BUS 211 - Management Information Systems Exam 1
What is the most common cause of security incidents
Human error
Advantages/Disadvantages of Building software
1. Competitive advantage 2. Build value for organization 3. Increase productivity 4. Faster reaction time 5. Strong return on investment (ROI) 6. Lower total cost of ownership (TCO) 7. No commercially viable in-market product / solution 8. Inflexible and/or unique requirements
Who owns the process of business requirements definition?
Everybody
Who owns the process of developing Business Requirements
Everybody and key stakeholders is responsible for the development of business requirements.
Be able to explain the difference between what is legal and what is ethical
Ethics Generically: Rules of behavior based on ideas about what is morally good and bad (Merriam Webster) Applied: The discipline of dealing with what is good and bad and with moral duty and obligation Morals: good or bad The belief
How do Information Systems play a part in Business Process development and when should technology solutions be implemented
- Information Systems (when implemented properly) can help improve a Business Process. - Business Process Review/Evaluation should always occur BEFORE the implementation of any technology to automate the process.
The Five Components/Framework of Information Systems
1. Computer hardware - physical machines 2. Computer software - instructions carried out by the machines 3. Data - points of information used/produced by the information system 4. Procedures - methods used to use the information system 5. People - users of the information system
Ways Information Systems can improve data quality
How IS Improve Data Quality: 1. Reduction of Costs -Reduction in labor 2. Improved communications - Systems can be used to improve communication both internally and externally 3. Increased Productivity - Products can be generated faster and at a lessor cost 4. Data Quality - Improved data integrity
Know how Sales force "changed the model" for CRM solutions
Very disruptive influence in the CRM space. Available as a "rented/pay-as-you-go" service Required smaller investments to get started which was ideal for smaller/start up companies No need for on-site infrastructure which reduced costs and ongoing support needs Scalable - Easy to grow/contract the usage of these services provided as the company needs changed Mobile - Allowed users to access the system remotely and from other smart devices like phones and tablets
The four components of computer hardware
1. Input hardware - devices to input data - key board, mouse 2. Processing devices - the "brains" of a computer which executes the instructions from the software CPU, does the work 3. Output devices - devices to produce results/output of the computer programs - monitor, printer, displays the results 4. Storage hardware - saves data and programs - information gets saved when the computer gets turned off
Three components of MIS and definition of each component
1. Management use - the development, maintenance and support of technology systems 2. Information systems - a system is a group of components that interact to achieve a purpose so Information system is a group of components that interact to produce information. 3. Strategies - supporting key initiatives of the organization (the questions asked)
Definition of The Bandwagon Effect
Bandwagon Effect - Implementing a technology not because it supports one of these strategies but because everyone else is doing it. Ex. utilities company working with social media doesn't make sense
Know when BPM should be performed
Business Process Review/Evaluation should always occur BEFORE the implementation of any technology to automate the process.
Difference between a LAN, WAN and The Internet
- LAN (Local Area Network) - A series of computers (network) connecting with a single location or organization. - WAN (Wide Area Network) - A series of computers connected over a wide geographic location (multiple locations) using communication lines of out outside service providers such as a telephone or data communications company. - Internet - A series of computers connecting computers and networks across the world in a publically available environment.
Definition of MIS and how it is used in business
- MIS - The management of Information Systems to help businesses achieve their strategies. - MIS is the function used in business to help leverage technology to support key business functions, key business strategies and hopefully provide a competitive advantage. - The proper use of technology is the key to a true competitive advantage. - Technology continues to grow and become a larger part of the business environment - IT for IT's sake does not make you a better company.
Know the types of applications
- Operational Support Systems -Processes and stores data to support the business process or processes within a single line of business. Examples include Point of Sales solutions, transactional systems used to store banking transactions, etc. Primary users are staff level employees. - Managerial Support Systems - Encompasses all organizational information and its primary purpose is to support the performance of managerial analysis. These systems usually include Decision Support Systems, What-If Analysis tools, Optimization Analysis tools and others. Primary users are mid-level management members and data/business analysts. - Strategic Support Systems - Encompasses tools to support senior level decision making. Usually includes tools such as Executive Information Systems, Dashboards, data visualization tools and other systems to present data to senior management to help in high level decision making. Primary users are senior/executive management.
