BEC 6

factors impacting a corporate strategy

- *IT personnel*: staffing can be insourced, outsourced, or a combination - *cybersecurity*: regulatory burdens and compliance needs vary, thus some companies may place more importance on security of personal and proprietary data in transit or at rest - *disaster recovery and business continuity*: speed a company can "spin back up" or recover its systems and applications after a loss of service- varies depending on org and industry (more impt for tech-based companies) - *network design- decentralized or centralized, physical or virtual* or a combination of any: . computing power of a company is a key element in determining physical vs. virtual - support functions play a key role in determining org's IT strategy bc they enable administrative functions in a business (size of company- in terms of employees, customers, and assets)

components of a strong IT governance model

- *availability*: sys and data available to users, proper integrity, usable format, secure - *architecture*: roles, IT applications, and hardware designed to enable fulfillment of governance objectives - *metadata*: data describing other data, aka data dictionaries, must be robust in terms of breadth and specificity - *policy*: help companies translate management and governance objectives into practice - *quality*: data integrity (no anomalies like missing values, duplicates, transposed values or mismatched records) - *regulatory compliance and privacy* - *security*: secure preservation, storage, and transmission of data by authorized system users

likelihood of risks

- *high*: probable, has occurred recently, can occur frequently, or controls to prevent it are ineffective - *medium*: could occur, but controls are in place that may impede successful exercise of vulnerability - *low*: improbable, or controls are in place to prevent or significantly impede successful exercise of this vulnerability

management philosophies and techniques for performance improvement

- Just in time management - total quality management - quality audits and gap analysis - lean manufacturing - demand flow systems - theory of contraints - six sigma

blockchain technology in transferring funds

- can transfer $ without a clearinghouse or bank - use a distributed ledger to account for transactions in digital currencies rather than traditional ledger located within a single company

benefits of Supply Chain Management

- enhanced quality control due to greater transparency and access to data - reduce cash tied up in inventory (incr cash flow and its predictability) - improve forecasting for procurement, delivery and production (bc better visibility of data from start of supply chain to end)

IT governance (M2)

- framework that outlines how leadership accomplishes the delivery of mission-critical business capabilities using IT strategies, goals, and objectives - role of information technology (IT) is a vital asset in virtually all business processes→ need to develop new or modify existing IT governance policies to align IT infrastructure with organizational strategies and goals - provides clear understanding of all stakeholders and key functions involved - job of the BOD and executive management to create these policies and procedures- requires recurring input and participation from top leadership, middle managers, IT staff, end users, and external stakeholders - strong model will have practices and policies with the following components: availability, architecture, metadata, policy, quality, compliance, security - alignment with organizational objectives (overall vision and strategy) to achieve those targeted results

compatibility of activity-based costing and activity-based management with process improvements and TQM

- highly compatible - cost identification- costs of quality and value-added activities are more obvious - organizations with ABC and ABM are more likely to have info needed to implement a TQM program

determining virtual/physical network design

- if consistent power needs, physical network makes sense→ on-site, more cost effective over LT and demand needs can be reasonably estimated (allows for more control over the network) - if demand with intermittent sharp spikes, virtual network makes sense→ saves costs and have as much computing power needed during a spike (less control though) - can be a combination- not just one or the other

crucial features of successful implementation of improvement initiatives

- internal leadership- senior management must provide direction and commit resources - inspections- monitor and measure - executive support- tone at top - internal process ownership- must be committed and have resources

irrational method for implementing improvement initiatives

- intuitive and emotional (gut) - based on fashion, fad, or trend - may result from immediate need for cost reduction- ST viewpoint

implementing responses to risk

- management starts with areas most likely to harm org (high impact resources with high and medium likelihood) 1. identify mitigation recommendations 2. evaluate mitigation recommendations (does it adequately safeguard the asset by mitigating the associated risks) 3. cost-benefit analysis: analyze expected loss based on impact and likelihood, then compare loss with cost of implementing proposed recommendations 4. choose, plan and implement- 3 options: - accept the risk (cost > benefits) - transfer the risk (insurance- full or partial reduction of risk) - mitigate the risk (reduce likelihood with safegaurds)

