Final Exam Study Guide Fall 2014

advertisement
Final Exam Study Guide
MIS 2101 – Fall 2014
General: Things You Should Remember!
 Strategies for presenting a Business Case: Faith, Fear, Fact. (Example: A Fear based argument
argues for implementing a system based on the threat of competitors gaining advantage over
your organization; Fact based arguments rely on indisputable facts and data to support your
argument.)
 Understand the process for preparing a Cost-Benefit Analysis. Know the difference between
tangible & intangible benefits/costs, and recurring & non-recurring benefits/costs. (A salary for an
employee is a tangible, recurring cost; an installation fee is a tangible but non-recurring cost; an
increase in revenue is a tangible benefit; improved customer perception of your firm is an
intangible benefit.) Understand the idea of ‘Break-Even’ analysis, where the tangible benefits
equal the tangible costs. (Intangible benefits and costs are harder to quantify, and while they are
real and potentially significant, they don’t usually play in Break-Even Analysis.)
 Understand the strategies for improving inventory management. Companies implement strategies
like ‘Just-In-Time’ inventory management systems to significantly reduce the amount of
inventory needed on hand (with often only a couple of hours of inventory on hand at any time), or
‘Customer-Managed” systems, to reduce the costs involved in administering & managing
inventory.
 We need to distinguish between business processes and business management, and the hardware
& software needed to support our business applications and processes. The part of business that
focuses on hardware and software used to keep everything running smoothly, and to support the
business activity, is the infrastructure part of the business.
 Our future as business leaders involves developing the ability to develop a systematic, structured
approach to the continuous improvement of our business processes. This involves critically
examining and re-thinking our current business processes in order to achieve dramatic
improvements in performance; this process is known as “Business Process Management”.
 Understand how CRM and SCM is used to support a firm’s overall strategy. For example, a
retailer who has decided to use a low-price strategy to compete and gain market share, will focus
on their supply chain efficiency to disintermediate the middle-men and wholesalers to reduce
their product costs and increase profit. Other firms might focus on implementing a CRM system
that operates 24/7/365, with the strategy of providing web-based systems and interfaces that can
provide consumers with product information, sales order status, customer support
information, problem & issue resolution, etc., at any time, any place, from any device.
Chap 6: Business Intelligence
Business Intelligence (BI) is the use of information systems to gather and analyze information from
internal and external sources in order to make better business decisions.
 BI is used to integrate data from disconnected, non-integrated sources:
-Reports
-Databases
-Spreadsheets
 Integrated data helps to monitor and fine-tune business processes.
BI can help businesses react better to various threats and opportunities, including:
-Unstable markets
-Global threats
-Fierce competition
-Short product life cycles
-Stringent regulations
- Providing wider choices for consumers
 Involves Continuous Planning at all levels of the business.
Databases:
 Data and knowledge are among the most important assets for an organization.
 Databases are collections of related data organized in a way that facilitates data searches,
mining, storage, & organization.
Main Database Elements (Components):
 Entity—something you collect data about, such as people or classes.
 Table—contains entities. Consists of rows an columns.
 Row (record)—a record in a table. One row pertains to one entity instance.
 Column (attribute)—one cell in a row. Each attribute contains a piece of information about the
entity.
Most common ways to query a database:
 Query—a command for retrieving specified information from a database.
 Structured Query Language (SQL)—the most common language for querying databases.
 Query by example (QBE)—a simpler query interface using graphical drag-and-drop features;
newer and easier way to query databases; no programming skills needed.
OLTP: Online Transaction Processing:
 IT systems used to process customer transactions: e.g. orders, deliveries, invoicing, payments,
etc.
 Data from operational systems are useful inputs to BI & analytical applications.
 Operational (OLTP) vs. Informational (OLAP) IT systems: one keeps the processes running, the
other uses that data to make better decisions, analysis, Bus Intelligence
Master Data:
 Master data is the data that is deemed most important in the operation of a business.
 It includes data about customers, suppliers, inventory, employees, and so on.
 Important to have a “single version of the truth”
 BI applications base analyses on the single version of the truth by accessing multiple databases or
using a data warehouse.
Data Warehouses: Helps eliminate data inaccuracies, redundancy by integrating multiple databases
into a single system (repository).
 Primary purpose: put key business information into the hands of decision makers.
Components of BI (Business Intelligence) Systems - (three primary types of BI systems):
 Information and Knowledge Discovery
 Business Analytics
 Information Visualization
Business Analytics: BI applications to support human and automated decision making
 Business Analytics—predict future outcomes
 Decision Support Systems (DSS)—support human unstructured decision making
- Decision-making support for recurring problems
- Used mostly by managerial level employees (can be used at any level)
- What-if analyses
 Intelligent systems (simulation of human reasoning & intelligence)
- Expert Systems
- Neural Networks
- Agents (Bots)
- Knowledge Management Systems
Knowledge Management Systems:
- Data>Information>Knowledge – managing your most important assets
-
Capturing the skills, routines, practices, principles, formulas, methods, heuristics, and
intuitions that make your business unique & competitive
Used to improve efficiency, effectiveness, and profitability
Documents storing both facts and procedures
Information Visualization: Display of complex data relationships using graphical methods to make it
easier to understand complex problems and information.
- Enables managers to quickly grasp results of analyses
- Visual analytics
- Dashboards
- Geographic information systems
Hard vs. Soft Data In Business:
 Hard data
- Facts and numbers
- Generated by organizational databases and other systems
- Soft data
- Non-analytical information. e.g. latest news stories
- Web-based news portals
- Customizable, delivery to different media
Visual Analytics (Complex Dashboards): Interpreting complex output from BI systems is challenging.
Visual analytics combines various analysis techniques and interactive visualization. It’s a combination of:
- Human intelligence and reasoning capabilities
- Technology’s retrieval and analysis capabilities
- Helps to make sense of “noisy” data or unexpected patterns
Chapter 7: Enhancing Business Processes with ERP
Core Business Processes:
 Marketing and sales
 Supply chain management
 Accounting and finance
 Human resources
(No longer individual area silos, but are now highly interrelated. Processes cross all department
boundaries.)
Order-to-Cash Process: The processes associated with selling a product or service.
Procure-to-Pay Process: The processes associated with procuring goods from external vendors.
Make-to-Stock / Make-to-Order Process: The processes associated with producing & manufacturing
goods. Make to Stock best for “push” demand (having stuff on the shelf); make to order best for
“pull”demand (making stuff after receiving the order).
Supply Chain:
Core business processes enable the creation of supply chains; resembles a “river” of material
 Start at source
 Move downstream
Value Chain: Chain—The set of business activities that add value to the end product.
 Information flows through a set of business activities.
 Core activities—functional areas that process inputs and produce outputs. (inbound logistics,
Operations & Manufacturing, Outbound Logistics, Sales & Marketing, Customer Service)
 Support activities—enable core activities to take place. (Administration, Infrastructure, HR, R&D,
Procurement)
The rise of ERP Systems the result of the inefficiencies, inaccuracies, and lack of integration of ‘Standalone” IT systems. IT silos are a major problem in trying to integrate business processes.
Enterprise Systems: Integrated suite of business applications for virtually every department, process,
and industry. The primary value of ERP systems is in integrating business applications and processes.