Know the common Hacking techniques we discussed
- Phishing - Phishing email messages, websites, and phone calls are designed to steal money. Cybercriminals can do this by installing malicious software on your computer or stealing personal information off of your computer. - Targeted Attacks - Organized attacks against an organization's infrastructure - Advertisements & Pop-Ups - Using ads to introduce malicious software - Fake Wireless Access Points - Installation of fake AP's at locations which provide free Internet so that they can "sniff the traffic" for confidential info. - Cookie Theft - Steal a users cookies so that they can access a website and appear to be that user - File Name Tricks - Use of deceiving file names to encourage a user to execute a malicious program - Host File Redirects - Creation of host files to redirect users to malicious websites - Physical manipulation of the environment or devices in the environment for the purpose of stealing money, data and/or identities (i.e. credit lines).
Various measures of computer data
1. Bit - a zero or a one -Smallest unit of data storage which is the basis of computer storage 2. Byte - A grouping of 8-bit chunks which represents a "piece" of data (store a single character number, a character, etc.) 3. Kilobyte - 1024 bytes, characters, numbers (abbreviation K) Ex: 15k = 15,000 characters 4. Megabyte - 1204 Kilobytes (abbreviation MB) 5. Gigabyte - 1024 Megabytes (abbreviation GB) 6. Terabyte - 1024 Gigabytes (abbreviation TB) (laptop is one terabyte) 7. Petabyte - 1024 Terabytes (abbreviation PB) 8. Exabyte - 1024 Petabytes (abbreviation EB)
Advantages/Disadvantages of Buying software
1. Established products / mature landscape 2. Product is easily customized and configured to meet business needs 3. Speed to deploy / 'plug and play' 4. Scalable 5. 24/7/365 Support 6. Upgrades and enhancements are included with maintenance agreement 7. Lack of internal knowledge / expertise 8. No competitive advantage 9. We don't have the time or budget to build it
Three types of competitive strategy
1. Improve employee satisfaction via above average wages and the development of a better living environment at their remote locations so they can continue to recruit talented employees. 2. Focus on strategies to keep both a cost and service level differentiation in place at the non-park locations. The experience at one park is better Willing to pay more to go somewhere 3. Be willing to continue to pay larger fees to the park service when management contracts expire to maintain these contracts as well as keep ownership support for continually increasing demands on capital investments over the life of the contract.
Know the various Cloud-based platforms
1. Infrastructure-as-a-service (IaaS) is data center-as-a-service with the ability to remotely access computing resources. In essence, you lease a physical server that is yours to do with as you will and, for all practical purposes, is your data center, or at least part of a data center. 2. Storage-as-a-service (SaaS) as you may expect, is the ability to leverage storage that physically exists at a remote site but is logically a local storage resource to any application that requires storage. This is the most primitive component of cloud computing. DropBox 3. Communications-as-a-service (CaaS) is an outsourced enterprise communications solution that can be leased from a single vendor. Such communications can include voice over IP 4. Application-as-a-service (AaaS), also known as software-as-a-service (SaaS), is any application that is delivered over the platform of the Web to an end user, typically leveraging the application through a browser. 5. Platform-as-a-service (PaaS) category of cloud service that provides a platform allowing individuals to develop, run and manage applications without the complexity of building and maintaining the infrastructure 6. Security-as-a-service, (SECaaS) ability to deliver core security services remotely over the Internet. 7. Desktop-as -a-service (DaaS), is a cloud service in which the back-end of a virtual desktop infrastructure (VDI) is hosted by a cloud service provider.
Types of computer systems
1. Supercomputers - powerful and expensive computers used to perform complex calculations. Used mostly for research, artificial intelligence, defense systems and industrial design. 2. Mainframes - Advanced multi user machines typically used to manage databases, financial transactions and communications in large organizations. Legacy solutions which have substantially been replaced with microcomputers in a client/server configuration and cloud computing. - Used for federal government - Old and hard to use 3. Microcomputers - Processing for a single user or multiple users if used as the server component in a client/server configuration.
