BUS 2110 Final

Pataasin ang iyong marka sa homework at exams ngayon gamit ang Quizwiz!

What is the difference between a full blown data breach and "skimming"?

A full blown data breach is a hacker breaking into your environment and directly accessing all/a large subset of the data they are storing. Skimming is the process of stealing cards "in process" during a transaction.

What is the most common cause of security incidents

Human error

Know the industry leaders in Cloud Computing

In Public Cloud: Amazon Web Services (AWS) and Microsoft (Azure laaS/PaaS). With Private Cloud there is no one or two big people who dominate Private Cloud

Five Component Framework of Information Systems

1. Computer Hardware - Physical machines 2. Computer Software - Instructions carried out by machines 3. Data - Points of information used/produced by the Information System 4. Procedures - Methods used to use the Information System 5. People - Users of the Information System (People who have to use it) (Has to meet their needs, how are we going to use it, and who is going to)

Who owns the process of developing Business Requirements

Everybody needs to play a role: End users, MIS, Supervisors, Senior Management

Who owns the process of Business Requirements and System Requirements?

Everybody. In short, the answer is all key stakeholders which will be impacted/supported by the system should particular in the development of the System Requirements.

Know the three mandated Information Security Programs we discussed and who has to implement them

Mandated Security Programs: steps businesses take to protect their data (emails, documents, etc) Sarbanes - Oxley (SOX): mandated for public companies, set of rules you must follow if you are a publicly traded company. HIPAA: Mandated for healthcare organizations, rules you must follow to secure and protect your healthcare data PCI: Mandated for companies who process credit card data, rules you must follow to process credit cards (rules you must follow if you process credit cards. You must have a firewall and update that firewall at least one a week. You must have training projects too) Since many of the Information Security requirements included in these various mandates are similar, we are going to focus on one of them as an example...PCI.

Advantages/Disadvantages of Building software

1. Competitive advantage 2. Build value for organization 3. Increase productivity 4. Faster reaction time 5. Strong return on investment (ROI) 6. Lower total cost of ownership (TCO) 7. No commercially viable in-market product / solution 8. Inflexible and/or unique requirements

How do Information Systems play a part in a Business Process Development and when should technology solutions be implemented?

1. Information Systems (where implementation properly) can help improve a Business Process. 2. Business Process Review/Evaluation should always occur BEFORE the implementation of a technology to automate the process. Otherwise, you could just be automating a "bad" process.

What is the difference between Information Technology and Information Systems?

1. Information Systems included all the components of IT as well as business processes and people. 2. IT is the technology components of an Information System but does not contain how the business will leverage technology to drive business strategies.

What Does a Business Professional Need to Know about Hardware?

Hardware consists of electronic components and related "gadgetry" that input, process, out and store data according to instructions encoded in computer programs (known as software).

Infrastructure

Other portions of the technology environment other than the PC itself to allow computers to work together

Information Technology

Products, methods and standards used for the purpose of producing information. Thus, information Technology consists of hardware, software and data components only.

Know the difference between the Internet and The Cloud

The internet is just a network, a huge sized network of networks. Cloud computing uses the internet as a medium to deliver resources which are normally available only locally for use to anyone who requires it and is connected to the internet. It enables users to consume resources like applications, storage, etc. as a utility service - just like electricity.

Define what is a part of an ERP solution and the difference between an ERP and non-ERP approach(Best of Breed) including advantages/disadvantages of each

ERP (Enterprise Resource Planning System) - A suite of applications (called modules), a single database environment and a set of inherent processes for consolidating business operations into a single, consistent, computing platform. (single solution that does them all - administration) While it can vary, most traditional ERP environment are comprised of solutions for: 1. Accounting/Financials and all sub-components 2. Human Resources/Payroll 3. Operations & Logistics 4. Sales & Marketing/CRM Advantages of Non-ERP Approach: 1. Each business unit/function can find a solution which fits their unit's specific needs (best fit) without having to worry about the other business units. 2. Updates/Upgrades can be applied without impacting other portions of the organization. This approach is known as the "Best of Breed" approach. The best system in its referenced niche or category. Disadvantages of Non-ERP Approach: 1. Lack of Integration --- Does the right hand know what the left hand is doing? 2. Dual Data Entry --- Data must be entered manually into each different system decreasing efficiency and increasing the chance for human error 3. Information Delays --- Information is not available to "downstream" services until data entered into solution of the next part of the service including recording of information into the Accounting System. 4. IT Support --- Each system requires separate IT resources to support the application, its environment and any custom-developed integrations written to try and facilitate any data transfers from system to system. (more applications we have, the harder it is to become an expert in all of them) Advantages of ERP Approach: 1. Single Source of the Truth with fully integrated solution -- All info stored in a single database and allowed for better collaboration within the organization. 2. Elimination of dual data entry -- Information entered at any point in the process does not need to be re-entered. 3. Information Timeliness -- Information is available immediately which leads to having more effective processes and helps make more timely decisions. Improved information timeliness also provides data more effectively to the forecasting tools improving the accuracy of the forecasts. 4. Ongoing Support --- The IT organization can focus on supporting a single/larger implementation instead of multiple "point" solutions. This supports the old saying "you want to know more about less" Disadvantages of ERP Approach 1. Very large costs --- Many companies have spent millions on implementing an ERP to find it was not effective 2. Difficult Implementations --- ERP implementations require the definition of standard processes and procedures used throughout the enterprise. This can often be difficult to obtain and can negatively impact processes established by specific lines of business which uniquely support their business. Remember, ERP solutions often provide more generic solutions to business processes. (all use one system so you have to all agree how it is going to work) 3. Difficulty Maintaining a Competitive Advantage --- In many cases, an ERP approach has you implement the same solution as your competitors. How do you maintain a competitive advantage? 4. Configure vs. Customize --- In most cases, you can configure an ERP to best meet your needs but only using pre-designed options. Creating custom changes is often difficult (if not impossible) and is extremely difficult/expensive to maintain long term). Configure - pick the options to make it work the way you want (1, 2, 3 or 4) You can do this with the ERP approach Customize - create your own option (5). You can not do this with ERP

Kodak

Is a great example of a company losing their competitive advantage.

How is MIS used in business?

MIS is the function used in business to help leverage technology to support key business functions, key business strategies and hopefully provide a competitive advantage.

What does MIS stand for?

Management Information Systems

Understand what is meant by Business Process Modeling (purpose)

To outline the various steps/components of a process. This process will help determine if the process is efficient and potentially steps where automation could be used to improve on the process.

