Final Exam Prep Flashcards
What is organizational strategy?
- Planned approach an organization takes to achieve its goals and mission statement.
- IT is used in operationalizing the organizational strategy.
What is competitive advantage?
Advantage over competitors in some measure (quality, cost, speed) that ensures that an organization can survive. It creates control over market and profit generation.
What is a business process?
Collection of related activities that together, produce a product/service of value to the organization, its business partners, and its internal/external customers.
What are the three elements of business processes?
- Inputs: Materials, services, information that flows and is transformed during business process activities.
- Resources: People, equipment that allow the processes to take place.
- Outputs: Products and services created by the processes.
What do business processes balance?
Effectiveness - Achieving the desired outcome and creating outputs of value
Efficiency - Doing things without wasting resources
What are cross-functional processes?
Processes where multiple organizational areas work together to produce a single output. The processes are coordinated and collaborative.
Give examples of cross-functional processes.
- Procurement
- Fulfillment`
What is the role of IS in business processes?
- Executing the process: Informing employees, providing data, producing tools to complete the task.
- Capturing and storing process data, giving ‘real-time feedback’.
- Monitoring the process performance.
What characterizes an excellent business process?
- Customer satisfaction
- Cost reduction
- Cycle and fulfillment time reduction
- Quality
- Differentiation
- Productivity
What is business process reengineering (BPR)?
- Radical top-down redesign of business processes;
- Takes a ‘clean sheet’ perspective to examine business processes;
- Propelled by unique capabilities of IT - automation, standardization, communication.
Why is BPR difficult to implement?
The strategy is…
- Difficult;
- Radical;
- High cost;
- High-risk;
- Length;
- Comprehensive.
This makes it overwhelming.
When should BPR be used?
When BPI is no longer effective, and/or when there is significant change in the business environment.
What is business process improvement (BPI)?
- Incremental, bottom up approach to move an organization towards business-process-centred operations.
- Focuses on reducing variation in process outputs: Identifies the underlying cause of variation and generates quantifiable results.
- Low-risk, low-cost, time-efficient.
- All employees are trained.
To what extent should BPI be used?
Until such that employees are not overstressed, disinterested.
Managers need to be able to focus their efforts and effectively manage.
What is Six Sigma?
Popular BPI methodology using statistical analysis to ensure that business processes have less than or equal to 3.4 defects per million outputs.
What are the basic phases of successful BPI?
- Define: Document ‘as-is’ process activities, resources, inputs, outputs, customers. Describe the problem.
- Measure: Define the ‘baseline’, identify metrics, collect data, combine process data.
- Analyze: Examine the process map and metrics. Identify root causes using process simulation software.
- Improve: Identify possible solutions, map ‘to-be’ process alternatives, select and implement the solution that eliminates irrelevant activities.
- Control: Re-measure using the established metrics, monitor improvement.
What advantages do process simulation software bring?
- Quick way to simulate for a specific amount of time;
- Estimates process performance;
- Allows for multi-scenario analysis;
- Identifies bottlenecks, cycle times, resource allocation;
- Risk-free, inexpensive.
What is business process management (BPM)?
Management technique that consists of the tools and methods that support the design, implementation, and optimization of core business processes over time.
BPM integrates different BPI initiatives, ensuring a consistent strategy.
What are the two components of BPM?
- Process modelling: Graphical depiction of BP steps, relationships, IS, information
- Business activity modelling: ‘Real-time’ measurements of business processes –> Create process reports
What is a business process management suite (BPMS)?
An integrated set of applications used for BPM.
Why is BPM advantageous?
Short-term: Profits, cost advantage.
Long-term: Competitive advantage, flexibility, customer satisfaction, compliance.
What is the business environment?
Social, economic, legal, physical, political factors in which businesses conduct operations.
Change in a single factor creates business pressures.
What are market pressures?
- Globalization
- Changing workforce
- Powerful customers
What are technological pressures?
- Technological innovations and obsolescence
- Information overload
- Digital divide
What are social/political/legal pressures?
- Sustainability
- Government regulations and deregulation compliance
- Protection against terrorist attacks
- Ethical issues
How do organizations respond to business pressures?
- Strategic systems
- Customer-centred approach
- Continuous improvement efforts ERP
- Business process restructuring
- Intelligent data management
- On-demand mass customization
- Business alliances
- E-commerce
What is a competitive strategy?
Statement that identifies how a business plans to compete, what its goals are, and the policies and plans that it undertakes to pursue those goals.
Why are IS strategic in nature?
They provide a competitive advantage.
What are the five forces in Porter’s model that determine competitive advantage?
- Threat of entry of new competitors
- Bargaining power of suppliers
- Bargaining power of customers
- Threat of substitutes
- Rivalry
What is a value change?
