ADM 2372
Management Information Systems
Course Weights:
Team Assignment - 40%
Midterm Exam - 25%
Final Exam - 35%
Chapter 1
Information Technology refers to any computer based tool that people use to work with
information and to support an organization's information and information processing needs
Information system collects, processes, stores, analyzes, and disseminates information for a
specific purpose
Digital Transformation is the business strategy that leverages IT to dramatically improve
employee, customer, and business partner relationships. What drives it:
 Big Data
 Business analytics
 Social computing
 Mobile computing
 The internet of things
 Agile systems development methods
 Cloud computing
 Artificial intelligence
Why Learn about information systems:
1. Become an informed user which allows you to:
a. Benefit from your organizations IT applications
b. In position to enhance the quality of your organizations IT applications
c. Enhance your output
2. Also i will undoubtedly undergo a technological transformation
Complexity of Managing Information Resources comprises of:
 IS have enormous strategic value to organizations. Some firms are hostages to
information systems, where they cannot function without it
 Very expensive to acquire, operate and maintain
 Evolution of management IS, and how users now can interact directly with the
mainframe (end-user computing)
Traditional Functions of the MIS department
New Functions of the MIS Department





Managing system development and
system project management
Managing computer operations,
including the computer centre
Providing technical services
Infrastructure planning, development
and control
Staffing, training, and developing IS
skills






Initiating and designing specific
strategic information systems
Incorporating the internet and
electronic commerce into the business
Managing system integration
Education the non-MIS managers
about IT
Partnering with business unit
executives
Managing outsourcing
Data items refer to an elementary description of things, events, activities, and transactions that
are recorded, classified, and stored, but are not organized to convey any specific meaning.
Information refers to data that have been organized so that they have meaning to the
recipient.
Knowledge consists of data and/or information that have been organized and processed to
convey understanding, experience, accumulated learning, and expertise as they apply to a
current business problem.
Computer Based information systems are IS that use computer technology to perform some
or all of its intended tasks.
Comprised of: Hardware, software, database, network, procedures and people.
Information Technology can be used for:
Product Analysis : Developing new goods and services
Site Analysis : Determining the best location for production and distribution
Promotion analysis : identifying the best advertising channels
Price analysis : setting product prices to obtain the highest total revenues
Enterprise resource planning systems and transaction processing systems are designed
to correct a lack of communication among the functional area ISs. For this reason, figure 1.4
shows ERP systems spanning the FAISs.
Interorganizational information systems (IOSs) support many interorganizational operations,
of which supply chain management is best known.
How IT impacts organizations:
1. IT impacts entire industries
2. IT reduces the number of middle managers
3.
IT changes the managers job
4.
IT impacts employees at work
5.
IT impacts employees health and safety
6.
IT provides opportunities for people with disabilities
How IT affects society:
1. Affects our quality of life
2. The robot revolution is here now
3. Impacts health care
4. Emergence of cognitive computing
5.
Volume, Variety, Velocity
Chapter 2
Information systems that are strategic provide a competitive advantage if it is used properly.
Competitive advantage refers to any assets that provide an organization with an adge against
its competitors in some measure, such as cost, quality, or speed, helping control a market and
accrue larger than average profits.
Business process is an ongoing collection of related activities or tasks that in a specific
sequence create a product or a service of value to the organization. It involves
Inputs, resources, and outputs.
Examples: Accounting Business process (managing accounts payable), production BP
(applying disability policies), Marketing BP (Producing sales leads)
How to measure business processes:
Effectiveness - doing the things that matter
Efficiency - doing things without wasting resources, getting things done with less
resources
Cross Functional Processes
Where multiple functional areas collaborate to perform the process
Example, product fulfillment and procurement
Procurement: all necessary steps to acquire needed materials externally from a vendor
5 steps that involve the departments warehouse, purchasing and accounting
1. Warehouse recognizes the need for procurement
2.
3.
4.
5.
Purchasing department identifies a suitable vendor
Materials are received in the warehouse
Vendor sends invoice which is sent to accounting
Accounting sends payment to the vendor, thereby completing the process
Fulfillment: all necessary steps to process customer orders
Involves departments sales, accounting, warehouse
1. Sales validates the sale with a purchase order
2. Sales order communicates data to warehouse, who prepares and ships
3. Accounting receives payment
Companies must be more efficient and effective to have a competitive advantage over their
competitors.
To determine whether a process is efficient, document the processes inputs, resources, and
outputs, and then analyze.
Example:
In this example, effectiveness would be the ability for a customer to book tickets, and efficiency
would be time required to purchase tickets.
Information systems are crucial to enable business processes, as they facilitate
communication and coordination among different functional areas. Three vital roles:
1. Executing the process
a.
.
.
If IS does not work, usually BP can not be executed
2. Capturing and storing process data
Captures and stores dates, times, product numbers, quantities, prices, addresses
3. Monitoring process performance
Indicates how well a process in running
Excellence in executing BP is widely recognized as the underlying basis for all significant
measures of competitive performance (customer satisfaction, cost reduction, cycle and
fulfillment time reduction)
Business process reengineering is the strategy of redesigning BP to enable reduced costs and
increased quality. Often too difficult, radical, lengthy and comprehensive.
Business process improvement is structuring work around BP rather than individual tasks,
resulting in less radical, less disruptive improvements.
Six Sigma
Popular methodology for BPI initiatives, popular with manufacturing environments
No more than 3.4 defects per million outputs by using statistical methods to analyze the process
5 Phases:
1. DEFINE : BPI team documents existing process activities, resources and process inputs
and outputs.
2. MEASURE: BPI team identifies relevant process metrics and collects data to understand
how the metrics evolve over time
3. ANALYSIS: BPI team examines the AS process mpa and collects data to identify
problems with the process. Usually when they use process simulation software
4. IMPROVE: BPI team identifies solutions for addressing the root causes, maps the
solutions, and selects and implements.
BPI are less risky and costly, although don’t provide the same performance gains promised by
BPR
To sustain BPI efforts over time, organizations can adopt business process management, which
are the tools to support the design, analysis, implementation, management and continuous
optimization of core business processes.
Business activity monitoring (BAM) is a realtime approach for measuring and managing
business processes
BPM activities are often supported by business process management suites (BPMS).
Social BPM is a technology that enables employees to collaborate internally and externally
using social media tools.
Business Pressures, Organizational Responses, and Information Technology Support
Business environment is the social, legal, economic, physical and political factors in which the
business conducts their operations. Changes in these apply business pressure.
Examples of Business Pressure include:
 Globalization
 Changing nature of the workforce
 Powerful customers
 Technological pressures : Technological innovation and obsolescence, information
overload
 Societal/political/legal pressures: Social responsibility, compliance with government
regulations, protection against terrorist attacks, Ethical Issues,
 Green IT addresses some of its most pressing environmental concerns in three
areas: Facilitates design and management, carbon management, canadian and
international environmental laws
 Digital divide is the wide gap between those individuals who have access to
information and communications technologies and those who do not
Organizational responses is the response to these business pressures. These include:
 Strategic systems: providing more advantages that enable organizations to increase
their market share and profits to better negotiate with suppliers and to prevent
competitors
 Customer focus; make the difference between attracting and retaining customers versus
the competition
 Make-to-order and mass customization: mass customization allows cheaper products
 E-business (Serving customers online) and E commerce (Buying, selling and
transferring products, services or information for money)
Competitive Advantage and Strategic Information Systems
Competitive strategy is a statement that identifies a business approach to compete, its goals,
and the plans and policies that will be required to carry out those goals. Strategic information
systems provide a competitive advantage by helping an organization to implement its strategic
goals and improve its performance and productivity (anything that helps achieve competitive
advantage or reduce a competitive disadvantage)
Micheal Porter’s Competitive Forces Model
Can be used to develop strategies to increase their competitive edge by identifying 5 major
forces that can enhance or threaten a company’s position in a given industry.
THE FORCES:
1. Threat of new competitors: dependant on the barriers to
entry
2. Buyer power: when buyers have many options, power is higher. Loyalty programs reduce
buying power
3. Supplier power: with less suppliers come less cost saving options and negotiation choices,
unifying the industry.
4. Threat of substitute products: higher switching costs reduces this threat
5. Rivalry among existing firms: more firms can cause higher rivalry
Propriety IS are systems that are unique to a firm, which was a lot more common before
competitors can now instantaneously see any improvements from competitors
Porter's Value Chain Model
Can be used to identify specific activities in which they can use competitive strategies (IT) for
greatest impact.
A value chain is a sequence of activities through which the organization's inputs are
transformed into more valuable outputs.
This model is separated into Primary activities (related to the production and distribution of the
firm's products and services) and support activities (do not add direct value to the firm's
products and services). Each support activity can be applied to any or all of the primary
activities or support one another.
A value system, or industry value chain emcompasses the value chain along with a larger
stream of activities including providing the inputs necessary to the firm along with their value
chains.
Strategies for Competitive Advantage:
1. Cost leadership strategy: produce products and services at the lowest cost in the
industry
2. Differentiation strategy: offer different products,services or product features than your
competitors
3. Innovation strategy: introduce new products and services, add new features to existing
products and services, or develop a way to produce them
4. Operational effectiveness strategy: improve the manner in which a firms executes its internal
business processes so that it performs these activities more effectively than its rivals
5. Customer orientation strategy: concentrate on making customers happy. Web based systems
are particularly effective with this.
Business Information Technology Alignment
The tight integration of the IT function with the organization's strategy, mission, and goals.
Known as the best way for organizations to maximize their strategic value.
6 characteristics of excellent alignment
1. Organizations view IT as an engine of innovation that continually transforms the
business, often creating new revenue streams
2. Organizations view their internal and external customers and their customer service
function as supremely important
3. Organizations rotate business and IT professionals across departments and job
functions
4. Organizations provide overarching goals that are completely clear to each IT and
business employee
5. Organizations ensure that IT employees understand how the company makes or losses
money
6. Organizations create a vibrant and inclusive company culture
Failing reasons to achieve this type of close alignment:
1. Business managers and IT managers have different objectives
2. Business and IT departments are ignorant of other groups expertise
3. There is a lack of communication

