P. 1
Business Information Technology Final Study Guide

Business Information Technology Final Study Guide

|Views: 19|Likes:
Great for eLearning students at FIDM. Notes will help with quizzess, midterm, final, and chapter review questions.

Original Book: Management Information Systems
Great for eLearning students at FIDM. Notes will help with quizzess, midterm, final, and chapter review questions.

Original Book: Management Information Systems

More info:

Categories:Types, School Work
Published by: Sherisse' Danielle Woodley on Jun 17, 2013
Copyright:Attribution Non-commercial
List Price: $4.99 Buy Now


Read on Scribd mobile: iPhone, iPad and Android.
See more
See less








  • Chapter 1: Understanding Business Information Systems Technology
  • Chapter 2: Strategic Uses of Information Systems
  • Chapter 3: Business Functions and Supply Chains
  • Chapter 4 & 5: Business Hardware & Software
  • Chapter 6: Business Networks and Telecommunications
  • Chapter 7: Databases & Data Warehouses
  • Chapter 8: The Web-Enabled Enterprise
  • Chapter 9: Challenges of Global Information Systems
  • Chapter 10: Decision Support & Expert Systems
  • Chapter 11: Business Intelligence & Knowledge Management
  • Chapter 12: Systems Planning and Development
  • Chapter 13: Choices in Systems Acquisition
  • Chapter 14: Risks, Security, and Disaster Recovery

Chapter 1: Understanding Business Information Systems Technology

       Explain why information technology matters Define digital information and explain why digital systems are powerful and useful Explain why information systems are essential to business Describe how computers process data into useful information for problem solving and decision making Identify functions of different types of information systems in business Describe careers in information technology Identify major ethical and societal concerns created by use of information technology

Does Information Technology Matter?
Today’s business professionals must know how to develop and use Information Technologies. World’s best performing companies spent 7% more per employee on IT than typ ical companies. They recoup the investment fivefold in lower operational costs

The Power of Digital Systems
Binary counting system uses only two digits: 0 and 1  

Digital systems such as computers process and store any information digitally as combination of 0 and 1 Digital information is stored and communicated by means of electromagnetic signals which are: o Extremely fast o Digital copy is an exact copy of the original Accuracy and speed make digital systems powerful, useful, and important

The Purpose of Information Systems
Businesses use information systems to:  

Make decisions Solve problems

Purpose of information systems is to support:   

Gathering correct information efficiently Storing information Using information

Both problem-solving and decision making require information:

 

Problem - a situation that needs resolution Decision - a way to get to a resolution

Data, Information, & Information Systems
It is important to understand similarities and differences between data, information and systems: Data is the raw material in the production of information.   

Data is fact, such as a statement, number or picture. Raw data is hard to read. Surveys are a common method of collecting data.

Information is composed of data which is manipulated. 

Facts or conclusions that have meaning within a certain context

Information Systems create useful information by processing data through data manipulation.

Useful Information
Information is more useful to businesses than data

Relevant Complete Accurate Current Economical

Characteristics of Useful Information Information must pertain to the problem at hand. Partial information is often worse than no information. Erroneous information and documents might lead to disastrous decisions. Decisions are often based on the latest information available, but what was fact yesterday might be obsolete today. In a business setting, the cost of obtaining information must be considered as one financial element involved in any

(see Figure 1.2 in your textbook for a full version of this chart)

What is a System?
A system is an array of components that work together to achieve a goal or goals.

Subsystem is a component of a larger system

Figure 1.3. A corporate accounting system. Copyright © 2009 Course Technology, Cengage Learning

A system accepts input, processes the input, and produces output

Types of Systems:
 

Closed systemwhichhas no connections with other systems Open system which interfaces and interacts with other systems; often a subsystem of a bigger system

Information system (IS): components that work together to process data and produce information

Information & Managers Systems thinking Powerful management approach that creates a framework for problem solving and decision making  Helps keep managers focused on overall goals Information Technology Information technology: technologies that facilitate construction and maintenance of information systems   Database is a collection of electronic records Information map is a description of information and data flow within an organization o Shows a network of information subsystems that exchange information with each other and with the outside world .

data. and procedures Trends that make information systems important for businesses:      Growing power and decreasing cost of technology Growing capacity and lower cost of storage devices Increasing variety and ingenuity of computer programs Growth of the Internet and availability of fast communications links to the Internet Increasing computer literacy of the workforce . software. people.  Human-computer combination allows human thought to be translated into efficient processing of data Qualities of Humans & Computers that Contribute to Synergy Humans Computers Think Have common sense Can make decisions Can instruct the computer what to do Can learn new methods and techniques Can accumulate expertise Calculate and perform programmed logical operations extremely rapidly Store and retrieve data and information extremely rapidly Perform complex logical and arithmetical function accurately Execute long. tedious operations Perform routine tasks less expensively than humans Are adaptable (can be programmed and reprogrammed) Information Systems in Organizations Information system: a system with one or more computers at its center  Information system consists of telecommunications. hardware.The Benefits of Human-Computer Synergy Humans are relatively slow and make mistakes Computers cannot make decisions unless programmed to do so Synergy: combining resources to produce output that exceeds the sum of outputs that would be generated by the separate resources.

and how to store data and information Hardware and software that facilitate fast transmission Telecommunications and reception of text. and maintain software. how to display information. sound. Rules for achieving optimal and secure operations in data processing. Input: collect and introduce data to system o Transaction processing system (TPS):a system that records transactions o Transaction: a business event. Data processing: perform calculations on input 3. design and construct information systems. and animation in the form of electronic data People Information systems professionals and users who analyze organizational information needs. voice recognition systems 2. Output: what is produced by the information system o Output devices include printers and speakers 4. usually entered as input using Input devices such as keyboards.Humans Data Hardware Software Components of an Information System Computers Input that the system takes to produce information A computer and its peripheral equipment Sets of instructions that tell the computer how to take data in. Storage: maintaining vast amounts of data o Storage devices include optical discs . procedures include priorities in dispensing software applications and security measures Procedures Processing Information The Four Stages of Processing 1. bar code readers. write computer programs. operate the hardware. pictures. how to process it.

and making decisions 2. Management Information System (MIS): a system that supports planning. Transaction processing system (TPS): most widely used type of system o Records data collected at point where organization transacts business with other parties .Computer Devices for Information Systems Technologies that support data processing functions:      Input devices receive input Computers process data Output devices display information Storage devices store data Network devices transfer data Telecommunications: communication that takes place between computers over great distances Types of Information Systems Different types of information systems serve different functions. control. 1.

8. 6.3. packing. shipping. ATMs. document management. and purchase order systems Supply chain management (SCM) systems: systems that support Supply chain activities: o SCM systems are known as “enterprise resource planning systems” o SCM systems eliminate the need to reenter data that was captured elsewhere in the organization o Supply chain is sequence of activities involved in producing products and services including:  marketing. Point-of-sale machines: record sales Include cash registers. monitoring customer portfolios collection. and after-sale services. purchasing raw materials. billing. 5. Customer relationship management (CRM) systems: systems for managing relations with customers o Often linked to Web applications that track online transactions o Retaining loyal customers is less expensive than acquiring new ones Expert system (ES): supports knowledge-intensive decision making o Uses artificial intelligence techniques o Can preserve the knowledge of retiring experts Business intelligence (BI) systems: systems that glean relationships and trends from raw data to help organization compete o Often contain statistical models o Access large pools of data o Data warehouse: large database that usually store transactional records Decision support system (DSS): supports decision making o Relies on programs or analytical models to produce tables o Extrapolates data to predict outcomes o Helps answer “What if?” questions Geographic information system (GIS): ties data to physical locations  Represents data on a map in different formats  May reflect demographic information in addition to geographic information  May use information from global positioning system (GPS) satellites  Examples: Google Earth o o . manufacturing and assembly. 7. 4.


3. 4. and human resources Part of a larger enterprise system Functional business areas include: 1. Accounting Finance Marketing Human Resources Manufacturing Inventory Control Sales Information Systems in Business Functions Information systems are used in many business functions. Accounting information systems: o Help record transactions o Produce periodic statements o Create reports required by law o Create supplemental reports for managers . 2. 6. 7. finance. 5.Functional Business Areas Functional business area: services within a company that support the main business operations   Includes accounting. 1. marketing.

Contain controls to guarantee adherence to standards 2. Marketing Information System’s purpose is to pinpoint likely customers and promote products o Marketing information systems enable us to:  Analyze demand for products in regions and demographic groups  Identify trends in demand for products/services  Help analyze how advertising campaigns affect profit o Web provides opportunity to collect marketing data as well as promote products and services 4. and making decisions 3. Human resource management systems aid record-keeping o Must keep accurate records o Aids recruiting. Finance systems: o Facilitate financial planning and business transactions o Tasks include organizing budgets. placement. requirement projections o Performance evaluation systems provide grading utilities o Web-Empowered Enterprises E-commerce E-commerce: buying and selling goods and services through Internet   Internet is a vast network of computers connected globally Web has a profound impact on information systems o An emerging advertising medium o A place to conduct e-commerce . analyzing investments. benefits analysis. managing cash flow. selection.

Careers in Information Systems Careers in Information Systems  Help desk technician o Supports end users in their daily use of IT .

and troubleshoots networks o Implements security such as setting up Firewalls and Access codes System administrator o Manages organization’s computer operating systems o Must ensure that operating systems work together. providing specifications for programmers and documenting development efforts o Requires communication and presentation skills Software engineers o Develop software applications Webmaster o creates and maintains Web site o Must be familiar with Web transaction software. and feasibility studies o Involves analyzing system requirements. state and corporate regulations to protect privacy of customers and employees Systems analyst o Researches. design considerations. implements. plans. maintains.      Often provides help via telephone May use software that gives them control of the user’s PC May need to have knowledge of a wide variety of PC applications Network administrator o acquires. security software o Manages both the intranet and extranet o Demand for Webmasters grows as more businesses use Web o o o Careers in Information Systems (cont'd)    Chief security officer (CSO) o supervises security of information system o Usually reports to chief information officer (CIO) Chief technology officer (CTO) o has similar duties as CIO Chief information officer (CIO) o responsible for all aspects of information system o Often a corporate vice president o Must have technical understanding of information technologies as well as business knowledge . payment-processing software. adding and deleting user accounts. and recommends software and systems choices o Responsible for developing cost analyses. and function properly o Responsible for backup and recovery. support business requirements. implementation timelines. performing system upgrades Database administrator (DBA) o responsible for securing the database databases and data warehouses o Develops and acquires database applications o Must adhere to federal. manages.

identity theft. including accounting. and Web annoyances .Summary Summary          A system is a set of components that work together to achieve a common goal Subsystem: a system performs a limited task that produces an end result. The job prospects for IT professionals are bright. finance. marketing. which must be combined with other products from other systems to reach an ultimate goal Data processing has four stages Any information system that helps in management is a management information system (MIS) There are many different types of MIS. and human resources. IT has created societal concerns regarding privacy. spam. Enterprise application systems (SCM or ERP) tie together different functional areas of a business Information systems are used in many business functions.

. resulting in a competitive advantage Achieving a Competitive Advantage Competitive Advantage Competitive advantage is achieved when a company significantly increases its profits. to obtain an advantageous position Business strategy   a plan to help organizations outperform competitors Information system may be built to solve a problem or to identify an opportunity Strategic information system (SIS)  an information system that helps identify opportunities Strategic Advantage or Competitive Advantage   using strategy to maximize company strengths having maximized organization’s strengths to compete with its rivals Company achieves strategic advantage by using strategy to maximize its strength.Chapter 2: Strategic Uses of Information Systems Objectives       Explain business strategy and strategic moves Illustrate how information systems can give businesses a competitive advantage Identify initiatives for gaining a competitive advantage Explain what makes an information system a strategic information resource Identify fundamental requirements for developing strategic information systems Explain circumstances and initiatives that make one IT strategy succeed and another fail Strategy and Strategic Moves Strategy Strategy: framework. or approach.

4.Initiatives that organizations can take to gain competitive advantage: 1. Reduce Costs Establish High Switching Costs Raise Barriers to Market Entrants Create New Products or Services (innovation) Differentiate Products or Services Enhance Products or Services Establish Alliances Lock in Suppliers or Buyers Achieving a Competitive Advantage Achieving a Competitive Advantage Initiative #1: Reduce Costs     Reduce costs to lower price Automation greatly reduces manufacturing costs Web can automate customer service activities Companies that are first to adopt advanced systems that reduce labor enjoy competitive advantage until their rivals do likewise Initiative #2: Establish High Switching Costs Expenses incurred when customer stops buying from one company and starts buying from another Achieving a Competitive Advantage Initiative #3: Raise Barriers to Market Entrants  Less competition is better for company . 6. 5. 9. 7. 2. 8. 3.

techniques. attractive product when it was introduced in early 2007. or critical mass Critical mass    Body of clients that is large enough to attract other clients Being a first mover is not a guarantee of long-term success (Netscape) Must continue to improve and innovate to maintain competitive advantage Achieving a Competitive Advantage Initiative #5: Differentiate Products or Services Product differentiation  Persuading customers that your product is better than competitors’ .’s pension fund management ISs Achieving a Competitive Advantage Initiative #4: Create New Products or Services iPhone was an innovative. and services) Examples: Amazon’s one-click. raise barriers to entrants   Obtain legal protection of intellectual property (copyrights and patents on inventions. Organizations can gain competitive advantage by making it difficult or impossible for others to produce the same product or service To lower competition. Apple’s iPhone) First mover   Organization that is first to offer a new product or service Usually results in better technology. Priceline’s reverse auction Build unmatchable information systems   License your technology State Street Corp. superior brand name. © MCT/Landov  Having a unique product or service gives competitive advantage for a period of time (eBay. more experience.

