BUS220 - Week 1

Question 1

Organizational impacts of IT

Answer 1

To succeed in today’s environment, it is often necessary to change business models and strategies.
IT enables organizations to survive and thrive in the face of relentless business pressures.
IT may require a large investment over a long period of time.
Organizations can utilize their platforms to develop new Web-based applications, products, and services, as well as to provide superb customer service.

Question 2

business process

Answer 2

A collection of related activities that produce a product or a service of value to the organization, its business partners, and/or its customers.

Question 3

Impact of IT on organizations

Answer 3

• Need to change business modes & strategies
• IT enables orgs to survive & thrive under relentless pressures
• May require a large investment
• Orgs can utilize their platforms to develop new web-based applications, products and services/superb service

Question 4

business process management (BPM)

Answer 4

A management technique that includes methods and tools to support the design, analysis, implementation, management, and optimization of business processes.

Question 5

data items

Answer 5

An elementary description of things, events, activities, and transactions that are recorded, classified, and stored but are not organized to convey any specific meaning.

Question 6

.digital divide

Answer 6

he gap between those who have access to information and communications technology and those who do not.

Question 7

globalization

Answer 7

The integration and interdependence of economic, social, cultural, and ecological facets of life, enabled by rapid advances in information technology.

Question 8

individual social responsibility (see organizational social responsibility)
information

Answer 8

Data that have been organized so that they have meaning and value to the recipient.

Question 9

information systems (see management information systems)
information technology

Answer 9

Any computer-based tool that people use to work with information and support the information and information-processing needs of an organization.

Question 10

information technology (IT) architecture

Answer 10

A high-level map or plan of the information assets in an organization.

Question 11

information technology (IT) infrastructure

Answer 11

The physical facilities, IT components, IT services, and IT personnel that support an entire organization.

Question 12

knowledge

Answer 12

Data and/or information that have been organized and processed to convey understanding, experience, accumulated learning, and expertise as they apply to a current problem or activity.

Question 13

make-to-order

Answer 13

The strategy of producing customized products and services.

Question 14

management information systems (also information systems)

Answer 14

The planning, development, management, and use of information technology tools to help people perform all tasks related to information processing and management.

Question 15

mass customization

Answer 15

A production process in which items are produced in large quantities but are customized to fit the desires of each customer.

Question 16

organizational social responsibility (also individual social responsibility)

Answer 16

Efforts by organizations to solve various social problems.

Question 17

Differentiate among data, information, and knowledge.

Answer 17

Data items refer to an elementary description of things, events, activities, and transactions that are recorded, classified, and stored, but not organized to convey any specific meaning. Information is data that have been organized so that they have meaning and value to the recipient. Knowledge consists of data and/or information that have been organized and processed to convey understanding, experience, accumulated learning, and expertise as they apply to a current business problem.

Question 18

Describe business processes and discuss business process management.

Answer 18

A business process is a collection of related activities that produce a product or a service of value to the organization, its business partners, and/or its customers. A process has inputs and outputs, and its activities can be measured. Many processes cross functional areas in an organization, such as product development, which involves design, engineering, manufacturing, marketing, and distribution. Other processes involve only one functional area.
To a great degree, the performance of an organization depends on how well it manages its business processes. As a result, organizations emphasize business process management (BPM), which is a management technique that includes methods and tools to support the design, analysis, implementation, management, and optimization of business processes.

Question 19

A business process is a collection of related activities that produce a product or a service of value to the organization, its business partners, and/or its customers. A process has inputs and outputs, and its activities can be measured. Many processes cross functional areas in an organization, such as product development, which involves design, engineering, manufacturing, marketing, and distribution. Other processes involve only one functional area.
To a great degree, the performance of an organization depends on how well it manages its business processes. As a result, organizations emphasize business process management (BPM), which is a management technique that includes methods and tools to support the design, analysis, implementation, management, and optimization of business processes.

