identify objects
o Design phase: Describes how objects will behave and interact; grouped
into classes, subclasses and hierarchies
o Implementation: Some classes may be reused from existing library of
classes, others created or inherited
Objects = reusable can potentially reduce time and cost of development

Computer-aided software engineering (CASE)
Software tools to automate development and reduce repetitive work, including
Facilitate creation of clear documentation + coordination of team development
efforts

Graphics facilities for producing charts and diagrams, Screen and report
generators, reporting facilities, Analysis and checking tools, Data dictionaries,
Code and documentation generators
Increase productivity and quality
Support iterative design by automating revisions and changes and providing
prototyping facilities
Require organizational discipline to be used effectively

Alternative Systems-building Approaches
Traditional systems lifecycle
Oldest method for building information systems
Phased approach divides development into formal stages
Waterfall approach: Tasks in one stage finish before another stage begins
Formal division of labor between end users and information systems specialists
Emphasizes formal specifications and paperwork
Still used for building large complex systems
Can be costly, time-consuming, and inflexible

Prototyping
Building experimental system rapidly and inexpensively for end users to evaluate
Prototype: Working but preliminary version of information system Approved
prototype serves as template for final system
Iterative Steps in prototyping (can be repeated)
1. Identify user requirements
2. Develop initial prototype
3. Use prototype
4. Revise and enhance prototype

Advantages
Disadvantages
Useful if some uncertainty in
May gloss over essential steps
requirements or design solutions
May not accommodate large
Often used for end-user interface
quantities of data or large number
design
of users
More likely to fulfill end-user
May not undergo full testing or
requirements
documentation

End-user development:
Uses fourth-generation languages to allow end-users to develop systems with
little or no help from technical specialists
Fourth generation languages: Less procedural than conventional programming
Require: cost-justification of end-user system projects, Establish hardware,
software, and quality standards

Advantages
Disadvantages
More rapid completion of projects
Not designed for processing-
intensive applications
High-level of user involvement and
satisfaction
Inadequate management and
control, testing, documentation
Loss of control over data


Application software packages
Save time and money: pre-written, designed, tested, maintenance
Many offer customization features
Evaluation criteria for systems analysis include: Functions provided by the
package, flexibility, user friendliness, hardware and software resources, database
requirements, installation and maintenance efforts, documentation, vendor
quality, and cost
Request for Proposal (RFP): Detailed list of questions submitted to packaged-
software vendors, Used to evaluate alternative software packages

Outsourcing
Cloud and SaaS providers: Subscribing companies use software and computer
hardware provided by vendors
External vendors: Hired to design, create software
o Domestic: Driven by firms need for additional skills, resources, assets
o Offshore: Driven by cost-savings, better assets, skills

Advantages
Disadvantages
Allows organization flexibility in IT
Hidden costs, e.g. Identifying and
needs
selecting vendor, Transitioning to
vendor
Usually at least 15% cost saving
even in worst case scenario
Opening up proprietary business
processes to third party

Application Development for the Digital Firm

Rapid application development (RAD)
Process of creating workable systems in a very short period of time (less
sequential, parts occur simultaneously
Visual programming and other tools for building graphical user interfaces
Iterative prototyping of key system elements
Automation of program code generation
Close teamwork among end users and information systems specialists

Joint application design (JAD)
Used to accelerate generation of information requirements and to develop initial
systems design
Brings end users and information systems specialists together in interactive
session to discuss systems design
Can significantly speed up design phase and involve users at intense level

Agile development
Focuses on rapid delivery of working software by breaking large project into
several small sub-projects
Subprojects: Treated as separate, complete projects, Completed in short periods
of time using iteration and continuous feedback
Emphasizes face-to-face communication over written documents collaboration
and faster decision making

Component-based development
Groups of objects that provide software for common functions (e.g., online
ordering) and can be combined to create large-scale business applications
Web services
o Reusable software components that use XML and open Internet standards
(platform independent)
o Enable applications to communicate with no custom programming
required to share data and services
o Can engage other Web services for more complex transactions
o Using platform and device-independent standards can result in significant
cost-savings and opportunities for collaboration with other companies