Two fundamental metrics that organizations employ in assessing their processes are
effectiveness and efficiency. Effectiveness focuses on doing the things that matter; that is,
creating outputs of value to the business process customer—for example, in a manufacturing
business process, effectiveness would be measured as making high-quality products, or in a
sales business process effectiveness could be measured as an employee meet- ing the monthly
sales quota. Efficiency focuses on doing things without wasting resources; for example,
progressing from one process activity to another without delay or without wasting money.
Following our example, it would be to make products of higher quality with the same cost, or for
an employee, it could mean meeting her sales quota in less time. In a nutshell, effec- tiveness is
about getting things done, and efficiency is about getting more things done with the same or
fewer resources.
Chapter 5 - Data and Knowledge Management
Entity-relationship Modeling - a tool that helps create a model of how users view a business activity
Database decision are hard to change in relation to software and hardware
Data warehouses help individuals
Managing Data
Data should be accurate, complete, timely, consistent, accessible, relevant, and concise.
Problems to data management






Amount of data increases exponentially with time
Scattered throughout organizations, hard to keep track of
Generated from multiple sources: internal sources( corporate databases, and company
documents), and external sources (commercial databases, government reports). Clickstream
data
Subjected to Data rot - over time temperature humidity and exposure to light can cause physical
problems with storage media
Many companies are drowning in unstructured data
Federal government regulates the proper protection and collection of data through bill 198
Data governance
An approach to managing information across an entire organization. It involves a formal set of business
processes and policies that are designed to ensure that data are handled in a certain, well-designed
fashion.
Master data: set of core data such as customer, product, employee, vendor, geographic location that
span the enterprises information systems
Transactional data: captured by the operational systems, describes the business activities or transactions
The Database Approach
Data file is a collection of logically related records
Database systems minimize the following problems:
1. Data redundancy: the same data are stored in multiple locations
2. Data isolation: applications cannot access data associated with other applications
3. Data inconsistency: various copies of the data do not agree
Database systems Maximize the following problems:
1. Data security: because data are put in one plast in databases, database systems
2. Data integrity - data meet certain constraints, thus reducing irrelevant data
3. Data independence - applications and data are independent of one another, that is applications
and data are not linked to each other, so all applications are able to access the same data
Data Hierarchy





Bits - can only be binary, represents smallest unit
Byte - group of 8 bits
Field - logical grouping of characters into a word, images or other types of multimedia
Record - logical grouping of related fields, such as a student record
Data file/table- logical grouping of related records constituting a database
The relational Database Model
Database management system : a set of programs that provide users with tools to create and manage a
database. Managing a database refers to the processes of adding, deleting, accessing, modifying, and
analyzing data that are stored in a database.Can access data by using query.
Composed of two-dimensional tables. A relational database generally is not one big table (flat
file), however several interconnected tables (containing records, rows, and attributes, columns)
Instance of an entity refers to each row in a relational table
Attribute is each characteristic or quality of a particular entity.
Ex. if an entity was a customer, an attribute would be their gender
*every record in the database must contain at least one field that uniquely identifies that record so that it
can be retrieved, called the primary key.
Foreign key is a field in one table the uniquely identifies a row of another table
Structured Data is highly organized
Unstructured data refers to data that do not reside in a traditional relational database (Email messages,
videos…)
Big Data
Collection of data that is so large and complex that it is difficult to manage using traditional database
management systems. Diverse, high-volume, high-velocity information assets that require new forms of
processing in order to enhance decision making, lead to insights, and optimize business processes
Consists of:




Traditional enterprise data (customer information, transactional enterprise resource planning
data)
Machine-generated/sensor data - smart meters, manufacturing sensors, sensors integrated into
smartphones, automobiles…)
Social data
Images captured by billions of devices located throughout the world (security cameras…)
Characteristics of big data:
1. Volume: large
2. Velocity: rate at which data flow is increasing, and significant to ensure rapid feedback loop
between a company and its costumes
3. Variety: formats change more rapidly, satellite images...
Big Data can come from untrusted sources
Big data is dirty (inaccurate, incomplete, incorrect, duplicate or erroneous data
Big Data Changes, Especially in Data streams
Managing Big Data
Massive parallel processing - coordinated processing of an application by multiple processors that work
on different parts of the application
Putting Big Data to Use: Objectives to employ





Making big data available: help organizations gain value if data is available
Enabling organizations to conduct experiments:
Microsegmentation of customers: to ensure better analysis of data
Creating new business models:
Organizations cna analyze more data
Data Warehouses and Data Marts
Data warehouse - repository of historical data that are organized by subject to support decision markets
within the organization
Data mart - low cost, scaled down version of a data warehouse that is designed for the end-user needs in
a strategic business unit
Both data marts and warehouses must contain the following:






Organized by business dimension or subject
Use online analytical processing
Integrated
Time variant
Nonvolatile
Multidimensional
The environments must include:
1.
2.
3.
4.
5.
Source systems that provide data to the warehouse or mart
Data-integration technology and processes that prepare the data for use
Different architectures for storing data in an organizations data warehouse or marts
Different tools and applications for a variety of users
Meta data, data quality, and governance processes that ensure that the warehouse or mart meets
it purpose
Components of a Data Warehouse
Source Systems - Can include enterprise resource planning systems (ERP), website data, third part data,
and more.
Data integration - the extraction, transformation and loading of data into the data mart. Often called ETL
Storing the data - variety of architectures to store decision support data, with the most common being one
central enterprise data warehouse, without data marts.
Independent data marts store data for a single application or a few applications
(marketing/finance)
Hub and spoke architectures contain a central data warehouse that stores the data plus multiple
dependent data marts that source their data
Meta Data - data about data, very important in the data warehouse
Data Quality - must meet the needs of the users
Governance - to plan and control their BI activities
Users - Can be broken up into information producers (create information for other users) and information
consumers (use information created by others
Knowledge Management
Helps organizations manipulate important knowledge that makes up part of the organizations memory,
usually in an unstructured format. For it to be successful, knowledge must be easily exchangeable
between members and be able to grow.
Knowledge is information in actions, that is contextual, relevant, and useful. Can be used to solve a
problem, information can’t.
Explicit versus tacit knowledge : Explicit is objective, rational and technical knowledge.
Knowledge management systems
Use of modern information technologies, internet…, to systematize, enhance, and expedite knowledge
management both within one firm and among multiple firms.
Challenges however are that employees must share their tacit knowledge and companies must be willing
to invest the resources needed to carry out these operations.
KMS cycle:
1.
2.
3.
4.
5.
6.
Create knowledge
Capture knowledge
Refine knowledge
Store knowledge
Manage knowledge
Disseminate knowledge
Appendix 5.6
Query Languages
Common performed database operation is searching for information. Structured Query language (SQL) is
the most popular query language used for interacting with a database. Typical key words are Select,
From, and Where.
Another language is query by example : where the user fills out a grid or template (also known as a form)
to construct a sample or a description of the data desired.
Relationships between entities
Unary Relationship - an associated is maintained with a single entity
Binary Relationship - 2 entities are associated
Ternary relationship - 3 entities
Connectivity of Relationships
One - One
One - many
Many - many (Many databases do not support this, so we use junction tables)
Cardinarlity is the maximum number of times an instance of one entity can be associated with an instance
in the related entity. Examples include:
Circle means many, lines mean mandatory single
Mandatory Single :
Optional Single :
Mandatory many :
Optional Many :
Normalization and Joins
Normalization is a method for analyzing and reducing a relational database to its most streamlined form
to ensure minimum redundancy and maximum data integrity by organizing attributes into tables and
eliminating the non-key attributes.
Functional dependencies are a means of expressing that the value of one particular attribute is
associated with a specific single value of another attribute.
Chapter 7 - E-Business and E-Commerce
E Business is broader, it also refers to servicing customers, collaborating with business partners, and
performing electronic transactions within an organization
Degree of digitization is the extent to which commerce has been transformed from physical to digital
Brick and mortar organizations are purely physical transactions
Pure EC are transactions that are fully digital
Click and mortar organizations conduct some e commerce activities, yet their primary business is carried
out in the physical world
E Commerce is the process of buying, selling, transferring, or exchanging products,services or
information through computer networks.