The sequence of activities through which inputs are transformed into valuable outputs.
In Porter’s value chain model, what are primary activities and support activities?
PRIMARY
-Inbound logistics, operations, outbound logistics, marketing and sales, services
SUPPORT
-Administration, management, HR, R & D, procurement
What competitive advantage strategies can businesses take?
- Cost leadership
- Differentiation
- Innovation
- Opperational effectiveness
- Customer orientation
What is Business-IT alignment?
Tight integration of IT functions in the organizational strategy and the ensuing mission and goals. In this case, IT directly supports business objectives, by being an ‘engine of innovation’.
Why is Business-IT alignment challenging?
Differing organizational and IT objectives;
Lack of recognition of expertise of each department;
Poor communication.
What is IT governance?
Processes that ensure the effective and efficient use of IT, enable an organization to achieve its goals.
It is spearheaded by the CIO and the IT steering committee.
What are ethics?
Principles of right and wrong that guide people’s conduct and decision-making.
What are the five primary ethical frameworks?
- Utilitarian: The ethical decision is the one that produces the most good, does the least harm.
- Rights: Recognizes that humans have fundamental rights that must be considered and fulfilled when making an ethical decision.
- Justice: The ethical decision is the one that leads to fairness or equal profit.
- Common good: Recognizes that as part of a community, one has an obligation to safeguard the basic conditions.
- Deontology: The ethical decision is the one respecting the duties and obligations imposed.
What is the traditional approach to resolving ethical issues?
- Recognize.
- Collect facts.
- Evaluate alternative actions.
- Make & test the decision.
What is the giving voices to values (GVV) approach to resolving ethical issues?
- Identify.
- Purpose & Choice.
- Stakeholder Analysis.
- Powerful Response.
- Scripting, Coaching.
What is the code of ethics?
Collection of principles intended to guide an organization’s members’ decision-making.
What are the fundamental tenets of ethics?
- Responsibility: Accepting consequences of decisions and actions.
- Accountability: Determining who is responsible for decisions and actions.
- Liability: Right to recover damage done by other individuals, organizations, systems.
What is privacy?
Right (balanced against social needs) of people, groups, institutions to be left alone, free of unreasonable personable intrusion.
What is information privacy?
RIght to determine when and to what extent information can be gathered and communicated to others.
What are threats to privacy?
- Data aggregators, digital dossiers, profiling
- Electronic surveillance
- Personal information stored in databases
- Information released on internet bulletin boards, in newsgroups, on social networking sites
How is privacy protected?
- Privacy codes and policies
- Informed consent, using an opt-in model that prohibits information collection until specifically authorized, or an opt-out model that stops collecting information when specifically requested.
What is a platform for privacy preferences (P3P)?
Protocol that automatically communicates privacy policies between a website and its visitors.
What is the importance of high-quality information privacy?
- Protects brand image and reputation.
- Helps maintain and enhance trust, promotes confidence.
- Helps achieve competitive advantage.
- Ensures that legal requirements are met.
- Reduces administrative and data handling costs.
What is information security?
Processes and policies that are designed to protect an organization’s information and IS from unauthorized access, use, disclosure, disruption, modification, or destruction.
Its goal is to minimize vulnerability and the potential exposure threat for information resources.
What factors increase the vulnerability of information resources?
- Interconnectedness of today’s world
- Access to cheaper, portable, faster computer devices and storage mediums
- Decreasing skills needed to become a hacker
- Organized crime
- Lack of management support
What are human mistakes?
Unintentional errors resulting from carelessness, opening questionable emails, poor password selection and use.
Especially important when employees are high level and have high access privileges –> IT and HR departments.
What is social engineering?
Attack in which the perpetrator uses social skills to trick/manipulate a legitimate into providing confidential information, by…
- Tailgating: Entering restricted areas;
- Shoulder-surfing: Watching computer screens.
What are the types of deliberate attacks to IS?
- Espionage/Trespass
- Information Extortion
- Sabotage/Vandalism
- Theft of Equipment/Information
- Identity Theft
- Compromise to Intellectual Property
- Software Attacks
- SCADA Attacks: Attacks to specific sensors that control physical, chemical, transport systems.
- Cyberterrorism
What are the types of software attacks?
Malware: ‘Infection’
Virus: Attaching malicious segments to another program.
Worm: Spreading malicious segments.
Trojan horse: Reveals designated behaviour when activated.
Phishing attack: Deceptive communications.
Distributed denial-of-service attacks: Hijacking computers to form a ‘botsnet’, to flood internet traffic and preventing access to sites and services, by crashing the system.
Backdoor: Creating an unique password that allows without-security access.
Ransomware: Using encryption to deny access.
Alien software: Adware, spyware, spamware, cookies.