Chapter 14
Managing Projects

The Importance of Project Management
Runaway projects: 30% - 40% IT projects: Exceed schedule, budget, Fail to
perform as specified, less benefits
Types of system failure
o Fail to capture essential business requirements
o Fail to provide organizational benefits
o Complicated, poorly organized user interface
o Inaccurate or inconsistent data

Project management
Project: planned series of related activities for achieving specific business
objective
Activities: planning work, assessing risk, estimating resources required,
organizing work, assigning tasks, controlling project execution, reporting
progress, analyzing results
Five major variables
o Scope what work to (not) include
o Time amount to complete project, schedule
o Cost hr, hardware, software, work space
o Quality result satisfies specified objectives
o Risk potential problems threatening success

Selecting Projects

Linking Systems Projects to the Business Plan

Information systems plan
Identifies systems projects that will deliver most business value, links
development to business plan
Corporate goals, milestones, target dates, key management decisions
Road map indicating direction of systems development, includes:
o Purpose of plan
o Strategic business plan rationale
o Current systems/situation
o New developments to consider
o Management strategy
o Implementation plan
o Budget
In order to plan effectively, firms need to inventory and document existing
software, hardware, systems

Critical Success Factors
Clear understanding of both long-term and short-term information requirements
Strategic analysis or critical success factors (CSF) approach: Sees information
requirements as determined by a small number of critical success factors
Shaped by industry, firm, manager, broader environment
Principal method: personal interviews with top managers identify goals + CSFs
aggregation to firm CSFs systems build to deliver information on CSFs
Suitable for top management, building DSS and ESS
Disadvantages: No clear methods for aggregation, Confusion between individual
and organizational CSFs, Bias towards top managers

Portfolio analysis
Used to evaluate alternative system projects
Inventories all of the organizations information systems projects and assets
Each system has profile of risk and benefit
To improve return on portfolio, balance risk and return from systems
investments
Determine optimal mix of investment risk and reward
Aligned with business strategy: superior return on IT assets, better alignment
with business objectives, and better coordination if IT investments

Scoring models
Selecting projects where many criteria must be considered
Assigns weights to various features of system and calculates weighted totals
Most important: not score but agreement on criteria to judge system
Requires experts understanding issue and technology
Used to confirm, rationalize and support decisions

Establishing the business value of Information Systems
Information Systems Costs and Benefits
Tangible benefits (cost savings): Can be quantified and assigned monetary value
Systems that displace labor and save space: Transaction and clerical systems
Intangible benefits: Cannot be immediately quantified but may lead to
quantifiable gains in the long run
Systems that influence decision making: ESS, DSS, collaborative work systems
Capital budgeting models: Measure value of investing in long-term capital
investment projects
Rely on measures the firms
o Cash outflows: Expenditures for hardware, software, labor
o Cash inflows: Increased sales, Reduced costs
Difference out- und in flows used for calculating financial worth of investment
Various capital budgeting models used for IT projects: Payback method,
accounting rate of return on investment, net present value, internal rate of return
(IRR)

Real options pricing models (ROPM)
Can be used when future revenue streams of IT projects are uncertain and up-
front costs are high
Use concept of options valuation borrowed from financial industry (option =
right but not obligation to act at some future date, buy at fixed rate)
Initial expenditure on technology creates right (not obligation) to obtain the
benefits associated with further development and deployment of the technology
as long as management has freedom to cancel, defer, restart, or expand project
Gives managers flexibility to stage IT investment or test the waters with small
pilot projects or prototypes to gain more knowledge about risks before investing
in entire implementation
Disadvantage: estimating all ley variables affecting option value

Limitations of financial models
Do not take into account social and organizational dimensions that may affect
costs and benefits
No consideration costs from organizational disruptions (training, learning
curves)
Overlooked benefits like enhanced employee learning and expertise

Dimensions of Project Risk level influenced by
Project size: Indicated by cost, time, number of organizational units affected,
Organizational complexity also an issue
Project structure: Structured, defined requirements run lower risk
Experience with technology