It increases organizations reaches (number of potential customers to whom the company can
market its products)
Removes barriers that previous entrepreneurs faced
Seven types of ecommerce:
1.
2.
3.
4.
5.
6.
Business to consumer electronic commerce (B2C)
Business to business ecommerce (B2B)
Consumer to consumer (C2C)
Business to employee (B2E) - managing benefits and taking courses
E-government
Mobile Commerce (m-commerce: Commerce that is conducted entirely in a wireless
environment)
7. Social commerce : delivery of electronic commerce and transactions through social computing
8. Conversational commerce (electronic use of messaging and chats)
Business model is the method by which a company generates revenue to sustain itself
Auction is a competitive buying and selling process
Forward auctions are when sellers solicit bids from many potential buyers
Reverse auctions are when one buyer wants to purchase a product or a service (RFQ bid)
Electronic payment mechanisms enable buyers to pay for goods and services electronically


Electronic cheques: primary used in B2B
Electronic cards : E Credit cards, purchasing cards, stored value money cards, smart cards
How ECredit Cards Work:
1. Once a purchase is complete, the credit card information and purchase amount are encrypted in
your browser, ensuring a “safe” travel to the purchase location
2. When the information arrives at the seller, it is not revealed but transferred automatically to a
clearing house, where it is decrypted for verification and authorization
3. The clearing house asks the bank that issued you your credit card to verify your information
4. Your card issuer bank verified your credit card and reports it to the clearing house
5. The clearning house reports the results of the verification of your credit card to seller
6. Amazon reports a successful purchase and amount to you
7. Your card issuer bank sends funds in the amount of the purchase to amazon's bank
8. Your card issuer bank notifies you of the debit on your credit card
9. Amazon bank notifies amazon of the funds credited to its account
Purchasing Cards are primarily used in B2B, where the payments are due within the week instead of a
month
EMV smart cards are also called “Chip and Pin” and are mastercard, and visa, which contain a chip that
can store a large amount of information
Payment gateways are an application that authorizes payments for e-businesses, online retailers, bricks
and clicks businesses (Paypal). Virtual equivalent of a physical point of sale terminal located in retail
outlets
Benefits and Limitations of ECommerce
Benefits:





More accessible national and international markets
Lowers cost of processing, distributing and retrieving information.
Customers benefit by being able to access a vast number of products and services
Easy and convenient access to information and services
Can reduce vendor selling costs by 20-40%
Limitations:



Lack of universally accepted security standards
Telecommunications is not developed everywhere causing barriers to access
EC can be perceived as nonsecure
Business-TO-Consumer E Commerce
B2B is much larger then B2C EC by volume, but B2C EC is more complex.
Electronic retailing is the direct sale of products and services through electronic storefronts
“The long tail” describes the retailing strategy of selling a large number of unique items in small quantities,
think about amazon.
Electronic storefront is a website that represents a single store, which has a unique URL (uniform
resource locator)
Electronic mall is a collection of individual shops grouped under a single internet address,
Disintermediation is the process whereby intermediaries are eliminated due to technological
advancements
Middlemen (Intermediaires) have two purposes: 1. They provide information, 2. They perform valueadded services such as consulting
Financial technology (FinTech): industry composed of companies that use technology to compete in the
marketplace with traditional financial institutions. (Includes lending, trading and investing, personal
finance funding, mobile banking, internet banking, and payments)
Increasing Advertisements Impressions (Number of people view an ad):
1. Increase internet traffic
2. Place more, and more intrusive, ads on each webplaces
3. Try to sell natiev advertising: consists of ads that are disguised as content. Because they appear
to be content, ad blockers cannot block them
4. Avoid the online ad problem
5. Find a non-advertising revenue source
Types of Ad Blockers:





Ad blocks that will stop almost every ad and tracker
Ad blockers that are for-profit businesses
Ad blockers that collect data
Ad blockers that use the freemium model (free app with purchases to use it)
Ad blocks that are a function of operating systems
Issues in E-Tailing




Channel conflict: ecommerce alienates the distributors (how much money to spend on
advertising…)
Showrooming : When customers visit a store to view a product, then uses the internet to conduct
research and buys it from a competitor
Order fulfillment: industry standards of 2-day, its a rush to fulfill small orders
Personalized pricing: when a product is sold through multiple channels the price shouldn’t differ
too much, however personalized pricing is pricing items at a point determined by a particular
customers perceived ability to pay (through postal codes…)
Business to business electronic commerce
Sell-side marketplaces - organizations sell their products to another organization
Buy Side marketplaces - a model in which the organizations attempt to procure needed product or
services from other organizations electronically, streamlining the procurement process.
Procurement is the overarching function that describes the activities and processes to acquire goods and
services, such as market research and vendor evaluation. E procurement uses reverse auctions.
Public exchanges - independently owned by a third party and connect many sellers with many buyers,
open to all business organizations. Three types:
1. Vertical: connect buyers and sellers in a given industry. Primarily for goods suited for a particular
community
2. Horizontal: connect buyers and sellers across many industries. Primarily used for MRO materials
3. Functional:needed services such as temporary help or extra office space are traded on a as
needed basis.
Ethical and Legal Issues in EBusiness
Ethical Issues:
1. Privacy: most electronic payment systems know who the individual is
2. Job loss: eliminates the need for some of a company’s employees
3. Tracking: individuals can be tracked by cookies, which compile your entire tracking history
Legal Issues:
1. Fraud on the internet (falsely spread information, or could be true by commissioned)
2. Domain names (sold and controlled by non-profits)
3. Cybersquatting (practice of registering or using a domain name for the purpose of profiting from
the goodwill or trademark
4. Taxes and other fees (sales tac can be hard to track, should electronic seller pay licensing fees,
gross receipts taxes…)
5. Copyright (sharing software when its copyrighted, movies…)
Chapter 3 - Ethics and Privacy
Ethics is the principles of right and wrong that individuals use to make choices that guide their behaviour.
Five standards:
1. Utilitarian approach: states that an ethical action is the one that provides the most good or does
the least harm
2. The rights approach: an ethical action is one that best protects and respects the moral rights of
the affected parties (rights to make one's own choices, told the truth, not to be injured, and enjoy
a degree of privacy)
3. The fairness approach: posits that ethical actions that treat all human beings equally
4. The common good approach: highlights the interlocking relationships that underlie all societies.
(respect and compassion for all others is the basis for ethical actions)
5. The deontology approach: states that the morality of an action is based on whether that action
itself is right or wrong under a series of rules, rather than based on the consequences of that
action. (Ex. killing someone is wrong, even if it was self defense)
A code of ethics is a collection of principles intended to guide decision making by members of the
organization.
Fundamental tenets of ethics include:
1. Responsibility: means that you accept the consequences of your decisions and actions
2. Accountability: refers to determining who is responsible for actions that were taken
3. Liability: legal concept that gives individuals the right to recover the damages done to them by other
individuals
What is unethical might not always be illegal
Traditional versus GVV (Giving voice to values) Approaches to resolving ethical issues
Four general categories of ethics and IT
1. Privacy issues - collecting, storing, and disseminating information about individuals
2. Accuracy issues - the authenticity, fidelity, and correctness of information that is collected and
processed
3. Property issues: the ownership and value of information
4. Accessibility issues: revolve around who should have access to information and whether they
should pay a fee for this access.
Privacy
Privacy is the right to be left alone and to be free of unreasonable personal intrusions. Information
privacy is the right to determine when, and to what extent, information about you can be gathered or
communicated to others
Courts follow two rules closely:
1. The right of privacy is not absolute. Privacy must be balanced against the needs of society
2. The public’s right to know supersedes the individual's right of privacy
Digital dossier is an electronic profile of someones data and their habits. The formation of this dossier is
called profiling.
Electronic surveillance is rapidly increasing, conducted by employers, the government , and other
institutions. (Facial recognition, increase in processing capability (by 13,000 percent)
Personal concerns for personal information in databases:
1.
2.
3.
4.
5.
6.
7.
8.
Do you know where the records are
Are they accurate
Can you change inaccurate data
How long will it take to make a change
Under what circumstances will the data be released
To whom are they sold to
How are the data used
How secure are the data against access by unauthorized people
Privacy policies and privacy codes are an organization's guidelines for protecting the privacy of its
customers, clients, and employees
The opts out model of informed consent permits the company to collect personal information until the
customer specifically requests that the data not be collected
Privacy advocates prefer opt-in model
Canada’s privacy minister systems that consent should be sought, which is the opt-in model.
Anti-spam regulation = bill C-28, companies must use opt-in model for sending promotions
Platform for privacy preferences (P3P) was developed by the world wide web consortium to automatically
communicate privacy policies between electronic commerce websites and visitors to that site.
Canada's privacy legislation is called the personal information protection and electronic documents act
(PIPEDA), effective January 1 2004
International Aspects of Privacy
The EU and Canadian data privacy laws are stricter than those in the US, causing problems for US based
multinational corporations which could face privacy violations lawsuits
THE GPDR (General data protection regulation) is the world's strongest data protection laws, in effect in
the EU. It covers both personal and sensitive personal data, and applies to both the data controllers an
the data processors.
A natural person is a living human being and a data subject is defined as a human being whose data an
organization has or processes.
The rights of the GPDR are:





The right to know what organizations are doing with their data.
The right to ask, at any time, for copies of all the data that organizations have about them.
The right to know an organization’s justification why it has their data and how long it is planning to
keep them.
The right to have their data corrected, if needed.
The right to have their data deleted. This provision is called the “right to be forgotten.”
Companies can be fined if they do not correctly process an individual's data, experience a security breach
and are required to have, but do not have, a data protection officer.
Chapter 4 - Information Security and Controls
Security can be defined as the degree of protection against criminal activity, danger, damage or loss
Information security refers to all the processes and policies designed to protect an organizations
informatin and IS.
A threat to an information resource is any danger to which a system may be exposed
The exposure of an information resource is the harm, loss, or damage that can result is a threat is
compromised
5 key factors increase vulnerability of organizational resources:
1. Today’s interconnected, interdependent, wirelessly networked business enviornment
2. Smaller, faster, inexpensive computers and storage devices (make it easier to steal or lose devices)
3. Decreasing skills necessary to be a computer hacker
4. International organized crime taking over cybercrime
5. Lack of management support
Two major threat categories: Unintentional and deliberate.
Unintentional threats to information systems
The higher level of employee the higher the threat level
Employees in human resources and IT pose higher threats
Also, janitors, contractors, consultants…. As they have access to the information
Social Engineering: an attack in which the perpetrator uses social skills to trick or manipulate legitimate
employees into providing confidential company information such as passwords (Such as
impersonation…)
Deliberate Threats to Information Systems
Examples include:
1. Espionage or trespass
2. Information extortion: The perpetrator threatens to steal or actually steals information and then
demands payment
3. Sabotage or vandalism: defacing an organization's website as a threat
4. Theft of equipment or information: Dumpster divers are individuals who rummage through
corporations trash to find information
5. Identity theft
6. Compromises to intellectual property
7. Software attacks - use of malware to infect
computers
8. Alien software
9. Supervisory control and data acquisition (SCADA) attacks
10. Cyberterrorism and cyberwarfare
Intellectual property is anything protected under trade secret, patent and copyright laws.
Ransomware attacks are attacks that block access to a computer system or encrypt an organization's
data until the organization pays a sum of money. Most common method of attack is spear phishing,
where employees/individuals open up the emails which will lock their devices
Alien software is clandestine software that is installed on your computer through duplicitous methods,
not as malicious as viruses or worms, but it uses up valuable system resources and allows data tracking.
Vast majotiy is Adware: software that causes pop up advertisements to appear on your screen
Spyware collects personal informatouon without their consent, nicludes keystroke loggers and screen
scrapers.
Supervisory Control and data Acquisition (SCADA) Attacks
SCADA refers to a large scale distributed measurement and control system, providing a link between
physical and electronic world.
What are organizations doing to protect information resources
Risk management is to identify, control and minimize the impact of threats. It consists of three steps: Risk
analysis, risk mitigation, and controls evaluation.
1. Risk analysis involves three steps:
1. Assessing the value of each asset being protected
2. Estimating the probability of compromisation
3. Comparing the probability to the cost of being compromises
2. Risk Mitigation is the organization's actions to conquer threats. It has two functions:
1. Implementing controls to prevent identified threats from occurring
2. Developing a means of recovery if threats become a reality
Risk mitigation strategies include:
a.
b.
c.
Risk acceptance
Risk limitation
Risk transference (purchasing insurance)
3. Controls evaluation, organization identifies security deficiencies and calculates the costs of
implementation .
Information Security Controls
The purpose of controls is to safe guard assets.
THe control environment encompasses management attitudes towards controls
General controls apply to more then one functional area
Application controls are specific to one field (Payroll)
Three categories of general controls:
1. Physical controls (such as walls, doors, fencing, gates…)
2. Access controls restrict the use of information resources (can be physical or logical such as
software.)
a.
Involve two major funcitons: Authentication and authorization: Authentication confirms the identity
of the persona requiring access, authorization determines which actions, rights or privileges the person
has
b.
Authenticatoin: can be used by one or more of the following methods
i.
Something the user is: biometrics: examines the innate physical characteristics. Can be active,
where the user must be present, or passive, where the user does not have to be present such as voice
activation
ii.
Something the user has : regular identification such as smart id cards, tokens… Regular id cards
typically have the persons photo, but smart ones have a chip inside
iii.
Something the user does includes voice and signature recognition
iv.
Something the user knows includes passwords and passphrases. Passwords are known as a
double fail as they are easily forgotten and easily hacked
3. Communications controls (secure the movement of data across networks, such as firewalls, antimalware systems, white listing and encryption)
.
Firewalls: prevents movement of information between untrusted networks
a.
Anti-malware systems : attempt to identify and eliminate viruses and worms
b.
Whitelisting : process in which a company identifies a software that it will allow to run on its
computers
c.
Blacklisting allows everything to run unless its on the blacklist
d.
Encryption: Organizations that do not have a secure channel for sending information sue
encryption to stop unauthorized eaves eavesdroppers. Public key versus private key encryption,
asymmetric encryption
e.
Virtual private networking (VPN) is a private network that uses a public network to connect users.
They have no separate physical existence. Uses a process called tunnelling
f.
Transport layer security: formally called secure socket layer, is an encryption standard used for
secure transactions such as credit card processes
g.
Employee monitoring systems: scrutinize their employees computers and activities
h.
Application controls: protect specific applications in functional areas
Business continuity plan, or disaster recovery plan is a chain of events linking planning to protection and
to recovery.
Information System Auditing: an examination of IS, can also be on their efficiency and effectiveness
*** Read more about this on page 120, im bored and tired
Technology Guide (pg 440): Cloud Computing
Cloud computing is a type of computing that delivers convenient on demand pay as you go, access for
multiple customers to a shared pool of configurable computing resources that can be rapidly and easily
accessed over the internet.
Stages of development of IT infrastructure since the 1950’s:
1. Stand-alone mainframes : organizations initially used mainframe computers in their engineering
and accounting departments.
2. Mainframe and dumb terminals : forcing users to go whereever the mainframe was located was
time consuming, so as a result, firms began placing so called dumb terminals, essentailly
electronic type writers with limited processing power, enabling users to input computer programs
into the mainframe from their departments (Called remote job entry)
3. Standalone personal computers (late 1970’s): the first personal computers appeared, users
began bringing personal computers to the workplace to improve their productivity
4. Local area networks: When personal computers are networked, individual productivity increases.
For this reason, organizations began to connect personal computers to local area networks and
connect the LANS to the mainframe, introducing the processing system called client/server
computing.
5. Enterprise computing (Early 1990’s): organizations use networking standards to integrate
different kinds of networks throughout the firm. After the internet became widespread after 1995,
organizations began using the TCP.IP networking protocol to integrate different types of
networks
6. Cloud computing and mobile computing: Today, organizations and individuals can use the power
of cloud computing to share a pool of resources.
Traditional IT departments use on premise computing, where their own IT infrastructure were in their data
centres. This prevented any developments of IT Infrastructure as they were required to manage it instead
of developing enhancing growth projects.
Important characteristics of cloud computing:
Cloud computing provides on demand self service - a customer can access needed computing resources
automatically, giving customers elasticity and flexibility
Cloud computing encompasses the characteristics of grid computing - grid computing pools various hard
and software components to create a single IT environment with shared resources.