determining centralized/decentralized network design

- organizations with multiple offices across wide range of locations may have diff needs than orgs with one or a few closely located offices - wide range→ decentralized/distributed/blockchain (permits other sites to continue to function if one site fails) - if control is more the concern rather than temporary loss of connectivity→ centralized - can be a combination- not just one or the other

processes for governance execution

- project development teams for new projects - steering committees for ongoing oversight of the IT function - fostering robust governance processes & adequately equipping teams to govern IT-related tasks *can* ensure (not guarantee) the efficient use of organizational resources & continued alignment with strategic objectives

ISACA's Control Objectives for Information and Related Technology (COBIT) Framework

- roadmap that organizations can use to implement *best practices* for IT governance and management - distinguishes btwn governance and management- 2 unique disciplines that exist for different reasons and require different sets of organizational resources - Info Systems Audit and Control Association (ISACA) is a non-profit org formed to help companies and tech professionals manage, optimize and protect IT assets

ERP benefits

- stores info in a central repository so data is only entered once - acts as framework for integrating and improving org's ability to monitor and track business functions (sales, exp, cust service, distrib, etc.) - provides vital cross-functional info quickly to managers (helps in decision-making process) - improves customer service (bc info easily accessed and shared) - allows greater access controls (privileges for multiple systems centrally managed)

rational method for implementing improvement initiatives

- structured and systematic, involves: - strategic gap analysis: external (enviro) & internal (organizational) assessments performed to determine the gap btwn org's objectives and status quo - review of price, quality and other differentiators to have a competitive advantage - review of performance requirements needed to reach production or service delivery objectives - decide how to proceed- selection of an improvement program

ERP disadvantages

- time to successfully implement - can be extremely cost prohibitive (development and implementation, ongoing maintenance) - integration of all business units can be complex - implementation causes significant changes to BPs (can lead to errors, user resistant, and low adoption rates)

business process management activities (5)

1. Design: identification of existing processes & conceptual design of how processes should function once improved 2. Modeling: introduces variables to conceptual design for what-if analysis 3. Execution: changes are implemented & key indicators of success are developed 4. Monitoring: info is gathered and tracked & compared with expected performance 5. Optimization: process manager continues to refine the process

sequence of events in an AIS

1. The transaction data from source documents is entered into the AIS - by end user, via internet by customer, or automatically thru tech like barcodes or RFID(radio frequency id) tags 2. Original source documents are filed (if they exist) 3. Transactions are recorded in the appropriate journal 4. Transactions are posted to the general and subsidiary ledgers 5. Trial balances are prepared 6. Adjustments, accruals, and corrections are entered as needed 7. Financial statements and reports are generated

3 functions of an AIS

1. collect, record, and store data and transactions - specialized journals for automated recording of repetitive transactions - general journals for non-routine/infrequent transactions - automatically assigned to appropriate period and classified by transaction type 2. transform data into info thru compilation and recording - GL accounts update in real time as transactions are recorded - automatic compilation of f/s 3. safeguard and maintain data integrity - input controls - referential integrity maintains data accuracy in recorded transactions (if u change in one area of database, it updates in any other place)

COSO Internal Control Integrated Framework (in terms of IT governance)

2 categories with principles that pertain specifically to IC over IT - control activities→ general controls over technology to achieve organizational objectives - information and communication→ organizations should acquire, create, and use quality information & effective communication of information is necessary - both to support ICs

total quality management

7 critical factors - customer focus- each function of the corporation exists to satisfy the customer- external and internal (each link within the value chain) - continuous improvement- quality isn't the goal (not considered an achievement), it is embedded in the process - workforce involvement- team approaches and worker input (quality circles= small group of workers using team approaches to quality improvement) - top management must actively describe and demonstrate support for the quality mission of the org - objective measures of quality- unambiguous, clearly communicated, consistently reported - timely recognition- acknowledgement of TQM achievements to encourage ongoing involvement of workforce - ongoing training

difference/relationship between AIS, DDS, and EIS

AIS differs from DDS and EIS due to the high degree of precision and detail required for accounting purposes (transaction processing) - AIS data often processed and aggregated to become inputs to a DSS and EIS to enable mangement to make data-driven decisions

plan do check act (PDCA)

