MIS Midterm Review

ADM2372(M) MIS Midterm Review CH.
1-6
Chapter 1: Introduction to Information Systems
Information Technology: Any computer-based tool that people use to work with information and to support the
information and information-processing needs of an organization
Information System (IS): Collects, processes, stores, analyzes, and disseminates information for a specific purpose.
Purpose: To get the right information to the right people at the right time in the right amount and in the
right format to support business processes and decision making
Informed User: A person knowledgeable about information systems and information technology
Benefits of Being an Informed User

1. Benefit more from your organization's IT applications because you’ll understand what is "behind" those
applications
2. You’ll be in a position to enhance the quality of your organization's IT applications with your input
3. You’ll quickly be in a position to recommend the IT applications that your organization will use
4. Keep up with new information technologies and rapid development sin existing technologies
5. You'll understand how using IT can improve your organizations performance and teamwork as well as
your own productivity
6. As an entrepreneur, being an informed user would help you use IT when you start your own business
7. It offers career opportunities
Factors that Increase Difficulties and Complexity of Managing Information Systems:

1. Strategic systems have value and are needed to conduct operations
2. Information systems are costly to acquire, operate and maintain
3. MIS functions have moved from being centralized to being more distributed to functional areas who do
end user data entry and end user development. This has resulted in management of information systems
resources being shared between the MIS department and users
Traditional Function of MIS Departments:

 to manage systems development and systems project management
Consultative Functions of MIS Departments:

 to create business alliance with business partners
Data is sorted, processed and assembled to create information. When people apply learned criteria or learned
expertise to information, they create knowledge
Various Types of Computer-Based Information Systems in an Organization

1. Transaction Processing Systems: support the monitoring, collection, storage, and processing of data from
the organization’s basic business transactions, each of which generates data
2. Functional Area Information Systems: support a particular functional area within the organization
3. Interorganizational Information Systems: support many interorganizational operations, of which supply

chain management is the best known
4. Enterprise Resource Planning Systems: correct a lack of communication among the FAISs by tightly
integrating the functional area ISs via a common database
5. Electric Commerce Systems: enable organizations to conduct transactions with other organizations
(called B2B electronic commerce) and with customers (called B2C electronic commerce)
ADM2372(M) MIS Midterm Review CH. 1-6
6. Office automation systems: typically support the clerical staff, lower and middle managers, and
knowledge workers by enabling them to develop documents, schedule resources, and communicate
7. Business Intelligence Systems: provide computer-based support for complex, nonroutine decisions,
primarily for middle managers and knowledge workers
8. Expert Systems: attempt to duplicate the work of human experts by applying reasoning capabilities,
knowledge, and expertise within a specific domain.
Major Capabilities of Information Systems

1. Perform high-speed, high-volume numerical computations
2. Provide fast, accurate communication and collaboration within and among organizations
3. Store huge amounts of information in an easy-to-access, yet small space
4. Allow quick and inexpensive access to vast amounts of information, worldwide
5. Interpret vast amounts of data quickly and efficiently
6. Automate both semiautomatic business processes and manual tasks
Breadth of Support of Information Systems

1. Functional area information systems 4. Interorganizational information systems
2. Enterprise resource planning system 5. Electronic Commerce (e-commerce)
3. Transaction processing systems
How IT Impacts Organizations

1. Industries disappear or are transformed, new ones appear
2. IT changes the way managers work and reduce their numbers
3. Employees are affected numerous ways
How IT Impacts Managers

1. Makes managers more productive, increasing the number of employees reporting to managers
2. Reduces the number of middle managers
3. Changes the manager's job by changing the way the manager makes decisions
4. Less time to make decisions
5. New IT tools to analyze high volumes and complex data
6. More remote supervision of employees due to telecommuting
How IT Impacts Employees

1. May eliminate jobs
2. Potential loss of identity and alienation
3. Potential repetitive strain injury (RSI) or vision issues
4. Provides opportunities for people with disabilities by using assistive technologies
5. Work from home
Importance of Information Systems to Society

1. IT affects our quality of life
2. Robot revolution on the way
3. Improvements in healthcare
Chapter 2: Organizational Strategy, Competitive Advantage, and Information Systems
Competitive Advantage: an advantage over competitors in some measure such as cost, quality, or speed
 Leads to control of a market and to larger-than-average profits
Organizational Strategy: a planned approach that the organization takes to achieves its goals and mission
statement
Business Processes: a collection of related activities (inputs, resources, outputs) that produce a product/service of
value to the organization, its business partners and/or its customers
Examples of Business Processes in Functional Areas…
 Accounting: managing accounts payable and receivable
 Finance: producing business forecasts
 Marketing: Handling customer complaints
 POM: Processing physical inventory
 HR: Overseeing workplace safety
 MIS: Training computer users
Information Systems (IS) are enablers of an organization’s business processes. Helps in the three areas of the
business process
o Execution of a Process: such as doing the work, calculations, comparisons or creation of data,
documents or other output
 ex) when a sale is made, compare inventory quantity on hand to re-order levels. If inventory is
less than the re-order level, generate purchase requisitions for the purchasing department
o Capturing and Storing Process Data: such as format the data, store it in the correct data file on a
physical storage device such as a hard drive
 Ex) Once the purchasing requisition has bee approved by the purchasing department, increase
the quantity on order field and store the purchase requisition data in the open purchase
requisition file
o Monitoring Process Performance: Such as examine, analyze and assess the business process to ensure
compliance and to evaluate the process
 Ex) reports can be automatically produced to identify purchase requisitions where good have not
been received, were too much or too little has be received, and or purchase requisitions
waiting to be approached
Cross-Functional Processes: a business process in which no single functional area is responsible for its execution.
Multiple functional areas collaborate to perform the process
 Example: The materials procurement process includes all of the tasks involved in acquiring needed
materials externally from a vendor
How does an organization ensure business process excellence?

 Business Process Reengineering (BPR) is a radical strategy for improving the efficiency and effectiveness of
an organization's business processes. It's known as the "clean slate" approach
 Business Process Improvement (BPI) is a more incremental approach, with lower risk and cost than BPR. Six
Sigma is a popular methodology for BPI
 Business Process Management (BPM) is a management technique that includes methods and tools to
support the design, analysis, implementation, management and optimization of business processes. Used to
support continuous BPI initiatives for core business processes over time
Measures of Excellence in Executing Business Processes

1. Customer Satisfaction 4. Quality
2. Cost Reduction 5. Differentiation
3. Cycle and fulfillment time reduction 6. Productivity
5 Phases of Business Process Improvement (BPI)

1. Define
2. Measure
3. Analyze
4. Improve
5. Control
BPI vs. BPR

BPI BPR
 Low risk/low cost  High risk/high cost

 Incremental Change  Radical redesign
 Bottom-up approach  Top-down approach
 Takes less time  Time consuming
 Quantifiable results  Impacts can be overwhelming
 All employees trained in BPI  High failure rate
Components of BPM
 Process modeling
 Web-enabled technologies
 Business Activity Monitoring (BAM)
Business Process Management Suite (BPMS): is an integrated set of applications used for BPM
Emerging Trend of Social BPM

 Technologies enabling employees to collaborate across function internally and externally using social
media tools
Business Pressures:
1. Market: Pressures generated by the global economy, intense competition, the changing nature of the
workforce and powerful customers
2. Technology: Pressures involving Technological Innovation and Obsolescence and Information Overload
3. Societal: Includes social responsibility, government regulation/deregulation, spending for social programs,
spending to protect against terrorism and ethics
Market Pressures:
1. The Global Economy and Strong Competition; the need for real-time operations
a) Individuals can connect and compete anywhere, anytime
b) Competition is increased as people and organization can provide resources worldwide
c) The Internet has "flattened" the world, making anywhere accessible to anyone anytime
2. The Changing Nature of the Workforce
a) Workforce is becoming more diversified (women, single parents, minorities, persons with
disabilities)
b) IT is enabling telecommuting employees
3. Powerful Customers
a) Increasing consumer sophistication and expectations
b) Consumer is more knowledgeable about products and services, price comparisons, electronic
auctions
c) Customer Relationship management (ch. 11)
Technology Pressures:
1. Technological Innovation and Obsolescence
a) Obsolescence: Old analog camera
b) Innovation: digital camera?
c) Ex) how were older versions of the camera replaced with digital
2. Information Overload
Societal/Political/Legal Pressures
1. Social responsibility
2. Government Regulation and Deregulation
3. Protection against terrorist attacks
4. Ethical issues
3 Areas where IT is Particularly Valuable for Going Green