   Usually achieved through advertising and customer experience Exemplified by brand name success Promotes brand name Initiative #6: Enhance Products or Services   Enhance existing products or services to increase value to consumer Many products and services have been enhanced by use of the Web Achieving a Competitive Advantage Initiative #7: Establish Alliances    Two companies combining services Makes product more attractive. reduces costs. and provides one-stop shopping Achieving a competitive advantage .

Achieving a Competitive Advantage Initiative #8: Lock in Suppliers or Buyers    Accomplished by achieving bargaining power Bargaining power: leverage to influence buyers and suppliers o Achieved by being major competitor or eliminating competitors o Uses purchase volume as leverage over suppliers Lock in buyers by making them fear high switching costs A company can "lock in" clients by: Giving away a product to make it become a standard (i. Adobe’s Acrobat Reader. Macromedia’s Flash player) or by creating a physical or software limitation on using the technology (Apple Computer’s iTunes) .e.

. A company can gain advantage if it can attract customers by convincing them its product differs from the competition's.Creating & Maintaining Strategic Information Systems (SIS) Strategic Information Systems (SISs) are information systems that serve an organization’s goal and collaborate with all functional units of the organization     SISs can be created from scratch or by modifying an existing Information system SISs must be part of overall organizational strategic plan Top management must be involved throughout the process of creating an SIS Management should ask questions to determine whether to develop a new SIS or use the existing information system Eight basic ways to gain competitive advantage Initiative Benefit Reduce costs Raise barriers to market entrants Establish high switching costs Create new products or services Differentiate products or services A company can gain advantage if it can sell more units at a lower price while providing quality and maintaining or increasing its profit margin. A company can gain advantage if it offers a unique product or service. A company can gain advantage if it deters potential entrants into the market. Enhance products A company can gain advantage if its product or service is better than anyone else's. A company can gain advantage if it creates high switching costs. making it economically infeasible for customers to buy from competitors. making economically impractical for suppliers or buyers to deal with competitors. Lock in suppliers or buyers A company can gain advantage if it can lock in either suppliers or buyers. or services Companies from different industries can help each other Establish alliances gain advantage by offer combined packages of goods or services at special prices. enjoying less competition and more market potential.

Reengineering Reengineering is the process of eliminating and rebuilding operations from the ground up    Often involves new machinery and elimination of management layers Frequently involves information technology Goal is to achieve huge efficiency improvements A new SIS requires revamping business processes. Competitive Advantage as a Moving Target     Competitive advantage is often short-lived Competitors soon imitate the leader.Reengineering & Organizational Change To implement SIS. diminishing the advantage SIS quickly becomes a standard business practice Organizations must continually modify and enhance technology to sustain competitive advantage JetBlue: A Success Story JetBlue entered a formerly hurting market with great success     Ticketless travel Automation with IT Reduced costs Improved service Enhanced Service: Technology helps JetBlue offer better service       Leather seats Real-time in-flight television On-schedule departures and arrivals Fewest mishandled bags in the industry Rapid check-in times and fast baggage retrieval Better security . organizations must rethink the way they operate.

competitors fill only 71% Late Mover Advantage  JetBlue entered the market later than competitors o Can be viewed as advantage o Implements latest available technologies o Not burdened with legacy system .JetBlue: A Success Story Massive Automation       JetBlue developed Open Skies software to automate ticket handling o Avoids travel agents and their fees o Use reservation agents who work from home using VoIP Encourages Internet flight booking by customers Maintenance information system used to log airplane parts and time cycles for replacement Automated flight planning to maximize occupancy Operational data is updated flight by flight and available to management at all times Use of Training management system to eliminate need for paper records. only point to point Take most profitable route between cities Keeping flight manuals on laptop computers allows for paperless cockpits Saves preflight time associated with calculating weight of plane (annual savings of ~4800 hours) Uses biometrics for authentication and authorization Implementation of a paperless frequent flier program Impressive Performance   Most important metric in airline industry is CASM (cost per available seatmile) JetBlue’s CASM for first three years of operations was less than 7 cents (industry average is 11 cents) o CASM measures how much it costs to fly a passenger one mile o JetBlue fills 78% of its seats. allows tracking of employee training Away from Tradition        JetBlue used innovative technique for routing airplanes Does not use hub-and-spokes method.

Nasser's ideas included:    Enabling drivers and passengers to access Web Establish Web based auctions to encourage price competition among parts suppliers Push vehicle sales to Web and bypass dealers and their fees Reasons for Ford's Failure      Customers not very interested in Web access in vehicles in 2000 Other car companies learned to use online auto part auctioning State franchising laws did not allow car companies to bypass dealers and online sales initiative failed Web site used to select proper model only. Pioneers sometimes get burned even with careful planning. Ford's Failure Ford’s great failed initiative was undertaken by its CEO Jacque Nasser.    No prior experiences from which to learn Implementation costs are greater than anticipated Technology ends up losing money for company . but not enough to save Nasser’s job The Bleeding Edge Ford case shows that being a first mover is risky. Bleeding edge The bleeding edge phenomenon occurs when company tries to be on leading edge. but consumers must still utilize a dealer Web site sold cars.Ford on the Web: A Failure Story Not all strategic moves end up being successful.

resulting in a competitive advantage Creating standards often establishes strategic advantage in software industry Reengineering is process of redesigning a business process from scratch to significantly reduce costs Initiatives for gaining strategic advantage include cost reduction.  Microsoft’s approach is to seize an existing idea. Strategic advances from information systems are short-lived. and locking suppliers. establishing high switching costs. enhancing products. new opportunities must always be sought Must keep systems on the leading edge to maintain strategic advantage Bleeding edge is the undesirable result of a failed innovation effort . raising barriers to competitors. and promote it with marketing power Also known as competing by emulating and improving Summary          Some information systems have become strategic tools as a result of strategic planning. others have evolved into strategic tools through adoption and use Strategic information systems help companies gain strategic advantage Company achieves strategic advantage by using strategy to maximize its strength. differentiating products. alliances. improve it. new products.

Chapter 3: Business Functions and Supply Chains Objectives      Identify various business functions and the role of Information Systems in these functions Explain how Information Systems in the basic business functions relate to each other Articulate what supply chain is and how information technology supports management of supply chains Enumerate the purposes of customer relationship management systems Explain enterprise resource planning systems Effectiveness & Efficiency Influences of Information Technology   Information technology makes work more effective. more efficient. Information Systems contribute to both effectiveness and efficiency of businesses Effectiveness the degree to which a goal is achieved Efficiency the relationship between resources expended and benefits gained in achieving a goal Productivity  Productivity: efficiency of human resources . or both.

  Productivity improves when fewer workers are required to achieve the same goal Productivity tools: software applications that improve productivity Customer relationship management (CRM) system    System that allows customers to be served better and faster Service continues after delivery of goods as customer service and more as marketing CRM and SCM (supply chain management systems) are combined to create a system called enterprise resource planning (ERP) system. Role of Information Systems in Business Functions Information Systems affect business functions including:         Accounting Finance Cash Management Investment Analysis and Service Engineering Supply Chain Management Customer Relationship Management Human Resource Management .

Role of Information Systems in Business Functions Accounting Information System       receives information from transaction processing systems (TPSs) Automatically routes purchases to accounts payable Automatically routes sales to accounts receivable Generates reports on demand or on schedule Accounts payable and accounts receivable track who owes who what Accounting’s purpose is to track financial transaction Balance sheet  picture of financial situation which include profit-and -loss report .

stock prices. you must know current prices in real time. and currency exchange rates. commodity prices. Investment Analysis and Service provides clients and investors with financial news.Cost-accounting systems:  accumulate data about costs involved in producing specific products Cash Management   systems that deal specifically with cash such as electronic transfer of cash from one bank account to another Role of Information Systems in Business Functions Finance Information System Financial managers’ goal is to manage money as efficientl y as possible by:     Collecting payables as soon as possible Making payments at the latest time allowed Ensuring funds are available for daily operations Investing funds not used for current activities Investment Analysis & Service   When investing in securities. .

modify. and store designs and drawings electronically .Important factors to consider when investing:    Know the expected return Know variability of the security’s past yield Liquidity (how fast an investment can be turned into cash) Role of Information Systems in Business Functions Engineering Information Systems     EISs reduce time to market significantly and facilitate brainstorming Time to market is the time between generating ideas for a product and completing the prototype for product Brainstorming is process of collaborating and group meeting to generate solutions and new ideas Minimizing time to market is key to gain or maintain competitive edge Types of Engineering Information Systems Computer-aided design (CAD) tools to create.

Role of Information Systems in Business Functions Role of Information Systems in Business Functions .Rapid prototyping   Rapid prototyping: creating one-of-a-kind products to test design in three dimensions Allows a model to be produced in hours rather than days or weeks Computer-aided manufacturing (CAM) systems that instruct machines how to manufacture parts and assemble products.

and delivering goods IT helps manufacturing activities by:     Scheduling activities to optimize the use of resources Planning material requirements based on current and forecasted demand Managing inventories Grouping similar work orders for efficiency Role of Information Systems in Business Functions MRP systems help reduce inventory cost while ensuring availability. then works back to calculate resources needed to produce goods . © AP Images Material Requirements Planning (MRP) Systems (inventory control systems)    Determines when inventory needs to be restocked Predict future need based on demand forecasts Takes customer demand as input. processing materials into goods.Supply Chain Management Systems o Help monitoring. controlling. and facilitating supply chains Supply Chain is the procurement of raw materials.

Role of Information Systems in Business Functions Figure 3. Sequence of loading and unloading. Road tolls. Length of routes. LLC Shipping Information systems optimize shipping efficiency helping companies to stay competitive by:    Reducing shipping time and cost of labor Using equipment such as GPS. including:  Fuel prices.8. A graphical display of planned loading on a truck. computers. Controlling processes helps ensure quality. and Type of materials. Courtesy of Optimum Logistics. Master production schedule: specifies how production capacity is to be used to meet customer demands Just-in-time manufacturing: suppliers ship parts directly to assembly lines as parts are needed to avoids warehousing costs. Radio frequency identification (RFID)  technology containing circuitry that allows recording of information about a product . without missing production deadlines Manufacturing resource planning (MRP II)  Use master production schedule to combine MRP with other related activities to plan manufacturing process. and satellite communication Lowering maintenance costs Variables affect cost and speed of shipping.Bill of materials (BOM): list of all raw materials and subcomponent demands to produce a product Economic order quantity (EOQ): optimal quantity of a raw material that minimizes overstocking and saves cost. Monitoring and Control: Information systems are designed to control and monitor manufacturing processes. a produced by shipping software.

plant location. © McGraw-Hill    A code on an RIFD tag that provides more information than the universal product code (UPC) Information may include date of manufacturing.Role of Information Systems in Business Functions Electronic product code (EPC) An example of information recorded in an electronic product code. expiration date. destination Ensures genuineness of products Salesforce Automation    Equips traveling salespeople with IT such as Laptops and personal digital assistants (PDAs) to improve productivity Allows salespeople to present different options for products and services at the customer location Makes sales presentations more efficient Role of Information Systems in Business Functions Customer Relationship Management (CRM) Systems Customer Relationship Management (CRM) Systems are designed to support customers relationships .

sales and customer service areas Web-based customer service provide 24/7 automated customer service to save labor and paper costs Includes FAQs. tracking systems and customer profiles maintenance Market research   To promote products successfully and discover populations and regions that are most likely to purchase product. learn from their experiences. and serve them better.12.Figure 3. sales. © McGraw-Hill      CRM systems capture the entire customer experience with an organization All company employees who deal with the customer have access to this information CRM systems support marketing. and customer service departments target interested customers. Customer relationship management systems help marketing. organizations perform market research Market Research may include activities such as conducting interviews with consumers and retailers and building statistical models to predict sales volumes of different products Targeted marketing   Direct promotions to customers Spam is a cheap method of advertising which involves sending mass e-mail communications .

Role of Information Systems in Business Functions Human resource management (HRM) HR departments must keep personnel records:      To comply with laws For payroll and tax calculation and deposit For promotion consideration For periodic reporting Human resource Information Systems are now digitized to save space to store records. time to retrieve them. and costs HRM can be classified into five main activities:      Employee record management Promotion and recruitment Training Evaluation Compensation and benefits management .