BPM methodology- Deming cycle - 4 stages that map to business process management activities 1. plan- design and modeling 2. do- execution (implement) 3. check- monitoring 4. act- optimization (commit to process and reassess for improvement)

New product or business process development

DMADV - Define design goals- that are consistent with customer demands - Measure critical to quality issues (CTQ)- find features that provide value to the customer & that we have the production capabilities to do - Analyze design alternatives- develop diff methods to produce new product - Design optimization- use modeling techniques to determine optimization of proposed process - Verify the design- implement and test the plan

existing product and business process improvements

DMAIC - Define the problem- based on customer comments, failed project goals, etc - Measure key aspects of the current process- collect relevant data - Analyze data- examine relationships - Improve or optimize current processes- use models and data to determine how the process can be optimized - Control- develop a statistical control process to monitor results

Information Technology Infrastructure Library (ITIL) Framework

IT governance framework that is more focused on the *delivery* of IT services across 4 domains - organizations and people (excellence in labor practices, morale, communication methods, and authority systems) - information and technology (data, hardware, software, relationship btwn those components) - partners and suppliers (3rd parties role in delivery- supplier integration, strategy is designing, developing, and deploying IT services) - value streams and processes (how sep parts of business work together to deliver products/services to create value for consumers) (British govt joint venture with private firmed turned globally recognized framework... ppl + tech = system + external players & overall connector)

Internet of Things (IoT)

a class of devices powered by a number of mobile technologies such as WiFi, bluetooth, or cellular technology to access a larger network - used to transmit data about a device or to form its own network - ex: Alexa, smart appliances, smart watches, thermostats, Bluetooth earphones and speakers, lighting, electrical equipment, AI personal assistants (mobile range for connectivity is usually more limited than first-generation/traditional mobile tech)

gateway

a computer or device that acts as an intermediary between different networks - transforms data from one protocol into another so info can flow between networks (usually company's network and internet)

buffers

added by management before and after each constraint to ensure that there are enough resources to accommodate the constraint - eliminate effect of constraint - used throughout theory of constraints - ex: periodic training sessions and weekly production reports when internal constraints are lack of training for employees operating new equip and machines used inefficiently

demand flow systems

aka demand flow technology - manage resources using customer demand as the basis for resource allocation instead of just using sales forecasts or master scheduling - mfg production driven by customers, not org's forecast - akin to JIT process in coordination of demand for goods with supply of goods; Kanban systems used to visually coordinate demand requirements on mfg floor with suppliers - designed to maximize efficiencies and reduce waste (similar to lean manufacturing)

knowledge management system (KMS)

any IT system that acts as a resource repository or disseminates knowledge about the organization in a way that supports the org thru supplemental info about products or service delivery - ex: sharing knowledge with external parties or with employees- FAQs, training guides, discussion forums

constraints (internal vs. external)

anything that impedes the accomplishment of an objective *internal*: evident when the market demands more than the system can produce - equipment may be inefficient or used inefficiently - ppl may lack necessary skills or mind-set necessary - policies may prevent efficient use of resources *external*: when the system produces more than the market requires

software

applications, procedures, or programs that provide instructions for a computer to execute (controlled by user interacting with program)

assessing IT governance risks

assess periodically and prescribe modifications to infrastructure, and consider new IT initiatives to identify risks - can use Business Impact Analysis (BIA) 1. identify what IT resources and assets exist so org can determine the base resources it needs to sustain minimum operations- inventory all IT assets 2. evaluate impact and likelihood of risks- categorize by impact of loss (high, moderate, low) then likelihood (high, medium, low)→ management can determine appropriate response 3. evaluate outcomes: immediate action (corrective action asap), delayed action (within a reasonable time frame), no action (accept level of risk)