Why does a company implement a Information Security Program

many types of data that needs to be protected, such as Financial, customer, HR, Intellectual Property, info on Competitive Advantage (business plans...etc)

Porter's Five Forces

(Most popular model and is the best way to figure out where we are at the highest risk and causes the company to struggle.) 1. The entry of new competitors (how easy would it be for someone new to come in and compete with you) 2. Threat of substitution (how easy is it for someone to go to another company and buy your product/service) 3. Bargaining power of buyers (how much leverage does your buyer have over you) 4. Bargaining power of suppliers (are you dependent on a product you can only buy from one supplier) 5. Rivalry of Existing Competitors (how much competition already exists) -In industries where the five forces are favorable, many competitors earn attractive returns. In industries where one or more of these forces is under intense pressure, few firms can command attractive returns. -These are known as Porter's Five Forces and can be used as a model for determining Technology implementations which would have the largest impact on your organization's success. This is a model focusing on risks and prioritizing projects which minimize risk.

Three components of MIS

1. Management and Use 2.Information Systems 3. Strategies

Revenue Management

In short, what is the maximum amount I can charge for my product and customers will still buy it. Uses data you collected and purchased from third parties to help figure out what people will pay that they will still buy the product. (Its purpose is to optimize product availability and price to maximize revenue growth. The primary aim of Revenue Management is selling the right product to the right customer at the right time for the right price and with the right pack. The essence of this discipline is in understanding customers' perception of product value and accurately aligning product prices, placement and availability with each customer segment.)

Know how Sales force "changed the model" for CRM solutions

Sales Force was one of the first Saas (Software as a Service) platforms. Very disruptive influence in the CRM space. 1. Available as a "rented/pay-as-you-go" service 2. Required smaller investments to get started which was ideal for smaller/start up companies 3. No need for on-site infrastructure which reduced costs and ongoing support needs 4. Scalable - Easy to grow/contract the usage of these services provided as the company needs changed 5. Mobile - Allowed users to access the system remotely and from other smart devices like phones and tablets

The Bandwagon Effect

Don't implement a technology solely because others are implementing it. Make sure it supports one of your strategies.

Business Analytics

-The art (and science) of using data to solve business problems -A rose by any other name: academics will argue, but data analytics, business intelligence, data science, decision sciences, operations research, etc. All pretty much mean the same thing. -Examples of Business Analytics: Walmart, Amazon, Netflix, Target, United Airlines -Some businesses use data reluctantly, and there is a deep resistance to business analytics. These companies: -Neglect data for traditional decision-making methods (continue to use "gut feel" -Are suspicious of data and technology -Some businesses have cultures that are data-oriented, where data is a first-class citizen. These companies: -Test and improve models; automate and improve processes -Leadership trusts and uses data to make decisions in order to create value in the organization -And most companies are somewhere in between

Value Chain Pt 2

-The definition of value activities requires that activities with discrete technologies and economics be isolated. Thus, broad functions like manufacturing and marketing must be subdivided. -Activities should be disaggregated and separated that have different economics, have a high potential of differentiation, represent a significant or growing proportion of cost -Finer separation of activities should be made to expose differences important to competitive advantage while other activities should be combined if they do not add to an organization's competitive advantage.

What Data Characteristics are necessary for Quality Information?

1. Accuracy - Good data must be accurate, complete, and correct. Bad data is often worse than no data. 2. Timely - Needs to be available in time for its intended use. 3. Relevant - Data should be relevant to both the context and the subject 4. Just Barely Sufficient - Data needs to be sufficient for the purpose for which it is generated... but just barely so. The business world is inundated with data and "information overload" can occur if unneeded/unnecessary data is presented. 5. Worth its Cost - Data is not free... Does the costs of the value of the data outweigh the costs of obtaining/storing/processing the data?

Define what is meant by a software application

1. Application software is software which runs on top of the operating system and performs particular services and functions for the organization. 2. Application Software is the main integration point between the end users of technology throughout the organization and the technology environment as a whole.

Pragmatists

1. As soon as something is proven, they want to implement the idea. 2. Adopt a new technology only when the early adopters have demonstrated repeated success with it

Various Measures of Data

1. Bit - a zero or a one - Smallest unit of data storage which is the basis of computer storage 2. Byte - A grouping of 8-bit chunks which represent a "piece" of data (a number, a character, etc.) 3. Kilobyte - 1024 Bytes (abbreviation K) 4. Megabyte - 1024 Kilobytes (abbreviation MG) 5. Gigabyte - 1024 Megabytes (abbreviation GB) **When things start to get bigger** 6. Terabyte - 1024 Gigabytes (abbreviation TB) 7. Petabyte - 1024 Terabytes (abbreviation PB) 8. Exabyte - 1024 Petabytes (abbreviation EB)

Examples of Business Processes

1. Buying Inventory 2. Selling to Customers 3. Invoice Processing 4. Paying Employees

Computer Hardware Basics: System Unit Comprised Of

1. CPU - Central Processing Unit for the machine --- executes all instructions 2. Primary Memory - Electronic memory addressed directly by the CPU 3. System Board - the main circuit board/electrical foundation of the computer 4. Hardware Interface - Point of union between the system unit and the Peripheral Devices (includes ports like the Ethernet port, USB ports, etc.)

Reasons for Buying

1. Comes closest to actual needs 2. Fast Deployment 3. Economy of Scale 4. It's "Their" Core Competency 5. External Vendor Support 6. Larger User Base Driving Product Enhancement 7. Methodology and Practice 8. Competitive Marketplace 9. Cost 10. Efficient 11. Contractual Controls (if you prove they lied on the RPF, you get it for free) 12. Risk Mitigation

Reasons for Building

1. Competitive Advantage 2. The "Glove" Fits 3. Lower Upfront Costs 4. Local Support 5. Immediate Fixes 6. Obsolescence Control 7. Legacy Integration 8. 100% Product Control

Three types of competitive strategy

1. Cost Leadership: (Ex: Dollar Tree) -Cheapest -Based on becoming the lowest cost provider -Low cost position allows providers to command prices at or near industry average while maintaining a healthy profit margin. -While enterprises that focus on Cost Leadership as a strategy can make this their primary focus, they cannot ignore differentiation totally since buyers could perceive their products as being inferior. They must at least achieve parity or proximity in terms of differentiation. 2. Differentiation: (Ex: Apple) -Superior/Highest Quality/Best/Company's View** -A provider seeks to be unique along some dimensions that are widely valued by the buyers. -A firm can achieve and sustain differentiation in an industry as long as the price premium exceeds the extra costs incurred in being unique. 3. Focus (The Focus strategy has two variants - Cost Focus and Differentiation Focus) (EX: Satellite Phone) -Specializing/Focus** -The focus strategy is different from the other two because it rests on the choice of a narrow competitive scope within the industry. The focuser selects a segment of the industry and tailors in strategy to serve them to the exclusion of others and in a "special" way. -By optimizing the strategy for a specific target segment, the focusers seek to achieve a competitive advantage in its target segment even though it does not possess a competitive advantage overall. -The two variants of this strategy (cost and differentiation) targets either cost or a differentiation in that particular segment