Common microcomputer platforms
1. Windows - One of most common 2. IOS (Macintosh/Apple) - One of most common --- Used in both desktop and mobile devices 3. Android - Used predominantly with mobile devices 4. Blackberry OS - Used almost exclusively with mobile devices 5. Linux/Unix and iSeries-AS/400 - Alternative platforms to Windows in server environments
Characteristics of Quality data
Accuracy - Good data must be accurate, complete and correct. Bad data is worse than no data at all. Timely - Needs to be current, needs to be available in time for its intended use. Relevant - Data should be relevant to the context and the subject. Just barely sufficient - Data needs to be sufficient for the purpose for which it is generated...but just barely so. The business world is overwhelmed with data and information overload can occur if unneeded/unnecessary data is presented. Only collect the data that you need. Worth its cost - Data is not free... does the cost of the value of the data outweigh the costs of obtaining/storing/processing data?
Know the industry leaders in Cloud Computing
Amazon, Microsoft, Alibaba, Google
Know who the PCI Security Council is and what their role is
American Express, Discover, the Japan Credit Bureau, MasterCard and Visa formed the Payment Card Industry Security Council (PCI SSC) with the goal of managing the ongoing evolution of the Payment Card Industry Data Security Standard (PCI-DSS). Created to increase controls around cardholder data to reduce credit card fraud via its exposure.
Define what the role of a CRM application is and know the Advantages/Disadvantages of using a CRM are for an organization
CRM (Customer Relationship Management)- Products using a single database environment and a set of inherent processes for managing interactions with the customer, from lead generation to customer service. In addition, other information on the customer (Demographics, preferences, supporting information) can also be stored in this central repository for access by users of the CRM. Advantages of CRM Centralization of Data - All data on your customer, their preferences, and history of all their historic transactions can be viewed by all members of the organization in a single location. Elimination of redundant data/Dual entry of data - Stored in a single location, eliminates the need for storing this data in multiple places as well as redundant data entry and ensures a "single source of the truth" concerning the customers. Unstructured Data - Most CRM solutions also provide a solution for storing unstructured data such as Social Media for their customers since this is becoming a larger data point in today's business world. Improved Customer Relations - With all data on the customer stored in a single location, company representatives have a more complete view of the customer and can better serve them. Cross Selling - CRM solutions allow for sales team to offer alternative products and "upsells" to the product originally being discussed. Disadvantages of CRM Complexity - As stated in your reading, many companies struggle implementing an "end to end" approach with CRM as it becomes burdensome and hard to implement/maintain. Companies need to focus on solving for specific business issues. Cultural Shift - In some companies, the implementation of a CRM can create cultural issues when existing processes and "ways of doing business" are disrupted. Infrastructure Development - The Information Technology needed to support most legacy CRM solutions is complex, expensive and difficult to support. Cost - Like with ERP solutions, the cost of acquiring/maintaining and implementing a CRM solution can be high.