It enables the organizations to use their computing resources more efficiently
It provides fault tolerance and redundancy, meaning that there is no single point of failure
Grid computing makes it easy to scale up, that is, to access increased computing resources
Makes it easy to scale down if extensive processing is not needed.
Cloud computing encompasses the characteristics of utility computing - utility computing is where a
service provider makes computing resources and infrastructure management available to a customer as
needed. The provider then charges the customer for its specific usage rather than a flat rate.
Cloud computing uses broad network access - the cloud providers computing resources are available
over a network, accessed with a web browser and they are configured so that they can be used with any
computing device
Cloud computing pools computing resources - the providers computing resources are available to serve
multiple customers. These resources are dynamically assigned and reassigned according to customer
demand
Cloud computing often occurs on virtualized servers - cloud computing providers have placed hundreds
or thousands of networked servers inside massive data centres called server farms. Server virtualization
uses a software based partition to create multiple virtual servers called virtual machines.
Different Types of Clouds
Three major types:
Public Cloud : Shared, easily accessible, multi customer IT infrastructures that are available non
exclusively to any entity in the general public. Vendors supply applications, storage, and other computing
resources as services over the internet.
Private clouds: IT infrastructures that can be accessed only by a single entity or by an exclusive group of
related entities that share the same purpose and requirements.
Hybrid Clouds are composed of public and private clouds that remained unique entities but are
nevertheless tightly integrated. Can deliver services based on security requirements, the mission critical
nature of the applications, and other company established policies
Vertical Clouds : close infrastructure and applications for different businesses .
Cloud computing services are based on three models:
1. Infrastructure as a service (IaaS) : cloud computing providers offer remotely accessible servers,
networks, and storage capacity. They supply these resources on demand from their large
resource pools which are located in their data centres. IaaS Customers are often technology
companies with IT expertise. Example, Shopify
2. Platform as a service (PaaS) : customers rent servers, operating systems, storage, a database,
software development technologies and network capacities over the internet. The PaaS allows
the customer to both run existing applications to develop and test new applications. Offers
several advantages such as:
a.
Application developers can develop and run their software without the complexity of buying and
managing the underlying hardware and software layers
b.
Underlying computing and storage resources automatically scale to match application demand
c.
Operating system features can be upgraded frequently
d.
Geographically distributed development teams can work together on software development
projects.
e.
PaaS services can be provided by diverse sources located throughout the world.
Examples include airbnb, uber...
3.
Software as a service (Saas): cloud computing vendors provide software that is specific to their
customers requirements. SaaS is the most widely used service model, and it provides a broad range of
applications. SaaS providers typically charge their customers a monthly or yearly subscription. It resides
in the cloud instead of on the infrastructure. Easy ability to scale.
The benefits of cloud computing
Cloud computing has a positive impact on employees : Provides employees with access to all the
information they need no matter where they are, what device they are using or with whom they are
working
Cloud computing can save money : reduces the need to purchase hardware, build and install software,
and pay software licensing fees
Cloud computing can improve organizational flexibility and competitiveness: allows organizations to use
only the amount of computing resources they need at a given time. Therefore, companies can efficiently
scale their operation up or down as needed to meet rapidly changing business conditions
Concerns and Risks
Legacy IT systems : legacy spaghetti refers to the accumulated diversity of hardware, operating systems
and applications
Reliability : many skeptics content that cloud computing in not as reliable as well managed on premise it
infrastructure
Privacy: poses a major threat to privacy because the providers control, and thus lawfully or unlawfully
monitor the data and communication
Security : how secure the cloud services are
The regulatory and legal environment: Many legal and regulatory include data access and transport
Criminal use of cloud computing : attractive target for data thieves
Web services and service oriented architecture:
Web Services are applications delivered over the internet that MIS professionals can select and combine
through almost any device. Permits data to be shared amongst services. They can be employed in
various environments.
The collection of web services that are used to build a firm's IT applications constitutes a service-oriented
architecture
Extensible markup language is a computer language that makes it easier to exchange data among
flexible markup language (Easier than hypertext markup language (HTML))
Universal Description, discovery, and integration (UDDI) allows MIS professionals to search for needed
web services by creating public or private searchable directors of these services
I didn’t read this page because holy crap it's boring.
Chapter 10: Information Systems within the organization
Transaction Processing Systems
A transaction is a business event that generates data worthy of being captured and stored in a database
(a person hired, a service sold, a payroll cheque…)
A TPS supports the monitoring, collection, storage and processing of data from the organizations basic
business transactions. Collects data in real time, and provides input data for corporate databases. Key to
success as it supports core operations
Complexities of TPS:




When more than one person or application program can access it, the database must be
protected from overlapping updates
All systems that are included (such as atm to data warehouse) must be independently working
but synchronized
It must be possible to reverse a transaction in its entirety
Important to preserve an audit trail
Two ways in which the system processes data:
1. Batch processing: Firm collects data as they occur, placing them in groups or batches which are
prepared periodically
2. Online processing: (OLTP) : business transactions are processed online as soon as they occur.
Function Area Information Systems
Supports a particular functional area in the organization by increasing each areas internal efficiency and
effectiveness (Accounting IS, Finance IS…)
Information systems for accounting and finance:


Primary mission: to manage money flows into, within, and out of organizations
Financial planning and budgeting
 Financial and economic forecasting: availability and cost of money
 Budgeting : an essential component of the accounting and finance function is the
annual budget
 Managing financial transactions
 Global stock exchange (open 24/7/365)
 Managing multiple currencies : can convert within seconds
 Virtual close: can close the books any time, instantaneously
 Expense management automation : systems that automate the data entry
processing of travel and expenses
 Investment management : can easily analyze the large volume of global investments, as
well as interpret financial data more easily
 Control and Auditing:
 Budgetary control: after an organization has finalized its annual budget, it divides
those monies into monthly allocations
 Internal auditing: these internal auditors can evaluate the controls at the
organization and evaluate the organization's risk assessment and governance
processes
 Financial ratio analysis: monitor the company’s financial health by assessing
a set of financial ratios
Information Systems for Marketing: can better adapt and understand customers needs and wants
Information systems for production/operations management :





Primary responsibility: to transforms inputs into useful outputs as well as for the overall operation
of the business
In-house logistics and materials management: deals with ordering, purchasing, inbound logistics
(receiving) and outbound logistics (shipping)
 Inventory management : to help ease the complex decision of when to order and how
much
 Quality Control :
Planning, production and operations:
Computer Integrated Manufacturing: THree basic goals
 To simplify all manufacturing technologies and techniques
 To automate as many of the manufacturing processes as possible
 To integrate and coordinate all aspects of design, manufacturing, and related functions
through computer systems
Product life cycle management
Information systems for human resource management


Recruitment : automated, use of linkedin
Human resources development:

Human resources planning and management :
 Payroll and employees records
 Benefits administration
 Employee relationship management (call centre…)
Reports
All information systems produce reports. THey are very closely related to FAIS and ERP systems
Fall into three categories
1. Routine
Produced at scheduled intervals, monthly, quarterly...
2. Ad Hoc (on-demand)
.
Out of the routine reports, (“I need the report today, for the last three days, not for one week”).
Can include:
i.
Drill down reports: Greater level of detail, focusing on a specific aspect such as a store…
ii.
Key indicator reports : summarize the performance of critical activities
iii.
Comparative reports : compare for example, the performances of different business units or of a
single unit during different times
3. Exception
.
Include only information that falls outside certain threshold standards (“get me the report for all
the salesperson who fell below the minimal sales mark)”
a.
Enterprise Resource Planning Systems
ERP systems resolve the problem of information silos by tightly integrating the functional area IS through
a common database. Original design ed to facilitate business processes associated with manufacturing.
Did not extend to other functional areas.
ERP 2 Systems : evolves to include administrative, sales, marketing, and HR.
THe various functions of ERP 2 systems are now delivered as E-Business Suites. Include a variety of
modules that are divided into core ERP modules (Financial management, operations management,
supply chain management, and BI. If a system does not have the core ERP modules, then it is not a
legitimate ERP system.
Core ERP Modules
FInancial Management
Operations Management
Human Resource Management
Extended ERP Modules
Customer relationships management
Supply chain management
Business Analytics
E-Business
Benefits and Limitations of ERP systems
Benefits



Organizational flexibility and agility : more adaptive as data is communicated across functional
areas
Decision support: ERP systems provide essential information on Busienss performance
Quality and efficiency
Limitations



Business processes in the ERP are predefined by the best practices that the ERP vendor has
developed.
Can be extremely complex, expensive and time consuming to implement
Major causes of ERP implementation failure include:
 Failure to involve affected employees in planning and development stages
 Trying to accomplish too much too fast
 Insufficient training in the new work tasks
 Failure to perform proper data conversion and testing for the new systems
Implementing ERP Systems
Can implement using either on premise ERP or software as a service
On premise ERP Implementation: three strategic approaches to implementing