Two dimensions of Process Quality

1. Effectiveness - enables the organization to accomplish its strategy (just does it better) 2. Efficiency - ration of benefits to cost (all about speed)

Advantages/Disadvantages of Buying software

1. Established products / mature landscape 2. Product is easily customized and configured to meet business needs 3. Speed to deploy / 'plug and play' 4. Scalable 5. 24/7/365 Support 6. Upgrades and enhancements are included with maintenance agreement 7. Lack of internal knowledge / expertise 8. No competitive advantage 9. We don't have the time or budget to build it

Resisters

1. Even once it is proven, people who do not want to do it 2. Remain opposed to the technology

Early Adopters

1. Implement technology first and willing to take the risk thinking it will be a big winner 2. Learn quickly how to succeed with a new technology

Primary Activities

1. Inbound Logistics: Receiving, storing and disseminating inputs 2. Operations: Activities associated with transforming inputs into a final product 3. Outbound Logistics: Activities associated with collecting, storing and physically distributing product to buyers 4. Sales & Marketing: Activities involved with inducing buyers to purchase the product 5. Services: Activities associated with providing service to enhance or maintain the value of the product.

Know the various Cloud-based platforms

1. Infrastructure-as-a-service (IaaS) is data center-as-a-service with the ability to remotely access computing resources. In essence, you lease a physical server that is yours to do with as you will and, for all practical purposes, is your data center, or at least part of a data center. (rent a slice) 2. Storage-as-a-service (SaaS) as you may expect, is the ability to leverage storage that physically exists at a remote site but is logically a local storage resource to any application that requires storage. This is the most primitive component of cloud computing. Ex: DropBox, iCloud 3. Communications-as-a-service (CaaS) is an outsourced enterprise communications solution that can be leased from a single vendor. Such communications can include voice over IP 4. Application-as-a-service (AaaS), also known as software-as-a-service (SaaS), is any application that is delivered over the platform of the Web to an end user, typically leveraging the application through a browser. (renting access to a particular application, Netflix) 5. Platform-as-a-service (PaaS) category of cloud service that provides a platform allowing individuals to develop, run and manage applications without the complexity of building and maintaining the infrastructure 6. Security-as-a-service, (SECaaS) ability to deliver core security services remotely over the Internet. 7. Desktop-as -a-service (DaaS), is a cloud service in which the back-end of a virtual desktop infrastructure (VDI) is hosted by a cloud service provider.

Four Components of Hardware

1. Input Hardware - Devices to input data (ex: keyboard, mouse) 2. Processing Devices - the "brains" of a computer which executes the instructions from the software (cpu, does the work) 3. Output Devices - Devices to produce results, output of the computer programs (ex: monitor, printer, displays the results) 4. Storage Hardware - saves data and programs. (information gets saved when the computer gets turned off)

Network Basics

1. LAN (Local Area Network) - A series of computers connecting with a single location or organization (ex: all the computers in your house - at a single place. All the LANS in the NY office and then all the LANS in the CA office - two different) 2. WAN (Wide Area Network) - A series of computers connected over a wide geographic location (multiple locations) using communication lines of out outside service provider such as a telephone or data communications company. (ex: users in NY using the CA LAN - connecting two LANS together - buying service from some outside service like Verizon or AT&T) -LAN AND WAN ARE BOTH PRIVATE - ONLY PEOPLE INSIDE THE COMPANY CAN SEE IT OR GET TO ANY OF THE COMPUTERS. 3. Internet - A series of computers connecting computers and networks across the world in a publically available environment. (it is different from a WAN because the Internet is PUBLIC and a WAN is PRIVATE. The Internet is cheaper. ex: everything on google drive) -People choose LAN and WAN over the Internet because of security and their private connections. With the internet it is much easier to get hacked because it is public.

Types of computer systems (hardware)

1. Supercomputers - Powerful and expensive computers used to perform complex calculations. Used mostly on research, artificial intelligence, defense systems and industrial design. 2. Mainframes - Advanced multiuser machines typically used to manage databases, financial transactions and communications in large orginizations. Legacy solutions which have substantially be replaced with microcomputers in a client/server configuration and cloud computing. (No mouse everything is command lines, really hard to use, old) 3. Microcomputers - Processing for a single user or multiple users if used as the server component in a client/server configuration.

Know the types of applications

1. Operational Support Systems -Processes and stores data to support the business process or processes within a single line of business. Examples include Point of Sales solutions, transactional systems used to store banking transactions, etc. Primary users are staff level employees (what you need to run operations day to day) 2. Managerial Support Systems - Encompasses all organizational information and its primary purpose is to support the performance of managerial analysis. These systems usually include Decision Support Systems, What-If Analysis tools, Optimization Analysis tools and others. Primary users are mid-level management members and data/business analysts (help with decision making) 3. Strategic Support Systems - Encompasses tools to support senior level decision making. Usually includes tools such as Executive Information Systems, Dashboards, data visualization tools and other systems to present data to senior management to help in high level decision making. Primary users are senior/executive management (systems that help roll out data and high level strategic data)

Support Activities

1. Procurement: The function of purchasing inputs 2. Technology: The knowledge, procedures and physical technology needed to support the primary activities 3. Human Resources:​The activities in recruiting, hiring, training, developing and compensating all types of personnel. 4. Firm Infrastructure: Consists of a number of activities including general management, planning, accounting, legal, government affairs, and quality management. In many organizations, Firm Infrastructure is viewed only as "overhead" but can often be a source of competitive advantage.

How can Information Systems Improve Data Quality?

1. Reduction of Costs - Reduction in labor 2. Improved communications - Systems can be used to improve communication both internally and externally 3. Increased Productivity - Products can be generated faster and at a lessor cost 4. Data Quality - Improved data integrity

Two main components of hardware

1. System Unit - electronic components used to process and temporarily store data and instructions. 2. Peripheral devices - hardware used for input, auxiliary storage, display and communications.

Types of Infrastructure

1. TCP/IP - Stands for Transmission Control Protocol and Internet Protocol - Standard protocol for sending data from one computer to another (regardless if on your private network or the Internet.) (Standard/Common language used for all computers to communicate) 2. Router - Only serves one purpose - sevice used to connect multiple networks together (Box you need to connect any two or more networks together) Router - connects two networks together via cable and connects to the network switch. 3. Network Switch - (Center hub that connects to the center of the spoke. Computers are out of the center) - device used to connect computing devices to the network via cabling (Box that is your center point/hub of a LAN.) 4. Firewall - Devices which monitors/blocks/allows traffic into and out of your network (Think of it as a traffic cop. Put between the internet and LAN it allows and monitors access to it in and out. You can control where people go and can not go on the internet. You need someone to control it) 5. Access Point - Device used to connect computing devices to a network via wireless communication (Broadcasts WIFI Signals. There is a cable or wireless connection that goes from the Access Point to the Network Switch. Connect wirelessly) [Alternative to cable] 6. Ethernet Cable(CAT5/CAT6) - Physical "network" cable used to connect a computing device to the network...Maximum distance 300 Feet (approximately) 7. Fiber Optic Cable - Glass-based cable to connect computing devices where distances exceed 300 feet. (uses light to travel) 8. WAN Connection - Connection of computing devices using third-party services from a telecom/data services provider. Types include Internet feeds, T1's, MPLS connections, satellite, etc. (where you own the internet cable. It is determined by distance) 9. VPN (Virtual Private Network) - Tool to allow users to connect to the organization's network securely while out of the office and over the Internet. (hardware or software that allows you to connect to your LAN when you are not at your office, wherever you are. Allows for remote office)

What is meant by your company's mission, vision and values?

