SIT Final

¡Supera tus tareas y exámenes ahora con Quizwiz!

Insourcing

A firm provides IS services or develops IS in its own in-house IS organization

Software-Defined Architecture

•Birdbath example: Thanks to the Oprah Winfrey show, sales went from 10 per month to 80,000. •Increased sales would have been seen as an attack with traditional static system •Adaptive system warns other parts of sales fluctuations, preventing lost sales

Difficulties of Projects

IT projects are difficult to estimate and most fail to meet their schedules and budgets •Highly interactive, complex sets of tasks •Closely interrelated with each other (coupled) Most projects cannot be made more efficient simply by adding labor •Some are actually slowed down (Brooks' Law)

Four Categories of Data Mining Tools

Statistical analysis: answers questions such as "why is this happening" Forecasting/Extrapolation: Answers questions such as "what if these trends continue" Predictive modeling: "Answers questions such as "what will happen next?" Optimization: Answers questions such as "What is the best that can happen?"

Architecture to infrastrucuture

after desigining we have architecture requirments and need to acquire proper infrastrucutre i.e. databases and proper hardware/software

Issue Target (the company) faced

Accidentally revealed a teen's concealed pregnancy by mailing ads for maternity clothes and diapers to her home address. The mailing was triggered by analysis of purchases of unscented soaps, vitamins, and cotton balls, which matched the purcahsing patterns of other pregnant women. Shows how large retailers can learn startling amounts of private information.

How to be successful

Achieve a data driven culture (an environment that supports and requires data analytics. requires aligning all parts of the Business strategy triangle. Must have incentive to use data and metrics to measure success of using data. Develop skills for data mining Use a Chief Analytics Officer (CAO) or Chief Data Officer (CDO) Shoot for high maturity level

Dark Side of Big Data

All results from data should be questioned before applying them. False Discoveries- findings might show a correlation that is unfair or discriminatory. EX correlation between ice cream and child drowings. Invasion of privacy Ex: netflix knows exactly what you watch fake news - hand picking data

Digital Ecosystems

All technology and information, especially those that emerge suddenly and unexpectedly.

Political Archetypes (Weill and Ross)

Archetypes label the combinations of people who either provide information or have key IT decision rights -Business monarchy, IT monarchy, feudal, federal, IT duopoly, and anarchy Decisions can be made at several levels in the organization -Enterprise-wide, business unit, and region/group within a business unit.

Economics of Outsourcing

Benefits: •Sell equipment, buildings (large cash inflow) •Downsized payroll - outsourcer hires employees Costs: •Services provided for a fee •Fixed costs usually over 10-year term

Bank of America Example with Privacy

BoA told a couple they had to vacate they had to vacate their house on christmas and put the house up for a forced sale, even though they had never missed a payment. The couple checked out loan rates on the Make Home Affordable Program, but the mere initiation of this type of loan application triggers to the credit world that the applicant is in bad financial status. These led to a series of unfortunate events where their credit score was destoryed and their mortage was cancelled. BoA admitted this error but forgot to report it to credit agencies, causing the couple even more stress and financial loss.

Cookies

Follow individuals surfing behaviors without them knowing it. Everytime someone uses one of the main search engines or merely visits a site directly, a "cookie", a small coded text message, is placed on or retrieved from that person's hardrive and is ultimately sent back to the host company. Allowing them to track surf habits. Without essential cookies websites could not have shopping carts and would not enable users to "log in" to a site. "a third‐party service (such as Google's DoubleClick), by contributing some content (such as an ad or even an invisible dot) on web pages of hundreds of different firms, can amass information about your browsing practices across a wide variety of sites."

COSO Control Components

Five essential control components were created to make sure a company is meeting its objectives: •Control environment (culture of the firm) •Assessment of most critical risks to internal controls •Control processes that outline important processes and guidelines •Communication of those procedures •Monitoring of internal controls by management

Online Reputation Management*

For a fee, firms continuously search for negative formal or informal reviews about companies or individuals and reports results periodically. Helps people protect their brands.

Five Ways Data Analytics can Help an Organization

1. Making data more transparent and usable more quickly. 2. Exposing variability and boosting performance. 3. Tailoring products and services. 4. Improving decision making. 5. Improving products.

Five Maturity Levels of Analytical Capabilities

1. Reporting-reduces cost of summarizing and printing. 2.Analyzing-understand root causes. 3.Describing - real-time understanding and corrective action for what is happening now. 4. Predicting - So you can take best action 5. Prescribing - dynamic correction and how you should respond. This is the best form because it is automatic and continuous.

New Breach, New Law

2017: Credit firm Equifax suffered a breach revealing private information for 14.7 million USA residents (identify theft) Sept 21, 2018: New bill requiring consumers to order "freezes" on new credit applications at no charge. This eliminated a former revenues source for large credit agencies in the USA.

Business Analytics

Business Analytics is a component of Business Intelligence. The term used to refer to the use of quantitative and predictive models, algorithms, and evidence-based management to drive decisions. (Although it is a subset of Buisness intelligence, some use Business Analytics and BI interchangeably)

Sentiment Analysis

Can analyze tweets and Facebook likes for real time customer reactions to products and spotting trends in reactions. Useful for politicians, advertisers, software versions, and sales opportunities.