Training   Multimedia software is replacing classrooms o May include 3D simulated environments IT reduces training costs dramatically .Role of Information Systems in Business Functions Promotion and recruitment   HR can select best-qualified person for position by searching database of applicants and existing employees for specific criteria Automating the selection process significantly minimizes time and money for recruitment Intranet: inter-organizational network that supports Web applications allows HR manager to post position vacancy announcements that get wide exposure.

connecting multiple organizations Supply chain systems work best when all businesses in the chain are sharing information Trust between allied companies facilitates collaboration Small enterprises do not use SCM systems which in turn affect the more powerful organizations to which small enterprise is linked to.Evaluation  Evaluation software standardizes evaluation process by providing tools to aid in evaluating every employee fairly and objectively Compensation and Benefits Management    Compensation includes salary.S. especially supply chain management systems supply chain management systems streamline operations throughout chain ERP systems can also serve as SCM systems.” Collaborative Logistics    Web allows organizations to collaborate and combine resources Businesses can optimize logistics by connecting SCM systems SCM systems can allow collaborative warehousing to share warehouse space. and bonuses Programs calculate pay and taxes automatically to generate paychecks and perform direct deposits Software can help managing benefits by using intranet or Internet to access benefits database Role of Information Systems in Business Functions Supply Chain Management Systems       Overall inventory in the U. . When SCMs of companies are not linked. is decreasing while U. hourly pay. demand requirements are unknown and supply companies must overstock inventory. gross domestic product (GDP) is increasing Reduction in inventory attributed to the use of Information Systems. one company “sits” with lean inventory while other stands with “overstock. freight.S. commissions.

the measure of people’s efficiency is called productivity Information systems are integrated into accounting services and Financial information systems to help managers track accounting and cash Computer-Aided Design systems help engineers design new projects. Computer-aided manufacturing systems direct machines that assemble parts Supply chain management (SCM) systems optimize workload.Enterprise Resource Planning Enterprise resource planning (ERP) system   Systems which help managing daily operations and facilitates planning ERP systems serve organizations at organizational level instead of at organizational unit level ERP systems pose many challenges:    They are complex and require special tailoring for specific organizations They are expensive and may not support a company’s unique sets of business processes A process that becomes a weak link in one area may negatively affect other integrated processes Summary        Effectiveness is the degree to which a task is accomplished Efficiency is the ratio of output to input. speed. and cost in supply chains Customer relationship management (CRM) includes the entire cycle of relationships with customers .

Chapter 4 & 5: Business Hardware & Software Objectives         Explain functions of hardware components of computers Identify and evaluate key criteria for deciding what computers or related devices to purchase Explain the difference between application software and system software Explain the different generations of programming languages Clarify the differences between proprietary software and open source software Hardware Components Hardware Physical components of a computer Computers & Hardware Types of Hardware:   Input devices: receive signals from outside of computer and transfer them into computer Output devices: deliver information from computer to person Computer Categories .

     Supercomputers o most powerful computer at any given time Mainframe computers o store large amounts of data and business transactions o Use multiple processors Midrange computers o often act as servers within organizations Microcomputers personal computers. ports … . notebook computers A Peek Inside the Computer Central processing unit    Accepts instructions and data Decodes and executes instructions Stores output in memory Internal memory    stores data and instructions before and after CPU processes them RAM: random access memory ROM: read-only memory Motherboard   Main component of computer located inside computer Host the hardware components including memory. CPU. expansion cards.

Considerations in Purchasing Hardware Consider the following when purchasing hardware:     Power of the equipment Expansion slots and ports Monitor type and resolution Ergonomics Other factors include:      Compatibility with existing hardware Physical size of computer Reliability of vendor Power consumption and noise Software Software Software   Instructions to the Computer series of instructions to execute processes Major types of software:   Application software: programs that contribute to productivity and enable task completion System software: enables applications to run on computer Application Software Application-specific software Application-specific software performs specific jobs. .

statistical. calendars Project management tools: plan projects and track progress . serve multiple purposes Packaged software: ready to install from external storage medium (i.Office Productivity Applications           General-purpose application software: comes as packaged software. financial functions File management tools: create and manipulate local or shared databases Graphics programs: create graphics. Office Productivity Applications) Productivity tools: assist normal office work Word processors: type letters and articles Presentation tools: develop impressive presentations quickly Spreadsheets: perform mathematical. manipulate digital images Desktop publishing tools: produces pamphlets.e. cards.

often used in: o Education: lessons presented in multimedia o Training exercises o Compiling and integrating data for business situations Mashup software: an integrated application containing some or all features from several applications o Provides enhanced features for the end user Web Site Design Tools  Web site design tools: used to change content of Web pages o Includes Microsoft Expression Web. SharePoint Designer and Adobe Dreamweaver Groupware  Groupware: an application that enables real time over the Web collaboration o Integration of multimedia technology and Web technology allowing for remote collaboration o Eliminates travel times and facilitates expression and exchange of ideas . Microsoft FrontPage.Application Software (cont'd) Hypermedia & Multimedia    Hypermedia software o Hypermedia: a feature that enables users to access information by clicking text or graphics o Web page authoring tools: enable hypermedia features o Often part of other applications such as word processors and presentation tools Multimedia software: handles many different types of data.

machines. Avatar: an imaginary figure used to represent a real person Virtual Reality devices provide two elements:   Immersion: user senses that she/he is surrounded by the simulated environment Interaction: allows users to simulate changes in the environment using VR devices Virtual Reality on the Web includes multi-user virtual environments which allow for public gathering. Businesses use VR to decrease cost of planning buildings.Application Software (cont'd) Virtual Reality Virtual Reality: applications mimicking sensory reality. and vehicles. hearing and touch by using equipment such as goggles. earphones.    Simulates sight. and provides feedback to user. responds to signals. and moving bases Virtual Reality environment senses movement.   Second Life: an imaginary world using avatars to allow real people to meet and communicate Open Sim: an open source server platform for hosting virtual worlds . gloves.

Manages memory Runs applications and interacts with user and CPU Applications must be compatible with system software Examples of current operating systems:  Windows. allocates memory. © McGraw-Hill System software is the most important program. Networking and Security     Recognizes input from keyboard. Managing memory resources. incorporates services such as Database management. Encompasses compilers and interpreters Operating System An Operating system is the most significant System software. Virtual memory: hard disk acts as RAM Plug-and-play: run a device as soon as physically attached . Linux (Free OS based on UNIX). starting from the user interface and moving inward to the hardware. are other Operating System functions. Mac OS Utilities such as Hardware diagnostics.System Software (Operating System) System software Computers operate on a number of layers. Copying files. Sends output to display Keeps track of files and directories. deals with essential operations such as:   User interface. Loading files. Disk check and File sorting.

and PERL. an office suite. an e-mail application. handheld and electronic devices. It runs on mainframes. MySQL. Courtesy of The Mozilla Foundation and OpenOffice. Open Source Software Proprietary software  Sold for profit and developer retains rights to software Open Source Software Open source software is distributed freely. are just a few of hundreds of useful and popular open source applications. Linux is probably the best known and most popular open source operating system because of its versatility. a Web browser.org. and antispyware/antiadware programs Database management systems Proprietary vs. Firefox. Note: not all free software is open source (i. Thunderbird.org   Free source code Fewer bugs because many programmers review the software Examples of open source software include: Mozilla Firefox.e. and Thunderbird. Microsoft Internet Explorer) Considerations for Packaged Software Factors when purchasing software packages:   Cost and time to implement Cost of interrupting operations .Driver: enables OS to control device Other types of system software include:     Compilers and interpreters Communications software: supports transmission and reception of data across computer networks Utilities include antivirus programs. firewalls. OpenOffice.

 Modification costs Software Licensing   Packaged Software is usually licensed Licensed software has limited permission o Time-limited license requires annual fees Licensing models   Permissive model: anyone can use the software and sell modified versions of the software General public license: anyone can use and modify the software but cannot sell the modified versions Programming Languages & Software Development Tools Programs: instructions needed for computer operations Programming: process of writing programs Software development tools: Tools to develop software Debugging: locating and fixing program errors Machine language: the only language that hardware understands  Consists of long strings of 0s and 1s Assembly language: easier to program than machine language because it uses words for commands High-level programming languages: use English-like statements .

Language Translation: Compilers & Interpreters Compiler   translates entire source code to object code Scans for syntax errors and generates error message Interpreter   executes object code one statement at a time Scans for error .

Programming Languages & Software Development Tools Evolution of Programming Languages .

Programming Languages & Software Development Tools Advantages of Higher-Level Programming      Ease of learning the language Ease of programming Significantly shorter code Ease of debugging Ease of maintenance (for example. modification of a procedure) Disadvantages of Higher-Level Programming    Less control over hardware Less efficient memory use Program runs more slowly Summary         Software is the collective term for computer programs Software is classified as: system or application Programming languages and software development tools help programmers develop software Application programs can be custom designed or packaged Code must be translated with compiler and/or interpreter Office productivity tools help worker efficiency Example of system software is operating system Open source software is distributed freely .

voice mail. faxing.Chapter 6: Business Networks and Telecommunications Objectives • • • • • Describe business and home applications of digital telecommunications Identify the major media and devices used in telecommunications Explain the concept of protocols Compare and contrast various networking and Internet services List networking technologies and trends that are likely to have an impact on businesses and information management in the near future • Discuss the pros and cons of telecommuting Telecommunications in Business Telecommunications Telecommunications: Transmittal of data and information from one point to another to allow communications over large distances. Networking technologies have improved business process by providing: • Better business communication: including e-mail. .

• Cellular Phones •Name is derived from areas of service. file transfer. including E-mail. called cells •Each cell has a computerized transceiver to transmits and receives signals •Cell phones provide other capabilities. television now available via the Web also Telecommunications in Daily Use • • • • • Cellular phones Videoconferencing Wireless payments and warehousing Peer-to-peer file sharing Web-empowered commerce Telecommunications in Daily Use Videoconferencing saves time and travel expenses and reduces air pollution. faxing. Inc. transportation and time • Radio frequency identification (RFID): Enables rapid transactions and payments Used at gas stations for payment at pump Used in vehicles for automatic road toll payment . GPS and Digital cameras • Videoconferencing • Brings together conference rooms that are thousands of miles apart by enabling transition of images and speech • Produces savings in multiple areas.teleconferencing. instant messaging and mobile telephony • Greater efficiency: information delivery is immediate and not constrained by geographical distance • Better distribution of data: central storage with both local and remote access • Instant transactions. radio. using Web and wireless technologies • Flexible and mobile workforce: telecommuting and wireless connectivity for remote workers • Alternative channels: voice. lodging. including travel. Courtesy of Polycom.

Bits per second (bps) • unit of measure for bandwidth Broadband • communications medium that can carry multiple transmissions simultaneously Baseband • communications medium that carry one transmission at a time Types of Communications Media (From top) Twisted pair cable. purchase. often in violation of copyright laws • Web-Empowered Commerce: Increasingly fast communication allows organizations and individuals to: Conduct business Research Market Educate and train Shop. optical fibers and coaxial cables . also called transmission rate or bit rate Different media have different bandwidths. and pay • Entire industries have been created by the Web. such as online exchanges and auctions Bandwidth and Media Bandwidth • speed at which data is communicated.Used to track and locate items in warehouses • Peer-to-peer (P2P) file sharing: used to locate and download files from any online computer through Internet using applications such as LimeWire. BearShare. KaZaa and Morpheus Used extensively to download music and video files.

reliable. and low cost • Connects devices with RJ-45 connector plug Coaxial cable .Tangible media Twisted pair cable • pairs of insulated copper wires twisted together • Twisting reduces electromagnetic interference (EMI) • Flexible.