1. Facilities design and management
2. Carbon management
3. International and Canadian environmental laws
Organizational Responses
 Strategic Systems
 Customer Focus
 Make-to-order and Mass Customization
 E-Business and E-Commerce
Porter’s Competitive Force Model – p. 50
1. Threat of Entry of New Competitors

o The threat that new competitors will enter your market is high when entry is easy and low when
there are significant barriers to entry
 Entry barrier: A product or service that customers have come to expect and that must be provided by all
new competitors, increasing the cost to enter a new market
 Internet increases the threat that new competitors will enter a market because it is easy for new
competitors to set up a web presence
2. The Bargaining Power of Suppliers

o Is high when buyers have few choices form whom to buy and low when buyers have many choices
 Impact of the internet is mixed
 Buyers can find alternative suppliers and compare prices easily, reducing the power of suppliers
 Companies can use the internet to integrate their supply chain, suppliers prosper and their power increases
(they can charge higher prices), locking in their customers
3. The Bargaining Power of Customers (buyers)

o Is high when buyers have many choices from whom to buy and low when buyers have few choices
 Since the internet increases access to information, customer power is increased since customers can look
for the lowest price
 As sellers implement online loyalty programs, they can lock in their customer, reducing customer power
4. The Threat of Substitute Products or Services

o Is high when there are many alternatives for an organization's products or services and low where
there are few alternatives
 The internet increases the use of substitutes since buyers can readily search for them online
 Information-based industries are in the greatest danger from their threat (e.g. music, e-book, software)
since the internet can be used to send digital information quickly and efficiently
5. The Rivalry Among Firms in an Industry

o Is high when there is intense competition among many firms in an industry.
 The threat is low when the competition is among fewer firms and is not an intense
 Rivalry has increased since rivals can easily see via the internet what their competitors are doing and
replicate their systems
o In the past proprietary systems were easier to keep secret, lengthening the time that such systems
provided a strategic advantage to organizations
Porter’s Value Chain Model – p. 52
Strategies for Competitive Advantages – Examples

1. Cost Leadership
a) "I can sell at a lower cost than you can" - Walmart
2. Differentiation
a) "I am better because I am different" – WestJet, Dell
3. Innovation
a) "I'm doing something new and you can't catch up" - CITI
4. Operational Effectiveness
a) "I can do the same thing more efficiently than you can" - Deloitte
5. Customer- Orientation
a) "I treat my customers better than you do" - Amazon
Business-Information Technology Alignment: the tight integration of the IT function with the organization’s
strategy, mission, and goal of the organization. The IT function directly supports the business objectives of the
organization
Characteristics of Excellent Alignment:

Organizations…
o View IT as an engine of innovation that continually transforms the business, often creating new
revenue streams
o View their internal and external customers and their customer service function as supremely
important
o Rotate business and IT professionals across departments and job functions
o Provide overarching goals that are completely clear to each IT and business employee
o Ensure that IT employees understand how the company makes (or loses) money
o Create a vibrant and inclusive company culture
IT Governance: A structure of relationships and processes to direct and control the enterprise in order to achieve
the enterprises’ goals by adding value while balancing risk versus return over IT and its processes
 Helps organizations effectively manage their IT operations to align with their business strategies
 Managing IT throughout the organization includes:
1. Planning
2. Acquisition
3. Implementation
4. Ongoing support
5. Monitoring
6. Evaluation
Closing:
 Functional areas of any organization
o Are composed of a variety of business processes
o Must work together in an integrated fashion in order for the firm to respond adequately to business
pressures and to gain competitive advantage in its marketplace
o Use a variety of strategic information systems to achieve goals
o Know how to analyze the organization's strategy and value chain, as well as the strategies and value
chains of competitors
o Participate in IT governance to achieve effective business-IT alignment
Chapter 3: Ethics and Privacy
Ethics: refers to the principles of right and wrong that individuals use to make choices that guide their behaviour
Ethical Frameworks: are standards used to develop general frameworks for ethics of ethical decision making
 Utilitarianism: provides the most good or does the least harm
 Rights: best protects and respects the moral rights of the affected parties
 Fairness: treat all human equally, or if unequally, then fairly, based on some defensible standard
 Common Good: respect and compassion for all others is the basis for ethical actions
Traditional and GVV Approaches to solving Ethical Issues – p. 66

Traditional GVV
1. Recognize an ethical issue 1. Identify an ethical issue

2. Get the facts 2. Purpose and choice
3. Evaluate alternative actions 3. Stakeholder analysis
4. Make a decision and test it 4. Powerful response
5. Scripting and coaching
Code of Ethics: a collection of principles that are intended to guide decision making by members of an organization
Fundamental Tenets of Ethics Include:
o Responsibility: accepting consequences
o Accountability: determining who is responsible
o Liability: legal concept about having the right to recover for damages done
4 General Categories of Ethical Issues in IT Applications

o Privacy: about collecting, storing and disseminating information about individuals
o Accuracy: involves the authenticity, fidelity and accuracy of information that is collected and
processed
o Property: involves the ownership and value of information
o Accessibility: revolve around who should have access to information and whether fees should be paid
for such access
Privacy is the right to be left alone and to be free of unreasonable personal intrusions
Information Privacy is the right to determine when, and to what extent, information about you can be gathered
and/or communicated to others
Privacy Rights apply to individuals, groups and institutions
Court decisions have followed 2 rules for defining privacy

 The right of privacy is not absolute. Your privacy must be balances against the needs of society
 The public's right to know supersedes the individual's right of privacy
Data Aggregators: collect public (phone numbers) and non-pubic (SINs and financial data) then integrate these
data to form digital dossiers on most adults in North America
Electronic Surveillance: The law supports the right of employers to read their employees’ internet use
Privacy Policies/Privacy Codes: are an organization’s guidelines to protecting the privacy of its customers, clients
and employees
 Opt-In Model: means an organization collects personal information only when the customer specifically
authorizes it
 Opt-Out Model: means the organization collects personal information untie the customer specifically
requests that the data not be collected
Canada’s Anti-Spam Legislation came into effect July 1, 2014
 Organization’s must now request consent before sending emails and must have record of the consent
10 Basic Principles of PIPEDA 4. Limiting collection 7. Safeguards

1. Accountability 5. Limiting use, disclosure 8. Openness
2. Identifying purposes and retention 9. Individual access
3. Consent 6. Accuracy 10. Challenging compliance
Closing:
 Ethics refers to the principles of right and wrong that individuals use to make choices that guide their
behaviour including responsibility, accountability and liability
 Major ethical issues related to IT are privacy, accuracy, property and access to information
 Threats to privacy include advances in information technologies, electronic surveillance, personal
information in databases, internet bulletin boards, newsgroups and social networking sites
 One personal threat to the privacy of data stored is that you might post too much personal information that
many unknown people can see
 Organizations need to take actions to protect privacy to comply with PIPEDA.
Chapter 4: Information Security & Controls

Information Security: refers to all of the processes and policies designed to protect an organization’s information
and information systems from unauthorized access, use, disclosure, disruption, modification or destruction
A Threat to an information resource is any danger to which a system may be exposed
Exposure: the harm, loss or damaged to a compromised resource
An information resource’s Vulnerability is the possibility that the system will be harmed by a threat
5 Key Factors that affect the vulnerability and security of organizational information resource
1. Today's interconnected, interdependent, wirelessly networked business environment
2. Smaller, faster, cheaper computers and storage devices
3. Decreasing skills necessary to be a computer hacker
4. International organized crime taking over cybercrime
5. Lack of management support
Types of Threats: Unintentional, Deliberate

Employees in 2 areas of organization’s pose significant threats to information security
 Human Resources
 Information Systems
Social Engineering: an attack in which the perpetrator used social skills to trick or manipulate a legitimate
employee into providing confidential company information such as passwords
 Techniques include:
o Impersonation
o Tailgating: following behind an employee to enter restricted areas
o Shoulder Surfing: watching over someone’s shoulder to view data or passwords
10 Common Deliberate Threats to Information Systems
1. Espionage or trespass
i. an unauthorized individual attempt to gain illegal access to organizational information
1. Information extortion
2. Sabotage or vandalism
3. Theft of equipment or information
4. Identity theft
5. Compromise to intellectual property
i. Intellectual property is property created by individuals or corporations which is protected under
trade secret, patent or copyright laws
ii. Trade secret: intellectual work that is a company secret and isn't based on public information
iii. Patent: grants the holder exclusive rights on an invention or process for 20 years
iv. Copyright: provides creators of intellectual property with ownership of the property for life of
the creator plus 50 years
v. Piracy: copying a software program without making payment to the owner
6. Software attacks (pg. 91)
i. Types of software attacks
1. Remote attacks requiring user action (virus, worm, phishing attack, spear phishing
attack)
2. Remote attacks needing no user action (denial-of-service attacks, distributed denial-of-
service attack)
3. Attacks by a programmer developing a system (trojan horse, back door, logic bomb)
7. Alien software
i. is Clandestine software that is installed on your computer without your knowledge, also known
as pestware
ii. Adware: software that causes pop-up advertisements to appear on your screen
iii. Spyware: collects personal information about users without their consent
iv. Keystroke Loggers (keyloggers): record your individual keystrokes, including passwords, and your
browser history
v. Screen Scrapers (screen grabbers): record your screen activity
vi. Spamware: unsolicited email, usually advertising for products and services
vii. Cookies: small amounts of information that websites store on your computer, temporarily or
more or less permanently, are used to enable you to log into your favourite website
viii. Tracking cookies: track your actions on a particular website, such as what you looked at and how
long you were there
8. Supervisory control and data acquisition (SCADA) attacks
i. SCADA systems are used to monitor or to control chemical, physical and transport processes
used in…
0. Oil refineries
1. Water and sewage treatment plants
2. Electrical generators
3. Nuclear power plants

4. Other sensor-based system, such as baby monitors
9. Cyberterrorism and cyberwarfare
i. Refers to malicious acts in which attackers use a target's computer systems, particularly via the
internet, to cause physical real-world harm or severe disruption, usually to carry out a political
agenda
How Organizations Protect Themselves