Differences between Data, Information, and Knowledge

Data are specific and objective facts or observations. EX: distributor ABC bought 600 of our sweaters. Standing alone, such facts have limited intrinsic meaning. Data is also easily captured, transmitted, and stored electronically. Information is data with endowed with relevance and purpose. Ways to turn data into information: organizing data with metrics and units of analysis. For example combining and a customers address with average order size, giving the data context and meaning. Knowledge is the mix of contextual information, experiences, rules and values. It is much richer and deeper than information and more valuable because someone has taken the date and added their own unique experiences, judgment, and wisdom. Ex: Manager knows that a retailer typically creates new retail outlets each year, and doing business with them will give an opportunity to grow. Values and beliefs are also important to knowledge because they determine how the knowledge will be interpreted and organized.

Components of Business Analytics

Data sources: Data streams, repositories, and databases. Data gathered from external repositories is referred to as structured data. Data such as blogs and videos is referred to as unstructured data. Software tools: Applications and processes for statistical analysis, forecasting, predictive modeling, and optimization. Ex: data mining process; forecasting software package. Data-Driven Environment: Organizational environment that creates and sustains the use of analytics tools. Ex: Reward system that encourages the use and willingness to test or experiment with analytic tools. Skilled Workforce: Workforce that has the training, experience, and capability to use the analytics tools. Ex: Data scientist, chief data officers, Chief analytics officers, etc.

Agile Business Process:

Designed to simplify redesign and reconfiguration. Ex: Cars are built with space to add modifications.

Assessing Adaptability

How to plan adaptable IT Architecture •Plan for applications and systems that are independent and loosely coupled •Set clear boundaries between infrastructure components •When designing a network architecture, provide access to all users when it makes sense to do so

Federalism Governance Structure

Most companies would like to achieve the advantages of both centralization and decentralization. •Distributes, power, hardware, software, data and personnel •Between a central IS group and IS in business units •A hybrid approach •Some decisions centralized; some decentralized

Element 1: Project management

Planning:Identifying requirents, define team structure, assigning team members. Actions: Managing risks/leveraging opportunities, measuring the project status, taking corrective action when necessary, Must Provide Project leadership: strong team composition and reward systems. If you have strong processes you can relax on the leadership.

Techniques to Transform a Static Process

Radical Process Redesign (Business Process Reengineering. Incremental Improvement (TQM and Six Sigma)

Decisions about How to Outsource Successfully

Requires numerous decisions about mitigating outsourcing risks. The three major decisions that need care and deliberation are: 1.Selection: find compatible providers 2.Contracting: -Try for flexible management terms -Try for shorter (3-5 year) contracts -Try for SLAs (service level agreements on performance) 3.Scope - Determine if full or partial outsourcing

More info about the Normative theories

Stockholder Theory: Managers are bound to the interests of the shareholders, to employ legal and non-fraudulent means, and to take long-term view over short-term of shareholder interests. Stakeholders are any group that affects corporate survival or success and any group whose interests the corporation vitally affects. Management must balance the rights of all stakeholders and not imping on the rights of one particular stakeholder. Social Contract Theory: Corporations are expected to create more value to society than it takes away. Ex: Social welfare- corporations must produce greater benefits than their associated costs. and Justice- corporations must pursue profits legally, without fraud or deception, and avoid actions that harm society.

Service-Level Agreement (SLA)

defines the level of service expected by a customer from a supplier, laying out the metrics by which that service is measured, and the remedies or penalties, if any, should the agreed-on service levels not be achieved. Usually, SLAs are between companies and external suppliers, but they may also be between two departments within a company.

ERP II

•Makes information available to external stakeholders too •Enables e-business applications •Integrates into the cloud Includes ERP plus other functions

Essential Elements of a Project

•Project management •Project team •Project plan •Common project vocabulary

Ethical Tensions with Governments

•United Arab Emirates (UAE) tried shut off BlackBerry's internet functions if they didn't require there device maker, RIM, to disclose confidential information for national security •Sony Pictures had a project ruined by North Korean threats when they wanted to release the Interview they got terroristic threats, so they postponed the film •Google's features are restricted in China, causing google to withdraw from the market and entered with a more censored version "dragonfly" •GDPR in Europe provides strict privacy laws that impact firms doing business in the European Union

Backsourcing

•When a company takes back in-house, previously outsourced, IS assets, activities, and skills. •Partial or complete reversal •Many companies have backsourced such as Continental Airlines, Cable and Wireless, and Halifax Bank of Scotland. •70% of outsourcing clients have had negative experiences and 25% have backsourced. •4% of 70 North American companies would not consider backsourcing.

IT Outsourcing

•With IT, there is equipment, services, and personnel involved •Equipment and facilities are sold to outside vendors •Personnel might be hired by outside vendors •Services are hired from the vendors •Common length of agreement: 10 years

Workflow and Mapping Processes

•Workflow diagrams show a picture of the sequence and detail of each process step •Objective is to understand and communicate the dimensions of the process •Over 200 products are available to do this •High-level overview chart plus detailed flow diagram of the process

Failed IS Projects

67% of projects fail Managing a business project means managing an information systems project.

