Final Flashcards
business process
a series of logically related business activities or tasks that accomplish a specific business goal
- a collection (flow) of related (linked or structured) activities, resources, or information
business process reengineering
organization’s activities that do not add value should be removed not accelerated through automation
Seven principles of Business Process Reengineering
- organize around outcomes not tasks
- link parallel activities in the workflow instead of just integrating their results
- put the decision point where the work is performed and build control of the process
- treat geographically dispersed resources as though they were centralized
- integrate information processing work into the real work that produces the info
- capture info once and at the source
- identify all the organizations processes and prioritize them in order of redesign urgency
Problem Solving Process
- recognize the problem or question
- review previous findings
- model the situation and select the variables
- collect the data
- analyze the data
- present and act on findings
what do critics of BPR say
- bpr is too expensive
- bpr is a way to dehumanize the work place, increase managerial control and justify downsizing
unified modeling language (uml)
a standard set of diagramming techniques (visual language) for object oriented systems
-the object management group (omg) accepted UML as the standard for all object developers in 1997
structure diagram
class, object, package, deployment, component, composite structure
Behaviour Diagram
activity, sequence, communication, interaction overview, timing, use-case
example of cross industry innovations
the restaurant with the suitcase belt
the egg casing for wine bottles
Does innovation have to be new technology?
no, just have to use technology in a new way
a new innovative way to benefit the consumer
focus of innovation
performance improvement
sustaining innovation
maintains or rejuvinates the current rate of performance improvements of the products and services that use them
-facilitates replacement of previous generation
disruptive innovation
- different set of attributes than the current technology
- initially not as good as current performance
- performance improvement rate (slope) is higher then the rate demanded by the market
characteristics of disruptive innovation
- disruptive technology must MEET MARKET NEEDS ON CRITICAL PERFORMANCE dimensions in time
- NOVEL ATTRIBUTES of the disruptive technology may become a source of positive differentiation
- many disruptive innovations come from outside the established industry
- continued attention towards the most aggressive customers needs induces
what is innovation
- enabled by and dependent upon the CONNECTION OF STRATEGY, PROCESS, STRUCTURE AND CAPABILITY
- innovative enterprises achieve stronger growth and success
- enterprises that gain market share and increasing profitability are those that are innovative
- a critical enabler or significant barrier to an organizations ability to innovate remain its culture
4 ways in creating space for innovation
- connections: give people dedicated time, forums and physical space to make connections with people from across the organization
- ownership: establish processes and feedback loops that encourage people to contribute ideas
- confidence: people will dedicate time, energy, creativity, sweat if they believe that what they are doing will come to fuitition
- management examples: truly innovative cultures start at the top and get dramatically accelerated and amplified by middle managment
steps in preventing project failure
- Feasibility
- assumptions
- implementation
- testing
- evaluation
4 types of feasibility studies
- technical feasibility
- organizational feasibility
- economic feasibility
- schedule feasibility
technical feasibility
- familiarity with technology (can we use the technology to develop or modify it)
- project size
- compatibility
economic feasibility
- benefits
- development costs
- operating costs
- intangible costs
- cost benefit analysis
organizational (operational) feasibility
- strategic alignment
- senior management support
- project champion(s) support (head of department using it)
- users
- other stakeholders
- project needs support from all these people
schedule feasibility
- time constraint: project needs to be done by a certain time
- factors that affect schedule feasibility
- risks
the 3 dimensions achieved to create the quality that meets the expectation of all stakeholders in project management
- time
- cost
- scope
project charter
a document issued by the project initiator or sponsor that formally authorizes the existence of a project
what does a project charter contain?
- project scope (tech, feasibility)
- project objectives (cost benefit analysis)
- project constraints (time constraints, economic feasibility)
- project assumptions
project scope
set by defining the work that must be completed to deliver a product with specific features and functions -smart criteria Specific Measurable Agreed upon Realistic Time bound
project manager
- job is to manage people
- needs to talk to everyone so they have the same view
key focus points for project manager
communication and people managment that leads to change management
types of system development projects
- waterfall
- iterative
- agile
- incremental
waterfall model
-sequential design process used in software development in which progress is seen flowing steadily downwards (like a waterfall) through the phases of conception, initiation, analysis, design, construction, testing, production and maintenance.
phase by phase:
- analysis
- design
- Coding
- Testing
Iterative Model
for a small set of functionality analysis and design will be completed first before preceding to coding and testing within same iteration
- ex. analysis and design must be completed and then coding and testing
- all seperate pieces and development models
Agile Model
- Analysis, design, code, testing and delivery of small functional pieces in iterations with short duration
- move to second module only when the first module is finished
ways to convert old to new systems
- parallel
- pilot
3.phased - plunge
(the diagrams are in notebook)
avoidance attitude toward usage (change management)
ill use it when im forced to
acceptance attitude of usage (change managment)
just tell me what to do and ill do it
Enthusiasm attitude toward usage (change management)
this is neat! ive got some thoughts for other uses of this and how to make it even better
technology acceptance model
- perceived usefulness and perceived ease of use
- intention to use
- actual use
web 2.0
- brings multi way communication
- its active
- people participate
- community/interest-centric
semantic web (3.0)
- based on your search history, what your search engine knows about you, the search will give you a certain answer - customizes search for best personal fit
- face recognition
mash ups
a web application or website that uses content/service from more than one source
social media
- the media designed to be shared
- open to anybody to post and posts are meant to be shared
- social media in web 2.0 opens places for people to post to public and share with everyone
web generated contents
users are now publishers aswell there is no value without users
-the value is zero with no place to post
what websites encompass all publishing, sharing, discussing, and networking
facebook and twitter
Do you have privacy with social media?