Answer 19

An organization’s information technology architecture is a high-level map or plan of the information assets in an organization. The IT architecture integrates the information requirements of the overall organization and all individual users, the IT infrastructure, and all applications. An organization’s information technology infrastructure consists of the physical facilities, IT components, IT services, and IT management that support the entire organization.

Question 20

Describe the global, Web-based platform and its relationship to today’s business environment.

Answer 20

The global, Web-based platform consists of the hardware, software, and communications technologies that comprise the Internet and the functionality of the World Wide Web. This platform enables individuals to connect, compute, communicate, compete, and collaborate everywhere and anywhere, anytime and all the time, and to access limitless amounts of information, services, and entertainment. This platform operates without regard to geography, time, distance, or even language barriers. The Web-based platform has created today’s business environment, which is global, massively interconnected, intensely competitive, 24/7/365, real-time, rapidly changing, and information-intensive.

Question 21

Types of Information Systems

Answer 21

(CBIS) use computer technology to perform some or all of their tasks and are composed of:
•A Network
•Procedures
•People
•Hardware
•Software
•A Database

Question 22

Capabilities of Information Systems

Answer 22

Perform high-speed, high-volume numerical computations
Provide fast, accurate communication and collaboration within and among organizations
Store huge amounts of information in small space
Allow quick, inexpensive access to vast amounts of information worldwide
Interpret vast amounts of data quickly and efficiently
Increase effectiveness and efficiency of people working in groups in one place or around the world
Automate semiautomatic business process and manual tasks

Question 23

Application Programs

Answer 23

An application program is a computer program designed to support a specific task, a business process or another application program.

Question 24

Breadth of Support of Information Systems

Answer 24

Functional area information systems
Enterprise resource planning systems
Transaction processing systems
Interorganizational information systems

Question 25

Information Systems Support for Organization Employees

Answer 25

Office automation systems
Functional area information systems
Business intelligence systems
Expert Systems
Dashboards

Question 26

Porter’s Competitive Forces Model

Answer 26

The best-known framework for analyzing competitiveness is Michael Porter’s competitive forces model (Porter, 1985). (Slide 70 Week 1)

Question 27

Strategies for Competitive Advantage

Answer 27

Cost Leadership
Differentiation
Innovation
Operational Effectiveness
Customer-orientation

Question 28

Why are Information Systems Important to Organizations & Society

Answer 28

IT will reduce the number of middle managers.
IT will change the manager’s job.
IT impacts employees at work.
IT provides quality-of-life improvements.

Question 29

New (Consultative) IS Functions

Answer 29

Initiating and designing strategic information systems
Incorporating the Internet and e-commerce into the business
Managing system integration
Educating non-IS managers about IT
Educating IS staff about the business
Supporting end-user computing
Partnering with executives
Managing outsourcing
Innovate
Ally with vendors and IS departments in other organizations (Traditional slide 80, Week 1)

Question 30

Privacy

Answer 30

Court decisions have followed two rules:
(1) The right of privacy is not absolute.
Your privacy must be balanced against the
needs of society.
(2) The public’s right to know is superior to
the individual’s right of privacy.

Question 31

Factors Increasing the Threats to Information Security (continued)

Answer 31

International organized crime turning to cybercrime
Downstream liability
Increased employee use of unmanaged devices
Lack of management support
Decreasing Skill Necessary to be a Hacker

Question 32

Key Information Security Terms

Answer 32

Threat
Exposure
Vulnerability
Risk
Information system controls

Question 33

Categories of Threats to Information Systems

Answer 33

Unintentional acts
Natural disasters
Technical failures
Management failures
Deliberate acts

Question 34

Unintentional Acts

Answer 34

Human errors
Deviations in quality of service by service providers (e.g., utilities)
Environmental hazards (e.g., dirt, dust, humidity)

Question 35

Human Errors

Answer 35

Tailgating
Shoulder surfing
Carelessness with laptops and portable computing devices
Opening questionable e-mails
Careless Internet surfing
Poor password selection and use
And more