Managing Project Risks from Complexity

=: •Leverage the Technical Skills of the Team such as having a leader or team members who have had significant experience •Rely on Consultants and Vendors - for additional expertise •Having frequent team meetings •Extensive documentation •Regular technical status reviews

Programs vs Projects

A program is a set of related projects that accomplish a strategic objective Ex: TQM (project); workplace safety (program)

Project Management

Application of knowledge, skills, tools, and techniques in order to meet project requirements Trade-offs must be made

Evidence based management*

Approach in which evidence and facts are analyzed as the step in decision making. People in this culture are encouraged to challenge others by asking for data that supports their claims.

Architecture

Architecture translates strategy into infrastructure In IT infrastructure is everything that supports the flow and processing of information Abstract ideas to concrete ideas

Control Structures From Legislation

Focus on a firm's internal controls to promote IT-related internal controls and compliance

Nearshoring

Offshoring but the country is relatively close in distance and time zone. Companies who nearshore typically hope to benefit culturally, linguistically, politically, or from historical linkages.

Pulling the plug

People should abandon the project when trouble persists. If you don't pull the plug you can have Sunk costs, higher penalties for failure, and emotional attachment to the project.

Project Triangle

Pick any two Know that if you pick two you will lack in the third.

Study in Science (A journal)

Researchers found that knowing three facts, such as time and date, location, and approximate amount spent while visiting a merchant can identify 90% of individuals. This information can be found easily using social media or a simple file from a credit card agency.

Definition of Privacy

fundamentally about protections from intrusion and information gathering by others. Possessing and using the "best" information helps ogranizations win. High priority: keeping it safe and secure Regulations cover the authorized collection, disclosure and use of personal information

Tagging*

A knowledge management process where users themselves list key words that codify the information at hand, creates an ad hoc codification system sometimes referred to ask folksonomy.

Offshoring

-Outsourcing offshore -When organizations use contractor services in a distant land (insourcing offshore would be your own dept offshore). -substantial potential cost savings through reduced labor costs. -some countries offer a very well educated labor force. -Implementation of quality standards (Six Sigma and ISO 9001)

Data Warehouses

*collections of data designed to support management decision making. Warehouses are centralized so everyone can access the data.

Business Intelligence (BI)

A component of knowledge management. The set of technologies and processes that use data to understand and analyze performance. It is the management strategy used to create a more structured approach to decision making based on facts discovered by analyzing information collected in company databases. While knowledge management focuses on the entire process of making the data useful, BI focuses specifically on extracting knowledge from the data.

Project Management Office

A department responsible for boosting efficiency, gathering expertise, and improving project delivery. Their responsibilities range widely.

COBIT

A governance tool for ensuring that IT provides the systematic rigor needed for strong internal controls and SoX. •IT governance framework that is consistent with COSO controls. •Issued in 1996 by Information Systems Audit & Control Association (ISACA) •A company must -Determine the processes/risks to be managed. -Set up control objectives and KPIs (key performance indicators) -Develop activities to reach the KPIs •Advantages - well-suited to organizations focused on risk management and mitigation, and very detailed. •Disadvantages - costly and time consuming

General Data Protection Regulation (GDPR)*

A law that has been adopted by all EU member states and that places even greater emphasis on individual rights. Prohibits the transfer of personal data to non-European Union nations that don't meet EU privacy standards.

Accessibility

Ability to obtain the data. •Access to systems and their data is paramount •Users must be able to access this data from any location (if legal and it can be properly secured) •Major issue - how to create and maintain access to information for society at large -This access needs to be limited to those who have a right to see and use it (to limit identity theft). -Also, adequate security measures must be in place on their business partners' end.

Different IT governance archetypes

Decision rights or Inputs rights are held by ..... Business Monarchy: A group of individual business executives. Includes committees compromised of senior business executives and maybe the CIO. Excludes IT executives acting independently. IT Monarchy: Individuals or groups of IT executives. Feudal: Business unit leaders, key process owners or their delegates. Federal: C-Level executives and at least on other business group. IT executives may be an additional participant. Equivalent to a country and its states working together. IT Duopoly: IT executives and one other group (e.g., CxO or BU leaders) Anarchy: Each individual leaders

Big Data

Essential to Business Intelligence and Business Analytics. Very large data sets characterized by the 3vs: high volume, high variety, and high velocity.

Information Ethics*

Ethical issues associated with the development and application of information technologies, just because we can do something doesn't mean we should.

Internet of Things*

Ex: Car tracks miles driven, Elevator tracks floors of buildings visited.

Measures of KM Project Success

Example of specific benefits of a KM project: •Enhanced effectiveness •Revenue generated from extant knowledge assets •Increased value of extant products and services •Increased organizational adaptability •More efficient re-use of knowledge assets •Reduced costs Reduced cycle time

IT Governance

Governance in IT is all about making decision that define expectations, grant authority, or ensure business performance. It focuses on how decision rights can be distributed differently to facilitate the three possible modes of decision making: centralized, decentralized, or hybrid. Organizational structure plays a major role in governance. Empowerment (granting rights to make decisions) and monitoring (evaluating performance) will help align behavior with business goals

Intellectual Capital vs Intelectual Property

Intellectual Capital: The process for managing knowledge. Intellectual Property: The outputs; the desired product of the process. Intellectual Property is typically nonexclusive. Ex. MP3 file. But the rights differ remarkably by country.