stateful multilayer inspection firewall

combines features of circuit- and application-level gateways, but also ensures packets are validated at multiple layers of the communication process (like adding another gatekeeper)

objectives and functions of supply chain management

common objectives include: - achieving flexibility - responsiveness in meeting demands of customers and business partners generally incorporate the following functions: - planning (demand forecasting, product pricing, inv mngmt) - sourcing (procurement, credit, collections) - manufacturing (prod design, scheduling, facility mngmt) - delivering (order mngmt)

Kaizen

continuous improvement - efforts that improve the efficiency and effectiveness of organizations thru greater operational control - part of lean manufacturing - waste reduction methodology using empirical data to measure and promote efficiencies - occurs at manufacturing stage where ongoing search for cost reductions takes the form of analysis of production processes to ensure resource usage stays within target costs

six sigma

continuous quality-improvement program that strives to reduce product or service defects to near 0 levels - 3.4 occurrences per million units - 6 standard deviations from the mean - expands on Plan Do Check Act model and outlines methods to improve current processes and develop new processes - 2 five-step processes- one for existing products/processes (DMAIC) and one for new products/processes (DMADV)

outsourcing (and what are risks)

contracting of services to an external provider provides efficiencies but also comes with risks: - quality risk- outsourced product or service might be defective - quality of service- poorly designed service agreements might impede quality of services - real productivity may be reduced - experienced and valued staff whose functions have been outsourced may leave the organization - language barriers may reduce quality of service (when offshore) - security of information - credentials of service providers may be flawed (offshore might not have same level of training) - labor insecurity- increases when jobs move out of the country

network access translation (NAT) firewalls

converts a group of private IP addresses into a single public IP address prior to communicating with other devices outside of a company's network - masking the addresses inside a private network makes it more difficult for threats to reach any machine directly (extra layer of security)

impact analysis of risks

criteria for categorizing list of info resources (as high, moderate, or low) include how critical the asset is to business operations, costs of a failure, publicity, and any potential legal or ethical issues - *high impact*: dept cannot operate without this resource, high recovery cost, OR may fail to meet org's objectives or maintain its reputation - *moderate impact*: dept could partially function temporarily, some cost of recovery, OR may fail to meet org's objectives or maintain its reputation - *low impact*: could operate for an extended period OR may notice an effect on achieving org's objectives or maintaining its reputation

Enterprise Resource Planning (ERP)

cross-functional systems that integrate information across departments - facilitates real-time communication btwn systems - typically operates under a centralized database and user interface - may offer # of modules that function independently or as an integrated system (focus on operational processes and IT integration)

networking devices/hardware

enable connectivity and communication between devices on a computer network - devices transmit information ("packets") between devices - modem - routers - switches - gateway - servers - firewall

Virtual Private Network (VPN)

encrypted private networks that run on a public network (ie internet) - hides user activity and IP addresses so 3rd parties cant see indiv user traffic = security

steering committee

executive-level committee responsible for oversight of information systems function - members include: high-level management and experts, IT dept heads, others in a position of authority to make change - develop and communicate strategic goals - review IT budget and allocate IT costs - provide ongoing guidance & address big-picture issues that arise - ensure management engagement and participation - monitor the project development team's progress (more holistic than project dev teams- incr goal congruence and reduce goal conflict) (guide and oversee systems dev and acquisition)

external hardware devices

external peripheral devices that are not integrated into the computer/machine itself - mice - keyboards - speakers - microphones - disk drives - memory devices - network cards - monitors (may be built in or be external device that connects either wirelessly or directly thru a wired connection) - printers - scanners - networking equipment