1. The Company's Mission - What does your company offer the world? 2. The Company's Vision - How the ownership group/senior management team envisions the organization's future position over the upcoming years. 3. The Company's Values - What are your company's key behaviors (such as having cost consciousness, delegating and accepting responsibility, striving to meet reality, etc. which is what will ultimately distinguish ones organization's business strategy from another's

Build/Buy Considerations

1. What is the DNA of your company? 2. What is your core business? 3. What is the business challenge you are trying to solve? - Are you looking for a competitive advantage (trade secrets, first mover advantage, etc) - Has someone already solved this challenge with a commercial software product? 4. What is your budget? 5. What is your staffing model / support model?

Late Adopters

1. When everyone else had done it and you are falling behind, you want to do it 2. Change reluctantly to the new technology when they perceive that it is inevitable

Common microcomputer platforms

1. Windows - One of the most common 2. IOS (macintosh/Apple) - One of the most common - Used in both desktop and mobile devices 3. Andriod - Used predominantly with mobile devices 4. Blackberry OS - Used almost exclusively with mobile devices 5. Linux/Unix and iSeries-AS/400 - Alternative platforms to Windows in server environments.

Foces on Strategies

1. Would this Information System reduce costs/increase revenue? 2. Would this Information System improve guest(customer)/employee satisfaction? 3. Would this Information System improve efficiency or effectiveness? 4. Would this information system give us a competitive advantage?

As a business professional (and not in Information Technology), why do you care?

1. You need to play a key/active role in the development of system's requirements (to make sure it meets your business needs) 2. You need to understand how technology works to best determine how it can be leveraged to support your key business activities.

What are Business Processes?

A business process is a network of activities for accomplishing a business function.

Network

A collection of computers connected through a communication link to share hardware, data and applications.

Security Breaches and why do we do this security work?

A security breach is any incident that results in unauthorized access to computer data, applications, networks or devices. It results in information being accessed without authorization. Typically, it occurs when an intruder is able to bypass security mechanisms. In the most simple terms, risk mitigation. The number of data security breaches which have occurred continues to grow and the cost of mitigating a security breach continues to skyrocket.

Information Systems

A system is a group of components that interact to achieve a purpose. Thus, an Information System is a group of components that interact to produce information.

The primary activities and support activities which make up a Value Chain

Another model to evaluate the priority of potential IT projects is known as The Value Chain. Instead of Porter's Five Focuses (which focuses on Risk), the Value Chain focuses on discrete activities to determine which have the most impact and focuses higher priority on projects which support these key activities. What activities are more important to your company? Two Types: 1. Primary: Activities involved in the physical creation of the product and its sales/transfer of the product to the buyer along with after-sale assistance. 2. Support: Activities which support the primary activities and each other by providing support services such as HR, IT and others.

Cyber Insurance

As mentioned in a couple of our example compromises, Cyber Insurance can be a key tool for protecting your organization. While the cost of the Cyber Insurance premiums have to be weighed against the potential cost savings if a compromise were to occur, it should be viewed in the same manner as other insurance policies that companies regularly purchase. (Try and offset the costs)

Benefits and Downsides of Virtualization

Benefits: 1. Failover - a method of protecting computer systems from failure 2. Simplified management 3. Reduced carbon footprint/physical footprint, energy usage. 4. Easier to maintain and cheaper Downsides: 1. No personalization/customization because you are given a fresh and clean copy each time you connect

Leadership

Best-in-class leaders understand: -How data will best benefit their company/industry, in the short and long-run (it's not a one-size-fits-all model) -That you need to be able to marry your technical talent with the talent to communicate results and make real change -That you need to structure an organization, so that analytics can continue to evolve and prosper throughout the company -That data is composed of customers, and customers care about their privacy

When should BPM be performed

Business Process Review/Evaluation should always occur BEFORE the implementation of any technology to automate the process.

Define what the role of a CRM application is and know the Advantages/Disadvantages of using a CRM are for an organization

CRM Solution (Customer Relationship Management) - A suite of products using a single database environment and a set of inherent processes for managing some (or all) interactions with the customer, from lead generation to customer service. In addition, other information on the customer (Demographics, preferences, supporting information) can also be stored in this central repository for access by users of the CRM. [All about the customers] Advantages of CRM: 1. Centralization of Data - All data on your customer, their preferences, and history of all their historic transactions can be viewed by all members of the organization in a single location. 2. Elimination of redundant data/Dual entry of data - Since all customer data is stored in a single location, eliminates the need for storing this data in multiple places as well as redundant data entry and ensures a "single source of the truth" concerning the customers. 3. Unstructured Data - Most CRM solutions also provide a solution for storing unstructured data such as Social Media for their customers since this is becoming a larger data point in today's business world. 4. Improved Customer Relations - With all data on the customer stored in a single location, company representatives have a more complete view of the customer and can better serve them. 5. Cross Selling - CRM solutions allow for sales team to offer alternative products and "upsells" to the product originally being discussed. Disadvantages of CRM 1. Complexity - As stated in your reading, many companies struggle implementing an "end to end" approach with CRM as it becomes burdensome and hard to implement/maintain. Companies need to focus on solving for specific business issues. 2. Cultural Shift - In some companies, the implementation of a CRM can create cultural issues when existing processes and "ways of doing business" are disrupted. 3. Infrastructure Development - The Information Technology needed to support most legacy CRM solutions is complex, expensive and difficult to support. 4. Cost - Like with ERP solutions, the cost of acquiring/maintaining and implementing a CRM solution can be high. If chosen to do so, a CRM can manage all four phases of the Customer Life Cycle: 1. Marketing - Sending messages to a target market to attract customer prospects 2. Customer Acquisition - Selling product to prospects and turning them into customers 3. Relationship Management - Managing the relationship with existing customers to try and maintain the relationship and sell them additional product(s) 4. Loss/Churn - Attempt to "win back" previous customers who are no longer current customers. Supporting this Customer Life Cycle is achieved by providing support in the following CRM modules: 1. Solicitation and Lead Management Applications 2. Sales Applications 3. Relationship Management Applications 4. Customer Support Applications