no
what does PIPEDA stand for
personal information protection and electronic documents act
10 principles of PIPEDA
- accountability
- identifying process
- consent
- limiting collection
- limiting use, disclosure, and retention
- accuracy
- safeguards
- openness
- individual access
- challenging compliance
what does PIPEDA do?
its a canadian law relating to data privacy
-it governs how private sector organizations collect, use, and disclose personal information in the course of commercial business
Internet Security
- in the early stage, security was not a significant issue
- only few experts were allowed (or able to) use computers
- physical controls were needed to limit access to authorized personnel
how has the internet changed computer security
by bringing millions of computer networks into communication with eachother - and many of them are unsecure
- ability to secure each computer now influenced by the security on every computer to which it is connected - weakest link
how did computer security evolve
from physical security into complex, multi-facilitated environment called into security
information security
the protection of information and its critical elements that use store and transmit information
elements of information security
- software - application and operating system
- hardware
- people
- data
- procedures
security process ( what a successful process has)
- people (executing)
- policy: guidelines and direction
- technology: the tools and materials
social engineering
tricking people into revealing their passwords by pretending to be legitimate users or members of a company in need of info
Encryption
1. Sender (encrypt with a public key) 2. scrambled message (decrypt with private key) 3.recipient
what does Encryption do
- protects data from people with unauthorized access to computer
- protect data in transit
- deter and detect changes to data
- authenticate the author of the data
what does Encryption not do
- prevent deletion of data
- be a complete defence
- attacker gets keys or modifies encryption
- be completely secure
- attacker may find weakness in encryption
- protect files before encryption
Corporate governance
the system of rules, practices, and processes by which a company is directed and controlled corporate governance essentially involves balancing the interests of many stakeholders in the company - these include its shareholders, management, customers, suppliers, financiers, government and the community
Cobit 4.0,4.1 it governance focus area
- strategic allignment
- value delivery
- resource management
- risk management
- performance measurement
5 principles of Cobit 5.0
- meeting stakeholders needs
- governance is about negotiating and deciding amongst different stakeholders values and interest
- Covering the enterprise end to end
- integrates governance of enterprise IT into enterprise governance
- applying a single integrated framework
- Cobit 5 aligns with the latest relevent other standards and framworks used by enterprises
- enabling a holistic approach
- separating governance from management
Sarbanes Oxley
- as a reaction to high profile corporate fraud case (Enron and world com)
- drafted by us Senator Paul Sarbanes
Section 404 of Sarbanes Oxley states
- the responsibility of management for establishing and maintaining an adequate internal control structure and procedures for financial reporting
- contain an assessment (yearly) of the effectiveness of the internal control structure and procedures of the issuer for financial reporting
- includes documentation of control procedures related to it
- the most expensive and time consuming section
operational risk
the risk of loss resulting from inadequate or failed internal processes, people, and systems or from external events (basel 2)
basel 3
- an international regulatory framework for banks
- comprehensive set of reform measures, developed by the basel committee on banking supervision and risk management of the banking sector
- compared to basel 2 with its major focus on operational risk, the basel 3 requirements cover a wider range of topic areas including the banks capital, liquidity, and risk management
3 approaches to funding IS
- chargeback
- allocation
- showback
charge back
- the direct billing of IS resources and services to the function or department that uses them
- grounded in the pay-per-use principle
- charge back mechanisms are perceived as fair by the organization
- they create accountability for both users and the IS function
allocation
- based on fairly stable indicators such as size, revenues, and number of users
- seeks to strike a balance between pay-per-use fairness and the high cost of the chargeback method
- the allocation approach creates more predictable department expenses
show back
- an it department does not preform any chargeback
- however, it sends dummy invoices that each function or department would end up paying if chargeback was in place
- internal control of IT expenses
outsourcing
- used as a means of funding information systems operated by engaging outside providers
- the process of acquiring products or services that used to be created internally by the organization from an outside provider
- information systems outsourcing is the process of contracting with an outside firm to obtain information systems services
outsourcing drivers
- improving strategic focus
- access to superior talent
- reducing cost
- financial appeal
risks of outsourcing
- deceptive role of is a
- the outsourcing paradox
- hidden coordination costs
- changing requirements
offshoring
process of engaging a foreign provider to supply the products or services the firms no longer intend to produce internally