What is meant by Client/Server and to role of each part
Client - End server device with software which can either run locally on the client machine or connect to a server device via a network. - Machine used to connect to a server can only connect to server if it has same client On an application that is ran Two computer are involved If it only has a windows client then you can only connect a windows to that machine IOS is a client Server - provides a centralized service for multiple client computers Centralized box sitting in the computer lab. Central hub that holds all the data Core central part of that server (ex: elon.edu, the edu is the server) Netflix is a server and phone or computer is the client Both are computers...just serve different roles
What is meant by Competitive Strategy and the two central questions which underlie your organization's Competitive Strategy position
Competitive Strategy - the search for a competitive position in your industry. Two central questions which underlie Competitive Strategy: 1. Attractiveness of industry for long-term profitability 2. Determinants of relative competitive position within the industry
Difference between custom and COTS applications
Custom Applications Proprietary applications developed by in-house personnel and solely owned by the organization` Why Build? Competitive advantage!!! - websites (like amazon - easy to use, customers want to use) Builds value for organization Increase productivity Faster reaction time Strong return on investment Lower total cost of ownership No commercially viable in-market product/solution: allows you to make your software unique to your business and support it directly Inflexible and/or unique requirements Off the Shelf, aka COTS(Commercial Off the Shelf): developed by third party and purchasing by the organization to use - ie excel, microsoft word, etc.. Why Buy? Established products/mature landscape - you know the software is reliable Product is easily customized and designed to meet business needs Speed to deploy / 'plug and play' Scalable - good with a lot of users or a little users 24/7/365 support - you can have support if it breaks - if you do it yourself, you have to fix it yourself ~ time consuming! Upgrades and enhancements - maintenance agreement - if product improves, you get them as long as you pay maintenance Lack of internal knowledge/expertise - then clearly you cannot make it/maintain it yourself No competitive advantage - if it does not give you a competitive advantage, then buy it -- normally cheaper to buy than build Dont have time or budget to build and maintain it
The difference between data, knowledge and information
Data - recorded facts or figures Knowledge - taking data and looking at it in context Information - knowledge which is derived from data
Know what is meant by data privacy and some of the data privacy regulations which are being enacted (GDPR, CCPA)
Data privacy: rules on what you are allowed to do with data you collected -- security: protects data No current US regulations for privacy, but GDPR(General Data Protection Regulation): rule they passed in EU that said if you are a citizen of EU, here is how a company can use your data CCPA(California Consumer Privacy Act): regulation for state of California
Define what is a part of an ERP solution and the difference between an ERP and non-ERP approach(Best of Breed) including advantages/disadvantages of each
ERP (Enterprise Resource Planning System)- A suite of applications (called modules), a single database environment and a set of inherent processes for consolidating business operations into a single, consistent, computing platform. Advantages of Non-ERP Approach- Each business unit/function can find a solution which fits their unit's specific needs (best fit) without having to worry about the other business units. Updates/Upgrades can be applied without impacting other portions of the organization. This approach is known as the "Best of Breed" approach Disadvantages of Non-ERP Approach Lack of Integration --- Does the right hand know what the left hand is doing? Dual Data Entry --- Data must be entered manually into each different system decreasing efficiency and increasing the chance for human error Information Delays --- Information is not available to "downstream" services until data entered into solution of the next part of the service including recording of information into the Accounting System. IT Support --- Each system requires separate IT resources to support the application, its environment and any custom-developed integrations written to try and facilitate any data transfers from system to system. Advantages of ERP Approach All info stored in a single database and allowed for better collaboration within the organization. Elimination of dual data entry --- Information entered at any point in the process does not need to be re-entered. Information Timeliness --- Information is available immediately which leads to having more effective processes and helps make more timely decisions. Ongoing Support --- The IT organization can focus on supporting a single/larger implementation instead of multiple "point" solutions. Disadvantages of ERP Approach Very large costs --- Many companies have spent millions on implementing an ERP to find it was not effective Difficult Implementations --- ERP implementations require the definition of standard processes and procedures used throughout the enterprise. This can often be difficult to obtain and can negatively impact processes established by specific lines of business which uniquely support their business. Remember, ERP solutions often provide more generic solutions to business processes. Difficulty Maintaining a Competitive Advantage --- In many cases, an ERP approach has you implement the same solution as your competitors. How do you maintain a competitive advantage? Configure vs. Customize --- In most cases, you can configure an ERP to best meet your needs but only using pre-designed options. Creating custom changes is often difficult (if not impossible) and is extremely difficult/expensive to maintain long term).