E-commerce (and pros and cons)

facilitates the sale of goods and services using the internet - 5 types: B2B, B2C, C2B, C2C, govt and its citizens (businesses or consumers) - EFT systems benefits - removes overhead costs - creates markets that might not exist otherwise - promotes competitive pricing - allows for product comparison more quickly - provides parity in info among market participants drawbacks - lag times in shipping for physical products - system vulnerability - potential theft of person or financial info - less human customer support available

infrastructure housing

facilities and safeguards on facilities that contain hardware - data centers, offices - advanced security systems to monitor and control access - ventilation and climate control

project development teams

for new IT projects - members include: management, IT systems personnel, accountants, system users - monitor the project to ensure timely and cost-effective completion - managing the human element (ie resistance to change and innovation) - frequently communicating - managing risk and escalating issues that cannot be resolved within the team (possibly to steering committee)

network

group of computers and other machines that are interconnected electronically using a series of networking devices - allows for secure sharing of resources - local area network (LAN) - wide area network (WAN) - software-defined WAN - edge-enabled devices - virtual private networks (VPN)

computer hardware

hardware devices that are part of the actual computer, includes: - microprocessors - graphics and sound cards - hard drivers (permanent storage) - random access memory or RAM (temporary storage) - the power supply - the motherboard (connects most of these critical pieces)

COBIT's distinguishment between management and governance

have own objectives and require diff sets of resources governance- objectives are in a single domain that is centered on evaluating, directing, and monitoring - BOD responsibility management- objectives grouped into 4 domains that focus on supporting activities, integrating IT solutions into BPs, delivering IT services in a secure fashion, and monitoring performance of IT tasks with internal targets - C suite chosen by BOD - daily planning and admin of operations

one-piece flow manufacturing

inventory moves in a continuous flow of work without stopping at diff phases - eliminates waste and resource downtime - maximize efficiencies - lean manufacturing process (only value-added activities) - diff from traditional mfg which has stages of production where inventory can stagnate

protocol

like a language- set of rules governing how info is transmitted - most common one is TCP/IP (transmission control protocol/internet protocol) - gateway interprets and translates

software-defined WAN

like a traditional WAN but is managed and deployed on the cloud (the internet) using a _centralized_ software application - network running on another network - minimizes cost and equipment/components needed - runs on edge-enabled devices

business process management (BPM) (M1)

management approach to coordinate the functions of an organization - goal: continuous improvement in customer satisfaction - seeks effectiveness and efficiency thru innovation, flexibility, and integration with technology - incremental change - activities: design, modeling, execution, monitoring, optimization - benefits: efficiency (do more with less), effectiveness, agility (responses to change are faster and more reliable)

quality audits

management assesses the quality of practices of the org - identifies strengths and weaknesses - strategic quality improvement plan that identifies improvement steps that will produce the greatest return to the org

Decision Support System (DSS)

management information system module that provides interactive tools to support day-to-day decision making - may provide info, facilitate preparation of forecasts, or allow modeling of various aspects of a decision - can model "what-if" scenarios (impt to achieving organizational goals and strategies- sensitivity analysis) - traditional= facilitate decision making - *expert system*= a DDS designed to rely heavily on AI, to automate decisions (mimics knowledge and decision-making abilities of users)

Accounting Information Systems (AIS)

management information system that accountants and financial managers interact with most - collects, records, and stores accounting info - compiles info using accounting rules to report fin and nonfin info to decision makers - well-designed AIS creates an audit trail for accounting transactions - subsystems: TPS, FRS/GLS, MRS

Financial Reporting System (FRS) or General Ledger System (GLS)

module/subsystem of AIS that aggregates daily financial information from the TPS and other sources - enables timely regulatory and financial reporting

Transaction Processing System (TPS)

module/subsystem of AIS that converts economic events into financial transactions - makes JE - typically covers 3 transaction cycles: sales, conversion, expenditure

Management Reporting System (MRS)

module/subsystem of AIS that provides internal financial information to solve day-to-day business problems (ie budgeting, variance analysis, cost-volume-profit analysis)