Client vs. Server

Client - End user device with software which can either run locally on the client machine or connect to a server device via a network. (ex: each individual user needs their own clients) Example question: What do you call the device that each user connects to a centralized system? Server - Provides a centralized service for multiple client computers (serve as center hub for that service - need a server for each technology service your company needs to run) Ex: Netflix is a server and the phone/computer are the clients. Both are computers... just serve different roles. All clients connect to the server via some connection

What is meant by Competitive Strategy and the two central questions which underlie your organization's Competitive Strategy position

Competitive Strategy - the search for a competitive position in your industry. Two central questions which underlie Competitive Strategy: 1. Attractiveness of industry for long-term profitability 2. Determinants of relative competitive position within the industry

Elements of a Data-Driving Organization

Cultural Requirements: Leadership: that trusts and encourages the use of data Organization: structure that encourages analytic sharing and growth Technical Requirements: Data: that is trustworthy and useful Technology: that can handle data required to answer business questions Analysts: that can turn that data into insights and decisions Tie It Together with Targets: an overarching strategy and vision for the organization, that can be measured quantitatively with metrics and KPIs Adapted from Thomas Davenport's analytic DELTA, which highlighted five areas a company needed to excel analytically in order to be considered analytically advanced. The DELTA stands for: D: Data E: Enterprise L: Leadership T: Targets A: Analysts These 5 aspects are a little outdated, but theoretically, if you have all 5, you're analytically advanced.

Difference between custom and COTS applications

Custom Applications: Proprietary applications developed by in-house personnel and solely owned by the organization. (write the software for you, custom made, you are the only one who can have it) Why Build? 1. Competitive advantage (do something better than your competitors) 2. Builds value for organization (asset to the company) 3. Increase productivity (works exactly the way I want) 4. Faster reaction time 5. Strong return on investment (ROI - Return on Investment [pays for itself]) 6. Lower total cost of ownership (TCO) 7. No commercially viable in-market product/solution: allows you to make your software unique to your business and support it directly 8. Inflexible and/or unique requirements (have something that works exactly the way you want) Off the Shelf: Known as COTS (Commercial Off the Shelf) software, these are applications developed by third party and purchased by the organization to use (Is not developed solely for you. Available to be purchased for anyone to buy it. Ex: excel, micro-soft word, etc.) Why Buy? 1. Established products/mature landscape - you know the software is reliable 2. Product is easily customized and designed to meet business needs 3. Speed to deploy / 'plug and play' 4. Scalable - good with a lot of users or a little users 5. 24/7/365 support 6. Upgrades and enhancements are included with maintenance agreement 7. Lack of internal knowledge/expertise 8. No competitive advantage 9. We don't have the time or budget to build it (usually buying is cheaper/faster)

The difference between data, knowledge and information

Data - recorded facts or figures (salary, cost of an item, how much you buy) Knowledge - taking data and looking at it in context with other data Information - knowledge which is derived from data

Know what is meant by data privacy and some of the data privacy regulations which are being enacted (GDPR, CCPA)

Data Privacy: Rules on what you are allowed to do with data you collected. With Data Security becoming such a major issue with organizations, the requirements for Data Privacy have as become a larger requirement. Highly publicized data breaches have led regulatory bodies to enact rules around how organizations can collect, store and use an individual's personal data. Security: Protecting data No current US regulations for privacy, but states can implement their own. GDPR (General Data Protection Regulation): Regulation in the EU applicable to organizations within the EU that use personal data as well as international organizations that provide goods and services to individuals in the EU or monitor their behavior. (here is what you are allowed to do with the data and what you are not allowed to do) CCPA(California Consumer Privacy Act): Regulation for state of California. Provides for data privacy rights for California state residents

Know the major tenants of most Data Privacy regulations including GDPR

Effective Data - Gives individuals covered by the regulation the right to request data (for a specific amount of time) requiring organizations to disclose all data they know about the individual. Scope of Data - Requires that any data "relating to an identified or identifiable natural person" be covered by the regulations. Data Subject Rights - Individuals covered have the following rights: 1. Right to be informed 2. Right to access 3. Right to rectification 4. Right to "be forgotten" - (deleting your data) 5. Right to restrict processing (tells how you can use your data) 6. Right to data portability (tells competitors) 7. Right to object (stop) 8. Rights related to automated decision making (AI) 9. Right to lodge a complaint with the supervisory authority Failure to abide by the requirements of the regulations can result in penalties (fines) or the revocation of their right to do business with individuals covered by this regulation.

Be able to explain the difference between what is legal and what is ethical

Ethics Generically: Rules of behavior based on ideas about what is morally good and bad (Merriam Webster) Applied: The discipline of dealing with what is good and bad and with moral duty and obligation Morals: good or bad The belief Ultimately, ethics are about character - your character

Examples of Leadership Positions in Business Analytics

Executive position: for a long time, this was held by the CIO or the CTO Chief Data Officer (CDO): broad role, usually held by healthcare/government/banking execs; older name usually for those who are changing the company to a data-driven company Chief Analytic Officer (CAO): provides vision for strategic value of data Chief Digital Officer (CDO, Part 2): related but not the same; focuses on keeping the company up-to-date with technology

EMV/Tokenization

In the credit card world, there are two new initiatives which should help but not eliminate some of the risks involved with processing credit cards. EMV terminals are terminals which read chips installed onto newer issued credit cards as a 2nd form of identification and makes it difficult to create a fraudulent card if a credit card number is stolen. (EX: chip on your credit card. Makes it impossible even if someone has your credit card number to steal, no one can replicate the chip. It helps with card present transactions, but does not help with card not present transactions - [online transactions])

Be able to define what is the role of a MAE and an ISP and know how their roles are different

MAE (metropolitan area exchange) is a major center in the US for interconnecting traffic between internet service providers. (AT&T, Verizon). There are 3 major MAE: DC, San Jose CA, Dallas TX. ISP (internet service peering) is the process of internet traffic exchange between internet service providers Essentially, this is how a number of individual networks or autonomous systems (AS) combine to form the internet. To do this, network owners and access providers, ISPs, work out agreements that describe the terms and conditions to which both are subject. Bilateral peering is an agreement between two the two parties. Multilateral peering is an agreement between more than two parties. Each major ISP generally develops a peering policy that states the terms and conditions under which it will peer with other networks for various types of traffic. Gateway to the nearest MAE. (Even if you are not my customer I will let other ISP users connect over the internet)

Know who the PCI Security Council is and what their role is.