-
Internally Focused Systems:
Support functional areas, business processes, and decision making within an organization
New information (value) is added at every step.

-
Externally Focused Systems:
Coordinate business activities with customers, suppliers, business partners, and others who
operate outside the organization
Streamline the flow of information between companies
-
Characteristics of ERP Systems (e.g. SAP):
- Centralized point of access (database)
- Conversion of information from legacy systems needed
ERP vendors offer a primary platform (enterprise resource planning), and then different modules
customers can pick; modules that can be selectively implemented. These include:
 CRM (customer relationship management)



SCM (supply chain management)
Product lifecycle management
Supplier relationship management
Primary approaches to developing an ERB for a business:
 Packaged software
o Written by third-party vendors
o Used by many different organizations
o Useful for standardized, repetitive tasks
o Cost effective
 Custom software
o Developed exclusively for a specific organization
o Designed for particular business needs
o Higher development costs
Primary ERP Benefit – Best Practice: forces all functional areas to work to same best practice.
 Not always the right solution for every business; e.g. If a company has competitive advantage
from its unique business processes, forcing best practices may actually hurt.
Business Process Management (BPM): A systematic and structured approach to making process
improvements in a business.
 All or part of organization is involved.
 Rethinking and redesign of business processes
Formula for Success with ERP Systems:
Secure executive sponsorship .
o Most failures are due to lack of top-level management support.
Get help from outside experts.
o Consultants are specifically trained.
o Implementation tends to happen faster.
Thoroughly train users.
o Training is the most overlooked, underestimated, and poorly budgeted expense.
o Training can prevent dissatisfaction.
Take a multidisciplinary approach to implementations.
o Include end users from all functional areas in the implementation.
Chapter 8: Improving Supply Chains & Customer Relationship Management
Supply Chain is also called a Supply Network.