Question 36

Most dangerous employees

Answer 36

Human resources and MIS - Remember, these employees hold ALL the information

Question 37

Deliberate Acts (continued)

Answer 37

Software attacks
–Virus
–Worm
•1988: first widespread worm, created by Robert T. Morris, Jr.
•(see the rapid spread of the Slammer worm)
–Trojan horse
–Logic Bomb
Phishing attacks
•Phishing slideshow
•Phishing quiz
•Phishing example
•Phishing example
–Distributed denial-of-service attacks
•See botnet
Alien Software
–Spyware (see video)
–Spamware
–Cookies
--Keystroke Logger
--Supervisory control and data acquisition (SCADA) attacks

Question 38

Communication or Network Controls

Answer 38

Firewalls
Anti-malware systems
Whitelisting and Blacklisting
Intrusion detection systems
Encryption
Virtual private networking
Secure Socket Layer (now transport layer security)
Vulnerability management systems
Employee monitoring systems

Question 39

Describe the components of computer-based information systems.

Answer 39

A computer-based information system (CBIS) is an information system that uses computer
technology to perform some or all of its intended tasks. The basic components of a CBIS are
hardware, software, database(s), telecommunications networks, procedures, and people. Hardware
is a set of devices that accept data and information, process them, and display them.
Software is a set of programs that enable the hardware to process data. A database is a collection
of related files, tables, relations, and so on, that stores data and the associations among
them. A network is a connecting system (wireline or wireless) that permits different computers
to share resources. Procedures are the set of instructions about how to combine the above
components in order to process information and generate the desired output. People are the
individuals who work with the information system, interface with it, or use its output.

Question 40

Describe the various types of information systems by breadth of support.

Answer 40

The departmental information systems, also known as functional area information systems,
each support a particular functional area in the organization. Two information systems support
the entire organization: enterprise resource planning (ERP) systems and transaction
processing systems (TPSs). ERP systems tightly integrate the functional area IS via a common
database, enhancing communications among the functional areas of an organization.
A TPS supports the monitoring, collection, storage, and processing of data from the organization’s
basic business transactions. Information systems that connect two or more organizations
are referred to as interorganizational information systems (IOSs). IOSs support
many interorganizational operations; supply chain management is the best known. Electronic
commerce systems enable organizations to conduct business-to-business (B2B) and
business-to-consumer (B2C) electronic commerce. They are generally Internet-based.

Question 41

Identify the major information systems that support each organizational level.

Answer 41

At the clerical level, employees are supported by office automation systems and functional
area information systems. At the operational level, managers are supported by office
automation systems, functional area information systems, decision support systems, and
business intelligence systems. At the managerial level, functional area information systems
provide the major support. Middle managers are also supported by office automation systems,
decision support systems, and business intelligence systems. At the knowledgeworker
level, expert systems, decision support systems, and business intelligence systems
provide support. Executives are supported primarily by dashboards.

Question 42

Describe strategic information systems (SISs) and explain their advantages.

Answer 42

Strategic information systems support or shape a business unit’s competitive strategy. An
SIS can significantly change the manner in which business is conducted to help the firm
gain a competitive advantage or reduce a competitive disadvantage.

Question 43

Describe Porter’s competitive forces model and his value chain model and explain
how IT helps companies improve their competitive positions.