Know the difference between Early Adopters, Pragmatists, Late Adopters and Resisters to technology
Early Adopters -companies that implement technology before fully proven - risk takers Pragmatists - largest section - implement technology as soon as proven - safe Late Adopters - implement reluctantly; notice they don't want to do it but feel they might be in disadvantage if not - feel they have to or will fall behind Resisters - company that remains opposed to the technology - still does not want to implement although they know they are lagging - (ego, traditions, costly, etc.) - know they are behind but don't care
Two dimensions of Process Quality
Effectiveness - enables the organization to accomplish its strategy Efficiency - ration of benefits to cost
Know the major tenants of most Data Privacy regulations including GDPR
Include: Effective data Scope of data - data is relevant Data Subject Rights: Right to be informed Right to access Right to rectification Right to "be forgotten" Right to restrict processing: you can only use my data in certain ways Right to portability: right to go to the company and tell them to send to competitor Right to reject: tell to STOP using my data Right to decision-make: don't want computer to automatically make decisions about my data Right to complain
Know the difference between Public and Private cloud and advantages/disadvantages of each
Know the difference between Public and Private cloud and advantages/disadvantages of each Public cloud: cloud where you share the environment - share with other customers Pro: cheaper! Con: shared - you are not the only one on the box Can be slower You cannot control your performance as much Amazon Web Service (AWS) and Azure, a product for microsoft - largest providers of public cloud Private cloud: cloud where you have your "own box" - it is private and just to you Pro: guaranteed performance More secure! - chances of that data being compromised is significantly less Con: expensive No predominant private cloud
Be able to define what is the role of a MAE and an ISP and know how their roles are different
MAE (metropolitan area exchange) whose major center in the US for interconnecting traffic between internet service providers. (AT&T, Verizon) ISP (internet service peering) is the process of internet traffic exchange between internet service providers Essentially, this is how a number of individual networks or autonomous systems (AS) combine to form the internet. To do this, network owners and access providers, ISPs, work out agreements that describe the terms and conditions to which both are subject. Bilateral peering is an agreement between two the two parties. Multilateral peering is an agreement between more than two parties. Each major ISP generally develops a peering policy that states the terms and conditions under which it will peer with other networks for various types of traffic.
Know the three mandated Information Security Programs we discussed and who has to implement them
Mandated Security Programs: steps businesses take to protect their data (emails, documents, etc) Sarbanes - Oxley - mandated for public companies, set of rules you must follow if you are a publicly traded company HIPAA - Mandated for public companies, rules you must follow to secure your healthcare data PCI - Mandated for companies who process credit card data, rules you must follow to process credit cards
What is meant by your company's mission, vision and values
Mission - What does your company offer the world? Vision - How the ownership group/senior management team envisions the organization future position over the upcoming years. Can be tricky. Values - What are your company's key behaviors (such as having cost consciousness, delegating and accepting responsibility, striving to meet reality, etc.) which ultimately distinguish one organization's business strategy from another's. Ex: being environmentally conscious.
Define the role of an Operating System
Operating System - Software which runs on a computing device that controls the computer's resources. Included in Operating System functions are: Facilities to read/write data Allocation of memory Perform memory swaps Start and stop application programs Respond to error conditions Facilitate backup and recovery conditions Manages the interface with peripheral devices ...and many other non-application specific tasks Operating System is a software "layer" which sits between the application programs and the hardware and serves as an interface between the physical layer and the application software layer.
Porter's Five Forces
Porter's Five Forces - where are we at risk of losing our competitive strategy, are in a good position? Which of these initiatives will support those three risk which we feel are the biggest areas Rules of competition are embodied by five competitive forces: 1. The entry of new competitors - Someone that is not in the space today comes in unexpectedly 2. Threat of substitution - How easy it is to buy a product from someone else 3. Bargaining power of buyers - How much leverage or power do the buyers of the product have. Do they have a lot of influence? Ex: comparing how much they are charging for hotel rooms 4. Bargaining power of suppliers - How much are you depending based on the suppliers If you are only with one supplier, they have a lot over you 5. Rivalry of existing competitors - Of the people already in your space is it fierce rivalry or not a lot of rivalry. - In industries where the five forces are favorable, many competitors earn attractive returns. In industries where one or more of these forces is under intense pressure, few firms can command attractive returns. - The five forces determine industry profitability because they influence prices, costs, and required investment in an industry
Understand what is meant by Business Process Modeling
Purpose of BPMN - to outline the various steps/components of a process. This will help determine if the process is efficient and potential steps where automation could be used to improve the process.