 Develop security management strategies and allocating sufficient resources managed by a Chief Security
Officer
 Develop software and services that deliver early warning of trouble on the internet
 Early-warning systems are proactive, scanning the web for new viruses and alerting companies to the
danger
Difficulties in Protecting Information Resources – p. 95

 100s of threats  Rapid technological  Minimal knowledge
 Many locations of changes needed to commit crimes
computing resources  Crimes can go  High costs of prevention
 Broad access to undetected for long  Difficult to conduct a
information assets periods of time cost-benefit justification
 Difficult to protect  Violation of
distributed networks "inconvenient" security
procedures
The 3 Processes of Risk Management

1. Risk analysis
3 steps:
 Assessing the value of each asset being protected
 Estimating the probability that each asset will be compromised
 Comparing the probable costs of the asset's being compromised with the costs of protecting that
asset
2. Risk mitigation
2 functions
o Implementing controls to prevent identified threats from occurring
o Developing a means of recovery should the threat become a reality
 The 3 most common risk mitigation strategies:
1. Risk Acceptance: accept the potential risk, continue operating with no controls, and
absorb any damages that occur
2. Risk Limitation: limit the risk by implementing controls that minimize the impact of the
threat
3. Risk Transference: transfer the risk by using other means to compensate for the loss,
such as by purchasing insurance
3. Controls evaluation
o The organization identifies security deficiencies and calculates the cost of implementing controls
o If the cost of implementing a control are greater than the value of the asset being protected, the control is
not cost effective
o Effective management reporting improves an organization's ability to design and evaluate controls
o Enterprise risk management software from SAP Risk Management are touted as assisting with review risk
management solutions
Control Environment: encompasses management attitudes towards controls, as evidence by management actions,
as well as by stated policies that address ethical issues and quality of supervision
 Part of organizational culture
 Firewalls are an example of a general computer control that are part of the control environment and can
help to prevent botnets
General Controls can be physical, access and communication

 Physical: walls, doors, fencing, etc
 Access Controls: can be physical (e.g. locks) or logical (e.g. passwords)
 Communication: firewalls, anti-malware systems, whitelisting, blacklisting, encryption, virtual private
networks (VPNs), transport layers security (TLS), and employee monitoring systems
Authorization determines which actions, rights, or privileges the person has, based on his/her verified identity
Virtual Private Network & Tunneling – p. 106

 VPNs allow remote users to access the company network
 Provide flexibility to access the network remotely
 Organizations can impose their security policies through VPNs
Examples of Employee Monitoring Systems: SpectorSoft, Forcepoint
Business Continuity Planning (BCP): provides continuous availability

 Able to recover in the event of a hardware or software failure
 Ensure critical systems are available and operating
 In the event of a major disaster, organizations can employ several strategies for business continuity
including hot sites, warm sites, cold sites, off-site data storage
Examples of Auditors
 External: public accounting firm
 Government: Canada Revenue Agency
 Internal: work for specific organizations
 Specialist: IT Auditors
Closing:
 There are 5 factors that contribute to the increasing vulnerability of information resources such as smaller,
faster, cheaper computers and storage devices
 Human mistakes are unintentional errors. Social engineering is an attack where the perpetrator uses social
skills to trick or manipulate a legitimate employee into providing confidential company information
 There are 10 types of deliberate attacks to information systems such as espionage
 The 3 risk mitigation strategies are risk acceptance, risk limitation and risk transference
 Information systems are protected with a wide variety of controls such as security procedures, physical
guards, and detection software
 Professionals such as IT auditors help to assess information systems
Chapter 5: Data & Knowledge Management

Difficulties in Managing Data
 Amount of data increases exponentially over time
 Data are scattered throughout organizations
 Data obtained from multiple internal and external sources
 Data degrade over time
 Data subject to media data rot
 Data security, quality and integrity are critical, yet easily jeopardized
 Information systems that don't communicate with each other can result in inconsistent data
 Federal regulations require corporations to account for how their data are managed
Data Governance: an approach to managing information access to an entire organization

 Uses Master Data Management (a subset of data governance)
 Provides controls over master data (semi-permanent/core data) and transactional data (business
activities)
The Database Approach
 Database are arranged so that one set of software programs - the database management system - provides
all users with access to all data
 Databases minimize the following problems:
o Data Redundancy: the same data are stored in many places
o Data Isolation: applications cannot access data associated with other applications
o Data inconsistency: Various copies of the data do not agree
 Database Management Systems (DBMS) maximize the following:
o Data Security: databases must have extremely high security measures in place to deter mistakes and
attacks since data is stored in one place
o Data Integrity: Data must meet certain constraints, such as no alphabetic characters in a Social
Insurance Number field.
o Data Independence: Applications and data are not linked to each other (kept separate or
independent by the DBMS that controls access), so that all applications are able to access the same
data
Bit (binary digit): represents the smallest unit of data a computer can process (e.g. 1 or 0)
Byte: represents a single character, often composed of 8 bits (e.g. 01101010 which represents a lowercase j)
Field: a logical grouping of related characters
Record: a logical grouping of related fields
File (or table): a logical grouping of related records
Database: a logical grouping or related files
Database Management Systems (DBMS) creates and manages a database

 Relational database model is based on concept of 2-dimensional tables
Data Model: a diagram that represents the entities in the database and their relationships
Entity: is a person, place, thing or event about which an organization maintains information. A record describes an
entity
Instance is one specific, unique representation of the entity
Attribute is a characteristic or quality of a particular entity
Primary key is a field that uniquely identifies a record. Note that every record must have a primary key
Secondary keys are other identifying fields that typically don't identify the file with complete accuracy
Foreign key field(s) are used to uniquely identify a row of another table that is linked to the current table
A database management system is a set of programs that provide users with tools to add, deleted, access, and
analyze data stored in one location
The relational database model is based on the concept of 2-dimensions tables

Structured query language allows users to perform complicated searches by using relatively simple statements or
keywords
Query by example allows users to fill out a grid or template to construct a sample or description of the data
he/she wants
The data dictionary provides information on each attribute, such as its name, whether it is a key or part of a key,
the type of data expected (e.g., alphanumeric, numeric, dates) and valid values
Big Data is so large and complex it cannot be managed by traditional systems

 Characteristics
o Volume: computer-generated from many sources
o Velocity: flows rapidly to/from within the organization
o Variety: in addition to number and text, it includes images, sound, web-based content and
others
 Issues
o Sources can include untrusted sources (emails, social media, call centres)
o Data could be dirty (inaccurate, incomplete, incorrect, duplicate, erroneous, incorrect spelling)
o Big data changes since quality issues can arise during collection that are temporary or permanent
(due to equipment failure)
Big Data in Functional Areas of the Organization

 Human Resources: discovering health care trends to lower health care costs
 Product Development: text mining the Internet to explore customer preferences on a 3-blink signal
 Operations: reducing fuel consumption on deliveries and optimizing delivery routes
 Marketing: creation of 1500 tailored marketing messages by integrating data from internal systems with
social media
 Government Operations: water management systems based on water control sensors
Data Warehouses vs. Data Marts

Databases Data Warehouses
Data Content is from current operations, normally updated in Data Content is from past and current data that is
real time, with high volumes updated at regular intervals (e.g., hourly, daily)
Searching a Database that is part of operations for specific Searching a Data Warehouse can be done with a
queries could slow down operations (with many searches) long turnaround time or even overnight
Content changes frequently due to transaction processing and Content is read-only, data cannot be changed only
changes to master data added to
Organization is optimized for online processing of single Organization is to support business intelligence
transactions applications, such as complex manipulations of arrays
Characteristics of Data Warehouses and Data Marts

 Organized by business dimension or subject
 Use online analytical processing
 Integrated
 Time variant
 Non-volatile
 Multidimensional
The Environment for Data Warehouses and Data Marts Include:

 Source systems that provide data to the data warehouse or data mart
 Data-integration technology and processes that prepare the data for use
 Different architectures for storing data in an organization's data warehouse or data marts
 Different tools and applications for the variety of users
 Metadata, data quality, and governance to ensure that the data warehouse or data mart meets its purposes
Data Integration (ETL: extract, transform, load)

 To extract data from source systems, transform them, and load them into a data mart or warehouse
 Can be performed by hand-written code (e.g. SQL queries) or by commercial data-integration software
 Can be transformed to make them more useful
Storing the Data

 The most common architecture is one central enterprise data warehouse, without data marts, called "a
single version of the truth"
 Independent data marts: store data for a single or a few applications, such as in marketing or finance
 Hub and spoke stores data in a central data warehouse while simultaneously maintain dependent data
marts that obtain their data from the central repository.
o This helps to maintain a single view of the data since it is centrally organized
 Metadata is data about data
 Data Quality is the quality of the data in the warehouse must be adequate to satisfy users' needs
 Governance requires that people, committees, and processes be in place to plan and control the
development and use of the data warehouse
 Users: there are a large number of potential BI users, including IT developers, front line workers, analysts,
information workers, managers, and executives and suppliers, customers and regulators
Knowledge Management
 Knowledge Management (KM) a process that helps organizations manipulate important knowledge that is
part of the organization's memory
 Knowledge: information that is contextual, relevant, and useful, developed with the assistance of expertise,
also known as intellectual capital or intellectual assets)
 Explicit Knowledge: objective, rational, technical knowledge that has been documented
o EX) policies, procedural guides, reports, products, strategies, goals, core competencies
 Tacit Knowledge: cumulative store of subjective or experiential learning
o EX) experiences, insights, expertise, know-how, trade secrets, understanding, skill sets and learning
 Knowledge Management Systems (KMSs) use modern information technologies to systematize, enhance
and expedite knowledge management, with the goal to make the most productive use of knowledge
1. Create
2. Capture
3. Refine
4. Store
5. Manage
6. Disseminate
7. Knowledge
Entry-Relationship (ER) Modeling