Answer 43

competitiveness. It identifies five major forces that can endanger a company’s position in
a given industry: (1) the threat of new competitors entering the market, (2) the bargaining
power of suppliers, (3) the bargaining power of customers (buyers), (4) the threat of substitute
products or services, and (5) the rivalries among existing firms in the industry.
Although the Porter competitive forces model is useful for identifying general strategies,
organizations use his value chain model to identify specific activities which can use competitive
strategies for greatest impact. The value chain model also shows points at which an
organization can use information technology to achieve competitive advantage.
According to Porter’s value chain model, the activities conducted in any organization
can be divided into two categories: primary activities and support activities. The primary
activities are those business activities that relate to the production and distribution
of the firm’s products and services. The primary activities are buttressed by support activities.
Unlike primary activities, support activities do not add value directly to the firm’s products
or services. Rather, as their name suggests, they contribute to the firm’s competitive
advantage by supporting the primary activities.
The Internet has changed the nature of competition. Porter concludes that the overall
impact of the Internet is to increase competition, which has a negative impact on profitability. competitiveness. It identifies five major forces that can endanger a company’s position in
a given industry: (1) the threat of new competitors entering the market, (2) the bargaining
power of suppliers, (3) the bargaining power of customers (buyers), (4) the threat of substitute
products or services, and (5) the rivalries among existing firms in the industry.
Although the Porter competitive forces model is useful for identifying general strategies,
organizations use his value chain model to identify specific activities which can use competitive
strategies for greatest impact. The value chain model also shows points at which an
organization can use information technology to achieve competitive advantage.
According to Porter’s value chain model, the activities conducted in any organization
can be divided into two categories: primary activities and support activities. The primary
activities are those business activities that relate to the production and distribution
of the firm’s products and services. The primary activities are buttressed by support activities.
Unlike primary activities, support activities do not add value directly to the firm’s products
or services. Rather, as their name suggests, they contribute to the firm’s competitive
advantage by supporting the primary activities.
The Internet has changed the nature of competition. Porter concludes that the overall
impact of the Internet is to increase competition, which has a negative impact on profitability.

Question 44

Describe five strategies that companies can use to achieve competitive advantage
in their industries.

Answer 44

The five strategies are as follows: (1) cost leadership strategy—produce products and/or
services at the lowest cost in the industry; (2) differentiation strategy—offer different products,
services, or product features; (3) innovation strategy—introduce new products and
services, put new features in existing products and services, or develop new ways to produce
them; (4) operational effectiveness strategy—improve the manner in which internal
business processes are executed so that a firm performs similar activities better than rivals;
and (5) customer orientation strategy—concentrate on making customers happy.

Question 45

Describe how information resources are managed and discuss the roles of the
information systems department and the end users.

Answer 45

The responsibility for managing information resources is divided between two organizational
entities: the information systems department (ISD), which is a corporate entity, and
the end users, who are located throughout the organization. Generally speaking, the ISD
is responsible for corporate-level and shared resources whereas the end users are responsible
for departmental resources

Question 46

application program (also called program)

Answer 46

A computer
program designed to support a specific task or
business process.

Question 47

business intelligence (BI) systems

Answer 47

Information systems
that provide computer-based support for complex,
non-routine decisions, primarily for middle managers
and knowledge workers.

Question 48

competitive forces model

Answer 48

A business framework
devised by Michael Porter that analyzes competitiveness
by recognizing five major forces that could endanger a
company’s position.

Question 49

computer-based information system (CBIS)

Answer 49

An information
system that uses computer technology to perform
some or all of its intended tasks.

Question 50

dashboards (also called digital dashboards)

Answer 50

Information
systems that support all managers of the organization
by providing rapid access to timely information and direct
access to structured information in the form of reports.

Question 51

entry barrier

Answer 51

Product or service feature that customers
expect from organizations in a certain industry; an
organization trying to enter this market must provide
this product or service at a minimum to be able to
compete.

Question 52

expert systems (ES)

Answer 52

Information systems that attempt
to duplicate the work of human experts by applying reasoning
capabilities, knowledge, and expertise within a
specific domain.

Question 53

information system (IS)

Answer 53

A process that collects,
processes, stores, analyzes, and disseminates information
for a specific purpose; most ISs are computerized.

Question 54

software

Answer 54

A set of programs that enables the hardware

to process data.