Define what Cloud Computing is by knowing its characteristics and the advantages/disadvantages of this type of computing
Services that you rent instead of purchase that are scalable and use the internet as the means to connect to them. Only can get to it through the internet The internet is NOT the cloud, it is how you get to the cloud Ex: you have a subscription to Netflix Itunes is the first Cloud service Cloud Computing is NOT: - Gmail, Google docs, SalesForce.com, etc. are not the cloud, the Cloud is a collection of all these services, - Just a marketing term. Cloud computing is a significant change in how businesses acquire and pay for computing resources. - Information is stored and processed on computers somewhere else, i.e., "in the clouds" and brought back to your screen. - No, that's called the Internet. Advantages: Lower staffing cost and economies of scale - outsourcing staffing and increase volume output or productivity with fewer people Ease of entry - trying new technologies with little risk and have easy access to your information with low upfront spending. Pay for what you use and reduce capital cost Globalization of your footprint - create nodes worldwide without full blown deployment of workforce or equipment Scalability - bursting access as well as quick growth and provisioning Minimize licensing new software - software is traditionally included with cloud services Flexibility - change direction in technology without serious issues at stake Costing - operational expense Disadvantages: Cloud security - the same security principles that apply to on-site computing apply to cloud computing security. Speed of accessibility - LAN vs WAN connectivity to resources Cloud manageability - managing the assets provisioning as well as the quality of service (QOS) you're receiving from your service provider Noisy neighbors - other applicants or customers over using shared CPU and storage Cloud standards - cloud standards ensure
Difference between Information Technology and Information Systems/Management Information Systems
Similar but NOT the same. Information technology - (just technology) products, methods and standard use for the purpose of producing information. IT consists of the hardware, software and data components ONLY. Information systems - Includes all the components of information technology as well as business processes and people. IT is the technology component of an information system but does not contain how the business will support technology to drive business strategies.
Understand how social media is used in business today, the three key roles, and the types of social media virtual communities which most companies care about and why
Social Media - The use of information technology to support the sharing of content among a network of users. To make Social Media possible, Social Media Information Systems (SMIS) have been created which supports this function. Three SMIS Roles: 1. User Communities - An online "virtual" community of users who can share information. EXAMPLES? 2. Sociandustry leaders Media Sponsors - Companies and other organizations that choose to support a presence on one or more Social Media sites. EXAMPLES? 3. Social Media Application Providers - Companies that operate Social Media sites. EXAMPLES? How Social Media Network add Value to Businesses - Improved communications - Increasing the number of relationships with customers/potential customers - Improve the strength of relationships with existing/potential customers
Define what is meant by a software application
Software application - runs on top of the operating system and performs particular services and functions for the organization. - Main integration point between the end users of technology throughout the organization and the technology environment as a whole.
Reasons Systems Development is difficult and risky
Systems Development - maintaining a custom piece of software. Process of creating and maintaining information systems
What does the acronym SDLC stand for and what are the six phases of SDLC
Systems development life cycle (SDLC) Whenever you build a piece of software you go through these six steps Requirements Gathering and analysis - what you want it to do and look like Design - IT takes your document and sketch out a formal design of what the application is going to look like Implementation and coding - take the design and write the application Testing - after coding is done take it to people to test it to see if it works Deployment - final test, UAT signs off on it, moving it into production Maintenance - fixing it up and making changes
Know what is meant by tampering/skimming
Tampering: physical manipulation of devices to steal money, data or identities Skimming: a hacker is watching and has access to active credit cards - almost worse than a full blown breach because it has a more "recent" knowledge of what is active
Define what the Internet is
The Internet is a worldwide collection of computer networks, cooperating with each other to exchange data using a common software standard. Through telephone wires and satellite links, Internet users can share information in a variety of forms. The size, scope and design of the internet allows users to: Connect easily through ordinary personal computers and local phone numbers Exchange electronic mail with friends and colleagues with accounts on the internet Post information for others to access, and update it frequently Access multimedia information that includes sound, photographic images and even video An additional attribute of the internet is that there is no central authority - in other words, there is no "internet, inc" that controls the internet. Beyond the various governing boards that work to establish policies and standards, the Internet is bound by few rules and answers to no single organization.