 Database designers plan the database design in a process called entity-relationship (ER) modeling
 ER diagrams consists of entities, attributes and relationships organized using business rules
 Business rules describe how the organization uses its data to run its operations
 Entities are shown as rectangles, with relationships shown on the lines between them
ER Modeling Terms
 Degree of relationship: How many linkages?
 Unary: single entity

 Binary: two related entities
 Ternary: three related entities
 Relationship Classifications (connectivity)
o One-to-one (1:1): e.g. student:parking permit
o One-to-many (1:M): e.g. professor:class
o Many-to-many (M:M): e.g. students:classes
 Cardinality: the number of times a single record/instance of one entity can be associated with a single
record/instance of another entity
 Mandatory single: e.g. inventory quantity on hand with its sale price
 Optional single: e.g. employee wage rate with pay cheque (employees may not be paid if they are on
vacation or leave)
 Mandatory Many: e.g. department details with employee details
 Optional Many: customer details with customer sales details/invoices (not all customers purchase every
month)
Cardinality Symbols
Normalization: a method for analyzing and reducing a relational database to its most streamlined form
 Purpose is to provide minimum redundancy
 Focus is to reduce non-key attributes
 Improves processing efficiency of the database
 Functional Dependencies express how attributes are associated (e.g. every pizza order needs a date) and
need to be retained during normalization
 The third normalized form shows that
o There is no data redundancy
o Foreign keys are used to link tables
Closing
 The database approach minimizes the following problems
o Data redundancy
o Data isolation
o Data inconsistency
o Data security
o Data integrity
o Data independence
 Data warehouses enable organizations to work with multiple data sources and databases to analyze
complex big data stores
 Organizations can be use knowledge management to develop best practices, the most effective and efficient
ways of doing things, and to make these practices readily available to a wide range of employees
Chapter 6: Telecommunications & Networking
Computer Network: A system that connects computers and other devices via communications media so that data
and information can be transmitted among them
Bandwidth: the transmission capacity of a network; it is stated in bits per second
Broadband: network transmission capacities ranging from approx. 1 million bits per second to as much as 20
megabits/s with fibre-to-the-home
Size of Computer Networks from Smallest to Largest

 Personal Area Networks (PANs)
 Local Area Networks (LANs)
 Metropolitan Area Networks (MANs)
 Wide Area Networks (WANs), the largest WAN is the Internet
Local Area Networks

 LANs connect 2 or more devices in a limited geographical region
Characteristics Include:
 Every device on the LAN needs an NIC (network interface card) that enables use of the Ethernet standard
 The LAN is hardwired (otherwise it would be a WLAN – wireless LAN)
 Most have a file server or network server
Wide Area Networks

 Networks that cover large geographic areas
 Typically connect multiple LANs
 Have large capacity, typically combine multiple channels
 Contain routers
o A router is a communications processor that routes messages from a LAN to the Internet, across
several connected LANs, or across a wide area network such as the internet
Network Fundamentals
 Analog and Digital Signals
 Communications Media and Channels
 Network Protocols
 Types of Network Processing
Modems: devise that convert analog signals to digital and vice versa
 3 types
Dial-Up modems for use with telephone lines
Cable modems for use with television cable company lines
DSL (Digital Subscriber Line) modems for high speed transmissions over telephone lines
Packet Switching: requires the use of TCP/IP protocols and a network infrastructure (such as the internet) to
support it
TCP: establishes a connection between computers to manage the movement of the packets
 Sequences the packets and transfers them
 Acknowledges the packets that have been sent
IP: disassembles the data into packets

 Delivers the packets to the correct IP address
 Reassembles the packets into the data
Types of Network Processing

Distributed Computing: divides processing work among two or more computers
Client/Server Computing: link 2 or more computers in an arrangement in which some machines, called servers,
provide computing services for user PCs, called clients
Peer-to-Peer (P2P) Processing: a type of client/server processing where each computer acts as both a client and a
server. Each computer can access all files on all other computers
 3 basic types of P2P processing
o The first accesses unused CPU power among networked computers
o The second form is real-time, person-to-person collaboration
o The third is advanced search and file sharing
The Internet: a global WAN that connects approx. 1 million organizational computer networks in more than 200
countries on all continents
Internet Backbone: a fibre-optic primary network and set of telecommunications lines that connect these nodes
An extranet connects parts of the intranets of different organizations
Accessing the Internet

 Connecting via an Online Service: An Internet Service Provider (ISP) is a company that provides internet
connections for a fee
 Connecting via Other Means: smart phones, iPads and other hand-held devices can be used to connect via
wireless local area networks (WLANs)
o Each computer on the internet has an assigned address, called the Internet Protocol (IP) address
Addresses on the Internet

 Top-level domain: the right most part of an internet name
o Common top-level domains are 3 or more letters and include .com, .edu, .gov
o 2 letter country codes are the other type of top-levels domains, such as .ca or .ru
The Future of the Internet

 Experts are concerned that internet users will experience brownouts (temporary unavailability or slower
speeds) due to 3 factors:
1. the increasing number of people who work online
2. the soaring popularity of websites such as YouTube that require large amounts of bandwidth
3. the tremendous demand for high-definition TV delivered over the internet
The World Wide Web (www or W3): A system of universally accepted standards for storing, retrieving, formatting
and displaying information via client/server architecture
Network Applications: Discovery

 By browsing and searching data on the internet, users can apply the internets’ discovery capability to
areas such as education, government and entertainment.
 Tools to facilitate discovery include
o Search engines and metasearch engines
o Publication of material in foreign languages using auto translation
o Portals which are website-based personalized gateways to information that provide information
from different IT systems and/or the internet using advanced search and indexing techniques
 Types of Portals
 Commercial (public) portals provide generalized content
 Affinity portals are for communities of similar interests
 Corporate portals are for a single organization
 Industry wide portals are used by an entire industry
Network Applications: Communication

 Telecommuting has created a distributed workforce known as “digital nomads” – working anywhere
anytime
 Types:
o Electronic Mail (Email): the largest volume application running on the internet.
o Web-Based Call Centres (customer call centres): enables email, telephone or both
simultaneously, often offshore
o Electronic Chat Rooms: provide conversational messages in real time; can be web-based text,
email or IRC (internet relay chat)
o Voice Communication: via the internet is known as VoIP (Voice over the Internet Protocol) where
phone calls are treated as data (e.g. Skype)
o Unified Communications: I the provision of all types of communications via a single platform, e.g.
sending a voice message to email or a text message to voice
Network Applications: Collaborations

 Collaboration refers to efforts of two or more entities who work together to accomplish tasks.
o Synchronous: at the same time, e.g. chat
o Asynchronous: not at the same time e.g. email
 Work Flow: movement of information through a sequence of work steps in a process
 Crowdsourcing: outsources a task to a large undefined group in the form of an open call
Network Applications: Educational

 E-Learning
 Distance Learning (DL): refers to any learning situation in which teachers and students don’t meet face-to-
face
Closing:
 A computer network is a system that connects computers via communications media so that data and
information can be transmitted among them
 There are three types of wireline communications media: twisted-pair, coaxial and fibre-optic cables
 The internet is a global network of computer networks, using a common communications protocol, TCP/IP
 The world wide web is a system that stores, retrieves, formats and displays information accessible
through a browser
 We discuss 4 major categories of network applications: Discovery, Communication, Collaboration,
Education
Chapter 7: E-Business & E-Commerce
E-Commerce: the process of buying, selling, transferring or exchanging products, services or information via
computer networks, including the Internet
E-Business: refers to servicing customers, collaborating with business partners and performing electronic
transactions within an organization
Degree of Digitization:
 Pure vs. Partial E-Commerce: depends on the degree of digitization involved. Consider that the product,
process or delivery agent can be physical and digital
 Brick-and-Mortar: Purely physical
 Virtual Organizations: engaged only in EC (aka pure play)
 Click-and-Mortar: conduct some EC activities, but their business is primarily done in the physical world –
partial EC
 Other combinations: that include a mix of digital and physical dimensions are considered partial EC
Types of E-Commerce
 B2C
 B2B
 C2C = consumer to consumer
 B2E = business to employee
 G2C = government to citizen/business
 M-Commerce = mobile commerce
E-Commerce Business Models