Green Computing

Green Computing is concerned with using computing resources efficiently. •The digital economy uses 10% of the world's energy •In 2007, the 5 largest search companies used 2.4 gigawatts. -Hoover Dam only generates 2.0 •Since then it has reduced thanks to "green" efforts in data centers -Virtualization, it lets a computer run multiple operating systems or several versions of the same system at the same time. This can eliminate the amount of required servers. -Relocation for more natural cooling •e.g., Google in Finland

Using Big Data we can .....

Gues income from zip code and target these zip codes with advertisements.

Element 2: Project Team

Helpful: collect a set of people with the needed •Skills •Knowledge •Experiences •Capabilities •They must also represent their departments so they can share their departments information.

Normative Theories of Business Ethics

These theories of are useful for assessing an initiative and what people should do. Managers must assess initiatives from an ethical point of view Most managers are not trained in ethics, philosophy, or moral reasoning, making it difficult to determine or discuss social norms. There are three theories: Stockholder theory, stakeholder theory, and social contract theory.

Project Stakeholders

Individuals or organizations involved in the project or whose interests are affected by the project. Obvious players: Project manager Project sponsor Customer Employees

Public Clouds - Versions

Infrastructure as a Service (IaaS) •Infrastructure through grids or clusters of virtualized servers, networks, storage, and systems software. •Designed to augment or replace the functions of an entire data center. •The customer may have full control of the actual server configuration. •More risk management control over the data and environment. Platform as a Service (PaaS) •Virtualized servers •Clients can run existing applications or develop new ones •Provider manages the hardware, operating system, and capacity •Limits the enterprise risk management capabilities.

Deep Learning

Type of machine learning used for unstructured data. Ex. Captcha to prove you aren't a robot, feed photos of x-rays to indicate which were fractures and which were not. Basically just categorization.

Knowledge Management - Four Processes

Knowledge Management involves four main processes. 1.Generate - Gain "new" knowledge. Includes all actives that discover "new" knowledge. How: a)Create b)Buy c)Adapt d)Share e)Gather 2.Capture: Involves continuous process of scanning, organizing, and packaging knowledge. How: a)Walkthrough 3.Codify: The representation of knowledge in a manner that can be easily accessed and transferred. (even as simple as using hash tags to create a folksonomy). How: a)Flowchart 4.Transfer: Transmit it from one person to another to absorb it. Without absorption the transfer does not occur How: a)Socialization

Farshoring

Like offshoring but is typically farther away and comes with language and timezone barriers

Element 4: Common Project Vocabulary

Make sure everyone uses words in the same context. Ex: Fiscal year vs Calendar Year

Managers role in IT architecture

Managers must understand what to expect from IT architecture and infrastructure. Cleary communicate business vision. May need to modify the plans if IT cannot realistically support them. Managers MUST be involved in the decision making process.

Social Media Analytics*

Measure impact of social IT investments on a business.

Four Governance Frameworks

Traditional- how decision rights are distributed Accountability and Allocation- who makes decisions and is held accountable Digital Ecosystem (Platform-based governance)- shifts the focus from well bounded organizational contexts to contexts beyond organization or industry boundaries to leverage digital ecosystems and IT consumerization. Control Structures- develop in response to important legislation and provides governance guidelines to firms.

Political Archetypes

Organizations vary widely in their archetypes selected. Duopoly is most common for IT principles decisions while IT monarchy is most popular for IT architecture and IT infrastructure decisions. Steering communities are also a popular approach. They include key stakeholders and can be formed at a higher level (focus on CIO effectiveness) or a lower level (focus on details of various projects).

Crowdsourcing

Outsourcing to an undefined, generally large group of people. Lego did this, Can be bad because companies don't have control over people doing the work.

Onshoring

Outsourcing within your country.

Data Mining

Process of analyzing data warehouses and other sources for "gems" that can be used in management decision making. Usually focuses on buying patterns, preferences, and unusual purchases (to spot theft). Identifies previously unknown relationships among data. Complex statistics can uncover clusters on many dimensions not known previously i.e people who like movie x also like movie y

Other IT Project Development Approaches

Prototyping •Build a high-level version of the system very quickly and get feedback. •Advantages: -User involvement early and throughout the development process •Disadvantages: -Documentation may be difficult to write -Users may not have a realistic scope of the system while making decisions RAD (Rapid Application Development) prototyping + 4-step SDLC •Like prototyping, RAD uses iterative development tools to speed up development: GUI, reusable code, code generation, databases, testing, debugging •Goal is much faster building of the system JAD (Joint Application Development) - IBM •Users are involved throughout the process "Agile" approaches speed things up •XP (Extreme Programming), Scrum, etc. User-centered design •Focuses on usability but uses many of the tools of RAD, JAD, Agile, prototyping •Users participate and continuously evaluate usability •Usability.gov provides 209 guidelines •Technology is advancing so they are dated (e.g., touchscreen tablets are not included) •"How or why" for touch PC O/S not yet settled •Requires multidisciplinary approach: psychology, graphic art, Internet technologies, business needs, etc. Open source approach •Uses crowdsourcing •Code is available for all to see and improve •Linux: the basis for •Android •Some Garmin GPS •Some Sony TVs •OS/X is based on BSD •BSD and Linux come from Unix

Dynamic Business Process

Reconfigure themselves to change as they "learn" and the businesses utilizes them. Ex: call centers route incoming calls to available locations or agents.