IT infrastructure (M3)

multiple, interconnected technological components, with the core infrastructure involving a combination of on-premise and outsourced hardware, software, and specialized personnel - application of IT in an organization is the systematic implementation of hardware and software so that data can be transmitted, modified, accessed and stored both securely and efficiently (see pg 33 image)

edge-enabled devices

network supporting an organization at "the edge" or perimeter of a system's network - ex: edge routers and firewalls - much of computer processing power is happening on local devices spread across geographic locations (less reliance on central source = faster, more consistent network)

switches

networking device similar to a router in that they connect and divide devices within a computer network - do not perform as many advanced functions as a router - allows multiple devices to share one network connection

modem

networking device that connects an organization's network to the internet (cable modems, digital subscriber lines, integrated services digital network; previously used landline phones to convert signals)

servers

networking device that connects an organization's network to the internet - ex: client-server model (client requests, server executes and provides response) - various types: web servers, file servers, print servers, database servers

routers

networking device that manages network traffic by connecting devices to form a network - find most efficient path for packet to travel (assigns IP addresses) - links modem and switches (direct to user device if no switches) (traffic cop helping flow of traffic)

next-generation firewalls

observes packets at multiple layers of the communication process & further protects a network by applying more scrutiny to the packets using more sophisticated techniques like intrusion detection, user identification, VPNs, "deep packet inspection" - more advanced protection than stateful multilayer inspection (does what all the others do, plus more) - can also assign diff rules to specific applications and users so low-threat application has more permission rules assigned to it while high-security applications have highly restrictive rules assigned

lean manufacturing

only use the resources required to meet the requirements of the customers - only value-added activities - focus on waste reduction and efficiency - continuous improvement/Kaizen- efforts that improve the efficiency and effectiveness of organizations thru greater operational control (inc one-piece flow manufacturing)

theory of constraints

organizations are impeded from achieving objectives by the existence of one or more constraints or bottlenecks - constraints are limited in total and sometimes orgs only face 1 - buffers used - 5 steps: 1. identification of the constraint (use process charts or interviews) 2. planning around the constraint uses capacity that is potentially wasted by making or selling the wrong products, improper scheduling procedures, etc. (exploitation of constraint) 3. management directs its efforts to improving the performance of the constraint 4. add capacity to overcome the constraint 5. return to the first step- reexamine process (inertia can be a constraint)

offshore operations

outsourcing of services or business functions to an external party in a different country - common types: information technology, business processes (call centers, accounting operations, tax compliance), software R&D, processes requiring advanced knowledge and specialized skill sets (like reading x-rays- knowledge process) - lack of controls around proximity and language issues- also other risks from outsourcing

people in structuring and executing IT governance (7)

people are the decision makers and drivers of how IT governance is structured- all lvls of org 1. BOD- oversees and appoints executive positions, oversight- evaluate IT governance policies to ensure they meet strategic and operational needs of org, sets gov policies 2. executive management- make key strategic decisions, responsible for ensure IT governance structure is in place and executed effectively, set clear tone at the top 3. middle management- responsible for carrying out governance policies and making sure subordinates are doing the same, ensuring IT projects and processes have appropriate resources and support 4. IT support staff- usually includes the following roles: - strategic or executive-level IT staff- responsible for daily planning of governance policies and/or carrying out those policies - network engineers- design and maintain company's network - help desk & lower-level IT support- first respondents when end users need troubleshooting or have IT problems (provide useful feedback to management, incorporating user needs into new governance policies) - cybersecurity staff- ensure safe and secure use of company data and IT assets - function specific staff- larger organizations have discipline-specific job roles (experts) 5. accountants- much of the data they handle is confidential in nature (banking and financial records, sensitive employee records, patient or customer files)- may play role in AIS (provide input to sys developers bc they understand it best), member of project development team, testers (communicate findings to proj dev team) 6. end users- understand the day-to-day tech needs, responsible for following processes and procedures that have been established with IT governance structure 7. external stakeholders- customers and vendors drive how organizations utilize E-commerce platforms; auditors and regulators drive change in IT gov structure to comply with existing or changing regulatory standards