 Online direct marketing: selling online directly to customers
 Electronic tendering system: B2B reverse auction that involves requesting quotes from suppliers
 Name-your-own-price: using an intermediary customers decide how much they're willing to pay
 Fine-the-best-price: intermediaries search for and provide the best price for what customers wants
 Affiliate marketing: logos or banners are placed on partner sites, if purchases are made then the
advertiser pays a commission to the affiliate
 Viral marketing: "friend marketing" relying on people to tell their friends electronically about products
 Group purchasing (e-coops): groups of buyers negotiate volume discounts
 Online Auctions: products are auctioned online
 Product Customization: online self-configuration of products that are individually produced
 Electronic marketplaces and exchanges: online private (one seller) or public (many sellers) marketplaces
attract many buyers
 Bartering Online: exchanges or sales of products without the exchange of cash using intermediary (i.e.
auction using "points")
 Deep Discounters: online direct sales at low prices (i.e. deeply discounted) for special promotions or "fire
sales" e.g. end of lines
 Membership: only members can use the services, which could be products or services. Membership could
be free or paid
Major E-Commerce Mechanisms

 Electronic Catalogues: display products or services available for sale at a fixed price
 Online Auctions: Both types can feature thousands of products or quotes
 Forward Auctions: try to obtain the highest amount for a product or service placed on sale by a buyer
(e.g. ebay)
 Reverse Auctions: the buyer tries to obtain the lowest price from a seller by requesting a quote, (e.g.
merx)
Electronic Payment Mechanisms

 Electronic cheques
 Electronic cards
 Electronic credit cards
 Purchasing cards
 Stored-value money cards
 Smart cards
 Digital wallets
Benefits of E-Commerce
 Benefits to Organizations
o Makes national and international markets more accessible.
o Lowering costs of processing, disturbing and retrieving information
 Benefits to Customers
o Access a vast number of products and services 24/7
 Benefits to Society
o Ability to easily and conveniently deliver information, services, and products to people in cities,
rural areas and developing countries
Limitations of E-Commerce
 Technological Limitations
o Lack of universally accepted security standards
o Insufficient telecommunications bandwidth in some areas
o Expensive accessibility to the web in some countries or regions
 Non-Technological Limitation are perceptions that:
o Ecommerce is insecure
o There are unresolved legal issues
o It lacks a critical mass of sellers and buyers
B2C Electronic Commerce

 Smaller than B2B but more complex
 Many buyers making millions of diverse transactions daily
 Companies need to process many (potentially small) orders quickly and efficiently
o B2B topics:
 Electronic storefronts: have a unique URL for a single organization, they can be
extensions of physical stores
 Electronic Malls: have many individual shops groups under a single URL. There are 2
types…
 Referral Malls: which transfer you to the website of the shop that is part of the
referral mall
 Purchasing Malls: provide a common shopping cart for multiple vendors
 Online service industries
 Advertising models
 Issues in e-tailing
Online Service Industries

 Online Service involves customers accessing services via the web
 Intermediaries provide information and/or provide value-added services
 When the function(s) of these intermediaries is automated or eliminated, this process is called
disintermediation
 Examples:
o Cyberbanking
o Online securities trading
o Online job market

o Travel services
o Online advertising
Online Advertising Methods

 Banners
 Pop-Up Ad: appears in front of the active window
 Pop-Under Ad: appears underneath the active window
 Spamming
 Permission marketing: asks consumers to give their permission to voluntarily accept online advertising
and email
 Viral Marketing
 Advertising is an attempt to disseminate information in order to influence a buyer-selling transaction
 Internet advertising redefines the advertising process, making it media-rich
Problems in E-Tailing
 Channel Conflict: occurs when click-and-mortar companies may face a conflict with their regular
distributors when they sell directly to customers online
 Showrooming: shoppers visit a brick-and-mortar store to look at products in person, then research the
product online, often buying it elsewhere
 Order Fulfillment: involves finding the product to be shipped; packaging the products; arrange for speedy
delivery to the customer; and handle the return of unwanted or defective products
Solving the Problem

 Multi-channelling: a process many companies use to integrate their online and offline channels (also
known as omni-channelling)
B2B Electronic Commerce

 In B2B e-commerce, the buyers and sellers are organization
 There are…
o Sell-side marketplaces: organizations sells their products or services to other organizations
electronically from their own website and/or from a third-party website
 Key Mechanisms: electronic catalogues and forward auctions
o Buy-side marketplaces: a model in which organizations attempt to buy needed products or
services from other organizations electronically
 Key Mechanism: reverse auctions
 Supporting Processes: E-Procurement, Group Purchasing
o Electronic exchanges: private exchanges have one buyers and many sellers
 E-Marketplaces, called public exchanges are independently owned by a third party and
connect many sellers and many buyers
 There are 3 basic types of public exchanges
 Vertical: connects buyers and sellers in a given industry
 Horizontal: connects buyers and sellers across many industries
 Functional: provide needed services such as temporary help or extra office
space on as "as needed" basis
Ethical and Legal Issues

 Privacy
 Tracking
 Use of the internet for illegal or unethical purposes
Legal and Ethical Issues Specific to E-Commerce

 Fraud on the Internet: fraud activity (i.e. stocks, auctions, investments, business opportunities)
 Domain Names: are considered to be legal when the person or business who owns the name has
operated a legit business under that name for some period of time
 Cybersquatting: the practice of registering or using domain names for the purpose of profiting from the
goodwill or the trademark that belongs to someone else
 Domain Tasting: a practice of registrants using the 5-day "grace period" at the beginning of a domain
registration to profit from pay-per-click advertising
 Taxes and Other Fees: require appropriate collection from website vendors
 Web Copyright Protecting: intellectual property in ecommerce and enforcing copyright laws is extremely
difficult bc it involves hundreds of millions of people who have access to billions of web pages in about
200 countries with differing copyright laws
Chapter Closing
 Common types of electronic commerce: B2C, B2B, C2C, B2E, G2C EC and G2B EC
 Examples of on-line services of B2C EC: Electronic banking, On-line securities trading, On-line job
matching, On-line travel services, and On-line advertising
 Types of electronic payments: Electronic cheques, electronic cards and digital wallets
 Three business models for B2B EC: sell-side marketplace, buy-side marketplace, and exchanges.
 Two major ethical issues relating to electronic commerce: privacy, tracking, use of the Internet for
unethical purposes, fraud, inappropriate use of domain names, taxes and web copyright
Chapter 8: Wireless, Mobile Computing and Mobile Commerce
Mobile Computing: involves a real-time, wireless connection between a mobile device and other computing
environments, such as the Internet or an intranet
 2 major characteristics that differentiate is from other forms of computing
o Mobility and Broad Reach
 5 Value-Added Attributes
o Ubiquity: can provide info and communications regardless of user’s location
o Convenience
o Instant Connectivity
o Personalization
o Localization of products and services: knowing a user’s location helps companies advertise their
products and services
Mobile Commerce: involves e-commerce transactions that are conducted with a mobile device
 The development of M-Commerce is driven by the following factors
o Widespread availability of mobile devices
o No need for a PC
o The “cellphone culture”
o Declining prices
o Bandwidth improvement
Mobile Commerce Applications

 Location-Based Applications and Services
o Shopping from wireless devices
o Location-based advertising and services
 Financial Services
o Online banking, money transfers, wireless wallets, bill payment services
 Intrabusiness Applications
o Used to facilitate organization workflows like for delivery and dispatching
 Accessing Information
 Telemetry: the wireless transmission and receipts of data gathered from remote sensors
o Ex) medicine, OnStar for vehicles, find my iPhone
The Internet of Things (Ubiquitous Computing): means that virtually every object has processing power with
wireless or wired connections to a global network
 A system in which any object, natural or manmade, has a unique identity (a unique IP address)
 Was made possible by the adoption of IPv6 that created an uncountable number of IP address
 Requires the use of wireless sensors and two technologies to support IoT infrastructure
o Radio Frequency Identification (RFID)
o Wireless Sensor Networks
 Also called, the internet of everything, the internet of anything, the industrial internet and Machine-to-
Machine (M2M)
Wireless Devices: provide 3 major advantages

1. are small enough to easily carry or wear
2. have sufficient computing power to perform productive tasks
3. can communicate wirelessly with the internet and other devices
Smart Phones are part of dematerialization: functions of many devices are included in one physical device – so
some of the other devices disappear
Wireless Transmission Media

 Wireless media, or broadcast media, transmit signals without wires. The major types of wireless media
are…
o Microwave: using electromagnetic waves
o Satellite: requires communication satellites
o They can be GEO (geostationary), MEO (Medium-earth-orbit) or LEO (low-earth-orbit)
Advantages & Disadvantages of Wireless Media
The Global Positioning System

 GPS is a wireless system that uses satellites to enable users to determine their position anywhere on
earth
 Its supported by 24 MEO satellites that are shared worldwide
 3 satellites (for 2D location) or 4 satellites (for 3D location) can find the location of any receiving station or
users within a range of 3 metres
 GPS software also can convert the user’s latitude and longitude to an electronic map
International GPS
 Russian GLONASS
 European Union GALILEO
 China BEIDOU
Short Range Wireless Networks

 Bluetooth
o An industry specification used to create small personal area networks
 ultra-wideband (UWB)
o high-bandwidth wireless technology with transmission speeds in excess of 100Mbps
o Ex) streaming multimedia from a personal computer to a television
o Enables firefighters to detect people behind walls, or in a smoke-filled environment with no

visibility
 near-field communications
o has the smallest range of the others
o designed to be embedded in mobile devices such as cell phones and credit cards
o Ex) Tap to pay
Medium Range Wireless Networks