• for cable television transmission • Used for Internet connections via cable Optical fiber • uses light to represent bits • Not susceptible to interference • Can carry signals for longer distances Intangible media Radio frequency (RF) technologies • Use radio waves to carry bits • Popular examples: Wi-Fi and Bluetooth Microwaves • High-frequency radio waves that can carry signals with high accuracy over long distances • For outside transmission, weather conditions may degrade the quality • Microwave signals can be transmitted by satellite links

Network • combination of devices (or nodes) connected through a communication media • Any compatible device that can transmit and receive on a network can be part of a network Networks are classified by complexity and reach. Three Basic Types of Networks: LANs, MANs & WANs LAN Networks • Local area network (LAN): established by a single organization and shared among employees • Server-based LAN: a single computer controls the network • Peer-to-peer LAN: no central device controls communications

Wireless LANs (WLANs) offer advantages such as: • Easier installation • More scalable • More flexible: equipment is easily moved • WLAN drawback: wireless networks are less secure • Scalability: ease of expanding a system MAN Networks • Metropolitan area network (MAN): Links multiple LANs within a large city Typically uses fiber optic or wireless broadband connections between LANs WAN Networks • Wide area network (WAN): Far-reaching system of networks composed of public or private LANs or MANs Internet service providers (ISPs): an organization that offers users access to the Internet and related services Preferred method of conducting e-commerce; Less costly than VAN Other Networks • Personal area network (PAN): wireless network designed for handheld devices ◦ Used by one or two people ◦ Transmission speed is slower ◦ Maximum distance is about 10 meters • Value-added networks (VANs): Networks with enhanced services offered by outside vendors ◦ Provide reliability, management, and maintenance of networks for an organization • Virtual private network (VPN): An alternative for a LAN which use Internet; enables

the use of intranets and extranets VPN utilizes the Internet, a public network, to simulate a private network that only authorized users can access

Networking Hardware

LAN routers have become a commons device in offices and households. Courtesy of Linksys, a Division of Cisco Systems Networks use a variety of devices to connect computers and peripheral devices. • Network interface card (NIC): connects a device to a hub, switch, bridge, or router, which connects to a LAN or WAN • Hub: central location to connect devices to LAN; broadcasts all communications to all devices • Switch: a hub that sends communications only to designated devices on the network • Bridge: connects two networks • Router: routes data packets to the next node on the path to the final destination • Repeater: amplifies or regenerates signals • Modem: translates communication signals from analog to digital and vice versa • Dial-up connection: slower type of connection through modem, usually no faster than 56 Kbps

Switching Techniques

Switching techniques Switching techniques: specify how messages travel to their destinations • Circuit switching: dedicated channel (circuit) is established for the duration of the transmission • Packet switching: message broken into packets Packets are transmitted independently, and may be routed through different paths Packet numbers are used to reassemble the packets at the destination • Packet: group of bits transmitted together • Frame relay: high-speed packet-switching protocol used in WANs Variable-sized packets routed quickly • Circuit switching is ideal for real-time communications when no delay is desired • Packet switching is more efficient, but introduces some delay • Multi-Protocol Label Switching (MPLS): uses packets, but all packets are routed on the same path; used for VoIP

Protocol • Protocol: set of rules governing communication between computers Different protocols are designed for WANs, LANs, and wireless communications • TCP/IP (Transmission Control Protocol/ Internet Protocol) is the most important

© Ed Hidden istockphoto.com • Bluetooth: allows devices to communicate within 10 meters Transmits voice and data Considered a PAN technology • DNS (Domain Name Service): associates a character-based name with an IP address • Static IP address: a permanent address assigned to a device • Dynamic IP address: temporary IP number assigned to a device for the duration of the connection Provides flexibility when the number of IP addresses is limited .11: a family of wireless protocols known as Wi-Fi (Wireless Fidelity) Supports wireless communication within 100 meters of router 802. The technology enables hands-free use of mobile phones. WiFi.11 subtypes support various distances and speeds up to 248 Mbps • Worldwide Interoperability for Microwave Access (WiMAX): increases range and speed of wireless communication Works with metropolitan area networks (MANs) enable Internet connection while in a moving vehicle • Access point (hotspot): connection between wireless device and a wired network Allows Internet access within range of equipment • Mobile Broadband Wireless Access (MBWA): similar to cell phone communications Compatible with IP services. and Bluetooth Would support WiFi routers on cell towers to allow use of VoIP by cell phones • Encryption: ability to scramble (encode) messages Uses encryption keys shared between sender and receiver Bluetooth supports a personal area network.set of protocols for telecommunications and 
 networks TCP ensures packets arrive accurately and in proper order IP ensures efficient delivery of packets from node to node IP number: unique numerical identification for a network device TCP/IP is Internet backbone: highest speed channels • IEEE 802.

Ethernet Ethernet: LAN protocol using coaxial or Cat 5 or 6 twisted pair cable • Gigabit Ethernet: faster Ethernet connection of one Gbps or greater • Devices on network contend with other devices for transmission time • CSMA/CD (Carrier Sense Multiple Access with Collision Detection) protocol ensures there are no collisions in transmission Generations in Mobile Communications Internet Networking Services Network Services Variety of options to choose from when subscribing to network services • Downstream: speed of receiving from network • Upstream: speed of transmitting to network Services with lower rates for upstream than downstream are suitable for most individuals and businesses Cable • Internet links provided by television cable firms • Cable connected to Internet server • At residence. cable is split into TV set and computer via a bridge called a cable modem • Cable shared by all subscribers connected to the node • Communication speeds may slow during peak times and as more subscribers join the .

© Dale O'Dell/CORBIS Satellite services use microwave radio transmission • Service provider installs dish antenna that is tuned to a communications satellite • Speeds up to 45 Mbps • Used for private homes and for mobile uses such as shipping and trucking Global positioning system (GPS): a free satellite service that provides location information .service Digital Subscriber Line (DSL) Digital subscriber line (DSL): data remains digital through entire transmission • Uses telephone lines connected to DSL bridge (DSL modem) • Several types of DSL: • Asymmetric allows different upstream and downstream rates • Symmetric provides high speed in both directions for short-distance communications • Transmission bit rates closely related to distance from telephone company’s central office T1 and T3 Lines T1 and T3 lines: point-to-point dedicated digital circuits provided by telephone companies • T1 line is made up of 24 channels of 64 Kbps • T3 line is made up of 672 channels of 64 Kbps • T1 and T3 service is expensive • Used by universities and large companies for backbone and Internet connections Satellite Microwave transceivers are used by many businesses to communicate data.

GPS satellite on public display at the San Diego Aerospace Museum Fixed Wireless Fixed wireless: point-to-point transmission between two stationary devices. typically between buildings. Wireless Internet service provider (WISP) • Specializes in fixed wireless service • Highly modular and scalable • Suitable for both rural and urban areas Fiber to the Premises • Fiber to the Premises: Connects a building to the Internet via optical fibers • Fiber to the Home (FTTH): when the optical fiber reaches the subscriber’s living or work space • Subscribers connect computers or LAN routers to an optical fiber socket Optical Carrier • Optical carrier (OC): provides services through optical fiber lines • Expensive • Very high connection speeds • Provides speeds in multiples of 51.84 Mbps (the base rate bandwidth) Typically used by: • ISPs • Providers of search engines • Content-rich or high-traffic Web sites .

a division of Cisco Systems Trends likely to have a significant impact on businesses and management of information: • Broadband telephony • Radio frequency identification (RFID) • Convergence of digital technologies Broadband Telephony .Broadband over Power Lines (BPL) Image by Wikipedia user: Tony Boon Broadband over Power Lines (BPL): uses electric power lines to carry digital signals. Courtesy of Linksys. speeds are similar to those of DSL. Used by utility companies to: • Monitor power consumption down to household • Detect power failure in real time • Track power outages by region • Automate some customer services • Remotely control substations The Future of Networking Technologies For a low monthly fee subscribers can use VoIP telephoning.

Voice over Internet Protocol (VoIP) Voice over Internet Protocol: uses Internet connection to conduct telephone conversations • Flat monthly charge instead of per call charge • Different quality of sound from traditional telephone services • May not allow direct calls to emergency numbers such as 911 • When Internet link or power is down. • Objects are embedded with tags that contain a transponder (a radio transceiver activated by a signal transmitted to it) • Tags are encoded with electronic product code • RFID tags are tiny and need little power • Readers decode data stored in tag’s memory and pass the data to a host computer • Efficient for large companies. but expensive for smaller companies Common RFID Applications • • • • Retail / product tracking Animal tracking Access control / door keys Antitheft Measures Summary • Telecommunications is communication over distance • Telecommunications technology has changed the business environment • Different media have different bandwidths . Photograph courtesy of Intermec Technologies. no phone service Radio Frequency Identification (RFID) RFID electronic product code tag is about the size of a quarter.

Internet telephony (VoIP) is gaining in popularity • Wireless technologies support the increasingly popular RFID technologies .• • • • • • Networks are classified according to reach and complexity Public network can be turned into a virtual private network (VPN) Two ways to switch a communication line: packet switching and circuit switching Network protocols are sets of rules to which all devices on a network must adhere The Internet adheres to the TCP/IP protocol Wireless technologies make it easy and affordable to create wireless LANs and hotspots • Organizations and individuals have variety of choices when subscribing to networking services • As Internet links become faster.

the most popular database model • Understand how data modeling and design creates a conceptual blueprint of a database • Discuss how databases are used on the Web List the operations involved in transferring data from transactional databases to data warehouses Managing Digital Data • • • • • • Businesses collect and dissect data for many purposes Data can be stored in database format Easy access and manipulation Databases have had a profound impact on business An information industry has been created Database technology integrated with the Internet has contributed to commerce significantly The Traditional File Approach Traditional file approach: no mechanism for tagging.Chapter 7: Databases & Data Warehouses Objectives • Explain the difference between traditional file organization and the database approach to managing digital data • Explain how relational and object-oriented database management systems are used to construct databases. retrieving. or manipulating data Traditional approach is inconvenient: • Program-data dependency • High data redundancy • Low data integrity . and manipulate the data to produce information • Enumerate the most important features and operations of a relational database. populate them with data.

such as: • People • Events • Products • Character: smallest piece of data • A single letter or a digit • Field: single piece of information about entity • Record: collection of related fields • File: collection of related records • Database fields can hold images. populate a database with data and manipulate data in a database . etc. • Field name allows easy access to the data Database management system (DBMS) is a program used to build databases. The layout of a human resource file in traditional file organization. video clips.1. © McGraw-Hill The Database Approach Database approach: provides powerful mechanism for managing and manipulating data Database approach has several advantages over traditional file approach Data redundancy: duplication of data Data integrity: accuracy of data • Database approach: data organized as entities • Entity: an object about which an organization chooses to collect data.
 Figure 7. sounds.

2.3. Data Hierarchy.Figure 7. © McGraw-Hill Database Models . Different database views reveal different combinations of data. based on the data they are allowed to see Database administrator (DBA): the person responsible for managing the database • Sets user limits for access to data in the database • DBMS is usually bundled with a programming language 
 Figure 7. © McGraw-Hill Query: a message to the database requesting data from specific records and/or fields • Database must be properly secured • Not everyone should have access to all data • Users will have different views of the database.

Database model: general logical structure • How records stored in the database • How relationships between records are established Database models differ in: • How records are linked to each other How users can navigate the database. you must understand the entities to be stored in the database and how they relate • Tables are independent of each other. but can be related to each other 
 . retrieve records. and create records The Relational Model Relational Model: consists of tables • Based on relational algebra • Tuple: record (or row) • Attribute: field (or column) • Relation: table of records To design a relational database.

not records . Key: a field whose values identify records. Each row contains a unique instance of data for the categories defined by the columns. each record in the table must have a unique key value • Composite key: combination of fields that serve as a primary key • Foreign key: a field that is common to two tables Used to link the tables This field is a primary key in one table and a foreign key in the other • Join table: composite of tables Two types of table relationships: • One-to-many relationship: one item in a table is linked to many items in the other table Many-to-many relationship: many items in a table are linked to many items of the other table The Object-Oriented Model The Object-Oriented Model • Object-oriented database model: uses object-oriented approach for the database structure • Encapsulation: combined storage of data and relevant procedures to process it • Allows object to be “planted” in different data sets • Inheritance: the ability to create a new object by replicating the characteristics of an existing (parent) object • Object-oriented databases (ODBs) store data objects. used to retrieve records Primary key: a field by which records are uniquely identified.Example of a Relational Model: Data items organized as a set of formally described tables from which data can be accessed or reassembled in many ways without having to reorganize the database tables. Each table (sometimes called a relation) contains one or more data categories in columns.

the code and data are merged into a single indivisible thing—an object. Relational Operations Relational operation: creates a temporary subset of a table or tables • Used to create a limited list or a joined table list Three important relational operations: • Select: a selection of records based on conditions • Project: a selection of certain columns from a table • Join: join data from multiple tables to create a temporary table Structured Query Language (SQL) Structured Query Language (SQL): query language of choice for DBMSs Advantages of SQL: • It is an international standard • It is provided with most relational DBMSs • It has easy-to-remember. In an object-oriented data model. code and data have been kept apart. Traditionally.
 Object-Oriented Model: Defines a data object as containing code (sequences of computer instructions) and data (information that the instructions operate on). intuitive commands .

Example of Metadata Schema Schema: a plan that describes the structure of the database. and how often Data Modeling Databases must be carefully planned and designed to meet business goals Data modeling: analysis of an organization’s data and identification of the data relationships • A proactive process • Develops a conceptual blueprint of the database Entity relationship diagram: a graphical representation of all entity relationships . or updated. including: • Names and sizes of fields • Identification of primary keys • Relationships Data dictionary: a repository of information about the data and its organization (also called metadata: the data about the data) Metadata Metadata includes: • Source of the data • Tables related to the data • Field and index information • Programs and processes that use the data Population rules: what is inserted.

© McGraw-Hill Entity relationship diagram is composed of: • Boxes: identify entities • Lines: indicate relationship between entities • Crossbars: indicate mandatory fields • Circles: indicate optional Crow’s feet: identify “many” Databases on the Web The Web is dependent on databases: • Organizations must link their databases to the Web • Interface between Web and database required Interface may be programmed in one of several Web programming languages. including: • Java servlets • Active server pages (ASP) • PHP (Hypertext Preprocessor) • Web application program interfaces (APIs) Figure 7.11. An entity relationship diagram (ERD).09. © McGraw-Hill . Active server pages and similar software enable data queries and entry via the Web.Figure 7.