What is risk?
Probability that a threat will impact an information resource.
What is risk management?
Identifying, controlling, minimizing the impacts of threats, thus reducing risk to an acceptable level.
Consists of risk analysis, risk mitigation, and controls evaluation.
How can organizations ensure risk mitigation?
- Acceptance
- Limitation
- Transference
What types of controls help minimize threats to information security?
-Physical controls
- Access controls:
(a) Authentication, using something the person is/has/does/knows, and
(b) Authorization, by identifying privileges.
-Communication controls: Firewalls, anti-malware systems, whitelisting/blacklisting, encryption, VPN, Transport Layer Security, Employee Monitoring Systems
What are application controls?
Security countermeasures for specific functional area applications.
Where do password controls need to be supported?
- Control environment - Enforce proper management
- General controls - Login
- Application controls - Specific passwords
What is business continuity planning (BCP)?
Chain of events linking planning to protection to recovery, ensuring that critical systems are available and operating upon a disaster, and that normal operations can be restored ASAP.
How is BCP implemented?
Using a hot site, warm site, and cold site.
What is information systems auditing?
The examination of IS, inputs, outputs, processing, efficiency, effectiveness.
Produces a report using established criteria and standards.
Why is data difficult to manage?
- Amount of data increases exponentially: High volumes of Big Data
- Data is scattered, dispersed
- Data comes from many sources
- Data becomes outdated
- Data media rots
- Data security, quality, integrity are critical, and can be compromised
- Legal requirements need to be met
What is data governance?
The management of information across the entire organization, to generate a ‘single version of the truth’.
It involves a formal set of business processes and policies, a master plan for prevention and recovery.
It requires for well-defined, unambiguous manual and IT rules.
What is master data management?
Strategic subset for implementing data governance. A process spanning across all business processes and applications.
Creates a master blueprint to store, maintain, exchange, and synchronize data.
What is transactional data?
Activities and events captured by operating systems, stored in transaction files, or as tables in a database.
High in volume, dynamic.
What is master data?
Core, static data spanning the entire organization’s information systems, applied to multiple transactions. It is stored in a master file, or as tables in a database.
It is used to categorize, aggregate, evaluate transactional data.
What are database management systems (DBMS)?
Tools that help create and manage databases, minimizing redundancy, isolation, and inconsistency, while maximizing security, integrity, and independence.
What does the data hierarchy consist of?
Bit: Single binary digit.
Byte: Group of 8 bits, representing a single character (letter, number, symbol).
Field: Logical grouping of characters that form a word, small group of words, or an identification number. It may contain multimedia.
Record: Logical grouping of related fields.
Data file/table: Collection of logically-related records that an application requires.
Database: Logical grouping of related data files.
What is a data model?
Diagram representing entities (records) in their databases, and the relationships ensuing.
Each entity for which information is maintained is characterized by ___ and ___.
Instances and attributes.
What are primary, secondary, foreign keys?
Primary: Unique identifiers, for each record.
Secondary: Identifier that may or may not be unique.
Foreign: Field in one table that uniquely identifies a record in another table, enforcing and establishing a link between two tables.
What is structured data?
Organized data in fixed fields, found in data repositories such as relational databases.
What is Big Data?
Diverse, high-volume, high-velocity information assets require sophisticated information systems to enable enhanced decision-making, discovery, and process optimization. It is about making predictions.
Why is Big Data advantageous?
- High volume of information
- Configured to self-improve
What does Big Data consist of?
Traditional enterprise data
Machine-generated sensor data
Social data
Images
What are the risks associated with Big Data?
It can come from untrusted sources;
It is dirty (inaccurate, incomplete, incorrect, duplicate, erroneous;
It changes.
What is the value of Big Data?
It can be distributed to stakeholders, used to conduct experiments, used to microsegment customers, used to create new business models, and used to analyze further data.
What is Query by example (QBE)?
Query language that allows users to fill out a grid/template, constructing a sample/description of the data that needs to be extracted.
What are the advantages of data marts/warehouses, over databses?
- Search-friendly
- Read-only (no extra processing)
- Access multiple records simultaneously (consolidated data)
- Can be used for extensive user analysis
What is a data warehouse?
Repository of historical data, organized by subject, used to support decision-making. It is used by large companies.
What is a data mart?
Scaled-down data warehouse, that means the needs of Strategic Business Units. Allows for local control and an eased implementation.
What characterizes data warehouses and data marts?
- Organized by subjects
- Uses Online Analytical Processing (LAP)
- Integrated data
- Time-variant: Historical and recent data
- Non-volatile data
- Multidimensional structures
What does a data warehouse environment include?
- Source systems that provide data
- Data integration technology that processes and prepares data for use
- Data storing architecture
- Metadata
- Business Intelligence governance
- Users (information consumers and producers)
What is a data lake?