The vanilla approach: a company implements a standard erp package, using the packages built
in configuration options
The custom approach: a company implements a more customized erp system by developing new
erp functions designs specifically for that firm
The best of breed approach: combines above mentioned systems while avoiding extensive costs
and risks associated with complete customization. Companies mix and match core erp modules
as well as other extended erp modules from different software providers
Software as a service ERP implementation: subscription based, companies do no thave to buy software.
Can be a perfect fit for companies that cannot afford large investments.
Three major advantages to Cloud ERP systems:



System can be used from any location
Companies can use ERP to avoid the initial hardware and software expenses that are typical of
on premise implementations
Cloud based erp solutions are scalable, meaning it is possible to extend erp support to new
business processes and partners
Disadvantages:



It is not clear if cloud based erp systems are more secure then on premise systems
Companies that adopt cloud based erp systems sacrifice their control over a strategic IT resource
A third disadvantage is a direct consequence of the lack of control over IT resources
Enterprise Application Integration - integrates existing systems by providing software, called middleware,
that connects applications offering a cheaper and safer alternative for businesses
ERP support for business processes
Cross-departmental process is one that 1. Originates in one department and ends in a different
department, or 2. Involves other departments but originates and ends in the same one.
Ex. Procurement process, fulfillment process, production
process
Interorganizational Processes: ERP with SCM and CRM
Interorganizational processes: originate in one company and end in another. Typically involve supply
chain management and customer relationships management systems.
ERP SCM can place automatic requests to buy fresh perishable products from suppliers in real time
ERP CPM can benefit businesses by generating, forecasting, and analyzing of the product consumption
based on critical variables
Chapter 11: Information Systems within the organization
Supply chain management enables 1. Improved customer service and 2. Reduced operating costs
CRM approach of individualized customer experience and marketing is called customer intimacy
Customer relationship management (CRM) is a customer focused and customer driven organizational
strategy. Process of CRM:
1. Begins with marketing efforts, where organizations solicit prospects from a target
population
2. Prospects then become customers, and hopefully repeat customers. Organizations
overall goal is to maximize the lifetime value of a customer, which is that the customers
potential revenue stream over a number of years
a.
time
Customer churn: the number of customers lost over
CRM fundamentally simple concept: treat customers differently because their needs differ and their value
to the company may also differ.
1% increase in customer satisfaction can lead to as much as a 300% increase in a company’s market
capitalization.
CRM systems are information systems designed to support an organization's CRM strategy.
On the spectrum, low CRM systems are meant for those with many small customers (Amazon) and high
CRM systems are those for a few large customers (Bently Motors).
All Successful CRM policies follow two points:
1. The company must identify the many types of customer touch points
a.
All the numerous and diverse interactions they have with customers (phone calling, social media,
POS)
b.
Omnimarekting : marketing that makes use of all of the channels (bricks and mortar, online, social
media…)
2. It needs to consolidate data about each customer
.
Before, all information was listed in silos, inaccessible to each department and not connected.
a.
With the use of data warehouse now, the complete data set, known as a 360 degree view of the
customer, can be had, and companies can one make their operations more profitable and productive
b.
Collaborative CRM systems provide effective and efficient interactive communication with the
customer throughout the entire organization
c.
Most recent push for consolidated data is called customer identity management, and is when
businesses understand their customers and can track how their relationships have changed over time.
There are two major components of an organizations CRM systems: operation CRM systems and
analytical CRM systems.
Operational CRM systems
Support front office business processes, which are those that directly interact with customers (Sales,
marketing and service). Two major components: customer facing applications and customer touching
applications.
Benefits of Operational CRM:




Efficient, personalized marketing, sales and service
360 degree view of each customer
Ability of sales and service employees to access a complete history of customer interaction with
the organization, regardless of touch point.
It can help achieve these objectives:
 Improve sales and account management
 Form individualized relationships with customers, with the aim of improving customer
satisfaction
 Identify the most profitable customers
 Provide employees with the information and processes necessary to know their
customers
 Understand and identify customers needs and efficiently build relationships among the
company

Customer Facing Applications
In these applications, an organization's sales, field service, and customer interaction centre interact
directly with customers. These applications include:



Customer service and support: customer service and support refers to systems that automate
service requests, complaints, product returns. ORganizations have implemented customer
interaction centers (CIC), where organization representatives use multiple channels such as the
web, telephone, fax and face-to-face interactions to communicate. One of the best known CIC is
call centres.
Salesforce Automation: component of an operational CRM system that automatically records all
of the components in a sales transaction process. It includes contact management systems
(Tracks communication between customer and sales rep, the purpose and any necessary follow
up), also sales lead tracking system, which lists potential clients for sales people. Other elements
that it can include is a sales forecasting system, and product knowledge system (comprehensive
source of information regarding products and services)
Marketing: customer facing applications enable marketers to identify and target their best
customers, to manage marketing campaigns, and to generate quality leads for the sales team.
 Cross selling: marketing of additionally related products to customers based on previous
purchase. Very successful for banks


Upselling: strategy in which the salesperson provides customers with the opportunity to
purchase related products or services of greater value in place of, or along with, the
customers initial product or service selection
 Bundling: form of cross selling in which a business sells a group of products or services
together at a lower price than their combined individual prices
Campaign management: help organizations plan campaigns that send the right messages to the
right people
Customer Touching Applications
Applications that enable customers to indirectly communicate with the company, where consumers
interact with the applications themselves. The major ones include:







Search and comparison capabilities (many online stores/independent stores offer this ability, think
about apple)
Technical and other information and services (many organizations offer personalized experiences
to induce customers to make purchases or to remain loyal
Customized products and services (another customer touching service that many online vendors
use is mass customization
Personalized web pages
FAWs
Email and automated response
Loyalty programs (not to reward pas behaviour but influence future behaviour)
Analytical CRM systems
Used by the operational CRM systems to mine the data and learn about customer behavior. THey provide
business intelligence by analyzing customer behaviour and perceptions.
Important technologies for analytical CRM systems include Data warehouses, data mining, decision
support, and other business intelligence technologies.
It analyzes customer data for a variety of purposes, including:




Designing and executing targeted marketing campaigns
Increasing customer acquisition, cross selling and upselling
Providing input into decisions relating to products and services
Providing financial forecasting and customer profitability analysis
Other Types of customer relationship management systems
On demand CRM systems: CRM systems can be implemented as either on-premise or on-demand.
Traditionally, organizations used on-premise, meaning that they purchase the systems from a vendor.
On-demand CRM systems is one that is hosted by an external vendor in the vendors data centre. This
arrangement spares the organization the costs associated with purchasing the system. The organization's
employees also need to know how to asses to and use it.
The concept of on demand is also known as utility computing or software as a service. Sales force is the
best known on demand CRM vendor. Companies can rent CRM instead of buying it
Mobile CRM systems : interactive systems that enables an organization to conduct communications
related to sales, marketing, and customer service.
Open source CRM systems: are CRM systems whose source code is available to developers and users,
may be implemented either on premise or on demand. Benefits include favourable priving, and a wide
variety of applications. Easily customizable
Social CRM: the use of social media technology and services toe nable organizations to engage their
customers in a collaborative conversation in order to provide mutually beneficial value in a trusted and
transparent manner.
Realtime CRM: relatime customer relationship management to provide a superior level of customer
satisfaction for todays always-on, always-connected, more knowledgeable and less loyal customers.
Supply Chains
Modern organizations are increasingly concentrating on their core competencies and on becoming more
flexible and agile. TO accomplish these objectives, they rely on other companies rather than on
companies they themselves own.
This concept has lead to supply chains: the flow of materials, information, money, and services from raw
material suppliers, through factories and warehouses, to the end customers. It also includes the
organizations and processes that create and deliver products, information, and services to the end
customers.
Supply chains enable trust and collaboration among supply chain partners, thus improving the supply
chain visibility and inventory velocity.
Supply chain visibility refers to teh ability of all organizations within a supply chain to access or view
relevant data on purchased materials as these materials move through their supplies production
processes and transportation.
Inventory velocity: the time it takes for a company to deliver products and services after receiving the
materials required to make them.
The structure and components of supply chains
Involves three segments:
1. upstream: where sourcing or procurement from external supplies occur. Supply chain managers
select suppliers to deliver goods and services the company needs. They develop the pricing,
delivery and payment processes between the company and its suppliers.
2. Internal: where packaging, assembly, or manufacturing takes place. Where supply chain
managers schedule the activities necessary for production, testing, packaging, and preparing
goods for delivery.
3. Downstream, where distribution takes place, frequently by external distributors. Supply chain
managers coordinate the receipt of orders from customers, develop a network of warehouses,
select carriers to deliver products to customers and implement invoicing systems to receive
payments.
Bidirectional flow of goods and information is when it flows from suppliers to customer and back (returns,
called a reverse flow)
Tiers of suppliers: many different organizations work together, for example, rubber and metal distributors
for
The flows in the supply chain: there are typically three flows in the supply chain: material (product life
cycle), information, and financial. TO manage all of them, we use Supply Chain Management
Supply Chain Management
To improve the processes a company uses to acquire the raw materials it needs to produce a product or
service. 5 basic components:
1. Plan: Planning is the strategic component of SCM. Orgnizations must have a strategy for
managing all the resources that are involved in meeting customer demand for their products or
service.
2. Source: sourcing component, organizations choose suppliers to deliver the goods and services
they need to create their product or service.(developing pricing, delivery, payment processes with
suppliers. Creating metrics to monitor and improve relationships)
3. Make: Manufacturing component. Testing, packaging, preparation. Most metric intensive part of
the supply chain
4. Deliver: component is often referred to as logistics. Organizations coordinate the receipt of
customer orders, develop a network of warehouses
5. Return: supply chain managers must create a responsible and flexible network for receiving
defective or return products.
Use of IS to reduce the problems or friction along the supply chain. Friction can increase time, costs, and
inventories, making the organiztion more profitable and competitive.
SCM systems are a type of interorgnizational information systems. In an IOS, informaiton flows among
two or more organizations.
Push Model: known as make to stock, the production process begins with a forecast of what will be sold,
and then will make push the goods to the customers.
Pull model: using web enabled information flows, also known as make to order, where the production
process begins with a customer order.
Problems along the supply chain:
Arise mainly from:
1.
2.