Four Dimensions for project success

Resource constraints: does the project meet the time and budget criteria? Impact on customers: how much benefit does the customer receive from the project? Business success: how high and long are the profits produced by the project? Prepare for the future: has the project enabled future success? Future impact?

What Makes a Project Risky

Risk Framework •Complexity -Many parts? Impacts on rest of system? Global? Unfamiliar hardware/software/databases? Changing requirements? •Clarity -Hard to define the purpose, input, and output? •Size -Cost, staff, duration, team, departments affected, lines of code •They are geometric, not linear (additive): -Having all three of these would be much more than three times as bad as one of these.

Systems Development Life Cycle (SDLC)

SDLC typically consists of typical phases such as: 1.Initiation of the project 2.The requirements definition phase 3.The functional design phase 4.The system is actually built 5.Verification phase 6.The "cut over:" The new system is put in operation 7.The maintenance and review phase Different models have different numbers of phases

Why do we need SLA's

SLAs are an integral part of an IT vendor contract. An SLA pulls together information on all of the contracted services and their agreed-upon expected reliability into a single document. They clearly state metrics, responsibilities and expectations so that, in the event of issues with the service, neither party can plead ignorance. It ensures both sides have the same understanding of requirements.

What metrics should be monitored in an SLA

Service availability: the amount of time the service is available for use. This may be measured by time slot, with, for example, 99.5 percent availability required between the hours of 8 a.m. and 6 p.m., and more or less availability specified during other times. E-commerce operations typically have extremely aggressive SLAs at all times; 99.999 percent uptime is a not uncommon requirement for a site that generates millions of dollars an hour. Defect rates: Counts or percentages of errors in major deliverables. Production failures such as incomplete backups and restores, coding errors/rework, and missed deadlines may be included in this category. Technical quality: in outsourced application development, measurement of technical quality by commercial analysis tools that examine factors such as program size and coding defects. Security: In these hyper-regulated times, application and network security breaches can be costly. Measuring controllable security measures such as anti-virus updates and patching is key in proving all reasonable preventive measures were taken, in the event of an incident. Business results: Increasingly, IT customers would like to incorporate business process metrics into their SLAs. Using existing key performance indicators is typically the best approach as long as the vendor's contribution to those KPIs can be calculated.

Mason's areas of managerial concern "PAPA"

Several areas of information ethics where control is critical

Four Modes of Knowledge Conversion

Socialization: Tacit -> Tacit. Transferring by mentorship, apprenticeship, conferences, and casual conversations.. Eternalization: tacit knowledge -> explicit knowledge. Transferring by models or metaphors. Combination: explicit knowledge > explicit knowledge. Obtaining and following manuals. Internalization: explicit knowledge > tacit knowledge. Learning by doing; studying manuals

Closing Caveats for Chapter 12

Sometimes knowledge should remain hidden (tacit) for protection. We should remain focused on future events, not just look over the past. A supportive culture is need for a firm to enable effective KM and BI

IT Governance

Specification of the decision rights and accountability framework to encourage desirable behavior using IT. Not about what decisions are made but who holds the decision rights.

Cybersecurity Enhancement Bill of 18 Dec 2014

Supports research and development to establish best practices, increased public awareness on importance of cyber security, supports educational initiatives, and fosters a better-prepared workforce. Federal agencies are required to develop and continually update a cybersecurity strategic plan to 1. guarantee individual privacy, verify third-party software and hardware, and address insider threats. 2. Determine the origin of messages transmitted over the internet 3. protect information stored using cloud computing or transmitted through wireless services.

How Normative Theories apply to TJX

TJX was breached, they hired IBM and General Dynamics to investigate but witheld the information from the public. After the issue was resolved two years later, they offered to restitute their "valued customers". This aligns more with stockholder theorey because their main interest was not going public with the outbreak and losing money.

Dimensions of Knowledge

Tacit Knowledge: Tacit knowledge is personal, context specific, and hard to formalize and communicate. It consists of experiences, beliefs, skills, and it is entirely subjective. Explicit Knowledge: Knowledge that can be easily collected, organized, and transferred through digital means. Explicit knowledge is teachable, articulable, observable, and simple.

The Value of Managing Knowledge

The amount of human contribution required increases from data -> information -> knowledge. Because computers work well for managing data but are less efficient at managing information. Examples of how managing knowledge can add value: Sharing best practices •Avoid reinventing the wheel •Build on valuable work and expertise Sustainable competitive advantage •Shorten innovation life cycle •Promote long term results and returns Managing overload •Filter data to find relevant knowledge •Organize and store for easy retrieval Rapid change •Build on/customize previous work for agility •Streamline and build dynamic processes •Quick response to changes Embedded knowledge from products •Smart products can gather information •Blur distinction between manufacturing/service •Add value to products Globalization •Decrease cycle times by sharing knowledge globally •Manage global competitive pressures •Adapt to local conditions Insurance for downsizing •Protect against loss of knowledge when departures occur •Provide portability for workers who change roles •Reduce time to acquire knowledge

When to adopt ERPs

The enterprise system sometimes should drive business process redesign when: •Just starting out. •Organizational processes are not relied upon for strategic advantage. •Current systems are in crisis. It is inappropriate for the enterprise system to drive business process redesign when: •Changing an organization's processes that are relied upon for strategic advantage. •The package does not fit the organization. There is a lack of top management support.