Data Warehousing Data Warehousing • Most data collections are used for transactions • Accumulation of transaction data is useful Data warehouse: a large repository database that supports management decision making • Typically relational • Data is collected from transactional databases Figure 7.3. © McGraw-Hill Data mart: a smaller collection of data focusing on a particular subject or department Transactional Databases vs. Data Warehouses • Transactional databases are not suitable for business analysis Contain only current. Data Warehouses Transactional Databases vs. not historical data • Data warehouse requires large storage capacity: Mainframe computers are often used Scalability is an issue Data warehouses grow continually Three phases in transferring data from a transactional database to a data warehouse: Phases in Data Warehousing . Phases in preparing and using a data warehouse.

transformation.A properly built data warehouse becomes a single source for all data required for analysis Data mining and online analytical processing (OLAP) use data in data warehouses Summary • • • • • • • • • • • Organizations collect vast amounts of data Database approach has several advantages over traditional file approach Character: smallest piece of data Field: made up of multiple characters Record: collection of related fields File: collection of related records Database management system (DBMS): tool to construct databases Relational and object-oriented database models have different advantages Keys are used to form links among entities Primary keys are unique identifiers Object-oriented database maintains objects that contain data and procedures that process it • Structured Query Language (SQL) is an international standard for querying databases • Database designer must construct a schema to construct a database • Database designers conduct data modeling and create entity relationship diagrams to plan databases • Many databases are linked to Web • Data warehouses contain huge collections of historical transaction data • Data warehouse requires data extraction. and loading of transactional data Invasion of privacy is exacerbated by database technology .

uses and mails significantly fewer paper documents. o Saves 15. a Web-based collaboration and document-sharing tool from EMC Corp.   3200 lawyers in 24 countries and 63 offices around world Uses eRoom.Chapter 8: The Web-Enabled Enterprise Objectives        Describe how the Web and Internet change business operations Explain the functionality of Web technologies Compare and contrast options for Web servers Explain basic business-to-business and business-to-consumer practices on the Web Explain the relationship between Web technologies and supply chain management Give examples of features and services that successful business Web sites offer Learn how to protect against online identity theft Web Business: Growing and Changing The Web allows for effective decentralized business environments. and reduces redundant work Web Technologies: A Review . DLA Piper LLP is second largest law firm in world.000 labor hours annually.

transfer and download Web information. HTML. including:         HTTP. XML File Transfer RSS Blogs Wikis Podcasting IM Cookies Web Technologies Hypertext Transfer Protocol (HTTP): helps developer create Web pages. determines look and location of content HTTPS: HTTP secure for confidential data exchange Extensible Markup Language (XML)   Enables creation of various data types Conveys the meaning or content of the data XHTML   Combination of XML and HTML Uses opening and closing tags to control format File Transfer Protocol (FTP): used to transmit any type files in all downloads from Web sites  Can place files on a server for shared use .Several standards and technologies enable the Web to deliver rich information.

 Often used to deliver purchased software products on Web sites Really Simple Syndication (RSS)     XML file formats that allow automatic downloads on a subscription basis Helps users check for updates and allows transmittal of new information Communicates short descriptions of content Useful on news Web sites Web Technologies Many organizations have added instant messaging to the contact options listed at their Web sites. meaning “quick”): Web application that enables users to add to and edit the contents of Web pages    All the software required to edit the Web pages is embedded in the pages themselves Wikipedia: a popular online encyclopedia Wiki technology is a popular ingredient in groupware (software used for collaboration) Podcast: publishing sound and video on the Web for download usually on a subscription basis Uses include: . Blog: contraction of “Web log”      Invites surfers to post opinions and art Focuses on a topic or set of topics Trackback: a tool that notifies bloggers when their posts have been mentioned elsewhere on the Web Blogs are often used by businesses Importance of blogs to commercial organizations is to find out what blog participants think and say about the organization Wiki (from Hawaiian.

but users can control the use of cookies in a browser.    “Time-shifted” broadcast of radio station programs for later listening Audio tours in museums Lectures in distance learning courses Garageband. Cookie: small file that stores information about a Web site visitor. stored on the visitor’s computer      Usually records the surfer’s ID Often stores the surfer’s preferences Provides convenience to consumers Can be temporary (single session) or permanent Potential for intrusion into surfer privacy Clickstream tracking: tracks a surfer’s clicking activities Spyware: traces and reports online behavior Proprietary Technologies Proprietary technology: intellectual property of developer. . not free for all to use.com allows musicians to post music tracks Instant messaging (IM): real-time chat    Form of synchronized e-mail Chat room: communicate with a group Customers can chat with sales or support reps Web Technologies Cookies enable a site to identify a user and provide useful individualized service.

Examples:      Local search engine Shopping cart applications Wish lists Video streaming tools Tools to analyze and predict Web visitor behavior. especially shopper behavior Web-Enabled Business Web-enabled businesses are classified according to the interacting parties:     Business-to-business (B2B) Business-to-consumer (B2C) Government-to-business Government-to-consumer Business-to-business (B2B) Business-to-business (B2B): trading between businesses including advertising through:     Search advertising: advertisements placed on a search site result page Banners: images placed on Web sites that link to a company site selling a product or service Reach percentage: the percentage of Web users who visited a site in the past month Intranet: network used only by employees of an organization .

The components of a Web-based retailing operation. usually business partners Exchanges and auctions act as online marketplaces o o Exchange: extranet for organizations that deal in products and services of a particular type  Exchange operator profits from transaction fees Auction: sells a great variety of items Online business alliances: collaboration between businesses in establishing a Web site   Site operator works for the allied companies Suppliers are invited to sell through the site and compete among themselves. driving prices down Web-Enabled Business Business-to-consumer (B2C) Business-to-consumer (B2C): trading with the general public      E-Tailing: online retailing to consumers Consumer profiling: know customers better by gathering information about their online activities Auction sites serve as a hub for consumers to buy and sell Reverse auction: customers name their own price for desired goods and services Content providers: offer information. Extranet: network shared by employees of different organizations.8. classified ads. and video Figure 8. © McGraw-Hill Supply Chains on the Web . artistic work.

Supply chain management (SCM) systems may be connected to the Web to allow suppliers to participate directly

Use of XML allows companies to set standards for data exchange

Electronic Data Interchange (EDI): a system used prior to the Web to exchange documents electronically
 

Set standards for data formats EDI networks are owned and managed by value-added network (VAN) companies

Options in Establishing a Web Site
 

Web site: Web pages that make up information and links Internet server: a computer connected to the Internet backbone

Businesses have two choices for hosting a Web site: 1. Installing and maintaining their own Web servers o Owning and maintaining Web servers is costly o Provides the greatest degree of control, but requires expertise to set up and maintain o Must obtain a high-speed link to the Web 2. Contracting with a Web hosting service o Use Web server managing service

Many companies offer Web hosting to support online businesses.

Rules for Successful Web-Based Business
Business success depends on availability and use of software.

Elements needed to support B2C commerce:

     

Targeting customers Capturing the customer’s complete experience Personalizing the service Shortening the business cycle Let customers help themselves Be proactive and de-commoditize

Rules for Successful Web-Based Business
Target the Right Customers
      

Most important effort of marketing Involves identifying the sites that your audience visit Use cookies to record shopper’s movements on Web Use CRM software to create consumer profiles Turn shopper experience into an asset of business by: Tailoring of Web pages to individual customers, and Fine-tuning of the product portfolio

Personalize the Service
    

CRM software and Web page customization software can be combined to: Personalize Web pages shown to a customer Allow the customer to select the type of e-mail content desired Respect visitor privacy Allow the customer to tailor products to be purchased

Shorten the Business Cycle
  

Business on the Web saves time for customers Fulfillment is a major challenge for businesses Activities after customer places order

     

Fast shipping is desired because: It produces higher customer satisfaction Business collects payments faster Can outsource the entire fulfillment task to fulfillment organizations such as: UPS’s e-Logistics FedEx’s Supply Chain Services

Let Customers Help Themselves
      

Customers need information from organization: Status of order Status of shipped item Installation instructions Troubleshooting E-mail messages sent to customers with information about orders and how to track them FAQs online allow customers to find answers to common questions

Be Proactive and De-Commoditize
     

Prompt e-mail replies expected Proactive alerts expected for changes in orders or services, or product recalls Automatic reordering features are desirable Must take initiatives to de-commoditize products Commodity: a product sold at roughly the same price by many vendors (no differentiation) Addition of features or services prevents a product from becoming a commodity by creating differentiation

E-Commerce is Every Commerce
 

Web technologies have been highly integrated into the business world. Difficult to identify which business activities are on the Internet and which are not.

 

Web has been highly integrated into daily activities of customers also. Commerce and e-commerce generally have the same meaning today.

             

Some industries have changed drastically because of the Web HTTP is an Internet standard controlling Web server addresses HTTPS is a security version of HTTP XML is a standard for description of data Blogs enable people to create discussion Web pages Cookies help Web sites personalize the visitor’s experience A business can maintain its own Web server or use a Web hosting service Organizations should consider several factors when selecting a Web host B2B and B2C are types of Web-enabled commerce B2B trading relies on electronic data interchange (EDI) and XML Wireless handheld computers allow mobile commerce, called mcommerce Online businesses must adhere to several factors to be successful Virtual worlds provide a means to meet and conduct business and social activities on the Web Phishing is a pervasive fraud crime

End of Chapter 8 Lecture

Some nations are afraid that cross-border information flow promotes cultural imperialism. Over 70 percent of Internet users come from non-English-speaking countries. yet be sensitive to local cultures and standards.1. legal. and other challenges to implementing international information systems Multinational Organizations An increasing number of corporations are becoming multinational. © Michael Lassman / Bloomberg News / Landov The Web & International Commerce Figure 9. © McGraw-Hill.Chapter 9: Challenges of Global Information Systems Objectives    Explain why multinational corporations must use global information systems Provide elementary advice for designing Web sites for an international audience Cite the cultural.interentworldstats. for example McDonalds menu changes to appeal to local palates Global information system: a system that serves organizations in multiple countries o Used by multinational corporations Overseas operations must abide by local laws.   Globalization: designing global sites to cater to local preferences. Source: Internet World Statshttp://www.    Internet opens enormous global opportunities Chinese market is expected to be the largest in future The Web offers opportunities to increase revenue and to save on costs .com The Web has become an important vehicle for B2B and B2C commerce. Global businesses must be sensitive to local audiences.

Act Locally International companies must “think globally. 9.”    Acting locally means being sensitive to regional customs and language nuances Control must be decentralized Strategic planning should be global. 2. scientific & security Interests Political challenges Different measurement and notation standards Legal barriers Different time zones 1. Technological barriers Regulations and tariffs Electronic payment mechanisms Different languages and cultures Conflicting economic. companies can offer two versions of their Web sites Language is another technological challenge o Eight-bit byte code is not sufficient for languages with large character sets. 3. o Unicode allows for 65. Technological Barriers    Some countries do not have adequate infrastructure to allow companies to build an international IS o Broadband communication lines are needed to support today’s graphics-rich Web pages To compensate for slower bandwidth. but can be followed with a local flavor.536 characters . Challenges of Global Information Systems Global information systems face challenges such as: 1. act locally. 7. 6.Ratio of non-English speakers to English speakers on the Web is growing  Web sites and documentation are presented in many languages Online manuals replace paper documents Think Globally. 5. 4. 8.

3. Language & Cultural Differences Companies must accommodate non-English speaking audiences when using Web for business International parties must agree on a common language for communication (English is considered the de facto international language)  Large companies translate their Web sites into local languages Some countries may not like “Americanization” of their cultures.2. etc. license requirements. Regulations and Tariffs Countries have different import regulations and tariffs and companies must comply with these laws  Companies like. Management Dynamics. . customs delay information. Electronic payment mechanisms    Ecommerce allows easy payment for online purchases Credit cards are preferred payment method in North America Some countries do not like to use credit cards o High level of stolen credit cards in Eastern Europe o Europeans prefer debit cards o Most Japanese reluctant to use credit cards 4. help importers and exporters for Web commerce by providing tariffs.  Web designers must be sensitive to cultural differences.

scientific. and copyrights differently . patents. Scientific & Security Interests     Goal of corporate management is to maximize profits Goal of a national government is to protect its interests (economic. Conflicting Economic. People from different countries vary in their: o Gestures o Preferred colors o Treatment of people of certain gender or age o Attitudes about work o Opinions about ethical issues Companies must tailor to local preferences and be aware of cultural differences and payment preferences 5. and security) Scientific information is a national resource as well as a great source of income for foreign corporations o Occasionally these interests conflict Countries treat trade secrets.

S.S. uses month/day/year format. the rest of the world uses day/month/year Symbols & Codes o European Article Number (EAN): bar code that includes an extra number to identify country of origin o Universal Product Code (UPC): American standard without the last extra number . and metric measurements Different standards exist for Dates. Different Standards Differences in standards must be considered when integrating ISs internationally (records may be incompatible)    Units of Measurement: United States uses the English system of weights and measures. Political Challenges         Some countries oppose the policy of free access to information as a threat to their sovereignty They believe it might give other nations an opportunity to control their natural resources Global corporations must ensure compatibility with software adopted by local governments Some governments limit how the Internet is used Free speech is not a universal principle Web content restriction is common in many countries Global companies must obey local laws and may require collaboration with government resulting in arrest and prosecution of local users Ethical dilemma: how to balance business interest with moral principles. the rest of the world uses metric system o NASA lost a $125 million Mars orbiter mission due to errors in data transfer caused by a mismatch between U. May hinder the transfer of documents to certain divisions of a multinational corporation Intellectual property is tightly protected in the U. Times. but not protected in other countries o 6. and not help dictatorships violate civil rights 7. and Western Europe. Addresses and Temperatures o for example the U.S.

companies had to adapt ISs to recognize.  Not all governments protect individual privacy European Union practices may conflict with U. .S. Differing laws pose challenges to:    International transfer of data Free speech Location of legal proceedings when disputes arise Privacy laws Respect for privacy in international business is an unresolved challenge. practices     Personal data may be collected for specified purposes Personal data cannot be processed without the unambiguous consent of the subject Collecting organizations must identify themselves Subjects have the right to know to whom their data is disclosed to processing of their personal data Many American companies collect. buy. record. and process the new bar code standard o Global Trade Item Numbers (GTINs): UCC is now trying to expand product codes to the 14-digit GTINs  GTINs support global supply chains by allowing many more product ID values The major push to use RFID tags in the U.S. and sell data for marketing and decision making. American Uniform Code Council (UCC): promoted the use of European standard  U. could expand to the rest of the world o 8.S. Legal Barriers Countries have different laws that affect global business and e-commerce.