On September 7, 2006, American Express, Discover, the Japan Credit Bureau, MasterCard and Visa formed the Payment Card Industry Security Council (PCI SSC) with the goal of managing the ongoing evolution of the Payment Card Industry Data Security Standard (PCI-DSS). The Payment Card Industry Data Security Standard (PCI DSS) is a proprietary information security standard for organizations that handle branded credit cards from the major card schemes including Visa, MasterCard, AMEX, Discover and JCB (only applied to big credit card companies). Private label cards - those which aren't part of a major card scheme - are not included in the scope of the PCI DSS. The PCI Standard is mandated by the card brands and the standard was created to increase controls around cardholder data to reduce credit card fraud via its exposure. Validation of compliance is performed annually, either by an external Qualified Security Assessor (QSA) or Internal Security Assessor (ISA) that creates a Report on Compliance (ROC) for organizations handling large volumes of transactions, or by Self-Assessment Questionnaire (SAQ) for companies handling smaller volumes. (Has to do a testing/report each year) What sort of "authority" does the PCI Security Council have to mandate following the PCI-DSS? Technically, none...realistically, total power... While they do not have the authority of a government or legal mandate, they are able to mandate adherence to the PCI-DSS in two ways: 1. Increase of credit card transaction fees - Non-PCI merchants are charged higher transaction fees which continue to escalate as data breaches become more prevalent. 2. Ability to process cards - What if a merchant refuses to become compliant or pay the high fees? No problem...you just can't process credit cards any more...I'm sure going "cash only" in today's business world is not an issue... Created to increase controls around cardholder data to reduce credit card fraud via its exposure.

Business Process Modeling Notation (BPMN)

One good way to review/document the contents of a business process is to develop business process models using Business Process Modeling Notation or BPMN.

Know the difference between Public and Private cloud and advantages/disadvantages of each

Public Cloud - Cloud offering where you are in a share environment. Your virtual machines are on the same "shared" physical hardware as other users/organizations. (Sharing hardware with someone else) Private Cloud - Cloud offering where the cloud provider provides you with your own dedicated hardware. You have the only virtual machines running on that hardware. (You are the only one on the server) Two Largest Providers of Public Cloud: AWS (Amazon Web Services) and Azure laaS/PaaS (Microsoft) With Private Cloud there is no one or two big people who dominate Private Cloud Cloud Computing Benefits: Advantage of Public Cloud: 1. More Cost Effective 2. More Providers Disadvantages of Public Cloud 1. Noisy Neighbors 2. Security Concerns Advantage of Private Cloud 1. Guaranteed Performance 2. Better Security Disadvantages of Private Cloud 1. Higher Costs 2. Fewer Providers Public Cloud is like renting an apartment and Private Cloud is like buying a house

Competitive advantage

Refers to factors that allow a company to produce goods or services better or more cheaply than its rivals. These factors allow the productive entity to generate more sales or superior margins compared to its market rivals.

Understand how social media is used in business today, the three key roles, and the types of social media virtual communities which most companies care about and why

Social Media - The use of information technology to support the sharing of content among a network of users. To make Social Media possible, Social Media Information Systems (SMIS) have been created which supports this function. Three SMIS Roles: 1. User Communities - An online "virtual" community of users who can share information. 2. Social Media Sponsors - Companies and other organizations that choose to support a presence on one or more Social Media sites. 3. Social Media Application Providers - Companies that operate Social Media sites. While Social Media started (and remains) primarily a non-commercial environment, organizations have started to use Social Media to advance their organizational strategy. Two types of online communities are particularly important to business: 1. Defenders of Belief - Groups which share a common belief and form their hive around that belief. 2. Seekers of Truth - Share a common desire to learn something, solve a problem or make something happen. By focusing on these types of Social Media groups, businesses can foster loyalty among existing customers and target/acquire new customers when their business aligns with these types of groups. How do Social Networks Add Value to Businesses: 1. Improved communications 2. Increasing the number of relationships with customers/potential customers 3. Improve the strength of relationships with existing/potential customers

Operating System

Software which runs on a computing device that controls the computer's resources. (Sits between the hardware and the software) Included in Operating System functions are: 1. Facilities to read/write data 2. Allocation of memory 3. Perform memory swaps 4. Start and stop application programs 5. Respond to error conditions 6. Facilitate backup and recovery conditions 7. Manages the interface with peripheral devices 8. ...and many other non-application specific tasks In short, an Operating System is a software "layer" which sits between the application programs and the hardware and serves as a interface between the physical layer and the application software layer.

Strategies

Supporting key initiatives of the organization.

Problems with SDLC

System Development Life Cycle When SDLC is the most common/proven approach to system development, it does have its challenges: 1. Some approaches (especially the Waterfall model) are not very flexible. This is why the Agile model is becoming more common. 2. Some approaches (like the Agile) are difficult to manage scope, timelines and budgets. This is why the Waterfall model is still common. But in short, there is no perfect solution! Development projects have a terrible success rate! 60% of projects outright failed or were challenged when they were published. Why do these projects FAIL? 1. Badly defined scope / scope creep 2. Inaccurate estimates of resource needs 3. Poor communication 4. Sloppy development 5. Poor project management

What is Systems Development?

Systems Development (otherwise known as Software Development of Systems Analysis and Design) is the process of creating an maintaining Information Systems (primarily Application Software). While programming is viewed as the primary skill set needed for Systems Development, other skills are also needed. System Development has five components: 1. Hardware - Equipment used to support/use the System 2. Software - The computer program written to support the business process 3. Data - Data used/stored by the system 4. Procedures - Business processes which will be supported by (and sometime replaced by) the system 5. People - The users of the system As mentioned earlier, the decision of Buy Vs. Build has to be decided when implementing a new System (we briefly touched on this earlier in the term and will go over this in more detail later in this topic. Three sources of software/Systems: 1. Off the Shelf 2. Off the Shelf with adaptations (someone is selling you a starter kit. It is 90% and you need someone to take you 10% more) 3. Custom Developed

What does the acronym SDLC stand for and what are the six phases of SDLC

Systems development life cycle (SDLC) If you decide to custom develop, the traditional process followed to develop an application is called SDLC (Systems Development Life Cycle) which consists of the following six phases: [The process is a circle and when you are done you repeat it for the next version of the software. The cycle continues as long as you are using this piece of software] 1. Requirements Gathering and analysis - All relevant information is collected from the users to develop a product as per their expectation. Any ambiguities must be resolved in this phase. Once the requirements are clearly understood, an SRS (Software Requirements Specification) document is created. (documenting what you want it to do) 2. Design - The requirements gathered in the SRS document are used as input and software architecture that is used for implementing the system is derived. (what you want to happen - outlining the application to meet the business requirements - flow diagrams, etc) 3. Implementation or Coding - Implementation/coding starts once the developer get the Design document. The software design is translated into source code. All the components of the software are implemented in this phase. (take design documents and start coding) 4. Testing - The developed software is tested thoroughly and any defects found are assigned to developers to get them fixed. Testing/regression testing is done till the point at which the software is as per the user's expectation. (does it actually do what I want? Are there bugs?) 5. Deployment - At this point, the application is installed in Production and the user completes UAT (User Acceptance Testing) as a final testing step. If the user finds the application works as expected, they sign off on UAT and the system is ready to go-live. (goes into production - now available to be used for real business work, it is live. UAT - one final test before you put it into production) 6. Maintenance - After deployment, maintenance of the product starts where issues are resolved that are discovered after go-live as well as the commissioning of any further enhancements. (now in production and you need to take care of it and fix it)

Know what is meant by tampering and skimming

Tampering: Physical manipulation of the environment or devices in the environment for the purpose of stealing money, data and/or identities (i.e. credit lines). There are many other common types. No program or set of security products will totally secure an environment since these types of attacks continue to evolve. Unfortunately, all we can do is make it as difficult as possible for the hacker and maybe they will find an easier target to focus on than your organization. Skimming: a hacker is watching and has access to active credit cards - almost worse than a full blown breach because it has a more "recent" knowledge of what is active.