Knowledge Management (KM)

The process needed to generate, capture, codify, and transfer knowledge across the organization to achieve competitive advantage.

Offshore Destination Development Tiers

Tier 1: Mature. •United Kingdom, United States, Japan, Germany, France, Canada, the Netherlands, Sweden, Finland, India, Ireland, Israel, China, and Russia. Tier 2: Emerging. •Brazil, Costa Rica, South Korea, and many Eastern European countries. Tier 3: Infant. •Cuba, Vietnam, Jordan, and 15 to 25 others •Tiers: based on industrial maturity, the extent of clustering of some critical mass of software enterprises, and export revenues. •The higher tiered countries have higher levels of skills and higher costs.

Incremental Change

Total Quality Management •Often results in favorable reactions from personnel -Improvements are owned and controlled -Less threatening change •Six-Sigma is one popular approach to TQM -Developed at Motorola -Institutionalized at GE for "near-perfect products" -Generally regarded as 3.4 defects per million opportunities for defect (6 std dev from mean)

Limitations of SDLC

Traditional SDLC methodology for current IT projects are not always appropriate: •Sometimes costs are difficult to estimate •Sometimes uniqueness makes previous experience hard or impossible to find •Objectives may reflect a scope that is -Too broad (can't solve it), or -Too narrow (not ambitious enough) •Might take too long when the business environment is very dynamic

Data Lake

a storage technology that doesn't attempt to organize data, just stores it in its "raw" form for later analysis or use.

Project Management Software

Used to manage projects and keep track of key metrics. Top five PM systems (according to Captera) •Microsoft Project •Wrike •Atlassian Jira •Basecamp Trello

Sentiment Analysis*

Uses algorithms to analyze text and extract subjective information such as emotional statements, and likes/dislikes

Artificial Intelligence (AI)*

Usually refers to the broader field of development of computer science where systems perform tasks that are naturally performed by humans. Ex: Amazon Echo and Google Home Machine learning is a specific kind of AI where the system "learns" from large amounts of data that provides examples, or trains, the system. Ex: determining what a problem appears to be , such as changes in two distant countries at the same time.

Strategic Time Frame

Varies from industry to industry and firm to firm

Selecting an Offshoring Destination

What makes countries attractive for offshoring? •High English language proficiency. •Countries that are peaceful/politically stable. •Countries with lower crime rates. •Countries with friendly relationships. •Security and/or trade restrictions. •Protects intellectual property •Level of technical infrastructure available. •Good, efficient labor force Once a country is selected, the particular city in that country needs to be assessed as well. Attractiveness can also be measured using the Capability Maturity Model (CMM) •Level 1: the software development processes are immature, bordering on chaotic. •Level 5: processes are quite mature, sophisticated, systematic, reliable •Indian firms are well known for their CMM Level 5 software development processes, making them desirable

Property

Who owns the data and has rights to it. Proper ownership implies legal rights. Sometimes ownership is unclear, example Facebook photos, A photographer took the photo, the photo is of you, and the photo is on Facebook's servers, so who owns it?

Definition of "Project"

•"[A] project is a temporary endeavor undertaken to create a unique product or service." •Temporary—every project has a definite beginning and a definite end. •Unique—the product or service is different in some distinguishing way from all similar products or services."

Supply Chain Management (SCM)

•An enterprise system that manages the integrated supply chain •Translation: processes are linked across companies •The single network optimizes costs and opportunities for all companies in the supply chain •Every part of the supply chain has the latest information about sales expected and inventories from source materials at all stages •Bullwhip effect occurs when the supplier at each stage adds a small "buffer" for it's suppliers in case demand is higher than expected

Captive Centers

•An overseas subsidiary that is set up to serve the parent company. •Alternative to offshoring or nearshoring. Four major strategies that are being employed: •Hybrid Captive - performs core business processes for parent company but outsources noncore work to offshore provider •Shared Captive - performs work for both parent company and external customers. •Divested captive - have a large enough scale and scope that it could be sold for a profit by the parent company. •Terminated Captive - has been shut down, usually because its inferior service was hurting the parent company's reputation.

Big Data

•Big data: techniques and technologies that make it economical to deal with very large datasets at the extreme end of the scale: e.g., 1021 data items

Radical Change

•Business Process Reengineering (BPR) •Sets aggressive improvement goals. •Goal is to make a rapid, breakthrough impact on key metrics in a short amount of time. •Greater resistance by personnel. •Use only when radical change is needed.

Frameworks for Implementing SoX

•COSO - Committee of Sponsoring Organzations of the Treadway Commission. • Coso created three control objectives for management and auditors that focused on dealing with risks to internal control -Operations: maintain and improve operating effectiveness; protect the firm's assets -Compliance: with relevant laws and regulations. -Financial reporting: in accordance with GAAP

Electronic Health Record: example of Platform-based Governance

•Can connect to perhaps planned sources: -Pharmacy -Lab -insurance Company •And can connect to unplanned sources: -Banks - for payment -Tax authority - for matching deductions -Smartphone apps - for many purposes Because no one entity can plane these systems in their entirety this case is hard to govern.