S. Different Time Zones .    Safe Harbor: arrangement for U.S. and EU The European Union (EU) is an example of one political unit with many legal.S. linguistic. cultural.S. and European Union (EU) are different.S. and EU Other applicable laws affecting online business include those that address: o Free speech o What can or cannot be displayed online o Gambling o Auctioning o Sale of alcoholic beverages and drugs 9. The U. © McGraw-Hill EU directive is only a framework. companies that have agreed to comply with the EU directive Privacy laws regarding employees are also different in the U. and EU have different data privacy laws which restrict flow of personal data between the U.Laws governing collection and manipulation of personal data in the U. EU countries may have more restrictive laws. and other differences.

S.     Different global regions require policies for work and information systems Teleconferencing systems must be available most of the day. or record a single time (that of the company headquarters) The old legal approach of territorial jurisdiction is inadequate for business conducted on the Web. and political challenges Laws governing collection and manipulation of personal data in the U. Free speech and consumer litigation of e-tailers have brought to light the need for international legal reform for cyberspace. Summary        Companies must accommodate non-English speaking audiences when using Web for business Companies must tailor to local preferences and be aware of cultural differences and payment preferences They must be aware of tariff. economic. linguistic.S. and EU have different data privacy laws which restrict flow of personal data between the U. and EU The old legal approach of territorial jurisdiction is inadequate for business conducted on the Web Free speech and consumer litigation of e-tailers have brought to light the need for international legal reform for cyberspace End of Chapter 9 Lecture . cultural. legal issues. and European Union are different The U. sometimes 24 hours per day To allow employees from different time zones to discuss problems that need immediate resolution To accommodate clients worldwide. teams in support centers may work shifts Managers must be aware of incorrect timestamping in different locales o Systems at both locations can be designed to record local times of both locations.S.

and • There is a lot of processing involved Two types of decision support aids: • Decision support systems (DSSs) • Expert systems (ESs) Applications today may combine both types to provide single optimal solution or set of solutions. Computer-based systems can help when: • There are large amounts of information. . Decision support modules can be part of larger enterprise applications called business analysis tools or business intelligence applications.Chapter 10: Decision Support & Expert Systems Objectives • List and explain the phases in decision making • Articulate the difference between structured and unstructured decision making • Describe the typical software components that decision support systems and expert systems comprise • Give examples of how decision support systems and expert systems are used in various domains Describe the typical elements and uses of geographic information systems Decision Support Success of an organization largely depends on the quality of decisions made by employees.

expert systems. and ideas • Design phase: design the method for considering the collected data. beliefs. or even millions of different courses of actions available to achieve a desired result. intelligence. • Intelligence phase: collect facts. there may be dozens. Decision making is a three-phase process: Three major phases of decision-making process are design. In business. group decision support systems. and geographic information systems Structured & Unstructured Problems Structured problem Optimal solution can be reached through a single set of steps • Algorithm: a sequence of steps to complete a task • Parameters: categories of data that are considered in an algorithm Examples: Mathematical and physical problems Unstructured problem One for which there is no algorithm that leads to an optimal . and choice. hundreds. to reduce the alternatives to a manageable number • Choice phase: select an alternative from the remaining choices Decision aids include decision support systems.The Decision-Making Process A decision must be made whenever more than one possible action is available.

Unstructuredness is closely related to uncertainty.solution. or • May be a large number of potential factors Examples: Weather prediction or Stock market prediction Semi structured problem One that is neither fully structured nor totally unstructured • Professionals encounter semi structured problems almost daily in many different industries. . • The goal is to choose the one alternative that will bring about the best outcome. • May not be enough information.

model management module. including data warehouses.Decision Support Systems Decision support system (DSS) • a computer-based information system designed to help knowledge workers select one of many alternative solutions to a problem Advantages of DSSs include: • Help increase market share • Help reduce costs • Help increase profitability • Help enhance product quality Most DSSs consist of three components: data management module. and dialog module. Components of Decision Support System Data management module Database or data warehouse that provides data for the intelligence phase • Provides a means to select data by specified criteria • Many DSSs are intertwined with other organizational systems. and ERP systems Model management module A sequence of events or a pattern of behavior can become a useful model • Models are often based on mathematical research .

• Models turns data into useful information • Patterns or models may be unique to a certain industry (ATM placement. Airline ticket pricing) • Components of Decision support system Dialog module Prompts the user to select a model and data to process • Allows the user to change parameters and view the results of the changes (“what if” analysis) • Displays the results of the analysis in textual. tabular. Car rental pricing. or graphical format part of a DSS that allows user interaction with the program Components of Decision Support System 

• DSSs help maintain standard criteria in decision making throughout the organization • Automated decision production is becoming very popular • The only labor required is for data entry DSSs are used in many industries: • Agriculture: allows farmers to make decisions about how to control specific pests. the sensitivity of the outcome to the parameter is high • If the outcome is affected very little by a large change in a parameter. the sensitivity of the outcome to the parameter is low • Sensitivity analysis is also called "what if" analysis • Can perform sensitivity analysis on multiple parameters simultaneously Sensitivity analysis measures how parameters affect results.Sensitivity Analysis Sensitivity analysis: tests the degree to which the outcome goal grows with each factor • Indicates the relative sensitivity of the outcome to changes in a parameter • If a small change in a parameter causes a significant change to the outcome. Decision Support Systems in Action Decision Support Systems (DSSs) can be used on demand or integrated into a scheme that enforces corporate policy. and for selecting farm locations • Tax planning: applications such as TurboTax and TaxCut • Financial services: to determine loan amounts. and allow “what if” analysis. and to qualify .

numbers indicate the order of the processes. and make that expertise available to novices 
 Figure 10. using artificial intelligence techniques • Solves problems • Makes decisions in a relatively narrow domain • Purpose is to replicate the unstructured and undocumented knowledge of experts.6.customers based on credit history • Benefits selection: to allow employees to make decisions about their benefits Expert Systems Expert systems (ES) are designed to emulate the knowledge of an expert. 
 © McGraw-Hill Neural network: a program that emulates how the human brain works • ESs are part of artificial intelligence (AI) research Al focuses on methods and technologies that emulate how humans learn and solve problems . Components of an expert system.

different combinations of conditions lead to different conclusions. and then performs a prescribed action • There are also case-based ESs Especially useful in medical decision making Expert Systems in Action ESs have been implemented in many industries: Medical diagnosis: . but then it refines itself based on its decision success rate • Very effective for detecting fraud Intelligent agent: software that is dormant until it detects a certain event.

© Neural networks: used by more sophisticated ESs to mimic the way a human brain learns • Constructed with a set of rules.Expert Systems Knowledge base: used by an ES • A collection of facts and the relationships among them • Built as a series of IF-THEN rules • Uses an inference engine In IF-THEN rules.

• Help doctors with the diagnosis of symptoms and treatment advice • Can help enhance the accuracy of Alzheimer’s disease diagnosis Medical management: • • • • Help discern which treatments patient should receive Help with administrative decisions Telephone network maintenance: Used to help diagnose and fix network failures Credit evaluation: • Used to approve credit card charges • Used to analyze financial reports submitted with credit applications Detection of insider securities trading: • Help prevent trading of stocks based on private information by analyzing the stock’s history Detection of common metals: • Help nonexperts identify common metals and alloys outside laboratories • Based on results of simple chemical tests and other information available at the scene Irrigation and pest management: • Provide recommendations on irrigation. and likelihood of pest conditions Diagnosis and prediction of mechanical failure: • Diagnose cause of component failure . application of fungicides.

Can provide a set of instructions for fixing the problem Geographic Information Systems Geographic information system (GIS) • A decision aid for map-related decisions • Processes location data to aid in decision making Geographic information systems are used when decisions involve locations and routes. Mapquest. GISs are used to help: • Find shortest paths for deliveries or school bus routes • City planning for police coverage and health care resources • Find oil drilling locations • Locate suitable outdoor recreation sites • Businesses determine locations for service kiosks A typical GIS consists of three components: • A database of quantitative and qualitative data • A database of maps A program that displays information on maps Geographic Information Systems Web technology helps promote the use of GISs: • Examples: Google Earth. Yahoo Maps • HTML and XML support the presentation of marked maps • Used to aid sales and government work Group Decision Support .

Group decision support system (GDSS):
• Also called a group intelligence system, collaborative system, or simply a group system • Facilitates the contribution of ideas, brainstorming, and choosing promising solutions • Typically allows participants to define a problem, contribute ideas, then vote on the decision GDSSs help structure the decision-making process while allowing participants to remain anonymous

• Decision aids include decision support systems, expert systems, group decision support systems, and geographic information systems • Three major phases of decision-making process are design, intelligence, and choice • Most DSSs have three components: data management module, model management module, and dialog module • Sensitivity analysis measures how parameters affect results, and allow “what if” analysis • Expert systems are designed to emulate the knowledge of an expert, using artificial intelligence techniques Geographic information systems are used when decisions involve locations and routes

Chapter 11: Business Intelligence & Knowledge Management
• Explain the concepts of data mining and online analytical processing • Explain the notion of business intelligence and its benefits to organizations • Identify needs for knowledge storage and management in organizations • Explain the challenges in knowledge management and its benefits to organizations • Identify possible ethical and societal issues arising from the increasing globalization of information technology

Data Mining & Online Analysis
Data warehouse
• Data warehouse: a large database containing historical transactions and other data • Data warehouses are useless without software tools to process the data into meaningful information

Data Mining
• Data mining: the process of selecting, exploring, and modeling large amounts of data Used to discover relationships that can support decision

making • Data-mining tools may use complex statistical analysis applications • Data-mining queries are more complex than traditional queries • Combination of data-warehousing techniques and data-mining tools facilitates the prediction of future outcomes

Business intelligence (BI)
Business intelligence is any information about organization, its customers, or its suppliers that can help firms make decisions; information gleaned with information analysis tools (also called business analytics).

Data Mining Objectives

Data Mining Techniques
Data mining techniques are applied to various fields, including marketing, fraud detection, and targeted marketing to individuals

Predicting Customer Behavior
• Banking: help find profitable customers, detect patterns of fraud, and predict bankruptcies • Mobile phone services vendors: help determine factors that affect customer loyalty Customer loyalty programs ensure a steady flow of customer data into data warehouses.

Loyalty Programs
Many industries utilize loyalty programs. • Examples include frequent-flier programs and consumer clubs

• These programs amass huge amounts of data about customers

UPS has a Customer Intelligence Group
• Analyzes customer behavior • Predicts customer defections so that a salesperson can intervene to resolve problems

Identifying profitable customer groups
• Financial institutions dismiss high-risk customers • Companies attempt to define narrow groups of potentially profitable customers

Utilizing loyalty programs
• Amass huge amounts of data about customers • Help companies perform yield management and pricediscrimination • Example: Harrah’s charges higher per-night rates to low-volume gamblers

Inferring demographics
Predict what customers are likely to purchase in the future • Amazon.com Determines a customer’s age range based on his or her purchase history Attempts to determine customer’s gender Advertises for appropriate age groups based on the inferred customer demographics Anticipates holidays

Online Analytical Processing
Online analytical processing (OLAP): a type of application used to exploit data warehouses • Provides extremely fast response times • Allows a user to view multiple combinations of two dimensions by rotating virtual “cubes” of information

Dimensional Databases Dimensional database: data is organized into tables showing information summaries • Also called multidimensional databases • OLAP applications are powerful tools for executives OLAP is increasingly used by corporations to gain efficiencies.• Can use relational or dimensional databases designed for OLAP applications Drilling down: the process of starting with broad information and then retrieving more specific information as numbers or percentages OLAP either uses dimensional databases or calculates desired tables on the fly An OLAP application composes tables “on the fly” based on the desired relationships. • Intelligent interfaces accept queries in free form BI software is integrated into Microsoft’s SQL Server database software Ruby Tuesday restaurant chain case • One location was performing below average • OLAP analysis showed that customers were waiting longer than normal . • Office Depot used OLAP on a data warehouse to determine cross-selling strategies • Ben & Jerry’s tracks ice cream flavor popularity BI software is becoming easier to use.

