Chapter 19C
Organizations must clearly define and acknowledge information security accountability and responsibility.
-Accountability principle -Ethics principle -Timeliness principle -Assessment principle -Equity principle
Disadvantage of outsourcing IS to companies in other countries?
-Integrating domestic and nondomestic workforces -managing multiple languages -defining global work expectations -being perceived as unpatriotic
What to develop in order to increase personal power?
1. A sense of obligation toward the manager 2. A belief that the manager possesses a significant level of expertise within the organization 3. A sense of identification with the manager 4. The perception that they are dependent on the manager
Steps to properly operate Information System (IS)
1. Determining information needs 2. Determining and gathering appropriate data 3. Summarizing data 4. Analyzing data 5. Transmitting information 6. Using the information
Factors that determine the value of information
1. Information appropriateness 2. Information quality 3. Information timeliness 4. Information quantity
Activities to improve Information System (IS) effectiveness
1. Managing user satisfaction 2. Managing the IS workforce 3. Managing IS security
What is total power made up of?
1. Position Power 2. Personal Power
The degree of user satisfaction with the Information System (IS) is determined by what factors
1. The quality of the IS 2. The quality of the information
Operational Control Decisions
Ensure that specific task are carried out effectively and efficiently
Data Contamination
Inaccurate data gathering that makes the data less representative of reality
Advantage of outsourcing IS to companies in other countries?
Lower cost of labor
Equity principle
Management shall respect the rights of all employees when setting policy regarding security measures.
Accountability principle
Organizations must clearly define and acknowledge information security accountability and responsibility.
Timeliness principle
Organizations should act in a timely manner to prevent or respond to breaches of and threats to information systems.
Assessment principle
Organizations should periodically assess the risks to information and information systems.
Ethics principle
Organizations should use information and execute information security in an ethical manner.
Strategic Planning Decisions
Relate to determining organizational objectives and actions to achieve those objectives
Management Control Decisions
Relate to obtaining and using resources to reach objectives
Information technology (IT)
Technology focused on the use of information in the performance of work
Power
The extent to which an individual is able to influence others so that they respond to orders
Data
The process of developing information begins with gathering some type of facts or statistics
Information Overload
Too much information to consider properly which can lead managers to be afraid to make decisions
Information System (IS)
a network of applications established within an organization to provide managers with the information that will assist them in decision making
Symptom
a sign that a problem exists
Problem
any factor within an organization that is a barrier to organizational goal attainment
Technology
any type of equipment or process that organization members use in the performance of their work
Information
details about a project or the set of conclusions derived from data analysis
Control
ensuring that an event occurs as it was planned to occur
Information appropriateness
how relevant the information is to the decision-making situation that the manager faces. If the information is quite relevant, then it is said to be appropriate. Generally, as the appropriateness of the information increases, so does the value of that information
Corrective Action
managerial activity aimed at bringing organizational performance up to the level of performance standards
Personal Power
power derived from a manager's relationships with others
Positional Power
power derived from the organizational position that a manager holds
information quantity
the amount of decision-related information that managers possess
Information Quality
the degree to which information represents reality. The more closely information represents reality, the higher the quality and the greater the value of that information
Information timeliness
the extent to which the receipt of information allows decisions to be made and action to be taken so that the organization can gain some benefit from possessing the information.
Standard
the level of activity established to serve as a model for evaluating organizational performance