Traditional Governance Framework

•Centralized - bring together all staff, hardware, software, data, and processing into a single location. •Decentralized - the components in the centralized structure are scattered in different locations to address local business needs. •Federalism - a hybrid of centralized and decentralized structures.

Common IT Architecture Configurations

•Centralized architecture - All purchases, support, and management from data center •Decentralized architecture - uses multiple servers perhaps in different locations •Service-Oriented architecture - uses small chunks of functionality to build applications quickly. -Example: e-commerce shopping cart •Software-Defined architecture - instantly reconfigures under load or surplus

Emergent Governance: Platform-Based Governance

•Challenge a "top down" approach because emerging digital technologies require agile governance so societies and business can react to and leverage them. •Digital ecosystems can grow up all around you •Self-interested, self-organizing, autonomous sets of technologies from different sources •Firms find opportunities to exploit new technologies that were not anticipated •Good examples: -Google Maps -YouTube

Accuracy

•Controls are needed to ensure accuracy so errors don't become exacerbated •Data entry errors must be controlled and managed carefully •Data must also be kept up to date •Removing data after needed or when legally mandated is not easy

Privacy Paradox

•Convenience vs privacy -Make it harder for criminals to steal information, it will be less convenient for genuine users •15,000 customers in 15 countries: -51% said they wouldn't trade off privacy for convenience; 27% said they would. --India: 40% wouldn't; 48% would --Germany: 70% wouldn't; 12% would Why would they give up privacy for convience? -personalized services -paid for the information they give up -they believe everyone is doing it

What should Managers do about security?

•Create a culture of responsibility -Post policies •Implement governance processes for information control. This helps identify risks to the organization, and make sure their information control behaviors comply with the law. •Avoid decoupling responsibility -i.e., make Managers responsible for their decisions that lead to privacy problems

Customer Relationship Management (CRM)

•Customer Relationship Management (CRM) is a natural extension of applying the value chain model to customers. Helps obtain, enhance relationships with, and retain customers. Common systems are: •Oracle •SAP •Salesforce.com (web-based cloud system)

Software or Site Terms of Service

•Ignored widely, often due to length and legal language •Pen Pal's Terms of Service are longer than Hamlet •Fewer than 2% read the terms •A Gamestop site in the UK included selling a person's immortal soul and thousands accepted it.

IT Control and Sarbanes-Oxley

•In 2004 and 2005, IT departments began to -Identify controls, -Determine design effectiveness -Make test to validate operation of controls Showed that IT control was failing to do 5 things. •Failure to segregate duties within applications, and failure to set up new accounts and terminate old ones in a timely manner •Lack of proper oversight for making application changes, including appointing a person to make a change and another to perform quality assurance on it •Inadequate review of audit logs to not only ensure that systems were running smoothly but that there also was an audit log of the audit log •Failure to identify abnormal transactions in a timely manner •Lack of understanding of key system configurations

Targeting

•In 2014, Cambridge Analytica "scraped" personal data from Facebook to target 50 million individuals for particular messages that would be of interest. •Is this a breach? No because all this information was already accessible to the public. •Facebook was widely criticized, and the privacy settings were clarified and made more obvious to users.

Sarbanes-Oxely Act (Sox)

•In response to rogue accounting activity, this act was made to increase regulatory visibility and accountability of public companies and their financial health -All companies subject to the SEC are subject to SoX. -CEOs and CFOs must personally certify and be accountable for their firm's financial records and accounting. -Firms must provide real-time disclosures of any events that may affect a firm's stock price or financial performance. -20 year jail term is the alternative. -IT departments play a major role in ensuring the accuracy of financial data.

Difficulties in Integrated Supply Chains

•Information integration requires agreement of what information to share, how to share it, and the authority to view it. •Trust must be established •Planning must be synchronized carefully •Workflow must be coordinated between partners to determine what to do with the information they obtain

BPM

•Information systems tools used to enable information flow within and between processes. •Comprehensive, enterprise software packages. •Designed to manage the potentially hundreds of systems throughout a large organization. Most frequently discussed ones: •ERP (Enterprise Resource Planning), •CRM (Customer Relationship Management), •SCM (Supply Chain Management)

From Strategy to Architecture

•Manager starts out with a strategy. •Strategy is used to develop more specific goals Business requirements must be determined for each goal so the architect knows what IS must accomplish Ex:•Strategy: Be a customer-oriented company •Goal: 30-day money back guarantee •Business Requirement: ability to track purchases •Business Requirement: ability to track problems •Goal: Answer email questions within 6 hours •Business Requirement: Ability to handle the volume From business requirements we design the architecture

Backsourcing Reasons

•Mirror reason for outsourcing (to reduce costs, increase quality of service, etc.) •Costs were higher than expected •Poor service •Change in management •Change in the way IS is perceived within the company •New situations (mergers, acquisitions, etc.)