Inc. making data collection easy • Targeted marketing is more effective than mass marketing Clickstream software: tracks and stores data about every visit to a Web site • Data from customer activity on a Web site may not provide a full picture • Third-party companies such as DoubleClick and Engage . More Customer Intelligence A major effort of business is collecting business intelligence about customers • Data-mining and OLAP software are often integrated into CRM systems • Web has become popular for transactions. 
 Courtesy of Ruby Tuesday.• Appropriate changes were made OLAP applications are usually installed on a special server OLAP applications are usually significantly faster than relational applications 
 Ruby Tuesday restaurants use a business intelligence application to improve service and increase revenue. All rights reserved in any use.

monitor inventory levels. and pinpoint trends and changes over time . and how often Web pages are visited. ads are clicked. what. to do customer profiling Avenue A compiles anonymous information about customers continuously. and transactions are completed Customer Intelligence Example Drugstore.Software may be hired to study consumer activity • These companies compile billions of consumer clickstreams to create behavioral models • Can determine consumers’ interests by capturing where.com determine where and how to advertise to gain new customers More Customer Intelligence Dashboards Dashboard: an interface between BI tools and the user • Resembles a car dashboard • Contains visual images to quickly represent specific business metrics of interest to management • Helps management monitor revenue and sales.com: a Web-based drugstore • Wanted to reach more customers • Hired Avenue A | Razorfish Inc. when.com Discovered basic themes in shopper behavior that will help Drugstore. and also collected and analyzed data from Drugstore.

. analyzing. sharing. but should also capture knowledge and expertise gained in the organization • OLAP and data warehouses are not enough for managing knowledge • Knowledge is expertise created in an organization Knowledge management (KM): gathering. ratios. or to push it to employees based on needs Storage costs continue to decrease. and disseminating knowledge to improve an organization’s performance The purposes of KM include: • Transfer individual knowledge into databases • Filter and separate the most relevant knowledge • Organize that knowledge to provide easy access to it. organizing. 
 Courtesy of MicroStrategy Knowledge Management Organizations should record all of their experiences with clients.
 BI dashboards help executives quickly receive metrics. and trends in mostly graphic format. making it cost effective to store more information.

Electronic Data Systems Corp: • Analyzes free-form employee responses with an automated system that sorts and links the information Motorola uses an application that pulls information from a KM program and makes suggestions applicable to the task at hand Employee Knowledge Networks In addition to building knowledge bases. some tools direct employees to other employees who have the required expertise • Such experts can provide non-recorded expertise • No need to waste money hiring experts in every department . prepare. There is much overlap in the work they do. Some software tools can help. • Money can be saved by collecting and organizing knowledge gained by workers • Avoid having workers solve the same problem that has already been solved by others To support Knowledge Management (KM). Capturing & Sorting 
 Organizational Knowledge Knowledge workers: research.The challenge is to develop tools that can quickly find the most relevant information for solving problems. organizations should: • Require workers to create reports of findings • Require reports about sessions with clients The biggest challenge for employees is how to find answers to specific questions. and provide information.

© McGraw-Hill
 Tacit Systems’ ActiveNet tool: ---NOW OWNED BY ORACLE--• Continually processes business communications (e-mail. but the private information used to create the profiles is not accessible to others • Helps ensure uninhibited brainstorming and communication .) to build a profile of each employee’s topics. Employee knowledge network. documents.5. software tools to help employees find other employees with specific expertise.Employee knowledge network: a tool that facilitates knowledge sharing through intranets. expertise. etc. Figure 11. and interests • Profiles are accessible by other employees.

or presentations on the subject Diagram of the Ask Me Knowledge Network
 .AskMe AskMe’s software detects and captures keywords from e-mail and documents created by employees • Creates a knowledge base with names of employees and their interests • Allows free-form search queries on Web • A search returns the names of employees who have created documents. e-mail.

com • In blogs Opinions are expressed on many Web pages. to learn about their own products and those of their competitors 
 Knowledge Management (KM) tools extract useful knowledge from millions of web Documents. Some companies have developed software to search for this information Accenture Technology Labs: the research and development unit of the consulting firm Accenture • Uses Online Audience Analysis software to search thousands of . but are difficult to locate and are highly unstructured • Distilling this knowledge could aid a company’s market research.Knowledge from the Web Consumers post opinions of products on Web at various locations such as: • On the vendor’s site • At product evaluation sites such as Epinions.

and newswires • Screens all new information for information specified by a subscribing organization Helps an organization know what others say about their products and services Autocategorization Autocategorization (or automatic taxonomy): automates classification of data into categories for future retrieval. Robotics (USR) wanted to reduce its customer support labor A survey showed that most clients visited their Web site before calling support personnel • USR purchased autocategorization software Accuracy and response was improved. its customers. exploring.Web sites daily for predetermined information about specific products and services • Uses data-mining techniques to analyze the data Factiva: a software tool that gathers online information from over 10.000 sources • Collects information from newspapers. • Used by companies to manage data • Used by most search engines • Constantly improved to yield more precise and faster results U. journals. allowing a higher number of support issues to be resolved by the Web visit Summary • Business intelligence (BI) is any information about organization.S. or its suppliers that can help firms make decisions • Data mining is the process of selecting. and . market data.

sharing. analyzing.modeling large amounts of data to discover previously unknown relationships • Data mining is useful for predicting customer behavior and detecting fraud • Online analytical processing (OLAP) puts data into twodimensional tables • OLAP either uses dimensional databases or calculates desired tables on the fly • Drilling down means moving from a broad view to a specific view of information • Dashboards interface with BI software tools to provide quick information such as business metrics • Knowledge management (KM) involves gathering. organizing. and disseminating knowledge • The main challenge of knowledge management is identifying and classifying useful information from unstructured sources • Most unstructured knowledge is textual • Employee knowledge networks are software tools to help employees find other employees with specific expertise Autocategorization is the automatic classification of information .

Planning Information Systems When planning Information Systems (IS).Chapter 12: Systems Planning and Development Objectives • • • • Explain the importance of IT planning Describe the systems development life cycle Explain the challenges involved in systems development List the advantages and disadvantages of different system conversion strategies • Explain the principles of agile systems development methods • Explain the concept of systems integration Discuss whether IS professionals should be certified. Key Steps in IS planning: • • • • • Create IS mission statement Articulate vision for IS Create IS plans Create operations plan Create budget The Benefits of Standardization in Planning Major goal of planning is standardization. • Benefits of planning standardization includes: • Cost savings • Efficient training . it is necessary to align IS strategies with the overall strategies of the organization.

• Efficient support (more specialization) After planning. usually software. Two approaches to systems development: • Systems development life cycle (SDLC) Nontraditional methods Planning Information Systems The steps of information systems planning: . decide how to obtain systems.

The systems development life cycle. © McGraw-Hill
 I.The Systems Development Life Cycle Systems development life cycle (SDLC) also known as waterfall development is the oldest method of developing an IS. Analysis Analysis of the systems is five-step process: • Investigation: Determine if system necessary • Technical feasibility study: Determine if components exist • Economic feasibility study: Cost/benefit analysis (benefits must outweigh costs) • Operational feasibility study: Determine how new system will .3. SDLC consists of four major sequential phases: • Analysis • Design • Implementation • Support Figure 12.

Data flow diagram (DFD). Design Design is second step in systems development. poor testing causes many failures Figure 12. Systems design consist of three steps: • Description: Symbols. Implementation Implementation of SDLC is a two-step process: Step 1: Conversion (Switching old system to a new .be used • Requirements definition: Defining functions expected from the system II. Data flow diagram symbols © McGraw-Hill
 III.7. testing is done on completed modules • Testing: Test entire integrated system try to “outsmart” system. are used to communicate ideas • Construction: Mostly programming.

10.system) Four basic strategies for conversion are: • Parallel conversion: old system used with new system at first • Phased conversion: break IS into modules and integrate one at a time • Cut-over conversion: immediately replace all • Pilot conversion:introduce in one business unit at a time Step 2: Training Figure 12. Support Support phase of the SDLC includes two main responsibilities: . © McGraw- Hill
 IV. Strategies used to convert from one IS to another.

11. Agile methods emphasize continuous improvement based on user requests. Updates.Maintenance (up to 80% of IS budget) Post-implementation debugging. © McGraw-Hill • Nontraditional or Agile methods are software development methods that emphasize on constant communication with clients fast development of codes. as well as modifications as soon as they are needed . and Adding postponed features User help Longest phase of system life cycle Nontraditional (Agile) Methods Agile Methods Agile methods are alternatives to Systems Development Life Cycle Figure 12.

System is designed to interface with other systems .• Agile methods treat software development as series of contacts with users • Agile methods are iterative programming that improve software after user specifications received. Agile method risks • Analysis phase is limited or eliminated • Risk of incompatibilities • Less documentation Difficult modification When to use agile method • When system is small and analysis is less important • When Users cannot specify all requirements at start Do not use agile methods when: • System is large and system failure entails great financial loss.

Systems Integration Systems integration is the process of interfacing several information systems • Systems integration looks at the information needs of an entire organization • Systems integration allows data to flow between functional units of an organization • Systems integration interface legacy systems with new systems • Systems integrators must be skilled in hardware and software Systems integration is often more challenging than system development. Summary • IT planning is important because of high investment rate • Standardization is an important part of IT planning • Systems development life cycle (SDLC) has well-defined phases • Purpose of systems analysis is to determine needs the system will satisfy • Agile methods are a popular alternative to traditional systems development cycle • Systems integration more complicated than systems development Great responsibility of IS professionals results in certification requirements .

using software as a service. and encouraging users to develop their own applications • List the business trade-offs in the various methods of acquiring systems • Describe which systems acquisition approach is appropriate for a particular set of circumstances Discuss organizational policies on employee computer use Options & Priorities There are four alternatives to in-house development: • • • • Licensing Using software as a service (SaaS) Having users develop the system Outsourcing Figure 13. © McGraw-Hill
 . licensing ready-made software. Alternatives to in-house development of ISs.Chapter 13: Choices in Systems Acquisition Objectives • Explain the differences among the alternatives to tailored system development: outsourcing.1.

Licensing Licensing is preferred due to low cost and immediate availability. If licensing is not available. and often cannot be simply prioritized 1. Software as a Service (SaaS) Application service provider (ASP) is the next best choice • System is immediately available for a small start-up fee 3. 2. Users Develop the System . • Many factors must be considered in addition to cost and quality Alternatives are not fully comparable.The deciding factor is usually cost when the desired application is available from multiple sources.. then..

if non-IT employees cannot develop IS Outsourcing has two meanings in the IT arena: • To commission the development of an application to another organization • To hire the services of another company to manage all or parts of the services usually rendered by an IT unit in the organization May not include development of new applications . Outsourcing Last choice is to outsource.Third best choice is allowing users to develop their system 4.

Outsourcing CustomDesigned Applications Custom-designed (tailored) software: software developed specifically for the needs of an organization Several Advantages: • • • • • • Good fit to need Good fit to culture Dedicated maintenance Smooth interface Specialized security Potential for strategic advantage Disadvantages: • High cost • The organization must fund all development costs • Staff may be diverted from other projects .

etc. and maintaining software • Installing communications networks • Maintaining and operating Web sites • Staffing help desks • Running IT daily operations .Software is less likely to be compatible with other organizations’ systems Must deal with an inherent conflict when outsourcing software development: • Client wants a firm contract and set of requirements • Specific requirements may mean that no deviation is allowed if changes are needed later as development progresses Changes may involve hefty additional charges Offshoring: outsourcing to other countries such as India. licensing. Outsourcing IT Services Long-term IT Services Many businesses turn to IT companies for long-term services. Philippines. China. including: • Purchasing and maintaining hardware • Developing.

and must renegotiate . usually for seven to 10 years Clients sometimes find themselves bound by obsolete contracts. • IT outsourcing contracts are typically long-term contractual relationships. such as order entry or HR Reasons for Outsourcing IT Services • Some companies realize IT is not their core competency and should not be a focus of their efforts • Pace of development in IT requires a high level of expertise • A growing portion of IS budgets are being allocated for outsourced services Popular IT service providers include: • IBM • EDS • Accenture Unisys Outsourcing companies are known as vendors.• Managing customer and supplier relations Business process outsourcing: outsourcing routine processes.

Advantages of Outsourcing IT Services There are several advantages of outsourcing: • Improved financial planning: Client knows the exact cost of IS functions • Reduced license and maintenance fees: IS professional firms pay discounted prices for tools and can pass on the savings to their clients • Increased attention to core business: Executives can concentrate on their company’s core business • Shorter implementation cycles: IT vendors can complete new applications faster • Reduction of personnel and fixed costs • Increased access to highly qualified know-how • Availability of ongoing consulting as part of standard support Sometimes outsourcing does not save the client money. .

