CIS Vocab #2- Chp 1, 2, 4
Information Governance
A method or system of government for information management or control; an example is the Information Technology Infrastructure Library (ITIL) that we are using as a way to organize our course!
Stakeholder
A person or group that has an interest or concern in an organization
Information Privacy Policy
Contains general principles regarding information privacy
Ethical Computer Use Policy
Contains general principles to guide computer use behavior
Switching Costs
Costs that make customers reluctant to switch to another product or service (and therefore buyer power is reduced); these include financial as well as intangible values
Critical Success Factors (CSFs)
Crucial steps companies perform to achieve their goals and objectives and implement their strategies
Rivalry Among Existing Competitors
High when competition is fierce in a market and low when competitors are more complacent
Threats of New Entrants
High when it is easy for new competitors to enter a market and low when there are significant entry barriers to entering a market
Threat of Substitute Products or Services
High when there are many alternatives to a product or service and low when there are few alternatives from which to choose
To-Be Process Model
Shows the results of applying change improvement opportunities to the current as-is process model
Workplace (Employee) Monitoring Policy
States explicitly how, when, and where the company monitors its employees (which occurs when employee keystrokes, error rates and numbers of orders processed are tracked)
Business Strategy
A leadership plan that achieves a specific set of goals or objectives
Authentication
A method for confirming user's identities
BYOD
Bring your own device
First Line of Defense (People)
A big security problem for organizations is caused by insiders who are employees and legitimate users who purposely or accidentally misuse their access to data and cause some kind of business-affecting incident; information security policies and plans can help defend insider attacks
Information Security
A broad term encompassing the protection of information from accidental or intentional misuse by persons inside or outside an organization Information Security Plan This details how an organization will implement the information security policies
Management Information Systems
A business function, like accounting and human resources, which moves information about people, products, and processes across the company to facilitate decision making and problem solving
System
A collection of parts that link to achieve a common purpose
Digital Dashboard
A common tool that supports visualization (the graphical displays of patterns and complex relationships in large amounts of date); it tracks key performance indicators and critical success factors by compiling information from multiple sources and tailoring it to meet user needs
Entry Barrier
A product or service feature that customers have come to expect from companies in a particular industry and must be offered by an new entering competitor to order to survive
Competitive Advantage
A product or service that an organization's customers place a greater value on than similar offerings from a competitor
Loyalty Program
A program to reward customers based on spending (which can also reduce buyer power)
Executive Information System
A specialized DSS that supports senior-level executives and unstructured, long-term, non-routine decisions requiring judgment, evaluation, and insight at the strategic level
Business Process
A standardized set of activities that accomplishes a specific task, like processing a customer's order or registering a student for classes
Systems Thinking
A way of monitoring the entire system by viewing multiple inputs being processed or transformed to produce outputs while continually gathering feedback on each part
Internet of Things (IoT)
A world in which interconnected, Internet-enabled devices or things, can collect and share data without human intervention (often, machines connect directly to other machines in what is known as machine-to-machine, or M2M
Typical Departments in a Company
Accounting, Finance, Human Resources, Marketing, Operations Management, and Sales (and Management Information Systems/Information Technology!)
Business-Facing Process
Also called back-office processes, these are invisible to the external customer but essential to the effective management of the business; these include goal setting, day-to-day planning, giving performance feedback, and rewards
Customer Facing Process
Also called front-office processes, it results in a product or service received by an organization's external customer; these include fulfilling orders, communicating with customers, and sending out bills and marketing information.
Threat
An act or object that poses a danger to assets; it can be caused by a hacker (those who use their knowledge to break into computers and networks for profit or for the challenge of it); and it can be caused by viruses (software written with malicious intent to cause annoyance or damage, like worms, adware, spyware and ransomware)
Product Differentiation
An advantage that occurs when a company develops unique differences in its products with the intent to influence demand
First Mover Advantage
An organization can significantly increase its market share by being first to market with a competitive advantage
Porters Five Forces Model
Analyzes the competitive forces within the environment in which a company operates to assess the potential for profitability in an industry
Business Process Improvement
Attempts to understand and measure the current process and make performance improvements accordingly
Information
Data converted into a meaningful and useful context (like the best customer last month, the slowest-selling product, and the strongest or weakest sales rep)
Email Privacy Policy
Details the extent to which email massages may be read by others
SWOT Analysis
Evaluates an organization's strengths, weaknesses, opportunities and threats to identify
Support Value Activity
Found along the top of the value chain and includes business processes, such as firm infrastructure, human resource management, technology development, and procurement, that support the primary value activities
Primary Value Activities
Found at the bottom of the value chain, these include business processes that acquire raw materials and manufacture, deliver, market, sell, and provide after-sales services
Information Ethics
Governs the ethical and moral issues arising from the development and use of information technologies as well as the creation, collection, duplication, and distribution, and processing of information itself and is different from ethics (the principles and standards which guide our behavior toward other people)
Second Line of Defense (Technology)