 Wireless Fidelity (WiFi)
o Is a medium-range wireless local area network (WLAN) which is basically wired like LAN, but
without the cables
o Typically has a transmitter with an antenna, called a wireless access point, that connects to a
wired LAN or to satellite dishes that provide internet connection
o Range of up to 100 metres
 WiFi Direct
o Using peer-to-peer communications enabling devices to connect with each other directly
 MiFi
o A small, portable, wireless devices that provides users with a permanent WiFi hotspot wherever
they go
o The range is about 10 metres
 Super WiFi
o A wireless network that creates long distance wireless internet connections using “white spaces”
between broadcast TV channels
Wide Area Networks

 cellular radio
o 3rd Generation (3G)
o 4th Generation (4G)
 Wireless broadband (WiMAX)
o Worldwide Interoperability for Microwave Access (WiMAX)
o Has wireless range of up to 50 kilometres
o Is a secure system offering voice and video features
o Antennas can transmit broadband internet connections to antennas on homes and businesses
o Can provide long-distance broadband wireless access to rural areas and other location that aren’t
currently being served
Product Coding: QR, RFID, UPC

 A QR (quick response) code is a 2D code, readable by dedicated QR readers and camera phones
 Radio-Frequency Identification (RFID) systems use tags with embedded microchips, which contain data,
and antennas to transmit radio signals over a short distance to RFID readers
 A typical barcode, known as the Universal Product Code (UPC), is made of 12 digits that are batching in
various groups
QR Codes
 Can store more info than barcodes
 Datatypes include numbers, text, URLs and even Japanese characters
 Size is small because they store information horizontally and vertically
 Can be read from any direction or angle, so the possibility of a failed reading of a QR code is reduced
 More resistant to damage than barcodes
RFID Tags
 2 basic types of tags
o Active RFID tags use internal batteries for power and broadcast radio waves to a reader
o Passive RFID tags rely on readers for their power
Barcodes
 First digit identifies the item types
 Next 5 digits identify the manufacturer
 Next 5 digits identify the product
 Last digit is a check digit for error detection
Wireless Security
 5 major threats to wireless networks
o Rogue Access Point: unauthorized access point to a WLAN
o Evil Twin Attach: an imposter with a computer connects to your computer, pretending to be your
normal (or another) access point
o War Driving locating WLANs while driving or walking
o Eaves Dropping: efforts by an unauthorized user to try to access data travelling over wireless
networks
o RF Jamming (Radio Frequency): a person or device intentionally or unintentionally interferes with
your wireless network transmissions
Chapter Closing:
 4 main types of wireless transmission media
o Microwave transmission
o Satellite transmission
o Internet over satellite
o Radio transmission
 3 types of wireless networks
o Short-range
o Medium-range
o Wide area
 5 major M-Commerce applications
o Location-based services
o Mobile financial applications
o Intrabusiness applications
o Accessing information
o Telemetry
 2 technologies provide the infrastructure for pervasive computing:
o Radio-frequency identification (RFID)
o Wireless sensor networks (WSNs)
 5 major threats to wireless networks
o Rogue access points
o Evil twin attacks
o War driving
o Eavesdropping
o RF jamming
Chapter 10: Information Systems within the Organization

 A Transaction is any business event that generates data worth being captured and stored in a database
o EX) a product manufactured, a service sold, a payroll cheque generated
 Transaction Processing Systems (TPS) are inputs for functional area information systems and business
intelligence systems, as well as for business operations such as customer relationship management,
knowledge management and e-commerce
o TPS support the monitoring, collection, storage and processing of data generated by each of the
organization’s basic business transactions and are critical to their functioning
o The TPS collects data continuously, in real time, as soon as the data are generated, and it
provides the input data for the corporate databases
Management of TPS
 Database needs to be protected from errors resulting from overlapping updates
 Protection is also needed against inconsistencies arising from a failure of any component at any time
 Processes must be in place to deal with cancellation of transactions before they are updates, or the ability
to reverse or make correction/adjustment to transactions
 All transactions plus corrections, reversals or adjustments need to have an audit trail so that the
transaction or business event can be tracked through the accounting records
Functional Area Information Systems

 FAIS provide support for the various functional areas in an organization by increasing each area’s internal
efficiency and effectiveness.
 They often provide information in a variety of reports
o Accounting & Finance
 Financial planning and budgeting
 Managing financial transactions
 Global stock exchanges
 Currency management
 Expense management automation
 Auditing
 Financial ratio analysis
o Marketing
 Providing data for customer relations
 Documenting customer profiles and preferences
 Sales force automation
o Production/Operations Management (POM)
 In-house logistics and materials management
 Inventory management
 Quality control
 Product life cycle management
o HR Management
 HRIS
 Recruitment
 HR development
 HR planning and management
 Payroll
 Benefits administration
 Employee relationship management
Reports
 Routine reports are produced at scheduled intervals (hourly quality control, daily reports on absenteeism)
 Non-Routine/Ad Hoc are on demand reports
o Drill-down reports display a greater level of detail
o Key-Indicator reports summarize the performance of critical activities
o Comparative Reports may compare performances of different business units or of a single unit
during different time periods
 Exception Reports include only information that falls outside certain threshold standards or criteria
Enterprise Resource Planning Systems (ERP)

 ERP systems adopt a business process view of the overall organization to integrate the planning,
management, and use of all of an organization’s resources, employing a common software platform and
database
 The major objective is to tightly integrate the functional areas of the organization, enabling information to
flow seamlessly across them
 ERP systems function much the same as FAISs and produce the same reports
 ERP systems “simply” integrate the function of the various FAISs
 ERP systems provide the information necessary to control the business processes of the organization
 Most organization use commercially available ERP software like SAP and Oracle
 ERP II systems are interorganizational ERP systems that provide web-enabled links between a company’s
key business systems (like inventory and production) and its customers, suppliers, distributors and others
o These links integrate internal-facing ERP applications with the external-focused applications of
supply chain management and customer relationship management
ERP Modules
 Core ERP Modules
o Financial management
o Operations management
o HR management
 Extended ERP Modules
o Customer relationship management
o Supply chain management
o Business intelligence
o E-business
Benefits of ERP Systems

 Organizational Flexibility & Agility
o ERP systems break down many former departmental and function silos of business processes, IS
and information resources
o The organization therefore can react quickly to changing business conditions and capitalize on
new business opportunities
 Decision Support
o Provide essential information on business performance across functional areas
o This info significantly improves managers’ ability to make better, more timely decisions
 Quality and Efficiency
o Integrate and improve an organization’s business processes, resulting in significant
improvements in the quality of customer service, production and distribution
Limitations of ERP Systems

 Companies may need to change existing business processes to fit the predefined business processes of
the software (best practices)
 Complex, expensive and time consuming to implement
 Underestimating the complexity of the planning, development, and training required to prepare for a new
ERP system
Implementing ERP Systems

 On Premise ERP Implementation
o Vanilla Approach: use the standard ERP package
o Custom Approach: analyze needs and have the software customized in response to the
documented design document
o Best of Breed: Use the ERP Vanilla software and integrate with other software
 SaaS ERP
o Lease ERP software that is cloud-based normally using the vanilla approach
Enterprise Application Integration (EAI) System integrates existing systems by providing software, called
middleware, that connects applications together, an alternative to using ERP
Pros of SaaS ERP and EAI

 Anywhere anytime use
 Lower initial cost of hardware and software
 Scalable: pay for only what you use
Cons of SaaS ERP and EAI

 Security issues associated with internet-based computing
 Using the vanilla approach potentially reduces competitive advantage
 Usage problem if the internet is not available to capacity problems arise with the service provider
ERP Support for Business Processes

 How ERP can help the 3 common examples of cross-departmental processes
o Procurement
o Fulfillment
o Production
 Basically, just allows all involved departments to share documents
Chapter Closing
 TPSs monitor, store, collect and process data generated from all business transactions
 Major business functional areas are accounting/finance, marketing, production/operations management
and HR management
 3 major types of reports generated by FAIS and ERP are routing, non-routine/ad hoc, and exception
 Enterprise resource planning (ERP) systems integrate the planning, management and use of all of the
organization’s resources.
o ERP II enables web-based processing
Chapter 11: Customer Relationship Management & Supply Chain Management
Customer Relationship Management (CRM): a customer-focused and customer-driven organizational strategy

 Geared toward personal marketing rather than marketing to a mass of people or companies
 Businesses market to each customer individually
 The goal is to have customer intimacy which would enable organizations to develop highly individualized
offers that customers are more likely to accept
 Isn’t a process or a technology – rather a customer-centric way of thinking and acting
 Manages customer relationships, helps companies acquire new customer, retain existing profitable
customers, and grow relationships with existing customers
The CRM Process (p. 302)
 Data Consolidation: 360-Degree View of Customers

 Collaboratives CRM Systems provide effectives and efficient interactive communication with the
customer throughout the entire organization
o Integrate communications between the organization and its customers in all aspects of
marketing, sales and customer support
 Typically, a CRM system in an organization contains 2 major components
1. Operational CRM Systems
2. Analytical CRM Systems
Operational CRM Systems

