Chapter 11: Structure, Governance, and Ethics Flashcards
IT Services or Information Systems Services
The department of people who provide tech support to a organization
chief information officer (CIO)
Title of the principal manager of the IT department.
AKA: Vice president of information services, director of information services, director of computer services
chief technology officer (CTO)
Heads the technology group.
The CTO sorts through new ideas and products to identify those that are most relevant to the organization. The CTO’s job requires deep knowledge of information technology and the ability to envision how new IT will affect the organization over time.
operations
manages the computing infrastructure, including individual computers, computer centres, networks, and communications media
An important function of this group is to monitor user experience and respond to user concerns or problems.
development
manages projects that acquire new information systems and maintains existing information systems.
Business analysts
Analysts who develop the business case for a newly proposed system and develop the requirements for the system
System analysts
Information systems professionals who understand both business and technology They are active throughout the systems development process and play a key role in moving the project from conception to conversion and, ultimately, maintenance
outsourcing relations
This group exists in organizations that have negotiated outsourcing agreements with other companies to provide equipment, applications, or other services
data administration staff
The purpose of this group is to protect data and information assets by establishing data standards and data management practices and policies.
competitive strategy
Strategy a organization chooses as the way it will succeed in its industry. According to Michael Porter, there are four fundamental competitive strategies
1) Cost leadership across an industry or within a particular industry
2) Product differentiation across an industry or within a particular industry segment
Organizational Strategy and Information Systems
Industry structure, competitive strategy, value chains, business processes, information systems
IT architecture
the basic framework for all the computers, systems, and information management that support organizational services. Like a city plan, an IT architecture is complex, and that complexity is increasing as more services are supported and different technologies are used.
enterprise architect
Manages the company’s complex information
Zachman framework
The framework divides systems into two dimensions: One is based on six reasons for communication (what—data, how—function, where—network, who—people, when—time, why—motivation),
and the other is based on stakeholder groups (planner, owner, designer, builder, implementer, and worker).
alignment
The process of matching organizational objectives with IT architecture
Viewed as an ‘ongoing’ process
Another definition standpoint: the degree to which the IT department’s missions, objectives, and plans overlapped with the overall business missions, objectives, and plans
governance
the development of consistent, cohesive management policies and verifiable internal processes for information technology and related services.
Using a committee to decide on expectations for performance, to authorize appropriate resources and power to meet expectations, verify whether expectations have been met
The goal of information systems governance
is to improve the benefits of an organization’s IT investment over time
Information systems governance is a piece of organizational governance that is associated with IT architecture
The increasing interest in information systems governance is the result of laws, such as the Sarbanes-Oxley Act (SOX) in the United States and the Budget Measures Act (Bill 198) in Ontario. These laws force companies to comply with governance standards for collecting, reporting, and disclosing information.
The Sarbanes-Oxley Act (SOX)
The SOX of 2002 governs the reporting requirements of publicly held companies. SOX was enacted to prevent corporate frauds, such as those perpetrated by WorldCom
Bill 198.
In 2003 Ontario introduced similar legislation in the form of Bill 198. Its regulations increase the level of responsibility and accountability of executive management of publicly held Canadian companies traded on the Toronto Stock Exchange in a fashion similar to that described in SOX
A financial audit
defined as an examination and verification of a company’s financial and accounting records and supporting documents by an accredited professional.
information systems audit
An audit where the focus is placed on information resources that are used to collect, store, process, and retrieve information
Information Systems Audit and Control Association (ISACA)
an organization that was formed in 1969 by a group of individuals who were in charge of auditing controls for newly developed computer systems
has become a leader in developing knowledge and standards relating to IT audit and IT governance.
Certified Information Systems Auditor (CISA) certification
Members have job titles such as information systems auditor, consultant, information systems security professional, regulator, chief information officer, and internal auditor.
Control Objectives for Information and Related Technology (COBIT)
COBIT is a framework of best practices designed for IT management. This framework provides board members, managers, auditors, and IT users with a set of generally accepted measures, indicators, processes, and best practices to assist them in getting the best from their organizational IT investments.
Why Should You Care About Information Systems Governance and Information Systems Audits?
The increased need to report and disclose information systems operational information will require employees at all levels of an organization to become more familiar with the issues facing IT management
information systems ethics
Concern for the people whose lives can be affected by our actions
It is important to note that information systems ethics is not about hardware or software but, rather, about
the people involved in the system.
Green IT, or green computing
Using information technology resources to better support the triple bottom line for organizations
Triple bottom line
A concept that expands the notion of traditional financial reports, which are based solely on financial performance to take into account the ecological and social performance
There are many elements of Green IT, but its primary goals are to
improve energy efficiency, promote recyclability, and reduce the use of materials that are hazardous to the environment.
ENERGY STAR
International government - industry partnership that is intended to produce equipment and meets high-energy efficiency specification or promotes the use of such equipment
e-cycling
the recycling of electronic computing devices
e-Waste
Electronic garbage
For most technical positions, knowledge of (a) ___________________ specialty can really add to marketability.
BUSINESS
Business, including information systems, is a __________________ skill.
SOCIAL SKILL
Moving downward in the Zachman framework provides higher levels of ____________.
Detail
In an ideal world, the information systems that a company uses would support the _____________ of the company.
Strategy
The challenge in developing systems that effectively support business objectives includes ______________________.
a required understanding of organizational strategy and the technological architecture underlying information systems
Communication between _________________ and _______________ executives is the most important indicator of alignment.
business; IT
Alignment depends on __________________________________________.
business goals, organizational context, and the state of IT architecture
IS governance is primarily associated with ___________________.
improving the benefits of an organization’s IT investment over time
Why should business professionals care about IS governance?
It is required by law.
The focus of a(n) ________ is placed on the information resources that are used to collect, store, process, and retrieve information.
information systems audit
In terms of ethics, advances in information technology bring about new ________ for an organization.
Choices
If all computers sold in the USA met ENERGY STAR requirements, the energy savings would be more than ____________________ per year.
$2 billion
Part of Green IT means using IT to support (the) ________________________.
Triple bottom line
E-cycling should be considered in a company’s information systems’ ________ procedures.
Auditing
The triple bottom line includes _________________________.
.
financial, social, and ecological performance
The entire ICT sector is looking for people who can bridge the knowledge gap between _____________________ and ____________________.
computer technicians; business system users
The Canadian legislation that is similar to the Sarbanes-Oxley Act in the United States is the ________________________.
Budget Measures Act
What is the role of the ISACA?
Developing knowledge and standards relating to IT audits and IT governance