A supply chain is a collection of companies and processes moving a product:
o suppliers of raw materials
o suppliers of intermediate components
o final production
o to the customer
Upstream—flow from sources of raw materials and components.
Downstream—flow to customers.
Suppliers have their own supply chain.
Pro’s & Con’s with Supply Chains:
Potential benefits:
- Process innovations
- Just-In-time Production (JIT)
- Vendor-Managed Inventory (VMI)
Potential problems
- Distorted information
- Excessive inventories
- Inaccurate capacity plans
- Missed product schedules
The Bullwhip Effect: Ripple effects in which forecast errors and safety stocks multiply when moving up
the supply chain.
- Happens when businesses include safety buffer to prevent stock-outs
- Small end-product demand fluctuations cause large fluctuations further up the supply chain.
- Small forecasting errors at end of supply chain cause large errors further up the supply chain.
- Integrated business processes with ERP systems’ helps mitigate the bullwhip effect.
Other benefits of good ERP systems: Enhances Corporate Responsibility through increased
transparency and accountability in your supply chain.
Sustainable Business Practices:
o Ethical treatment of workers
o Green image
Supply Chain Planning - 4 Types of Plans:
 Demand planning and forecasting
o Examination of historic data
 Distribution planning
o Delivering products to consumers
o Warehousing, delivering, invoicing, and payment collection
 Production scheduling

o Coordination of activities needed to create the product/service
o Optimization of the use of materials, equipment, and labor
Inventory and safety stock planning
o Development of inventory estimates
Supply chain visibility—the ability to track products as they move through the supply chain but also to
foresee external events.
Supply chain analytics—the use of key performance indicators to monitor performance of the entire
supply chain, including sourcing, planning, production, and distribution.
SCM Strategy: Needs to balance efficiency & effectiveness.
 Efficiency—cost minimization.
 Effectiveness—customer service maximization.
 Tradeoffs—Supply chain strategy should match overall competitive strategy.
Emerging SCM Trends:
 Supplier portals
 Customer portals
 Business-to-business (B2B) marketplaces
Key enabling SCM technologies:
 RFID (Radio Frequency Identification)
o RFID will soon replace barcode scanners – success dependent on Walmart initiative
 XML (Extensible Markup Language)
CRM (Customer Relationship Management) - Organizations must work harder than ever to attract and
retain customers where comparison shopping is the norm and competitors are just a click away!
The Web has changed everything about business!
 Customers have the power.
 Economic transformation is taking place; i.e., from transactions to relationships.
 Keeping customers satisfied is key.
CRM
 Organization-wide strategy
 Concentrates on the downstream information flow
 Attract potential customers
 Create customer loyalty
 Portray a positive corporate image