Change Management
Required for successful system building
New information systems have powerful behavioral and organizational impact
Changes lead to new distributions of authority and power
Internal organizational change breeds resistance and opposition
Implementation: All organizational activities working toward adoption,
management, and routinization of an innovation
Change agent: One role of systems analyst
o Redefines the configurations, interactions, job activities, and power
relationships of organizational groups
o Catalyst for entire change process
o Responsible for ensuring that all parties involved accept changes created
by new system
Role of end users: With high levels of user involvement
o System more likely to conform to requirements
o Users more likely to accept system
User-designer communication gap: Users and information systems specialists
o Different backgrounds, interests, and priorities
o Different loyalties, priorities, vocabularies
o Different concerns regarding a new system
Management support and commitment
o Positive perception by both users and technical staff
o Ensures sufficient funding and resources
o Enforcement of required organizational changes
Very high failure rate among enterprise application and BPR projects (up to 70%
for BPR) Poor implementation and change management practices
Mergers and acquisitions: Similarly high failure rate of integration projects
Merging of systems of two companies requires: Considerable organizational
change, Complex systems projects

Controlling risk factors
1st step in managing project risk: identifying nature and level of risk of project
Each project managed with tools and risk-management approaches geared to
level of risk
Managing technical complexity Internal integration tools
o Project leaders with technical and administrative experience
o Highly experienced team members
o Frequent team meetings
o Securing of technical experience outside firm if necessary
Formal planning and formal control tools: GANTT and PERT charts
o Gantt chart lists project activities and corresponding start and completion
dates, visually representing timing and duration + hr
o Pert charts (Program Evaluation and Review Technique) graphically
depicts project task and interrelationships in a network diagram
o Determine bottlenecks, impact problems will have
External integration tools: ways to link work of implementation team to users at
all organizational levels (Active involvement of users, teams responsiveness)
User resistance to organizational change: believe change is detrimental to their
interests, counter implementation: strategy to thwart implementation of an IS

Strategies to overcome user resistance

o User participation
o User education and training
o Management edicts and policies
o Incentives for cooperation
o Improvement of end-user interface
o Resolution of organizational problems prior to introduction of new system

Designing for the organization
Information system projects must address ways in which organization changes
with new system
Planning: Procedural changes, Job functions, Organizational structure, Power
relationships, Work structure
Ergonomics: Interaction of people and machines in work environment including
Design of jobs, Health issues, End-user interfaces
Organizational impact analysis: explains how system will affect organizational
structure, attitudes, decision making, operations
Sociotechnical design: Addresses human and organizational issues
o Separate sets of technical and social design solutions
o Final design is solution that best meets both technical and social
objectives higher job satisfaction and productivity

Project management software
Can automate many aspects of project management
Capabilities for Defining, ordering, editing tasks, Assigning resources to tasks,
Tracking progress
Microsoft Project 2010 = Most widely used project management software,
capabilities of producing PERT, Gantt Charts, critical path analysis
Increase in SaaS, open-source project management software more flexile,
collaborative and user-friendly
Project portfolio management: helps organizations manage portfolios of projects
and dependencies among them

Chapter 15
Managing Global Systems

Growth of International Information Systems
Global economic system and global world order driven by advanced networks
and information systems
Growth of international trade radically altered domestic economies around globe

Developing an International Information Systems Architecture
1. Understand global environment: Business drivers pushing your industry toward
global competition, Inhibitors creating management challenges
2. Develop corporate strategy for competition: How firm should respond to global
competition
3. Develop organization structure and division of labor: Where will production,
marketing, sales, etc., be located
4. Consider management issues: Design of business procedures, reengineering,
managing change
5. Consider technology platform

Global drivers
General cultural factors lead toward internationalization and result in specific business
globalization factors

Business Challenges

State of the art
Most companies have inherited patchwork international systems using 1960s-
era batch-oriented reporting, manual entry of data from one legacy system to
another, and little online control and communication

Significant difficulties in building appropriate international architectures

o Planning a system appropriate to firms global strategy
o Structuring organization of systems and business units
o Solving implementation issues
o Choosing right technical platform