Question 55

strategic information systems (SISs)

Answer 55

Systems that help
an organization gain a competitive advantage by supporting
its strategic goals and/or increasing performance
and productivity.

Question 56

supply chain

Answer 56

The flow of materials, information,
money, and services from raw material suppliers
through factories and warehouses to the end customers.

Question 57

support activities

Answer 57

Business activities that do not add
value directly to a firm’s product or service under consideration
but support the primary activities that do add value.

Question 58

transaction processing system (TPS)

Answer 58

An information
system that supports the monitoring, collection, storage,
processing, and dissemination of data from the organization’s
basic business transactions.

Question 59

value chain model

Answer 59

Model that shows the primary activities
that sequentially add value to the profit margin; also
shows the support activities.

Question 60

value system

Answer 60

Includes the producers, suppliers, distributors,

and buyers, all with their value chains.

Question 61

virtual private network (VPN)

Answer 61

A private network that
uses a public network (usually the Internet) to securely
connect users by using encryption.

Question 62

secure socket layer (SSL) (see transport layer security)

Answer 62

An encryption standard used for secure transactions

such as credit card purchases and online banking.

Question 63

whitelisting

Answer 63

A process in which a company identifies
acceptable software and permits it to run, and either prevents
anything else from running or lets new software
run in a quarantined environment until the company
can verify its validity.

Question 64

tunneling

Answer 64

A process that encrypts each data packet to
be sent and places each encrypted packet inside another
packet.

Question 65

zero-day attack

Answer 65

An attack that takes advantage of a
newly discovered, previously unknown vulnerability in
a particular software product; perpetrators attack the
vulnerability before the software vendor can prepare a
patch for it or sometimes before the vendor is even aware
of the vulnerability.

Question 66

digital dossier

Answer 66

An electronic description of a user and

his habits.

Question 67

denial-of-service attack

Answer 67

A cyber-attack in which an
attacker sends a flood of data packets to the target computer
with the aim of overloading its resources

Question 68

brute force attack

Answer 68

Attacks that use massive computing
resources to try every possible combination of password
options to uncover a password.

Question 69

Describe the major ethical issues related to information technology and identify
situations in which they occur.

Answer 69

The major ethical issues related to IT are privacy, accuracy, property (including intellectual
property), and accessibility to information. Privacy may be violated when data are held in
databases or transmitted over networks. Privacy policies that address issues of data collection,
data accuracy, and data confidentiality can help organizations avoid legal problems.
Intellectual property is the intangible property created by individuals or corporations
that is protected under trade secret, patent, and copyright laws. The most common intellectual
property concerns related to IT deals with software. Copying software without paying
the owner is a copyright violation, and it is a major problem for software vendors

Question 70

Identify the many threats to information security.

Answer 70

There are numerous threats to information security, which fall into the general categories
of unintentional and intentional. Unintentional threats include human errors, environmental
hazards, and computer system failures. Intentional threats include espionage, extortion,
vandalism, theft, software attacks, and compromises to intellectual property. Software
attacks include viruses, worms, Trojan horses, logic bombs, back doors, denial–of–service,
alien software, phishing, and pharming. A growing threat is cyber-crime, which includes
identity theft and phishing attacks.

Question 71

Understand the various defense mechanisms used to protect information systems.

Answer 71

Information systems are protected with a wide variety of controls such as security procedures,
physical guards, and detection software. These can be classified as controls used
for prevention, deterrence, detection, damage control, recovery, and correction of information
systems. The major types of general controls include physical controls, access controls,
administrative controls, and communications controls. Application controls include
input, processing, and output controls.

Question 72

Explain IT auditing and planning for disaster recovery.

Answer 72

Information systems auditing is done in a similar manner to accounting/finance auditing—
around, through, and with the computer. A detailed internal and external IT audit may
involve hundreds of issues and can be supported by both software and checklists. Related
to IT auditing is preparation for disaster recovery, which specifically addresses how to
avoid, plan for, and quickly recover from a disaster.