Includes the following three areas: 1) authentication and authorization, which prevents identity theft; phishing (usually fraudulent emails that often ask for account names and passwords) and pharming (which reroutes requests for legitimate websites to false websites) scams; and 2) prevention and resistance, which stop intruders from accessing and reading data through content filtering (often filters emails to remove sensitive information), encryption (scrambling information into an alternative form that requires a key or password to decrypt), and firewalls (hardware or software that guards a private network by analyzing incoming and outgoing information for the for the correct markings); and 3) detection and response, which often uses intrusion detection software
Knowledge
Includes the skills, experience, and expertise, coupled with information and intelligence, that create a person's intellectual resources
Workflow
Includes the tasks, activities, and responsibilities required to execute each step in a business process Acceptable Use Policy Requires a user agree to follow it in order to be provided access to corporate email, information systems, and the internet; this policy often contains a "nonrepudiation clause" which is a ontractual stipulation to ensure that ebusiness participants do not deny their online actions
Business Intelligence
Information collected from multiple sources such as suppliers, customers, competitors, partners, and industries that analyzes patterns, trends, and relationships for strategic decision-making
Intellectual property
Intangible creative work that is embodied in physical form and includes copyrights (the legal protection afforded an expression of an idea), trademarks, and patents (an exclusive right granted by the government to an inventor to make, use or sell an invention)
Structured Decision
Involves situations, where established processes offer potential solutions; these operational decisions are made frequently and are repetitive in nature
Business Process Reengineering (BPR)
Looks beyond automation and streamlining as part of the analysis and redesign of workflow within and between enterprises
Effectiveness MIS Metrics
Measure the impact MIS has on business processes and activities including customer satisfaction and customer conversion rates
Efficiency MIS Metrics
Measure the performance of MIS itself such as throughput, transaction speed, and system availability
Decision Support Systems (DSS)
Model information using online analytical processing (OLAP), which provides assistance in evaluating and choosing among different courses of action
Unstructured Decision
Occurs in situations at the strategic level, in which no procedures or rules exist to guide decision makers toward the correct choice
Social Media Policy
Outlines the corporate guidelines or principles governing employee online communications
Data
Raw facts (like order dates, amounts, or quantities) that describe the characteristics of an event or object
Chief Information Officer (CIO)
Responsible for (1) overseeing all uses of information technology and (2) ensuring the strategic alignment of IT with business goals and objectives
Chief Knowledge Officer (CKO)
Responsible for collecting, maintaining, and distributing company knowledge
Chief Privacy Officer (CPO)
Responsible for ensuring the ethical and legal use of information within a company
Chief Security Officer (CSO)
Responsible for ensuring the security of business systems and developing strategies and safeguards against attacks from hackers and viruses
Chief Technology Officer CTO)
Responsible for ensuring the throughput, speed, accuracy, availability, and reliability of an organization's information technology
Three Techniques for Authentication and Authorization
Something the user knows (ID and password); something the user has (such as a smart card, which is a credit card device storing info, or a token, a small electronic device that changes user passwords automatically); or something that is part of the user (such as biometrics, which identify the user based on physical characteristics such as a fingerprint or voice/face recognition
Electronic Discovery (Ediscovery)
The ability of a company to identify, search, gather, seize, or export digital information in responding to a litigation, audit, investigation, or information inquiry
Buyer Power
The ability of buyers to affect the prices they must pay for an item; it is high when buyers have many choices of whom to buy from and low when their choices are few
Business Model Processing
The activity of creating a business process model, which is a graphical depiction of a detailed flowchart or process map of a work process that shows its inputs, tasks, and activities in a structured sequence
Confidentiality
The assurance that messages and information remain available only to those authorized to view them
Transaction Processing System (TPS)
The basic business system that serves the operational level (analysts) and assists in making structured decisions; an example is an operational accounting system such as payroll or an order-entry system
Online Transaction Processing (OLTP)
The capturing of transaction and event information using technology to 1) process the information according to defined business rules, 2) store the information, and 3) update existing information to reflect the new information
Managerial Level
The level at which employees are continuously evaluating company operations to hone the firm's abilities to identify, adapt to and leverage change
Operational Level
The level at which employees develop, control, and maintain core business activities required to run the day-to-day operations
Strategic Level
The level at which managers develop overall business strategies, goals and objectives as part of the company's strategic plan
Online Analytical Processing (OLAP)
The manipulation of information to create business intelligence in support of strategic decision-making
Competitive Intelligence
The process of a company gathering information about the competitive environment, including competitor's plans, activities and products in order to improve the company's ability to succeed
Authorization
The process of providing a user with permission including access levels and abilities such as file access, hours of access, and amount of allocated storage space
Analytics
The science of fact-based decision making
Key Performance Indicators (KPI)
The specific quantifiable metrics a company uses to evaluate progress toward critical success factors
Supplier Power
The suppliers' ability to influence the prices they charge for their supplies. It's high when buyers have few choices of whom to buy from and low when their choices are many.
Semistructured Decisions
These often managerial level decisions occur in situations in which a few established processes help to evaluate potential solutions, but not enough to lead to a definite recommendation decision
Granularity
This refers to the level of detail in the model or the decision-making process. High levels of this indicates deeper levels of detail or fineness of data.
As-Is Process Model
This represents what the current state of the operation that has been mapped without any specific changes or improvements
Value Chain Analysis
Views a firm as a series of business processes that each add value to the product or service