A central repository storing all organization data, regardless of its source, format, structure, and degree of consistency.
Uses ‘schema-on-read’ architecture, not transforming data until it is actually used.
What is knowledge management?
A process that helps organizations manipulate important knowledge that forms an organization’s memory.
What is knowledge?
Actionable, relevant, contextual information (Intellectual capital), consisting of both explicit and implicit/tacit knowledge.
What are knowledge management systems (KMS)?
The use of modern IT to systematize, enhance, and expedite intrafirm and interfirm knowledge management.
What is the KMS cycle?
Rationale: Knowledge is dynamically refined over time.
Create –> Capture –> Refine –> Store –> Manage –> Disseminate
What is a structured query language?
Tool that allows users to perform complicated searches, using relatively simple statements/keywords.
What is normalization?
Method for analyzing and reducing a relational database to its most streamlined form, minimizing redundancy, maximizing data integrity, and ensuring best processing performance.
What is e-commerce?
The process of buying, selling, transferring, or exchanging products, services, and information via computer networks.
What is e-business?
Broader definition of e-commerce that also includes customer service, partner collaboration, e-learning, and intraorganizational e-transactions.
What is an organization’s degree of digitization?
- Brick and mortar: Purely physical organizations in which both product and delivery agents are physical.
- Virtual: Pure-play, digital-only organizations using e-commerce exclusively.
- Click and mortar: Partial use of e-commerce, but use of showrooming.
What types of e-commerce exist?
B2B, C2C, B2C, B2E, G2C (E-government), M-Commerce, Social Commerce, Conversational (Chat) Commerce.
What are the primary e-commerce business models?
- Online direct marketing
- E-tendering systems (B2B - Reverse auctions)
- Name-your-own-price
- Find-the-best-price
- Affiliated marketing
- Viral marketing
- Group purchasing
- Online auctions
- Product customization
- E-marketplaces, e-exchanges
- Online bartering
- Deep discounters
- Membership-based access
What are the primary e-commerce mechanisms?
- E-catalogues: ‘Backbone’ of e-commerce sites, including a database, a directory, search capabilities, and a presentation function
- E-auctions: Competitive selling/buying where prices are determined by competitive bidding. When conducted electronically, the cycle time is reduced, administrative costs are eliminated, and there is a bigger customer base. Forward auctions occur when sellers solicit bids from potential buyers, whereas reverse auctions occur when a buying company solicits bids from potential suppliers, through a ‘Request for Quotation’.
- E-storefronts: Websites that represent a single store.
- E-malls: Consolidated collection of individual shops.
What are the various forms of e-payment?
- E-cheques (used in B2B)
- Electronic credit cards
- Purchasing cards (used in B2B, equivalent of e-credit cards)
- Stored value money cards
- EMV smart cards
- Payment gateways
What are the pros of e-commerce?
- Accessibility to national, international markets
- Cost savings
- Accessibility to vast products and services
- 24/7 availability
- Delivers to all areas, including developing and rural ones
What are the limitations to e-commerce?
- Lack of universally-accepted standards
- Insufficient telecommunications bandwidth, expensive Internet access in developing countries
- Perception that e-commerce is insecure
What is the primary challenge in B2B?`
Large number of buyers, small number of sellers, abundant transactions
What is e-tailing?
Direct sale of products and services through e-storefronts/e-malls, using e-catalogues and e-auctions.
Why is e-tailing advantageous to retailing?
It allows for easy comparison, detailed product information.
What is long-tailing?
Selling a large number of unique items, each in small quantity.
What issues arise in e-tailing?
Channel conflicts, when manufacturers disintermediate their channel partners, by selling products directly to consumers over the internet.
Multichannelling, which causes potential difference prices in offline and online channels.
Supply chain issues during order fulfillment, including locating the product to be shipped, packaging the product, arranging for speedy customer delivery, and handling returns.
Personalized pricing, where items are priced based off consumers’ willingness to pay.
What is the online services industry?
The industry that consists of fintech, online securities trading, online jobs markets, travel services, and online advertising.
What various methods are used for online advertising?
Banners, pop-up ads, pop-under ads, permission marketing, viral marketing/spanning.
What the primary B2B business models?
- Sell-side marketplaces: Organizations that sell to other organizations electronically, using their own e-marketplace of that of a third party. Use of forward auctions, e-catalogues, and third-party auction sites.
- Buy-side marketplaces: Organizations buying from other organizations electronically, using reverse auctions and group purchasing.
- Electronic exchanges:
(a) Private: Many sellers, one buyer;
(b) Public: Third-party exchanges, as initial points of contact between business partners. They can be vertical (within-industry), horizontal (across-industry), and functional (as-needed).