Figure 13.4. © McGraw-Hill
 Risks of Outsourcing IT Services Disadvantages of outsourcing: • Loss of control: High risk in a quickly changing industry • Loss of experienced employees: Usually involves transferring employees to vendor • Risks of losing a competitive advantage: May disclose trade secrets • High price Can be more expensive than keeping the tasks in-house Important to clearly define contract terms . Expected benefits from IT outsourcing.

not the vendor Licensing Applications Purchasing software usually means purchasing licenses to use the software. Risks of outsourcing are higher at higher levels of decision making. such as office suites • Large applications that support entire organizational functions.5. © McGraw-Hill
 Service-level agreement The most important element of an outsourcing agreement • Lists all services expected of the vendor • Defines the metrics to be used to measure vendor performance The client must develop the service level and metrics list. .Figure 13. There is a large selection of high-quality packaged software available Two groups of ready-made software: • Relatively inexpensive software that helps in the workplace.

such as HR or financial management Typically cost millions of dollars Software Licensing Benefits Licensing benefits include: • Immediate system availability • High quality • Low price (license fee) • Available support Beta version: a prerelease version of software to be tested by companies who want to use it • Often includes a period of up to one year of free service Large applications require installation specialists Software Licensing Risks Software licensing has risks including: • Loose fit between needs and features: must determine if the software will comply with company needs and organizational culture • Difficulties in undertaking custom modifications • Dissolution of the vendor: may be left without support and maintenance • High turnover of vendor personnel: turnover among IS professionals is high May result in lowered support expertise from vendor Steps in Licensing ReadyMade Software Selecting software involves a large money investment and a longterm commitment. Project management team responsibilities for selecting licensed software: • Identify problem or opportunity: define functional requirements • Identify potential vendors .

• Solicit vendor information Request for information (RFI): request for informal information about a vendor’s product • Define system requirements • Request vendor proposals Request for proposal (RFP): a document that specifies all requirements and solicits a proposal • Review proposals and screen vendors • Visit sites where the application is in use • Select a vendor • Benchmark the application by comparing actual performance against specific quantifiable criteria • Negotiate a contract: should define performance expectations and penalties for failure to meet expectations • Implement the new system Manage post implementation support .

Renting software has benefits: • No need to learn how to maintain the software • No large start-up fee • Storage hardware is unnecessary .Software as a Service Application service provider (ASP): an organization that offers software through communication lines (such as the Web) Software as a service (SaaS): applications available through the Web • No software is installed on a client’s computers • Files may be stored on local storage devices ASPs may rent the software they offer.

• Software is usually available sooner • A good option for small companies • Is considered a “software on demand” approach Renting software also has risks: • Lack of control may be an issue. as the client’s data is managed by the vendor • Vendor is unlikely to make many customized changes to the software • Response time is impacted by traffic levels • May be security risks through a public network Many clients used leased lines instead of the Internet to limit security risks .


Caveat Emptor Application Service Providers (ASPs) may be disappointing in some areas: • Scope of services provided • Level of reliability Manager guidelines when selecting an ASP: • Check the ASP’s history: get references • Check the ASP’s financial strength • Ensure you understand the price scheme • Get a list of the provider’s infrastructure • Craft the service contract carefully Uptime: proportion of time that the ASP’s systems and communications links are up • No ASP has 100% uptime • 99.999% uptime = less than 5 minutes/year of downtime Recommended for critical applications Four categories of typical users of ASP services: • Rapidly growing companies that rely on software for deployment of their operations • Small companies without cash to pay up-front costs for software • Medium-sized companies that need expensive software • Organizational units at remote locations Storage service provider (SSP): rents storage space for remote storage of client files User Application Development User Application Development User application development: nonprogrammer users write their own business applications User-developed software is usually: • Simple and limited in scope .9 % uptime = up to 500 minutes/year of downtime • 99.

and allowing users to develop their own software • Outsourcing can mean commissioning development or assigning services to vendor • Outsourcing custom-designed applications might afford the organization a good fit of software to need . using software as a service.• Small applications developed for immediate or brief needs • Maintained by end users Managing User-Developed Applications Challenges of user-developed applications include: • • • • Managing the reaction of IT professionals Providing support Compatibility Managing access Advantages and Risks Advantages of user development of applications: • Shortened lead times • Good fit to needs • Compliance with culture • Efficient utilization of resources • Acquisition of skills • Freeing up IS staff time Disadvantages of user-developed applications: • Poorly developed applications • Islands of information • Duplication • Security problems Poor or no documentation Summary • Several alternatives to having applications developed in-house include outsourcing. licensing ready-made software.

loss of experienced employees. is a popular method of obtaining software for a monthly fee • User application development advantages include short lead time. islands of information. good fit. freeing IT staff • User application development disadvantages include poor quality.• Outsourcing IT services has great benefits. and poor documentation • Over half of America’s office workers have rich computer resources Policies must be established to prevent computer abuse by employees . and loss of competitive advantage • Licensing software advantages include software being immediately available and low-priced • Disadvantage of licensing software is often a loose fit to the organization’s needs • Software as a service. from an ASP. such as reduced cost and allowing the organization to focus on its core competency • Outsourcing IT services has potential risks. such as loss of control. security problems.

Chapter 14: Risks, Security, and Disaster Recovery

        

Describe the primary goals of information security Enumerate the main types of risks to information systems List the various types of attacks on networked systems Describe the types of controls required to ensure the integrity of data entry and processing and uninterrupted e-commerce Describe the various kinds of security measures that can be taken to protect data and ISs Improve the security of your personal information system and the information it stores Recognize online scams Outline the principles of developing a recovery plan Explain the economic aspects of information security

Goals of Information Security
Protecting IT resources is a primary concern. Securing corporate ISs is becoming increasingly challenging. The major goals of information security are to:     

Reduce the risk of systems ceasing operation Maintain information confidentiality Ensure the integrity and reliability of data resources Ensure the uninterrupted availability of resources Ensure compliance with policies and laws

Risks to Information Systems
Downtime: the period of time during which an IS is not available Extremely expensive: When downtown occurs, the following are average losses:  

$2,500/minute for CRM systems $7,800/minute for e-commerce applications

$4 billion lost annually in the U.S. due to downtime

Risks to Hardware

Major causes of damage to hardware include:   

  

Natural disasters Fires, floods, earthquakes, hurricanes, tornadoes, and lightning Blackouts and brownouts o Blackout: total loss of electricity o Brownout: partial loss of electricity Uninterruptible power supply (UPS): backup power Vandalism Deliberate destruction

Risks to Data and Applications
Data should be a primary concern because it is often a unique resource. Data and applications are susceptible to disruption, damage, and theft. The culprit in damage to software or data is almost always human.   

Keystroke logging: records individual keystrokes Social engineering: con artists pretend to be service people, and ask for passwords Identity theft: pretending to be another person

Risks to Data & Applications (continued)
Risks to data include:   

Alteration Destruction Web defacement

Deliberate alteration or destruction is often done as a prank, but has a high cost. The target may be a company’s Web site.

Risks to Online Operations
Many hackers try daily to interrupt online businesses. Types of attacks include:      Unauthorized access Data theft Defacing of Web pages Denial of service Hijacking

Denial of Service
Denial of service (DoS): an attacker launches a large number of information requests 

Slows down legitimate traffic to site

Distributed denial of service (DDoS): an attacker launches a DoS attack from multiple computers   

Usually launched from hijacked personal computers called “zombies” No definitive cure for this A site can filter illegitimate traffic

Computer Hijacking

Backup Backup: periodic duplication of all data Redundant Arrays of Independent Disks (RAID): set of disks programmed to replicate stored data . application. and data Application Reliability & Data Entry Controls A reliable application is one that can resist inappropriate usage such as incorrect data entry or processing  The application should provide clear messages when errors or deliberate misuses occur Controls also translate business policies into system features.Hijacking: using some or all of a computer’s resources without the consent of its owner    Often done for making a DDoS attack Done by installing a software bot on the computer Main purpose of hijacking is usually to send spam Bots are planted by exploiting security holes in operating systems and communications software  A bot usually installs e-mail forwarding software Controls Controls: constraints and restrictions imposed on a user or a system   Controls can be used to secure against risks Controls are also used to ensure that nonsensical data is not entered Controls can reduce damage caused to systems.

Data must be routinely transported off-site as protection from a site disaster. such as user ID and password What you have: requires special devices (i.e. retinal scans. or data   Physical locks: lock the equipment in a secure facility Software locks: determine who is authorized Three types of access controls:    What you know: access codes. Biometric: uses unique physical characteristics such as fingerprints. Some companies specialize in data backup services or backup facilities for use in the event of a site disaster. random password generator) Who you are: unique physical characteristics Access codes and passwords are usually stored in the OS or in a database A security card is more secure than a password. application. It allows two-factor access. network. Access Controls Access controls: measures taken to ensure only authorized users have access to a computer. or voiceprints Up to 50% of help desk calls are from people who have forgotten their passwords .

or none can be Ensures that only full entry occurs in all the appropriate files to guarantee integrity of the data Is also a control against malfunction and fraud Audit Trail Audit trail: a series of documented facts that help detect who recorded which transactions. and under whose approval  Sometimes automatically created using data and timestamps . Biometrics can eliminate these kinds of calls Atomic Transactions Atomic transaction: a set of indivisible transactions    All of the transactions in the set must be completely executed. at what time.

Certain policy and audit trail controls are required in some countries Information systems auditor: a person whose job is to find and investigate fraudulent cases Security Measures Organizations can protect against attacks using various approaches. including:      Firewalls Authentication Encryption Digital signatures Digital certificates Firewalls & Proxy Servers Firewall: the best defense against unauthorized access over the Internet   Consists of hardware and software that blocks access to computing resources Firewalls are now routinely integrated into routers .


sound. image. and the other end to the Internet Proxy server: represents another server  Employs a firewall.DMZ: demilitarized zone approach  One end of the network is connected to the trusted network. and is usually placed between the Internet and the trusted network Authentication and Encryption Authentication: the process of ensuring that you are who you say you are Encryption: coding a message into an unreadable form   Messages are encrypted and authenticated to ensure security A message may be text. one public and one private Symmetric encryption: when the sender and the recipient use the same key Asymmetric encryption: both a public and a private key are used Transport Layer Security (TLS): a protocol for transactions on the Web that uses a combination of public key and symmetric key encryption HTTPS: the secure version of HTTP Digital signature: a means to authenticate online messages. or other digital information Encryption programs scramble the transmitted information   Plaintext: the original message Ciphertext: the encoded message Encryption uses a mathematical algorithm and a key. Key: a unique combination of bits that will decipher the ciphertext Public-key encryption: uses two keys. implemented with public keys .


a serial number.Message digest: unique fingerprint of file Digital certificates: computer files that associate one’s identity with one’s public key  Issued by certificate authority Certificate authority (CA): a trusted third party A digital certificate contains its holder’s name. and a copy of holder’s public key  Also contains the digital signature of the CA . its expiration dates.

Redundancy may be used:  Very expensive. but no one can control all disasters. especially in distributed systems .The Downside of Security Measures Single sign-on (SSO): a user must enter his or her name/password only once  Single sign-on saves employees time Encryption slows down communication:  Every message must be encrypted and then decrypted IT specialists must clearly explain the implications of security measures to upper management. Recovery Measures Security measures may reduce mishaps. Preparation for uncontrolled disasters requires that recovery measures are in place.

Other measures must be taken also.. (also called disaster recovery plan.. business resumption plan.) . The Business Recovery Plan Business recovery plan: a plan about how to recover from a disaster. or business continuity plan.

4. 3. Recovery Planning & Hot Site Providers Can outsource recovery plans to firms that specialize in disaster recover planning Hot sites: alternative sites that a business can use when a disaster occurs  Backup sites provide desks. 8. 9.1. 5. computer systems. 7. Obtain management’s commitment to the plan Establish a planning committee Perform risk assessment and impact analysis Prioritize recovery needs o Mission-critical applications: those without which the business cannot conduct operations Select a recovery plan Select vendors Develop and implement the plan Test the plan Continually test and evaluate The plan should include key personnel and their responsibilities. and Internet links . 2. 6.

  Spending for security measures should be proportional to the potential damage A business must assess the minimum acceptable rate of system downtime and ensure that the company can financially sustain the downtime How Much Security is Enough Security? Two costs should be considered:   Cost of the potential damage Cost of implementing a preventative measure As the cost of security measures increases.The Economics of Information Security Security measures should be regarded as analogous to insurance. the cost of potential damage decreases. .  Companies try to find the optimal point The company must define what needs to be protected. Security measures should never exceed the value of protected system.

Many ISs are now interfaced with other systems  Interdependent systems have greater downtime Redundancy reduces downtime. Summary  The purpose of controls and security measures is to maintain the functionality of ISs . duplicated with a redundant system.Calculating Downtime Businesses should try to minimize downtime. or both. Mission-critical systems must be connected to an alternative source of power. but the benefit of greater uptime must be compared to the added cost.

which may be outsourced.               Risks to ISs include risks to hardware. logic bombs. defacement of Web sites. identity theft. and HTTPS are encryption standards designed for the Web Keys and digital certificates can be purchased from a certificate authority Many organizations have business recovery plans. Careful evaluation of the amount spent on security measures is necessary Redundancy reduces the probability of downtime Governments are obliged to protect citizens against crime and terrorism . worms. data. and nonmalicious mishaps Risks to online systems include denial of service and hijacking Controls are used to minimize disruption Access controls require information to be entered before resources are made available Atomic transactions ensure data integrity Firewalls protect against Internet attacks Encryption schemes scramble messages to protect them on the Internet A key is used to encrypt and decrypt messages SSL. TLS. viruses. and natural disaster and vandalism Risks to data and applications include theft of information. data alteration. data destruction. and networks.

You're Reading a Free Preview

/*********** DO NOT ALTER ANYTHING BELOW THIS LINE ! ************/ var s_code=s.t();if(s_code)document.write(s_code)//-->