 Supports front-office business processes
 Front-office processes are those that directly interact with customer (sales, marketing and service)
 2 Major Components of Operational CRM:
o Customer-facing applications
 An organization’s sales, field service and customer interaction centre representatives
interact directly with customers
o Customer-touching/electronic CRM (e-CRM) applications
 Customer interact directly with these technologies and applications
 Benefits:
o Provide efficient, personalized marketing, sales and service
o Get 360-degree view of each customer
o Give sales and service employees access to a complete history of customer interactions with the
organization
o Improve sales and account management
o Form individualized relationships with customers
o Identify the most profitable customers and provide them the services they need
o Provide employees with the information and processes necessary to know their customers
o Understand and identify customer needs
o Effectively build relationships among the company, its customer base and its distribution
partners
Customer-Facing Applications
 Customer service & support: systems that automate service requests, complaints, product returns and
requests for information
 Sales force automation (SFA): automatically records all of the components in a sales transaction process.
o Include a contact management system: tracks all contacts that have been made with a customer,
the purpose of each contact, and any necessary follow-up.
o SFAs also include sales forecasting and product knowledge systems
 Marketing: systems enable marketers to identify and target their best customers, to manage marketing
campaigns, and to generate quality leads for the sales teams
o Cross Selling: the marketing of additional related products to customers based on a previous
purchase
o Up Selling: a sales strategy in which the business provides to customers the opportunity to
purchase higher-value related products or services in place or, or along with, the consumer’s
initials product or service selection
o Bundling: a form of cross-selling in which a business sells a group of products or services together
at a lower price than their combined individual prices
 Campaign management applications: help organizations plan campaigns that send the right messages to
the right people through the right channels
Customer-Touching Applications
 Customers interact directly with online technologies and applications rather than interact with a company
representative.
o Customer typically can use these applications to help themselves:
 Search and Comparison Capabilities using MySimon
 Technical & Other Information Services at GoodYear
 Customized Products & Services at Gap Canada
 Personalized Web Pages
 FAQs
 E-mail and automated response
 Loyalty Programs at Air Canada
Analytical CRM Systems

 Provide business intelligence to analyze customer data for a variety of purposes:
o Designing and executing targeted marketing campaigns
o Increasing customer acquisition, cross selling and up selling
o Providing input into decisions relating to products and services
o Providing financial forecasting and customer profitability analysis
Supply Chains: the flow of materials, information, money and services from raw material suppliers, through
factories and warehouses, to the end customers
 It includes the organizations and processes that create and deliver products, information and services to
end customers
Supply Chain Visibility: the ability for all organizations in a supply chain to access or view relevant data on
purchased materials as these materials move through heir suppliers’ production processes and transportation
networks to their receiving docks
Generic Supply Chain:
Flows of the Supply Chain

 Material: physical products, raw materials, supplies, etc. that flow along the chain
o Material flows include…
 Reverse Flows: returned products, recycled products and disposal of materials or
products. Involves the Product Life Cycle approach – “from dirt to dust”
 Information: data related to demand, shipments, orders, returns and schedules, as well as changes in any
of these data
 Financial: money transfers, payments, credit card information and authorization, payment schedules, e-
payments and credit-related data
Supply Chain Management (SCM): to plan, organize, and optimize the various activities performed along the
supply chain
Interorganizational Information System (IOS): information flows among two or more organizations
 Reduces costs of routine business transactions
 Improves quality of information flow by reducing or eliminating errors
 Compresses cycle time in fulfilling business transactions
 Eliminates paper processing and its associated inefficiencies and costs
 Makes transfer and processing of information easier for users
Push Model & Pull Model

 Push Model aka “Make-to-stock”
o The production process begins with a forecast, which is simply an educated guess as to a
customer demand
o The forecast must predict which products customers will want as well as the quantity of each
product
o The company then produces the amount of products in the forecast, typically by using mass
production, and sells, or “pushes” those products to customers
 Pull Model aka “Make-to-order”
o The production process begins with a customer order
o Therefore, companies only make what customers want, a process closely aligned with mass
customization
Problems Along the Supply Chain

 Poor customer service
 Poor quality
 High inventory costs
 Loss of revenues
 The problems along the supply chain arise primarily from 2 sources: uncertainties and the need to
coordinate multiple activities, internal units and business partners
The Bullwhip Effect

 Erratic shifts in order up and down the supply chain
Solutions to Supply Chain Problems

 Vertical integration
 Using inventories and building inventories just-in-time
 Information sharing – Vendor-managed inventory (VMI)
Information Technology support for Supply Chain Management

 Electronic Data Interchange (EDI): a communication standard that enables business partners to exchange
routine documents, such as purchasing orders, electronically
o PROS
 Minimize data entry errors
 Length of messages are shorter
 Messages are secured
 Reduces cycle time
 Increases productivity
 Enhances customer service
 Minimizes paper usage and storage
o CONS
 Sometimes business processes must be restructured
 Multiple EDI standards exist
 EDI is being replaces by XML-based web services
 Extranets: allows external business partners to enter the corporate intranet, via the Internet, to access
data, place orders, check the status of those orders, communicate and collaborate. Extranets use VPN
technology to make communication over the internet more secure
o PROS
 Faster processes
 Information flow
 Improved order entry and customer service
 Lower costs
 Overall improved business effectiveness
 Portals & Exchanges: enable companies and their suppliers to collaborate very closely
o Procurement Portals: automate the business processes involved in purchasing or procuring
products between a single buyer and multiple suppliers
o Distribution Portals: automate the business processes involved in selling or distributing products
from a single supplier to multiple buyers
Chapter Closing
 CRM is an organization strategy that is customer focused and customer driven
 Collaborative CRM is an organizational CRM strategy where data consolidation and the 360-degree view
of the customer enable the organization’s functional areas to readily share information about customers
 Two major components of operational CRM systems:
o Customer-facing CRM
o Customer-touching CRM
 Analytical CRM systems analyze customer behaviour and perceptions in order to provide business
intelligence
 Additional CRM systems:
o On-demand
o Mobile
o Open-source
o Social
 Supply chain is the flow of materials, information, money and services from raw material suppliers,
through factories and warehouses to the end customer
o Three components: upstream, internal, downstream
o Three flows: materials, information, financial
o Two major challenges: demand forecast, bullwhip effect

o IT support for supply chain management: EDI, extranets, portals and exchanges
 Electronic data interchange (EDI) is a communication standard that enables the electronic transfer of
routine documents, such as purchasing orders, between business partners
 Extranets are networks that link business partners over the internet
 Corporate portals offer a single point of access through a web browser to critical business information in
an organization
Chapter 12: Business Intelligence & Analytics
Business Intelligence (BI): a broad category of applications, technologies and processes for gathering, storing,
accessing and analyzing data to help business partners make better decisions
 Management is a process by which an organization achieves its goals through the use of resources
(people, money, materials and information)
 These resources are considered to be inputs
o Achieving the organization’s goals is the output of the process
o The ratio between the input & outputs is an indication of the organization’s productivity
Manager’s performs 3 basic roles (Mintzberg, 1973)

 Interpersonal: figurehead, leader, liaison
 Informational: monitor, disseminator, spokesperson, analyzer
 Decisional: entrepreneur, disturbance handler, resource allocator, negotiator
A decision is a choice among two or more alternatives that individuals and groups make
Decision making is a systematic process
 Herbert Simon (1977) described decision making as composed of three major phases
o Intelligence
o Design
o Choice
o Followed by implementation and evaluation
Why Managers need IT Support

 Number of alternatives is constantly increasing
 Most decisions must be made under time pressure
 Decisions are becoming more complex
 Decision makers, as well as the information, can be situated in different locations
Framework for Computerized Decision Analysis
The Scope of BI
 3 specific BI targets that represent different levels of change:
o Development of one or a few related BI applications
 EX) campaign management in marketing

o Development of infrastructure to support enterprise-wide BI
 EX) enterprise data warehouse
o Support for organizational transformation
 EX) support for new business model
 Targets differ in terms of their focus, scope, level of sponsorship, commitment and required resources,
technical architecture, impacts on personnel and business processes and benefits
BI applications for Data Analysis

 Online Analytical Processing (OLAP) or Multidimensional analysis
o “slices & dices” data stored in a dimensional format, drills down in the data to greater details and
aggregates the data
 Data Mining
o Can perform two basic operations:
 Predicting trends and behaviours (e.g. for targeted marketing and predicting
bankruptcy)
 Identifying previously unknown patterns (e.g. for detecting fraudulent credit card
transactions)
 Decision Support Systems (DSS)
o Capabilities:
 Sensitivity Analysis: the study of the impact that changes in one or more parts of a
decision-making model have on other parts
 What-If Analysis: attempts to predict the impact of a change in the assumptions (input
data) on the proposed solution
 Goal-Seeking Analysis: represents a “backward” solution approach
 Attempts to find the value of the inputs necessary to achieve a desired level of
output
A dashboard provides easy access to timely information and direct access to management reports
Capabilities:
 Drill-down
 Critical Success Factors (CSFs)
 Key Performance Indicators (KPIs)
 Status Access
 Trend Analysis
 Exception Reporting
Data Visualization Technologies