Global strategies and business organization
Three main kinds of organizational structure
o Centralized: In the home country
o Decentralized/dispersed: To local foreign units
o Coordinated: All units participate as equals
Four main global strategies
o Domestic exporter: heavy centralization of corporate activities in the
home country of origin (often starting point)
o Multinational: concentrate financial management and control out of home
base, decentralizing production, sales, marketing, adapted products to
local market conditions
o Franchisers: mix of old and new, design in home country, further
production foreign personnel
o Transnational: stateless, truly globally managed firms with many regional
headquarters, frame of reference: globe

Global systems to fit the strategy
Configuration, management, and development of systems tend to follow global
strategy chosen
4 main types of systems configuration
1. Centralized: Systems development and operation totally at domestic home base
2. Duplicated: Development occurs at home base but operations are handed over to
autonomous units in foreign locations
3. Decentralized: Each foreign unit designs own solutions and systems
4. Networked: Development and operations in coordinated fashion across all units

Reorganizing the Business

1. Organize value-adding activities along lines of comparative advantage (E.g., Locate
functions where they can best be performed, for least cost and maximum impact)
2. Develop and operate systems units at each level of corporate activity local (host
country systems units), regional (regional systems units handle telecommunications
and systems development)), national, and international (transnational systems units
create link across major regional areas)
3. Establish at world headquarters: Single office responsible for development of
international systems + Global CIO position

Managing Global Systems
Principle Management Challenges in developing global systems

Typical scenario: Disorganization on a global scale
Traditional multinational consumer-goods company based in U.S. and operating
in Europe would like to expand into Asian markets
World headquarters and strategic management in U.S., Only centrally
coordinated system is financial controls and reporting
Separate regional, national production and marketing centers
Foreign divisions have separate IT systems
E-mail systems are incompatible
Each production facility uses different ERP system, different hardware and
database platforms, etc.

Global systems strategy
Share only core systems: Core systems support functionality critical to firm
Partially coordinate systems that share some key elements (Do not have to be
totally common across national boundaries, Local variation desirable)
Peripheral systems: Need to suit local requirements only

1. Define core business processes (business process analysis) + best performer
2. Identify core systems to coordinate centrally
3. Choose an approach (best: salami strategy)
Piecemeal and grand design approaches tend to fail
Evolve transnational applications incrementally from existing applications
4. Make benefits clear
Global flexibility
Gains in efficiency
Global markets and larger customer base unleash new economies of scale at
production facilities
Optimizing corporate funds over much larger capital base

The management solution: Implementation

Agreeing on common user requirements Short list of core business processes
Develop common language, understanding of common elements and unique
local qualities
Introducing changes in business processes Success depends on legitimacy
(extent on which authority is accepted = competence, vision etc.), authority,
ability to involve users in change design process
Coordinating applications development Coordinate change through
incremental steps Reduce set of transnational systems to bare minimum
Coordinating software releases Institute procedures to ensure all operating
units update at the same time compatible
Encouraging local users to support global systems Cooptation: Bringing the
opposition into design and implementation process without giving up control
over direction and nature of the change
o Permit each country unit to develop one transnational application
o Develop new transnational centers of excellence

Technology challenges of global systems
Global business model and strategy hardware, software, networking
standards, key system applications
Standardization: global computing platform, international work teams
Computing platforms and systems integration
How new core systems will fit in with existing suite of applications developed
around globe by different divisions
Standardization: Data standards, interfaces, software, etc.
Connectivity
Ability to link systems and people into single integrated network (voice, data,
image transmissions)
Internet foundation but does not guarantee any level of service
Many firms use private networks and VPNs
Low penetration of PCs, outdated infrastructures in developing countries
High costs and monitored transmissions by governments

Software Localization
Integrating new systems with old (+ testing)
Human interface design issues, languages mastered quickly
Software localization: converting software to operate in second language

Most important software applications:

o TPS and MIS (basic transaction and management reporting systems)
o Increasingly, SCM and enterprise systems to standardize business
processes not always compatible with differences in languages,
heritage, business processes in other countries
o Problems: not technically sophisticated company units
o Applications that enhance productivity of international teams like EDI,
SCM; Collaboration systems, email, videoconferencing