BIS Chapter 12

Lakukan tugas rumah & ujian kamu dengan baik sekarang menggunakan Quizwiz!

Five step systems development life cycle

* Business Planning Process * Define Systems * Determine Requirements * Design System Components * Implement System

Organizations are dynamic, and processes within organizations need to be adapted. The need for change arises from two sources

* The process does not consistently meet its objective. * Changes in business environment

Feasibility has four dimensions

* cost * schedule * technical * organizational feasibility

Systems Development Life Cycle The process of understanding how an information system can support business need, build it, and deliver it to users.

1. Define the system 2. Determine Requirements 3. Define System Components 4. Create, Test, Implement 5. Maintain the system

security safeguards

A fair information practices principle, it is the principle that personal data should be protected by reasonable security safeguards against such risks as loss or unauthorized access, destruction, use, modification or disclosure of data

Business Analyst

A person who understands business strategies, goals, and objectives and who helps businesses develop and manage business processes and information systems. (2) Someone who is well versed in Porter's models, organizational strategy, and systems alignment theory, like COBIT, and who also understands the proper role for technology.

Plunge Installation

A type of system conversion in which the organization shuts off the old system and starts the new system. If the new system fails, the organization is in trouble: Nothing can be done until either the new system is fixed or the old system is reinstalled. Because of the risk, organizations should avoid this conversion style if possible. Sometimes called direct installation.

phishing

An attack that sends an email or displays a Web announcement that falsely claims to be from a legitimate enterprise in an attempt to trick the user into surrendering private information

The Information Systems Audit and Control Association has created a set of standard practices called ________ that are often used in the assessment stage of the BPM cycle.

COBIT Control Objectives for Information and Related Technology

HTTPS

Hypertext Transfer Protocol Secure

Parallel Installation

New system/business processes run parallel with the old one until the new system is tested and fully operational

Maintenance

The extent to which the learner continues to perform the target behavior after a portion or all of the intervention has been terminated

Information Systems Security

The process of protecting information systems vulnerabilities from threats by creating appropriate safeguards

Spoofing

When someone pretends to be someone else with the intent of obtaining unauthorized data.

Business Process Management

a cyclical process for systematically monitoring, modeling, creating, and implementing business processes

Test Plan

a formal description of the system's response to use and misuse scenarios, is written.

Security Vulnerability

a potential challenge to the integrity of information systems from one of three sources: human error, malicious human activity, and natural events and disasters.

Security Program

a systematic plan by which an organization addresses security issues

as-is model

documents the current situation, then change the model to make adjustments to solve process problems

Hacking

gaining unauthorized access to a computer system.

System conversion

implies the process of converting business activity from the old system to the new

Computer Criminals

invade computer networks to obtain critical data or to manipulate the system for financial gain.

Threat

is a challenge to information systems.

Phased Installation

new system/business process is installed in phases across the organization

Pretexting

occurs when someone deceives by pretending to be someone else

Pilot Installation

organization implements the entire system/business processes on a limited portion of the business

Social Engineering

term that describes any attempt to penetrate the security of system by convincing people to disclose secret information.

Effectiveness

the degree to which a predetermined objective or target is met

System development

the process of creating and maintaining an information system.

SSL also known as TSL

Secure Sockets Layer ____ is a method of encrypting TCP/IP transmissions above the network layer.

Worm

Similar to a virus, but it has the capability to travel without any human action so it can infect many computers. It is able to replicate itself and can use the email address book to send itself to everyone listed. It consumes system memory to do this and slows down the computer or the network.


Set pelajaran terkait

EMT - Chapter 8 - Pathophysiology

View Set

Essentials of Communication Ch. 2 Quiz 3 Listening

View Set

Exam 2 (Selection, Performance Appraisal, and Training)

View Set

Macroeconomics exam #4 Questions #10, #11 Quiz #4

View Set