Why is MIS Important?

Technology uses continue to grow and become larger portions of our business environments. However, IT for IT's sake does not make you a better company. The proper usage of technology is the key to a true competitive advantage.

Define what Cloud Computing is by knowing its characteristics and the advantages/disadvantages of this type of computing

The Cloud is a set of services used by organizations or individuals which have the following characteristics: 1. Services that you rent instead of purchase (own) them by signing up for a subscription (or can possibly be free) 2. The services are scalable. The more you need...the more you can rent. If you need less...you can cancel the service. 3. Available on Demand/Accessible when needed 4. The Internet is used as the medium for accessing the service. The service is not "installed" on local hardware. (if your internet is down, you can not access it) Only can get to it through the internet The internet is NOT the cloud, it is how you get to the cloud. Cloud Computing is NOT: 1. Gmail, Google docs, SalesForce.com, etc. These things are simply web-based services, or SaaS or even PaaS if you want to get fancy. 2. Running your software distributed among many computers. This is called grid computing, parallel computing, and so on. 3. Information is stored and processed on computers somewhere else, i.e., "in the clouds" and brought back to your screen. - No, that's called the Internet. 4. "A company's backroom mass of servers and switches is cloudlike." - No, that's a datacenter. 5. Just a marketing term. Cloud computing is a significant change in how businesses acquire and pay for computing resources. The Cloud is a set up of services you rent, which are scalable and available on demand and use the Internet as a way to access those services. Cloud Computing Components: Scalable - The cloud service has the ability to add or remove computing resources including bandwidth, storage, and compute power, as the applications or users need. Note that we do not say cloud services have unlimited scalability. Virtualized - Information services, including servers, storage and applications, are virtualized. The users are shielded from the details of the underlying architecture and work with virtual resources allocated to their enterprise or application. On-Demand - The compute resources and applications can be allocated or removed within seconds at the request of the user. Internet Powered & Connected - The Layer 3 Wide Area Network (WAN) communications protocol is Internet Protocol or IP and the service is accessible via the World Wide Web or Internet. Multi-Tenant Capable - The resources (e.g., network, storage and compute power) can be shared among multiple enterprise clients, thereby lowering overall expense. Resource virtualization is used to enforce isolation and aid in security. Service-Level Assured - The cloud service provider ensures a specific guaranteed server uptime, server reboot, network performance, security control, and time-to-response to the customer, with agreed upon service-provider penalties if those SLA guarantees are not met. Usage Priced - There is limited up-front cost to the user. For cloud-based infrastructure services, the pricing model is on a per-use basis for bandwidth, storage, and CPU. The cloud service provider assumes all capital costs. Some services are billed on a subscription basis per user, per month. Cloud Computing Benefits (In General): Cloud computing issues span models (IaaS, PaaS, or SaaS) and types (public, private, or hybrid). Computing on the cloud has multiple benefits: 1. Lower staffing costs and economies of scale - Outsourcing staffing and increase volume output or productivity with fewer people. 2. Ease of entry - trying new technologies with little risk and have easy access to your information with low upfront spending. Pay for what you use and reduce capital costs 3. Globalization of your footprint - create nodes world wide without full blown deployment of workforce or equipment. 4. Scalability - Bursting access as well as quick growth and provisioning 5. Minimize licensing new software - Software is traditionally included with cloud services 6. Flexibility - Change direction in technology without serious issues at stake. 7. Costing - Operational Expense Cloud Computing Trends - 2019/2020 Hybrid Cloud Adoption Grew Significantly • Private cloud adoption increased from 63 percent to 77 percent, driving hybrid cloud adoption up from 58 percent to 71 percent year-over-year. Cloud Users Leverage 6 Clouds on Average •Cloud users are running applications in an average of 1.5 public clouds and 1.7 private clouds. They are experimenting with an additional 1.5 public clouds and 1.3 private clouds. More Enterprise Workloads Shift to Cloud, Especially Private Cloud •17 percent of enterprises now have more than 1,000 VMs in public cloud, up from 13 percent in 2015. •Private cloud showed even stronger growth with 31 percent of enterprises running more than 1,000 VMs, up from 22 percent in 2015. Security Is No Longer the Top Cloud Challenge •Lack of resources/expertise is now the #1 cloud challenge (cited by 32 percent), supplanting security (cited by 29 percent). DevOps Grows Especially in the Enterprise •Overall DevOps adoption rises from 66 to 74 percent, with enterprises reaching 81 percent. Amazon Web Services (AWS) vs Microsoft Azure •Overall, AWS is used by 57 percent of respondents, flat from last year. Enterprise adoption of AWS grew from 50 percent to 56 percent while adoption by smaller businesses fell slightly from 61 percent to 58 percent. •Azure IaaS grows strongly from 12 percent to 17 percent adoption, while Azure PaaS grows from 9 percent to 13 percent. Private Cloud Adoption Grows Across All Providers •VMware vSphere continues to lead with strong year-over-year growth. 44 percent of all respondents report they use it as a private cloud. •OpenStack and VMware vCloud Suite both show strong growth and remain tied at 19 percent adoption overall. Cloud Computing Challenges: •Cloud security - The same security principles that apply to on-site computing apply to cloud computing security. •Speed of accessibility - LAN Vs WAN connectivity to resources •Cloud manageability - Managing the assets provisioning as well as the quality of service (QOS) you're receiving from your service provider. •Noisy Neighbors - Other applications or customers over using shared CPU and storage •Cloud standards - Cloud standards ensure interoperability, so you can take tools, applications, virtual images, and more, and use them in another cloud environment without having to do any rework. •Cloud governance and compliance - Governance defines who's responsible for what and the policies and procedures that your people or groups need to follow. Cloud governance has two key components: understanding compliance and risk and business performance goals. •Data in the cloud - Managing data in the cloud requires data security and privacy, including controls for moving data from point A to point B. It also includes managing data storage and the resources for large-scale data processing.