Uncertainty
Need to coordinate multiple activities, internal units, and business partners.
Poor customer service from direction within
Bull whpki effect refers to erractic shifts in orders up and down the supply chain
Solutions to supply chain problems:
1. Vertical integration: buying the upstream suppliers to ensure the company has its full attention
and devotion
2. Using inventories to solve supply chain problems (Building inventories as insurance against
uncertaintys)
a.
Just in time inventory systems deliver the precise number of parts, called workin process
inventories
3. Information sharing : along the supply chain,
Information Technology Support for Supply Chain Management
Three technologies in particle provide support for IOSs and SCM systems:
1. Electronic data interchange (EDI): a communication standard that enables business partners to
exchange routine documents. However, it can cause business to be restructured to fit their
requirements, or be inflexible in their operations
2.
Extranets: links for business partners over the internet by providing them access to certain areas
of each others corporate intranets. Primary goal is to foster collaboration between and among business
partners. They use VPNS to better and more securely communicate over the internet
a.
A company and ites dealers, customers, or supplies: entranet centered over a single company
(FEDEX)
b.
Industry extranet: where all companies can set one up together to benefit them all. Provides a
secure global medium for B2B exchange
c.
Joint ventures and other business partners: partners use extranet as a vehicle for communication
and collaboration
3.
Portals and exchanges : offers point of access through a web browser to critical business
information. Would enable companies and suppliers to share information and collaborate very closely
.
Procurement portals : automate the business processes involved in purchasing and procurement
a.
Distribution portals: automate the business processes involved in selling or distributing products
from a single supplier to multiple buyers
Chapter 12:Business Analytics
Business analytics is the process of developing actionable decisions or recommendations for actions
based on insights generated from historical data
Business intelligence has been defined as a broad category of applications, technologies and processes
for gathering, storing, accessing and analyzing data to help business users make better decision
Management is a process by which an organization achieves its goals through the use of resources
Organization productivity = the ratio of inputs (resources) to outputs (achievement of goals)
Three roles of managers:
1. Interpersonal rules: figurehead, leader, liaison
2. Informational roles: monitor, disseminator, spokesperson, analyzer
3. Decisional roles: entrepreneur, disturbance handler, resource allocator, negotiator
Problem Structure
The first dimension is problem structure, in which decision making processes fall along a continuum
ranging from highly structured to highly unstructured.
Structure decisions deal with routine and repetitive problems. These decisions are candidates for decision
automation
Unstructured decisions: intended to deal with “Fuzzy” complex problems for which there are no cut and
dried solutions. Human intuition and judgment often play an important role,
Semistructured decisions : evaluating employees, trading bonds, performing capital acquisition
Nature of Decisions
1. Operational control: executing specific tasks efficiently and effectively
2. Management control: acquiring and using resources efficiently in accomplishing organizational
goals
3. Strategic planning: the long-range goals and policies for growth and resource allocation
Different applications and practices of BA:


Development of one or a few related analytics applications : target is often a point solution for a
departmental need
Development of infrastructure to support enterprise wide analytics: supports both current and
future analytic needs

Support for organizational transformation: a company uses business analytics to fundamentally
transform the ways it competes in the marketplace
The Business Analytics
Process
1. Identification of pain points by practicing managers
Technologies that underlie the entire process:

Microprocessors: becoming increasingly powerful (specifically Graphic processing units GPUs
are essential to neural networks, another underlying technology)
Data management: organization must have data, and be able to extract it or essentially clean the
2.
data.
3.
Analyze data:
a.
Descriptive analytics: what has happened in the past and enables decision makers to learn from
past behaviours. Tools include online analytical processing, data mining, decision support systems and a
variety of statistical procedures.
i.
Online analytical processing: involves slicing and dicing and rolling up the data to greater
summarization.
ii.
Data mining: searching for valuable business information in a large database, data warehouse or
data mart. It identifies previously unknown patterns (descriptive analytics) and predicts trends and
behaviors (predictive analytics). Affinity analysis is a data mining application that discovers co occurrence
relationships among activities performed by specific individuals or groups
iii.
Decision support systems (DDS) combine models and data to analyze semi structured problems
and some unstructured problems that involve extensive user involvement. It can involve sensitivity
analysis, what-if analysis, goal seeking analysis.
b.
Predictive analytics: examines recent and historical data to detect patterns and predict future
outcomes and trends. It provides estimates about the likelihood of a future outcome. Tools include Data
mining. Unintended consequences of predictive analytics include:
.
Misuse of data
c.
Prescriptive analytics: recommends one or more courses of action and by identifying the likely
outcome of each decision. It requires predictive analytics with two additional components; actionable data
and a feedback system that tracks the outcome produced by the action taken.
4.
Presentation tools: all analytics produce results, which must be communicated to decision makers
in the organization. Data visualization is the act of making the results more attractive and easier to
understand. Dashboards are the most common BA tool presentation.
.
Dashboards common capabilities: drill down, critical success factors, key performance indicators,
status access, trend analysis, exception reporting.
a.
Geographic information systems: computer based system for capturing, integrating, manipulating
and displaying data using digitized maps
5.
Asking the next question, where decision makers must be ready to ask it.
Ba Tools: Excel, multidimensional analysis, data mining, decision support systems.
Data reduction is the conversion of raw data into a smaller amount of more useful information
Chapter 13: Acquiring Information Systems and Applications
It Planning
Begins with an analysis of the organizational strategic plan (which identifies the firm's overall mission, the
goals that follow from that mission and the broad steps required to reach these goals)
The IT architecture delineates the way an organization should utilize its information resources to
accomplish its mission.
The IT strategic plan must meet three objectives:
1. It must be aligned with the organization's strategic plan
2. It must provide for an IT architecture that seamlessly networks users, applications and databases
3. It must efficiently allocate IS development resources among competing projects so that the projects
can be completed on time and within budget and still have the required functionality.
The existing IT architecture is a necessary input into the IT strategic plan because it acts as a constraint
on future development efforts
After a company has agreed on an IT strategic plan, it next develops the IS operational plan
It contains the following elements:






Mission
IS environment
Objectives of the IS function
Constraints on the IS function
The application portfolio (prioritized inventory of present applications and a detailed plan of
projects to be developed or continued during the current year)
Resource allocation and project management
Evaluating and justifying IT investment: benefits, costs and issues
Cost benefit analysis
Its troubling to determine costs
And then to assess the value of the benefits
Strategies for conducting cost-benefit analysis:
1. Net present value (to convert original cost of funds to the benefits)
2. Return on investments (ROI) measures the management's effectiveness in generating profits with
its available assets
3. Break Even analysis
4. In the business case approach, where the system developers write a case which justifies the
funding.
Strategies for Acquiring IT applications
Fundamental decision are:




How much computer code does the company want to write
How will the company pay for the application
Where will the application run
Where will the application originate
Acquisition Methods:








Purchase a pre written application (cost effective and time saving)
Customize a pre written application (may not be attractive is customization is the only method of
providing the necessary flexibility to address the company’s needs)
Lease the application (might not fit exactly, however saves money and time) (if it covers 80% of
needs, the company should consider changing the 20% of business processes to match it). Can
be used to test applications, or more attractive to SME enterprises.
Use application service providers and software as a service vendor (ASP are agents or vendors
that assemble the software needed by enterprises and then packages it with services such as
development, operations, and maintenance. SaaS is a method of delivering software in which a
vendor hosts the applications and provides them as a service to customers over a network.)
Use open source software ( organizations obtain a licence to implement software and use it or
customize it)
Use outsourcing (acquiring applications from outside contractors or external organizations)
Employ continuous development (continuous application development automates and improves
the process of software delivery, constantly changing in response to changing business
conditions and in response to user acceptance.)
Employ custom development (in house or outsource it)
Traditional Systems Development Life Cycle (SDLC)
Traditional systems development method that organizations use for large scale IT projects.
Six processes with clearly defined
is:
1. Systems investigation : the more time they invest in understanding the problem, the less
problems that arise throughout the development. Systems investigations addresses the business
problem by means of the feasibility study, which is explained below:
a.
Technical feasibility determines whether the company can develop or otherwise acquire the
hardware, software and communications components needed to solve the business problem
b.
Economic feasibility determines whether the project is acceptable financial risk and if so, whether
the organization has the necessary time and money to complete the project
c.
Behavioural feasibility addresses the human issues of the systems development project
2. Systems analysis: process whereby system analysts examine the business problem that the
organization plans to solve with an information system. The deliverable is a set of system
requirements
3. Systems design: describes how the system will resolve the business problem. The deliverable is
a set of technical system specifications, which specify the following
.
System outputs, inputs, calculations, or processing and user interfaces
a.
Hardware, software, databases, telecommunications, personnel, and procedures
b.
A blueprint of how these components are integrated
Any changes to these causes scope creep, which is when the time frame and expenses
associated with the project expand beyond the agreed upon limits
4.
Programming and testing: if the organization decides to construct the software in house
5.
Implementation: process of converting from an old computer system to a new one. The
conversion process involves organizational change. Both end users and the MIS department need to
work together to manage organization change. A direct conversion is when the old system is cut off and
the new system is turned on at a certain point in time. A pilot conversion introduces the new system in
one part of the organization, such as in one plant or one functional area. A phased conversion introduces
components of the new system in stages. A parallel conversion is when the old and new system operate
simultaneously for a time.
6.
Operation and maintenance: includes debugging the program, updating the system, and adding
new functions
Alternative methods and tools for systems development
Joint application Design: a group based tool for collecting user requirements and creating system
designs. It is most often used within the systems analysis and systems design stages of the SDLC.
Rapid application development: a system development method that can combine JAD, prototyping, and
integrated computer assisted software engineering tools to rapidly produce a high quality system
Agile Development: a software development methodology that delivers functionality in rapid iterations
which are usually measured in weeks.
Scrum approach is that during a project, users can change their minds about what they need and
want. Therefore, scrum focuses on maximizing the development teams ability to deliver iterations quickly
anf to respond effectively to additional user requirements. The primary predefined roles of scrum include:



The scrum master: maintains the processes
The product owner: represents the business users and any other stakeholder in the project
The team: a cross functional group of seven people who perform the actual analysis, design,
coding, implementation, and testing.
End-user development: approach in which the organizations end users develop their own applications
with little or no formal assistance from the IT department. Sometimes called Shadow IT
DevOps is a practice that was first presented in 2009, where it is a form of software development that
brings the developers and the users together throughout the entire process with the goal of reducing the
time to deployment
Tools for systems development






Prototyping: defines an initial list of user requirements, builds a model of the system, and then
defines the system in several iterations based on users feedback
Integrated computer assisted software engineering tools: computer aided software engineering
(CASE) refers to a group of tools that automate many of the tasks in the SDLC.
Component based development: uses standard components to build applications. Components
are reusable applications that generally have one specific function.
Object oriented development: based on a different view of computer systems that the perception
that characterizes traditional development approaches
Containers are a method of developing applications that run independently of the based operating
system of the server. Containers allow application providers to develop,test, and deploy
technology that will always run in practice.
Low code development platform: make use of visual interfaces to develop applications rather than
traditional procedural hand coding.
Advantages and disadvantages of system acquisition methods
Systems analysts are IS professionals who specialize in analyzing and designing information systems
Programmers are IS professionals who either modify existing computer programs or write new programs
to satisfy user requirements
Technical specialists are experts on a certain type of technology, such as databases or
telecommunications
The system's stakeholders include everyone who is affected by changes in a company’s information
systems.
Chapter 8: WIreless, Mobile Computing, and mobile commerce
Wireless is any telecommunication in which electromagnetic waves, rather than some form of wire or
cable, carry the signal between communication devices
Mobile refers to something that changes it location over time
Mobile computing refers to real time wireless connection between a mobile device and other computing
environments
Wireless transmission Media
1. Microwave transmission systems transmit data through electromagnetic waves. Used for highvolume, long-distance, line-of-sight communication. Causes problems because earth is round.
2. Satellite systems make use of communication satellites orbiting earth (there are three types of
satellites circling 1. Geostationary earth orbit, medium earth orbit, low earth orbit)
a.
Geostationary earth orbit satellites orbit 35,900 km above the equator. They maintain a fixed
preposition because they match the 24hour rotation around earth. However, quarter second delay in
signal send and return, causing a propagation delay. TV signals
b.
Medium earth orbit satellites are located 103500 above earth's surface, they are less expensive
and do not have an appreciable propagation delay. GPS
c.
Low earth orbit satellites : located between 600-1125 km above earth's surface. Footprints are
lower because they are lower down. Telephone
i.
Global positioning systems is a wireless system that uses satellites to enable users to determine
their position anywhere on earth
ii.
Internet over satellite: IoS is the only option available for internet connections because installing
cables is either too expensive or physically impossible.
iii.
Commercial imaging: uses very small satellites
3. Radio
.
Radio transmission: uses radio wave frequencies to send data directly between transmitters and
receivers. It can travel through normal office walls, and radio devices are fairly inexpensive and easy to
install. It creates electrical interference problems.
a.
Google loon: uses balloons to create an aerial wireless network to provide internet access to rural
and remote areas.
b.
Internet blimps: tethered blimps that float at about 260m altitude. Works as a regular cell tower
but has a much larger footprint. (10000 squared km meters)
Wireless Security
Transmission can be intercepted by anyone close enough and has access to the appropriate equipment.
Four major threats
1. Rogue access point is an unauthorized access point into a wireless network
2. Evil twin attack is when the attacker is in the vicinity with a WiFi enabled computer and a seperate
connection to the internet
3. War driving is the act of locating WLANS while driving around a city. The intruder will gain free
wifi and access to important data and other resources
4. Eavesdropping refers to efforts by unauthorized users to access data that are travelling over
wireless networks
5. Radio frequency jamming is a person or device intentionally or unintentionally interferes with your
wireless network transmission
Short range wireless networks
Simplify the task of connecting one device to another. Eliminate wires, and have a range of 30m. Three
basic networks
1. Bluetooth: an industry specification used to create small personal area networks, which is a
computer network used for communication among computer devices. Bluetooth smart is fueling
the wearable technology because it is less expensive and consumes less power
2. Ultra wideband is a high bandwidth wireless technology with transmission speeds in excess of
100mbps
3. Near field communication: has the smallest range of any short range wireless network, which is
designed to be embedded in mobile devices such as cell phones and credit cards.
Medium range wireless networks
The familiar wireless local area networks (WLANS). Most coming is wireless fidelity (Wi-Fi)
A WLAN connects to a wired Lan or to a satellite dish that provides internet connections.
1. Wifi direct: enables peer to peer communications, so devices can connect directly
2. Mifi: a small portable wireless device that provides users with a permanent wifi hotspot wherever
they go. Thus, users are always connected to the internet.
3. Lifi: light fidelity is a technology for wireless communication among device using light to transmit
data and position
Wide Area Wireless Networks
It connects users to the internet over a geographically dispersed territory . These networks typically
operate over the licensed spectrum.
Cellular radio provides two way radio communications over a cellular network of base stations with
seamless handoffs. Different from cordless telephones
1.
2.
3.
4.
First generation: cellular networks used analogue signals and had low bandwidth capacity
2G uses digital signals primary for voice communication
2.5G used digital signals and provided voice and data communications
3G uses data signals and can transmit voice and data for different motions. And allows videos,
web browsing, and instant messages
5. 4th generation 4G: not defined technology or standard, higher speeds,
a.
LTE (long term evolution) is a wireless broadband technology designed to support roaming
internet access through smartphones. 10x faster then 3g
b.
XLTE : advanced LTE, is designed to hanle network congestion when too many people in one
area try to access an LTE network
6. Fifth generation (5G) is expected to be deployed by 2021.
Mobile Computing and Commerce
Telemetry applications: refers to wireless transmission and receipt of data gathered from remote sensors
The internet of things (IoT) is a system in which any object, natural or manmade, has a unique identity
and is able to send and receive information over a network without human interaction.
Radio Frequency Identification: allows manufacturers to attach tages with antennas and computer
chips on goods and then track their movement using radio signals. Typical code is UPC codes.
Active DFIS tags use internal batteries for power and broadcast radio waves to a reader
Passive RFID tags rely entirely on readers for their power