Key performance indicators (KPIs)

performance measures for assessing processes - financial or non-financial - quantitative or qualitative - 4 categories: 1. financial- margins, EPS, P/E, EBITDA, costs as % of rev 2. customer- # of new customers, satisfaction ratings, # repeat purchases, # of up-sell/cross sell purchases, and customer order fulfillment rates 3. internal process- % of manufacturing waste, # units mfg, # service hours delivered, RM reorder times, % change in units of carbon emissions, % of costs attributed to renewable energy 4. organizational growth- training sessions, employee satisfaction surveys, employee turnover, employee growth rate

governance frameworks

provides guidance and best practices for establishing an effective IT governance system - COSO - COBIT - ITIL - allows orgs to accommodate rapidly changing technology landscape while meeting stakeholder needs

Wide Area Network (WAN)

provides network access to a larger geographic area (ie countries) - connects other networks like LANs together to provide broad coverage - hardware may be a combination of public and private lines

Local Area Network (LAN)

provides network access to a limited geographic area (ie office) - data is transported over private lines (controlled by software-defined networking/SDN applications- WAN also uses)

Executive information system (EIS)

provides senior executives with immediate and easy access to internal and external info to assist in strategic decision making - present data in high-level reports and visualizations that allow for big-picture decision making to ensure alignment with overall strategic objectives (more than just day-to-day stuff) (usually dashboard that consolidates info so can easily find key stats, ability to drill down) - may be stand-alone or subsystem of larger MIS

Management Information Systems (MIS)

provides users predefined reports that support effective business decisions - companies can use data as strategic planning process and in its tactical execution; may provide feedback on daily operations and fin and nonfin info to support internal and external bus decisions - subsystems: AIS, DSS, EIS - primary function: aggregating or reporting tool for a given managerial function such as financial management, decision support, customer relationship management, supply chain management

business process reengineering (BPR)

radically reform business processes to achieve strategic objectives - NOT same thing as business process management- its more extreme and seeks revolutionary change whereas BPM seeks incremental change - basic premise is a fresh start (doesn't consider existing processes)- uses benchmarking and best practices to evaluate success - not as popular as it was when introduced in mid 1990s - overaggressive downsizing - has not produced the benefits that were originally anticipated

failure demand

results when a task must be performed for a second time because it was incorrectly performed the first time - happens with consolidation of redundant services (shared services)

Just in time (JIT) management

scheduling the deployment of resources just in time to meet customer or production requirements - inventory does not add value- wasteful costs like storage - benefits include: . synchronization of production scheduling with demand . arrival of supplies at regular intervals . improved coordination . more efficient flow of goods btwn warehouses and production . reduced set up time . greater efficiency in use of employees - limitations in times of supply chain shocks- many companies realize that inventory does have value bc excess inv reduces negative effects of stockouts

shared services

seeking out redundant services, combining them, and then sharing those services within a group or organization (consolidation of redundant services) - creates efficiency but might also result in service flow disruption and failure demand - ex: combining HR, payroll, and legal departments for a the accounting, tax, and consulting divisions of a company

firewall

software application or hardware devices that protect a person's or company's network traffic by filtering it thru security protocols with predefined rules - to prevent unauthorized access into org, block malicious programs/code, prevent employees from downloading malicious programs or accessing restricted sites (gatekeeper)- determines whether firewall software is configured to accept the data, if not block packet - types: . circuit-level gateways . application-level gateways . stateful multilayer inspection firewalls . next-generation firewalls . network address translation (NAT) firewalls

inventory management system

software designed to assist with tracking, procurement, and distribution of inventory items - track item quantities and trigger reordering - usually connected to point-of-sale (POS) system (tracks inventory and removes 1 from count each time unit is sold) - may be part of the broader MIS or a stand-alone program

firmware

software embedded in hardware that instructs the hardware how to operate (not updated frequently at all- very diff than typical software)