Define what the Internet is

The Internet is a worldwide collection of computer networks, cooperating with each other to exchange data using a common software standard. Through telephone wires and satellite links, Internet users can share information in a variety of forms. The size, scope and design of the internet allows users to: 1. Connect easily through ordinary personal computers and local phone numbers 2. Exchange electronic mail with friends and colleagues with accounts on the internet 3. Post information for others to access, and update it frequently 4. Access multimedia information that includes sound, photographic images and even video An additional attribute of the internet is that there is no central authority - in other words, there is no "internet, inc" that controls the internet. Beyond the various governing boards that work to establish policies and standards, the Internet is bound by few rules and answers to no single organization.

What is the definition of MIS?

The Management of Information Systems to help businesses achieve their strategies

Management and Use

The development, maintenance and support of technology solutions.

SDLC Models

There are several models which are followed within the SDLC framework. Among others are: 1. Waterfall 2. V-Shaped Model 3. Prototype Model 4. Spiral Model 5. Iterative Incremental Model 6. Agile Model While others exist, the two most common models are the Waterfall and Agile models...so we will only go into details on those two models.

Tokenization

Tokenization is the process of removing all credit card numbers and replacing them with "tokens" which are reference numbers. With Tokenization, cards that are swiped or manually entered are immediately sent to a middleware provider who translates the card number into a unique token and "keys". This token then replaces the credit card number within the internal systems and has no value (without the keys) if stolen. Thus, the local merchants no longer have the credit card information in their systems...just tokens that serve as pointers to the credit card information stored at the middleware providers location. From a merchant perspective, tokenization is considered "the holy grail" since it eliminates credit card information from their environment. However, tokenization is difficult and expensive to implement...however, it remains the path for most merchants going forward due to the ever increasing cost of security breaches. (Sends your credit card number to the bank and it sends you a token that replaces the credit card number. The token is only good for that transaction and after a given period of time it expires. If someone steals your token, it is not worth anything anymore)

What is Virtualization and describe the types

Virtualization is the concept by which one computer hosts the appearance of many computers. One operating system (called the Host Operating System) runs one or more operating systems as applications. These hosted systems (known as virtual machines or VM's) each receive a portion of the host machine's disk space, memory, etc. allocated to it. Types: 1. PC Virtualization - Running multiple OS versions on the same personal computer. (needs to be a high-end machine with much more features since you are going to split it in two) 2. Server Virtualization - Multiple server VM's running on the same server/server cluster. (buying one really large server that you can split into sections/pieces virtually. Requires less air, power, etc because there is only one server.) 3. Desktop Virtualization - User is "issued" a virtual desktop from whatever machine they are using to connect to the virtual environment. (thin client - if all of your desktops are on one box and server. It makes management easier and the user easier)

Know the differences between the Waterfall and Agile approach to software development including the advantages/disadvantages of each

Waterfall Model: - Linear approach - Outcome of one phase has to be completed and signed off on before you go into the next phase. - Development of the next phase starts when the previous phase is complete Advantages of Waterfall: 1. Simple/easy to follow 2. Deliverables of each phase are well defined which keeps complexity low Disadvantages: 1. Time-consuming and cannot be used well in short duration projects since a new phase cannot be started until the ongoing phase is complete. 2. Cannot be used for projects which have uncertain requirements or wherein the requirements keep changing as this model expects the requirements to be clear in the requirement gathering and analysis phase itself and any change in the later stages would lead to cost increases as the changes would be required in all phases (in many cases causing the cycle to start over at the beginning). 3. Less flexible Agile: Agile is a different approach that Waterfall as it focuses more on flexibility while developing the solution rather than on the requirements. - Project is broken into small incremental builds - It does not develop as a complete product but instead is developed in "pieces" - Each build increments in terms of features with the next built on the previous functionality. - In the Agile approach, development is complete in sprints. Each spring lasts 2-4 weeks. At the end of each sprint, the end user verifies the product and after their approval it is moved into Production. - End user feedback is taken for improvement and their suggestions and enhancements are worked into the next sprint. Testing is done in each sprint to minimize the risk of failures. Advantages of Agile: 1. It allows more flexibility to adapt to changes. 2. The new feature can be added easily. 3. End user satisfaction as the feedback and suggestions are taken at every stage. Disadvantages of Agile: 1. Lack of documentation (cause it is constantly changing). 2. Agile needs experienced and highly skilled resources (not defined). 3. If a customer is not clear about how exactly they want the product to be, then the project will fail. 4. Scope creep/budget & timeline overruns can easily occur if not properly managed.

Know the common Hacking techniques we discussed

While hackers techniques for breaching an organization's technical environment and obtaining confidential data continues to evolve, some of the most common techniques are: 1. Phishing: Phishing email messages, websites, and phone calls are designed to steal money. Cybercriminals can do this by installing malicious software on your computer or stealing personal information off of your computer. (Click on link and malicious software will be downloaded to your computer that steals your data. The only good way to stop phishing is training) 2. Targeted Attacks: Organized attacks against an organization's infrastructure (usually from another country - try to break through your firewalls to get your data) 3. Advertisements & Pop-Ups: Using ads to introduce malicious software ("click here to get something free") 4. Fake Wireless Access Points: Installation of fake AP's at locations which provide free Internet so that they can "sniff the traffic" for confidential info. (AP - connect to network wirelessly. Create a fake access point at a location like Starbucks and create a network between their laptop and your laptop. Any info on your computer, they can now pull onto yours. Be careful if you connect to public wifi and watch out for fake names) 5. Cookie Theft: Steal a users cookies so that they can access a website and appear to be that user (Cookie - file that is stored on your computer that has info about a particular website. If you steal someone's cookies, people can sign into your account and do illegal access.) 6. File Name Tricks: Use of deceiving file names to encourage a user to execute a malicious program (Create a fake website - Wellsfargo.com vs Wellfargo.com - it looks exactly like the site. You type in your username and password and get an error message. They got your user and password and can get into your real account) 7. Host File Redirects: Creation of host files to redirect users to malicious websites (if they try to go to one website, redirect them to another)

Reasons Systems Development is difficult and risky

While there are risks involved with purchasing Off the Shelf solutions, there are often more risks involved in developing custom written applications. Reasons include: 1. The difficulty of Requirements Determination - Can the users articulate what they want/need adequately? 2. Changes in Requirements (scope creep) - System requirements is often a moving target 3. Scheduling and Budgeting Difficulties - Difficult to estimate/manage 4. Changing Technology - Technology evolving faster than your ability to develop 5. Diseconomies of scale - The larger the project...the more difficult it is to manage


Kaugnay na mga set ng pag-aaral

context clues, roots, and affixes (unit: american heroes)

View Set

anatomy study questions, mastering a&p study questions & book questions

View Set

Internet-Based research SBE CITI, Citi Questions

View Set

Med Surg III Final Packet 1 of 2

View Set

Eco 152- principles of microeconomics

View Set