exam 2 Flashcards
traditional file systems
stores groups of records used by a particular software application together
problems with traditional file systems
inability to share data,
inadequate security,
allows data duplication (redundancy)
database
a set of logically related stored data in a shared repository
database management system (DBMS)
program that creates, processes, and administers databases
the four DBMS operations
read, insert, modify, delete
how do database applications make databases more useful?
forms, reporting, queries, application programs
hierarchy of data elements
bytes - fields - records - tables - databases
bytes grouped into…
columns/fields
columns grouped into…
rows/records
rows grouped into…
tables/files
metadata
data that describes data, makes databases more useful and easier to use
the three relationships among records
primary keys, foreign keys, relational databases
primary keys
column(s) that identify UNIQUE rows in a table
foreign keys
when primary keys exist in another table (NOT unique here)
relational databases
databases using tables, keys, and foreign keys
three functions of DBMS
- creating the database & structure
- processing the database
- administering the database
business process
network of activities that generate value by transforming inputs into outputs
structured business processes
very formal, standardized process, usually in day-to-day operations
examples structured business processes
customer returns, order entry, purchasing, payroll
dynamic business processes
informal, flexible, adaptive, involves strategic/less structured managerial decisions and activities
examples of dynamic business processes
collaboration; social networking; ill-defined, ambiguous situations
common workgroup processes
exist to enable workgroups to fulfill the goals or purposes of their department
examples of workgroups
sales & marketing, operations, manufacturing, customer service, etc.
three variations of scope
workgroup (smallest),
enterprise,
inter-enterprise (largest)
work groups
10-100 individuals, formalized procedures, change is difficult
enterprise
100-1000 users, spans a whole organization, very formal, highly documented, formal training
inter-enterprise
1000+ users, mandatory training, formalized procedures
two ways to improve process quality
efficiency and effectiveness
process efficiency
measure of the ratio of outputs into inputs
process effectiveness
measure of how well a process achieves organizational strategy
information silo
when data is isolated in separate info systems
problems of information silos
data duplicated, data inconsistency, disjointed processes, inefficient, increased cost
business process reengineering (BPR)
altering and designing business processes to take advantage of new info. systems
three major enterprise applications
CRM,
ERP,
EAI
what does CRM stand for?
customer relationship management
CRM
manage all interactions with customer through four phases of the customer life cycle
four phases of the customer life cycle
- marketing
- customer acquisition
- relationship management
- loss/churn
what does ERP stand for?
enterprise relationship planning systems
ERP
a suite of applications (modules), a database, and a set of inherent processes for consolidating business operations into a single, consistent, computing platform
what is the primary purpose for ERP?
integration, allows real-time updates
what does EAI stand for?
enterprise application integration
EAI
a suite of software applications that integrates EXISTING systems by providing layers of software that connect applications - enables gradual move to ERP
five challenges when implementing enterprise systems
- collaborative management
- identifying requirement gaps
- transition problems
- employee resistance
- new technology
what is systems development?
the process of creating and maintaining info. systems - involves 5 components of the IS model
five components of the IS model
hardware, software, data, procedures, people
five requirements of IS developemt
- establishing system goals
- setting up the project
- determining requirements
- business knowledge and management skill
- coordinated teamwork of both specialists and non-specialists w/ business knowledge
risks of system development
many projects never finished,
over budget,
won’t accomplish goals,
high risk of failure
challenges of systems development
determining requirements,
changes in requirements,
schedules & budgeting,
changing technology,
diseconomies of scale
Brook’s Law
adding more people to a late project makes the project later
five phases of the systems development life cycle (SDLC)
- system definition
- requirements analysis
- component design
- implementation
- system maintenance
system definition phase of SDLC
first phase - define system goals and scope,
assess feasibility (cost, schedule, technical)
requirements analysis phase of SDLC
second phase - most important & difficult,
determine functions and features needed
component design phase of SDLC
third phase -
determine hardware/software specifications,
design database, procedures, and job definitions
implementation phase of SDLC
fourth phase -
four approaches to conversion (4 Ps),
build, test, conduct, and convert
four ways of implementing an IS (4 Ps)
pilot, phased, parallel, plunge
maintenance phase of SDLC
fifth phase -
failure or enhancements
problems with SDLC
difficulty documenting requirements, analysis paralysis, scheduling and budgeting difficulties, long projects
elements of IS security
threat, vulnerability, safeguard, target
threat
person/org. seeking to obtain data/other assets illegally, without owner’s permission or knowledge
vulnerability
approach for threats to gain access to individual or organizational assets
safeguard
measures to block threat from obtaining asset
three sources of threats
- human error (accidental, mistakes)
- computer crime (hackers, viruses, worms)
- natural disasters (fires, floods, etc.)
five types of security loss
- unauthorized data disclosure (pretexting, phishing, spoofing)
- incorrect data modification
- faulty service
- denial of service
- loss of infrastructure
goal of info. systems security
find appropriate trade-off between risk of loss and cost of implementing safeguards
personal security safeguards
take security seriously, strong/updated passwords, use trusted vendors, clear browsing history
organizational security safeguards
technical,
data,
human,
in-house staff,
nonemployee personnel
what components of IS are in technical safeguards
hardware and software
technical safeguards
- identification and authentication
- encryption
- firewalls
- malware protection
malware
file or code, typically delivered over a network, that infects, explores, steals, or conducts any behavior an attacker wants
spyware
software that gathers information about a user, without their knowledge, and sends it to another party
adware
software that automatically displays or downloads advertising material
what components of IS are in data safeguards
data
data safeguards
define data policies, data rights & responsibilities, authentication, backup & recovery procedures, physical security
what components of IS are in human safeguards
procedures and people
human safeguards for employees
position definition,
hiring and screening,
dissemination and enforcement,
termination
human safeguards for nonemployees
appropriate screening and security training,
specify security responsibilities in contract