 Geographic Information Systems: Computer-based system for capturing, integrating, manipulating, and
displaying data using digitized maps
o GIS allows analysts to extract information from the usage patterns of mobile phones and other
wireless devices
o EX) integration of GIS and GPS
Chapter Closing
 The decision-making process includes: intelligence, design, and choice followed by implementation and
evaluation of the solution
 There are three major ways levels of change for the organizations that use BI
o Development of one or a few related BI applications
o Development of infrastructure to support enterprise-wide BI
o Support for organization transformation
 BI applications available to analyze data include multidimensional analysis, data mining and decision
support systems
 BI applications that present the results of data analyses to users include dashboards and geographic
information systems
Chapter 13: Acquiring Information Systems & Applications
Planning for and Justifying IT Applications

 The need for information systems is related to organizational planning and to the analysis of the
organization’s performance vis-à-vis its competitors
 The cost-benefit justification must determine whether investing in a specific IT application is preferable to
spending the funds on alternative projects
IT Strategic Plan
 A set of long-range goals that describe the IT infrastructure and identify the major IT initiatives needed to
achieve the organization’s goals
 Must meet 3 objectives
o Aligned with the organization’s strategic plan
o Provide for an IT architecture that seamlessly networks users, applications and databases
o Efficiently allocate IS development resources among competing projects so that the projects can
be completed on time and within budget and will have the required functionality
IT Steering Committee
 One critical component in developing and implementing the IT strategic plan is the IT steering committee
 The committee’s major tasks are:
o To link corporate strategy with IT strategy
o To approve the allocation of resources for the MIS function
o To establish performance measures for the MIS function
o Ensure that the performance standards are met
IS Operational Plan
 Consists of a clear set of projects that the IS department and the functional area managers will execute in
support of the IT strategic plan
 A typical IS operational plan contains the following elements
o Mission
o IT environment
o Objectives of the IT function
o Constraints of the IT function
o Application portfolio
o Resource allocation and project management
Evaluating & Justifying IT Investment: Benefits, Costs & Issues

4 common approaches organizations use to conduct the Cost-Benefit Analysis
 Net Present Value (NPV)
 Return on Investment (ROI)
 Breakeven Analysis
 Business Case Approach
Strategies for Acquiring IT Applications

 Purchase a prewritten application
 Customize a prewritten application
 Lease the application
 Use application service providers and software-as-a-a service (SaaS) vendors
 Use outsourcing
 Use continuous development
 Use custom development
Pros and Cons of the “buy” Option

Pros Cons
- Many choices - Many not meet needs
- Test software early - Difficult to modify
- Save time - No control over content
- Familiar product - Difficult to integrate
- Eliminate need to hire specialized personnel - May be discontinued
- Controlled by another company
- No knowledge of underlying technology
Traditional Systems Development Life Cycle (SDLC)

 The SDLC is a structured framework that consists of sequential processes
o Systems Investigation
o Systems Analysis
o Systems Design
o Programming and Testing
o Implementation
o Operation and Maintenance
6-Stage SDLC with Supporting Tools – p.36
SDLC – Systems Investigation

 The feasibility study is the main task of the Systems Investigation phase
 The feasibility study helps the organization choose from 3 options:
o Do nothing and continue to use the existing system unchanged
o Modify or enhance the existing system
o Develop a new system
Feasibility Study
 Provides a rough assessment of the project’s:
o Technical Feasibility: determines whether the company can develop and/or acquire the
hardware, software, and communications components needed to solve the business problem
o Economic Feasibility: determines whether the project is an acceptable financial risk and, if so,
whether the organization has the necessary time and money to successfully complete the project
o Behavioural Feasibility: addresses the human issues of the systems development project
SDLC – System Analysis

 The examination of the business problem that the organization plans to solve with an information system
 Main purpose is to gather information about existing system to determine requirements for the new or
improved system
 Deliverable is a set of system requirements, also called user requirements
 User requirements identify the specific requirements that the system must satisfy
SDLC – Systems Design

 Describes how the system will resolve the business problem
 The deliverable is a set of technical system specifications, which specifications, which specifies the
following:
o System outputs, inputs, calculations or processing and user interfaces
o Hardware, software, databases, telecommunications, personnel and procedures
o A blueprint of how these components are integrated
 Adding functions after the project has been approved and initiated causes Scope creep, which endangers
the project’s budget and schedule
SDLC – Programming and Testing

 Programming involves the translation of a system’s design specification into computer code
 Testing checks to see if the computer code will produce the expected and desired results under certain
conditions
 Testing is designed to delete errors (bugs) in the computer code
SDLC – Systems Implementation

 Implementation involves the use of a conversion strategy
o Direct Conversion
o Pilot Conversion
o Phased Conversion
o Parallel/Historic Parallel Conversion
SDLC – Operation & Maintenance

 Audits are performed to assess the system’s capabilities and to determine if it’s being used correctly
 Systems need several types of maintenance
o Debugging
o Updating
o Adding new functions or updated systems (maintenance)
Alternative Methods and Tools for Systems Development

 Joint Application Design (JAD)
 Rapid Application Development (RAD)
 Agile Development
 End-User Development
RAD vs. SDLC

 The development process in RAD is iterative, similar to prototyping (requirements, designs and the system
itself are developed and then undergo a series of improvements)
 RAD uses ICASE tools to quickly structure requirements and develop prototypes
 As the prototypes are developed and refined, users review them in additional JAD sessions
 RAD produces the functional components of a final system, rather than prototypes
Agile Development
 One type of agile development uses the scrum approach
o a key principle of scrum is that during a project, users can change their minds about what they
and need
o scrum acknowledges that a development problem cannot be fully understood or defined from
the start
 the scrum approach contains sets of practices and predefined roles
 the primary roles are:
o The Scrum Master: maintains the processes (typically replaces a project manager)
o The Product Owner: represents the business users and any other stakeholders in the project
o The Team: a cross-functional group of about 7 people who perform the actual analysis, design,
coding, implementation, testing, etc.
Tools for Systems Development

 Prototyping
 Integrated Computer-Assisted Software Engineering Tools (ICASE)
 Component-Based Development
 Object-Oriented Development
Chapter Closing
 There are 3 objectives an IT strategic plan must meet. There are 4 common approaches to cost-benefit
analysis
 There are 4 business decisions that companies must make when they acquire new applications
 There are 6 processes involved in the systems development life cycle: systems investigation, systems
analysis, systems design, programming and testing, implementation, operation and maintenance
 There are 4 alternative development methods and 4 tools that augment development methods
 The process of vendor and software selection is composed of 6 steps
o Identify potential vendors, determine evaluation criteria, evaluate vendors and packages, choose
the vendor and package, negotiate a contract, and establish service-level agreements

MIS Midterm Review

Uploaded by

Copyright:

Available Formats

MIS Midterm Review

Uploaded by

Document Information

Original Description:

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

MIS Midterm Review

Uploaded by

Copyright:

Available Formats

ADM2372(M) MIS Midterm Review CH.

Chapter 1: Introduction to Information Systems

Benefits of Being an Informed User

Factors that Increase Difficulties and Complexity of Managing Information Systems:

Traditional Function of MIS Departments:

Consultative Functions of MIS Departments:

Various Types of Computer-Based Information Systems in an Organization

3. Interorganizational Information Systems: support many interorganizational operations, of which supply

Major Capabilities of Information Systems

Breadth of Support of Information Systems

How IT Impacts Organizations

How IT Impacts Managers

How IT Impacts Employees

Importance of Information Systems to Society

Chapter 2: Organizational Strategy, Competitive Advantage, and Information Systems

How does an organization ensure business process excellence?

Measures of Excellence in Executing Business Processes

5 Phases of Business Process Improvement (BPI)

BPI vs. BPR

 Low risk/low cost  High risk/high cost

Emerging Trend of Social BPM

3 Areas where IT is Particularly Valuable for Going Green

Porter’s Competitive Force Model – p. 50

1. Threat of Entry of New Competitors

2. The Bargaining Power of Suppliers

3. The Bargaining Power of Customers (buyers)

4. The Threat of Substitute Products or Services

5. The Rivalry Among Firms in an Industry

Porter’s Value Chain Model – p. 52

Strategies for Competitive Advantages – Examples

Characteristics of Excellent Alignment:

Chapter 3: Ethics and Privacy

Traditional and GVV Approaches to solving Ethical Issues – p. 66

1. Recognize an ethical issue 1. Identify an ethical issue

4 General Categories of Ethical Issues in IT Applications

Court decisions have followed 2 rules for defining privacy

10 Basic Principles of PIPEDA 4. Limiting collection 7. Safeguards

Chapter 4: Information Security & Controls

Types of Threats: Unintentional, Deliberate

3. Nuclear power plants

How Organizations Protect Themselves

Difficulties in Protecting Information Resources – p. 95

The 3 Processes of Risk Management

General Controls can be physical, access and communication

Virtual Private Network & Tunneling – p. 106

Examples of Employee Monitoring Systems: SpectorSoft, Forcepoint

Business Continuity Planning (BCP): provides continuous availability

Chapter 5: Data & Knowledge Management

Data Governance: an approach to managing information access to an entire organization

Record: a logical grouping of related fields

File (or table): a logical grouping of related records

Database: a logical grouping or related files

Database Management Systems (DBMS) creates and manages a database

Instance is one specific, unique representation of the entity

Attribute is a characteristic or quality of a particular entity

The relational database model is based on the concept of 2-dimensions tables

Big Data is so large and complex it cannot be managed by traditional systems

Big Data in Functional Areas of the Organization

Data Warehouses vs. Data Marts