Key Aspects of Radical Change Approaches

•Need for quick, major change •Thinking from a cross-functional process perspective •Challenge to old assumptions •Networked (cross-functional organization) •Empowerment of individuals in the process •Measurement of success via metrics tied to business goals and effectiveness of new processes

Element 3: Project Plan

•Organizes the steps and defines dates •Breaks work into phases •End is "go live" date •"Control gates:" ready to move to next phase? •Tools include PERT/GANTT to track project completion

New Technologies allow for new Architecture

•Peer to peer architecture: Allows networked computers to share resources without a central server •Wireless (mobile) infrastructure: allows communication without laying wires •Web-based architecture: places information on web servers connected to the Internet •Cloud-based architecture: places both data and processing methods on servers on the Internet, accessible anywhere •Capacity-on-demand: enables firms to make available more processing capacity or storage when needed

Cloud Computing Options

•Private clouds -Data—managed by the company or offsite by a third party. •Community clouds. -Cloud infrastructure is shared by several organizations -Supports the shared concerns of a specific community. •Public clouds. -Data is stored outside of the corporate data centers -In the cloud provider's environment •Hybrid clouds -Combination of two or more other clouds.

Assessing Financial Issues

•Quantify expected return on investment •Can be difficult to quantify Steps •Quantify costs •Determine life cycles of components •Quantify benefits •Quantify risks •Consider ongoing dollar costs and benefits

Cloud Computing

•Resources that are available "on the Internet" •No software for the organization to develop or install (only web browser) •No data for the organization to store (it stays somewhere in the Internet "cloud") •The provider keeps and safeguards programs and data •This is "infrastructure as a service" (IaaS) •Also available is SaaS (Software as a service) •And there is also PaaS (Platform as a service) •Utility Computing: Pay only for what you use (like power, lights)

Chief Information Officer (CIO)

•Responsible for technology vision •Leads design, development, implementation, and management of IT initiatives •Is a business technology strategist or strategic business leader •Uses technology as the core tool in -creating competitive advantage -aligning business and IT strategies CIO can't know everything and have all the skills, so other roles are still important.

Assessing Scalability

•Scalability refers to how well a component can adapt to increased or decreased demand Needs are determined by: •Projections of growth •How architecture must support growth •What happens if growth is much higher than projected •What happens if there is no growth

Enterprise Resource Planning (ERP)

•Seamlessly integrate information flows throughout the company. •Reflect industry "best" practices. •Need to be integrated with existing hardware, OSs, databases, and telecommunications. •Some assembly (customization) is required •The systems evolve to fit the needs of the diverse marketplace.

Other Assessments

•Standardization - Common, shared standards are easy to plug in •Maintainability - Can the infrastructure be maintained? •Security - Decentralized architecture is more difficult to secure

Partnering Arrangements

•Strategic networks: arrangements made with other organizations to offer synergistic or complementary services -Example: The Mitsui Keiretsu contains over 30 firms spanning many industries. The members use each others' services and don't compete: Toshiba, Fujifilm, Sony are members •Platforms might dictate your actions (see chapters 6 and 9) •Digital (Business) Ecosystems (see chapter 9): Informal, emerging relationships

Data sources for Analytics

•Structured (customers, weather patterns) or unstructured (Tweets, YouTube videos) •Internal or external •Data warehouses full of a variety of information •Real-time data sources: information such as stock market prices -results in "Big Data" sources Data

Triple Bottom Line Impact

•TBL (3BL) -People: Being socially responsible -Planet: Saving the environment -Profit: Saving money

Actual Behavior about Privacy

•Teens repeatedly demonstrate a lack of concern about privacy, but they regret their decisions as they grow older •70% of recruiters have rejected candidates for postings they found online • 20% of Facebook users strengthened their privacy settings when Facebook began allowing it •Privacy is valued more in Europe than in the US

Enterprise Architecture

•The "blueprint" for all IS and interrelationships in the firm Four key elements: •Core business processes •Shared data •Linking and automation technologies •Customer groups •One example is TOGAF (The Open Group Architecture Foundation) -Methodology and set of resources for developing an EA -Specifications are public •Business and IT leaders develop EA together

IS and Implementation of SoX Compliance

•The IS department and CIO are involved with the implementation of SoX. •Section 404 deals with management's assessment of internal controls. •Six tactics that CIOs can use in working with auditors, CFOs, and CEOs: -Knowledge building (Build a knowledge base) -Knowledge deployment (Disseminate knowledge to management.) -Innovation directive (Organize for implementing SoX) -Mobilization (Persuade players and subsidiaries to cooperate) -Standardization (Negotiate agreements, build rules) -Subsidy (Fund the costs) •A CIO's ability to employ these various tactics depends upon his/her power (relating to the SoX implementation).

Business Intelligence and Competitive Advantage

•There is a very large amount of data in databases. •Big data: techniques and technologies that make it economical to deal with very large datasets at the extreme end of the scale: e.g., 1021 data items -Large datasets can uncover potential trends and causal issues -Specialized computers and tools are needed to mine the data. -Big data emerged because of the rich, unstructured data streams that are created by social IT.


Conjuntos de estudio relacionados

CCNA 1 Chapter 8 v5.0 Exam Answers 2015

View Set

OB: Chapter 12: Nursing Management During Pregnancy

View Set

Types of Casualty Policies, Bonds and Related Terms

View Set

Ch 19: Antitrust Law and Promoting Competition

View Set

Financial Management Ch. 7 Equity Markets and Stock Valuation

View Set