Enterprise Performance Management (EPM)

software solutions designed to help executives make strategic decisions - aka business performance management (BPM) or corporate performance management (CPM) - useful for analysis of high-level business strategies and translating them into actionable plans or strategic objectives (management-process focused) - ex: enables leaders to plan, budget and forecast business performances and consolidate fin results

Customer Relationship Management System (CRM) - objectives and how they achieve them

software that enables organizations to monitor and manage interactions btwn the organization and its past, current and potential customers - can achieve objectives by collecting and capturing info about customers to create customer profiles used to tailor marketing efforts and promos objectives: - enhance existing customer satisfaction (to ↑ customer retention and spending) - attract new customers - enhance targeted marketing and promotions (new and existing customers) - enable cross-selling and upselling of products/services - forecast sales, and manage sales staff and sales leads

business process modeling notation (BPMN)

standardized system of diagrams, symbols, and visuals used to depict BPs - flow objects: start and end events, activities, gateway (point where the process splits, decision point) - connecting objects: sequence flow, message flow (dotted arrow) - swim lanes: pools (key participants or groups in the process), lanes (group of similar activities within a pool- shipping dept, billing dept, etc.)

Electronic Funds Transfer (EFT)

system for E-commerce payments - use a variety of technologies to transact, process, and verify money transfers by using a network of different participants (commercial banks, govt banks, businesses, consumers) - reduces the time and expense required to process checks and credit transactions - Federal Reserve's financial services systems play role in moving money from one bank to another in many EFT processes (bank 1 submits request to move $ to bank 2, master database where they adjusts balances and notify receiving bank) - also 3rd party vendors like credit or debt card pmt processors (paying at store initiates transaction using a gateway that routes pmt request to company's/acquiring bank; 3rd party [cc] network sends amt to issuing bank and then settles directly with acquiring bank for transfer of actual cash= net settlement amt)

hardware

the physical components of a computer and computer-related accessories - computer hardware - external hardware devices - infrastructure housing - networking hardware (modem, routers, switches, gateway, servers, firewall)

application-level gateways

type of firewall (aka proxy firewall) that performs same function as circuit-level gateways except they also inspect and filter the contents of the packed based on predefined rules - expensive and burdensome bc amt of processing required

circuit-level gateways

type of firewall that controls traffic solely based on the source of origin, the intended destination, the port (HTTP or FTP) and potentially some other very basic info about a given session - does NOT filter based on the actual content (any type of data requested will be allowed thru)

Supply Chain Management (SCM)

unifies BPs beginning with the original supplier and ending with the customer - SCM systems may perform some or all of the following: purchasing, materials handling, production planning and control, logistics and warehousing, inventory control, and product distribution and delivery - concerned with what, when, where and how much (characteristics of every sale)

Business Impact Analysis (BIA)

used in identifying and assessing risks - identifies how quickly essential business units and/or processes can return to full operation following a disaster - identifies resources required to resume business operations - objectives: . estimate the quantitative/financial impact & qualitative impact to an organization, assuming a worst-case scenario . identify the org's business unit processes and the estimated recovery time frame

organizational objectives (vision + strategy)

vision: - aspirations and goals Corporate strategy: - helps the company reach the goals established by its vision - shapes an organization's operations and business model (low-cost, differentiation, ESG strategy) IT strategy: - align with corp strategy to optimize an organization's efforts in achieving its objectives - 5 factors impacting

service flow disruption

waste in transition, rework, and duplication & increases in the time to deliver service - happens with consolidation of redundant services (shared services)

mobile technology

wireless telecommunication that utilizes radio waves to transmit signals between devices - combines hardware (laptops, tablets, hotspots, phones) with mobile software applications and operating systems that allow connectivity to networks (GPS, WiFi, bluetooth, 4G or 5G cellular technology) - extension of this is the internet of things