The primary activities and support activities which make up a Value Chain
The Value Chain disaggregates a firm into strategically relevant activities in order to under the behavior of costs and the existing and potential sources of differentiation. A firm gains competitive advantage by performing these strategically important tasks more cheaply or better than the competition. Value Activities have two types: - Primary: Activities involved in the physical creation of the product and its sales/transfer of the product to the buyer along with after-sale assistance. Primary Activities can be grouped into five major categories: Inbound Logistics - Receiving, storing and disseminating inputs Operations - Activities associated with transforming inputs into a final product Outbound Logistics - Activities associated with collecting, storing and physically distributing product to buyers Sales & Marketing - Activities involved with inducing buyers to purchase the product Services - Activities associated with providing service to enhance or maintain the value of the product. - Support: Activities which support the primary activities and each other by providing support services such as HR, IT and others. Procurement - The function of purchasing inputs Technology - The knowledge, procedures and physical technology needed to support the primary activities Human Resources - The activities involved in recruiting, hiring, training, developing and compensating all types of personnel Firm Infrastructure - Consists of a number of activities including general management, planning, accounting, legal, government affairs, and quality management.
Know the difference between the Internet and The Cloud
The internet is just a network, a huge sized network of networks Cloud computing uses the internet as a medium to deliver resources which are normally available only locally for use to anyone who requires it and is connected to the internet. It enables users to consume resources like applications, storage, etc. as a utility service - just like electricity. When you need electricity (analogous to say an application), you do not need to create it at your home (locally), you take it from somewhere it is created via electricity lines (analogous to the internet).
Know the differences between the Waterfall and Agile approach to software development including the advantages/disadvantages of each
Waterfall Linear approach Outcome of one phase has to be completed and signed off on before you go into the next phase. Development of the next phase starts when the previous phase is complete Advantages of Waterfall Simple/easy to follow Deliverables of each phase are well defined which keeps complexity low Disadvantages Time-consuming and cannot be used well in short duration projects since a new phase cannot be started until the ongoing phase is complete. Agile Project is broken into small incremental builds It does not develop as a complete product but instead is developed in "pieces" Each build increments in terms of features with the next built on the previous functionality. In the Agile approach, development is complete in sprints. Each spring lasts 2-4 weeks. At the end of each sprint, the end user verifies the product and after their approval it is moved into Production. End user feedback is taken for improvement and their suggestions and enhancements are worked into the next sprint. Testing is done in each sprint to minimize the risk of failures. Advantages of Agile: It allows more flexibility to adapt to changes. The new feature can be added easily. End user satisfaction as the feedback and suggestions are taken at every stage. Disadvantages of Agile: Lack of documentation. Agile needs experienced and highly skilled resources. If a customer is not clear about how exactly they want the product to be, then the project will fail. Scope creep/budget & timeline overruns can easily occur if not properly managed.
Know what/how the PCI Security Council has authority
While they do not have the authority of a government or legal mandate, they are able to mandate adherence to the PCI-DSS in two ways: Increase of credit card transaction fees - Non-PCI merchants are charged higher transaction fees which continue to escalate as data breaches become more prevalent. Ability to process cards - What if a merchant refuses to become compliant or pay the high fees? No problem...you just can't process credit cards any more...I'm sure going "cash only" in today's business world is not an issue
What is a network
a collection of computers connected through a communication link to share hardware, data and applications Ex: the internet
Define a Business Process
a network of activities for accomplishing a business function. Examples include: - Buying inventory - Selling to customers - Invoice processing - Paying employees
Why does a company implement a Information Security Program
many types of data that needs to be protected, such as FInancial, customer, HR, Intellectual Property, info on Competitive Advantage (business plans...etc)