Managers need to be able to monitor and analyze factors driving customer satisfaction.
CRM helps companies search for ways to widen, lengthen, and deepen customer relationships.
 Widen – Attract new customers
 Lengthen – Keep current customers satisfied
 Deepen – Turn small customers into long-term, profitable customers
Primary Categories of CRM:
 Operational CRM
o Sales Force Automation
o Customer Service & Support
o Enterprise Marketing Management
 Analytical CRM
o Data Warehouses
o Data Mining & Visualiztion
o Business Intelligence (BI)
o ERP Systems
 Collaborative CRM
o Methods & technologies to facilitate & improve communications.
CRM & Digital Dashboards:
Digital dashboards help to visualize key CRM performance metrics.
Ethical concerns with CRM:
 Personalization technology can sometimes get too personal
 Growing customer concern about companies knowing too much about them
 But CRM continues to grow as a powerful technology to improve business relationships with
their customers
Chapter 9: Developing & Acquiring Information Systems:
Justifying Investment in IT requires a Good Business Case.
 Build a strong, integrated set of arguments and evidence.
 Prove that an information system adds value to the organization or its constituents.
 Ferret out systems that are not adding value.
 Proposed system –determine whether the new system is a “go” or a “no-go”.
 Existing system—determine whether the company will continue to fund the system.
Problem: The Productivity Paradox. It can be difficult to measure the actual impact of IT investment.
(Note: understand these factors.)
 Measurement problems (efficiency vs. effectiveness)
 Time lags (can be significant time between cost outlay and impact on bottom line)
 Redistribution (just transferring costs & bottle necks to another department instead of
eliminating the problems)
 Mismanagement (NO cure for bad management)
Strategies for Making a Good Business Case for IT Investment:
 Faith
- Arguments are based on beliefs about organizational strategy, competitive advantage,
industry forces, customer perceptions, market share, and so on
- Firm’s mission and objectives, strategy for achieving them, and types of IS needed should
be clearly described
 Fear
- Arguments are based on the notion that if the system is not implemented, the firm will
lose out to the competition or, worse, go out of business.
 Fact
- Arguments are based on data, quantitative analysis, and/or indisputable factors.
- Provide a detailed cost-benefit analysis as proof.
Cost-Benefit Analysis:
Identifying costs
- Total cost of ownership (TCO)
- Nonrecurring costs vs. recurring costs
- Tangible costs vs. intangible costs
Identifying benefits
- Tangible benefits vs. intangible benefits
Performing cost-benefit analysis
- Breakeven analysis
- Net-present value analysis
Comparing competing investments
- Weighted multi-criteria analysis
Presenting the Business Case Effectively:
Know the audience.
- People from different areas of the firm typically hold very different perspectives.
Convert benefits to monetary terms.
- Example: Convert time savings into dollar figures.
Devise proxy variables.
- Alternative measures of outcomes
- Example: Reduction in administrative tasks, more customer contact
Measure what is important to management!!
- Concentrate on the issues senior business managers care about.
- Hot-button issues: Cycle time, regulatory and compliance issues, customer feedback, employee
morale
IT Development In Action: Take a very big organizational problem and make it more manageable by
breaking it down into a number of smaller problems/pieces.
SDLC (System Development Life Cycle): Systems Development follows a definite life cycle.
 Phase 1: Systems Planning and Selection
- Identify, plan, and select a development.
 Phase 2: Systems Analysis
- Collecting Systems Requirements
- Modeling Data
- Modeling Processes and Logic
 Phase 3: System Design
- Human–computer interface
- Databases and files
- Processing and logic

Phase 4: System Implementation and Operation
 Transformation of design into a working information system
- software programming and testing
 Preparing the organization for using the new information system
- system conversion, documentation, user training, and support
System Conversion – Implementation Strategies:
 Parallel – old & new systems are operated at the same time until safe (most conservative
strategy when it is truly mission critical)
 Direct – old system is shut down one day & new system is up the next day (quickest &
most cost effective strategy; good for non-critical systems)
 Phased – parts of the new system are implemented in pieces over time (reasonably
conservative approach with critical systems)
 Pilot – Try entire new system with one location or department to de-bugg system before
it is rolled out to the rest of the organization
Prototyping & End User Development:

SDLC is not always the best approach to developing new systems; need the ability to experiment
& try new ideas quickly & cost-effectively
- Agile Methodologies
- Extreme Programming
- Rapid Application Development (RAD)
- Object-oriented analysis and design
Major Strategy in IT Development – External Acquisition:
 Competitive bid process—find the best system for lowest possible price.
- Systems planning and selection
- Systems analysis
- Development of a request for proposal
- Proposal evaluation
- Vendor selection
 The first two steps are similar to SDLC.
External Acquisition Process:
 Create RFP—documentation detailing system requirements sent to prospective vendors
 Establish an objective way to evaluate proposals based on clear metrics
 Vendor Selection – Determine the best vendor fit for your organization
Chapter 10: Securing IT Systems
Primary Threats to IT Security:
 Natural disasters
- Power outages, hurricanes, floods, and so on
 Accidents
- Power outages, cats walking across keyboards
 Employees and consultants
 Links to outside business contacts
 Travel between business affiliates
 Outsiders: (attacks on your systems)
- e.g. Viruses
Definition of Computer crime—The act of using a computer to commit an illegal act.
- Targeting a computer while committing an offense.
- Using a computer to commit an offense.
- Using computers to support a criminal activity.
More Definitions:
 Hackers – Often the motivation is curiosity, not crime.
 Crackers—those who break into computer systems with the intention of doing damage or
committing a crime; the real criminals.
 Hacktivists—Those who attempt to break into systems or deface Web sites to promote political
or ideological goals
Four ‘types’ of computer criminals:
 Current or former employees
- 85–95% of theft from businesses comes from the inside
 People with technical knowledge committing crimes for personal gain
 Career criminals using computers to assist them in crimes
 Outside crackers hoping to find information of value
“Malware” – a term used to describe “malicious software” such as viruses, worms, and Trojan Horses.
 Virus - a destructive program that disrupts the normal functioning of computer software.
 Worm – a variation of a virus that is targeted at networks, taking advantage of security holes
 Trojan Horse - Does not replicate, but causes damage. Codes are hidden, waiting for a trigger.
 Logic bombs or time bombs: (Variations of Trojan horses)
- Time bombs are set off by specific dates; logic bombs are set off by certain types of
operations.
Denial of Service Attack:
 Major type of attack on businesses today
 Attackers prevent legitimate users from accessing services:
- Zombie computers
- Created by viruses or worms
 Attack Web sites
 Servers crash under overwhelming load by machine created ‘demand’
Other Types of ‘Malware:
 Spyware
 Adware
 Spam (Electronic Junk Mail)
Phishing (Spoofing):
 Attempts to trick users into giving away credit card numbers
 Phony messages
 Duplicates of legitimate Web sites
Identity Theft: Fastest Growing “Information Crime”:
 Stealing another person’s:
- Credit card number
- Social Security number
- Other personal information
 Results in bad credit for victim
Cybersquatting:
 The practice of registering a domain name and later reselling it.
Cyber Harassment, Stalking, and Bullying: Crime that broadly refers to the use of a computer to
communicate obscene, vulgar, or threatening content.
Examples:
- Making false accusations that damage reputation of another
- Gaining information on a victim by monitoring online activities
- Using the Internet to encourage others to harass a victim
- Attacking data and equipment of a victim by sending e-mail viruses or other destructive code
- Using the Internet to place false orders for goods or services
Software Piracy:
 A HUGE global problem
 Intellectual property:
- Patents: process or machine inventions
- Copyrights: creations of the mind
 Illegal activities
- Making copies of purchased software for others
- Offering stolen proprietary software
Factors influencing digital piracy around the world:
- Concept of intellectual property differs between countries
- Economic reasons for piracy
- Lack of public awareness about the issue
Cyberwarfare: A Military’s attempt to disrupt or destroy another country’s information and
communication systems.
 Systems at risk:
- Command and control systems
- Intelligence collection and distribution systems
- Information processing and distribution systems

- Tactical communication systems and methods
- Troop and weapon positioning systems
- Friend-or-foe identification systems
- Smart weapons systems
Propaganda
- Web vandalism
- Cyber propaganda
Cyberterrorism:
 Governments are not involved; hard to pinpoint.
 Attacks can be launched from anywhere in the world.
 Goal is to cause fear, panic, and destruction.
 Cyberterrorism will likely become weapon of choice.
 We are vulnerable, because of our increasing dependence on technology (double-edged sword)
Information Systems Security: We are under attack from all sides:
 Internal threats
 External threats
Methods for managing the risk of IT Systems: Conduct Information systems audits!!
IT System Audit Process:
 Risk analysis
- Process of assessing the value of protected assets
- Cost of loss vs. cost of protection
 Risk reduction
- Measures taken to protect the system
- Risk acceptance
- Measures taken to absorb the damages
- Risk transfer
- Transferring the absorption of risk to a third party (insurance)
Technological Safeguards:
 Physical access restrictions
 Firewalls
 Encryption
 Virus Monitoring and prevention
 Audit-control software
 Dedicated facilities
Effective IT Controls in Organizations:
 Utilize effective technologies & applications
 Effective supervision & management practices
 Organizational Policies & Procedures
Physical access restrictions
 Firewalls
 Encryption
 Virus Monitoring and prevention
 Audit-control software
 Dedicated facilities
Download