Sunday, August 15, 2010

WEEKLY QUESTIONS FOR CHAPTER FOUR- Ethics and Information Security

Q1. Explain the ethical issues surrounding information technology.
a.       Privacy & Confidentiality- Privacy is the interest of a person in protecting their life from unwanted intrusion and public scrutiny. Confidentiality is the principle that certain information will remain outside public domain.There is a lot of legislation covering this topic such as the Privacy Act. Some things to think about include: 
a. The ethical/ legal duty to keep customers information private.
b.      How much information should a company keep? They should only keep the information that is vital to their business purposes.
c.       How much surveillance is required?
d.      How secure is the database? Are there good passwords and systems using authentication & authorisation?
e.       What penalties should be in place for breach privacy issues?
b.      Data accuracy- companies have an ethical duty to keep information correct and up to date.
a.       Are there enough checks must be in place to ensure no malicious activity is happening?
b.      Is your organisation verifying data before being entered and  are they limiting access to such data entry?
c.       Companies need to limit information sharing to people that have authorization
d.      Companies need to delete information when it is no longer needed.
c.       Property Issues- There are questions of who owns the information/ data on emails, business plan, etc. IE. Does a company own its employers email and could they go and look at it? Or Who can see the data? Are they using intellectual property in an ethical and legal manner?
e.      
Q2.Describe a situation involving technology that is ethical but illegal.
Reinberg received an offer for a mobile phone service from AT&T Wireless. The offer revealed that AT&T Wireless had used Equifax, a credit reporting agency, to identify Reinberg as a potential customer. But since Fair Credit Reporting Act in the US forbids repurposing credit information except when the information is used for a firm offer of credit or insurance. Therefore it was ethical but illegal because it was breaching Privacy Laws. 

Another example is  that you make two copies of a software package you purchased (illegal) and keep one for back up (ethical).


Q3.Describe and explain one of the computer use policies that a company might employ.
Email Privacy policy- organizations should have a policy that sets out how employees may use email and the internet for private and non employment purposes. It states what activities are and aren’t permitted. It can detail the type of information that will be recorded and the member of the organization that will have access to that information and provides for the monitoring and auditing process that will consider the information.


Here is a link to an example of a real time email privacy policy:
http://www.cecnsw.catholic.edu.au/dbpage.php?pg=emailprivacypolicy 

Q4/5 What are the 5 main technology security risks? And give a way to reduce each risk.


a. Human Error can cause major security risks.Sensitive Company Data can be lost by: Employees that are not exact in their duties, employees that lack of adequate training on procedures, employees that leave a public computer logged on or poorly written applications. A way to prevent this is to have adequate training for employees. 
a.     
.       b. Natural Disasters- Events that lead to destruction of data systems, eg, fire, flood, earthquakes and Tsunami’s.  Ways to prevent this include: Backing up information/ data, having a Disaster recovery plan in case this happens; including communications plans, alternative sites and location of back up data.
      c. Technical Failures-- Blackouts, brownouts and system failures. To prevent this have internet content filtering, firewall packages, alternative websites.
d.      d. Deliberate Acts- Risks from malicious activity where employees destroy or corrupt data, hackers that log onto  the system and change or destroy data. This includes: Cyber criminals, terrorism, or random attacks. This can also include social engineering, where a person tricks another person into providing sensitive or restricted information. A way to prevent this is to have strong passwords (letters and numbers), strong penalties for misuse of data, firewalls, and system audits to track down malicious codes. Use of authentication (method for confirming users' identity) and authorisation (the process of giving someone permission to do or have something) is also useful.
 e.      e. Management Failure- managers not having the correct security systems in place. Managers need to develop a security plan, use anti virus and security software, and keep protection up to date.

Q6. What is a disaster recovery plan. What strategies might a firm employ?
A disaster recovery plan is a detailed process for recovering information or an IT system in the event of a catastrophic disaster such as fire or flood. A firm may have a back up of IT system, information in an off site location, or a separate fully equipped facility where the company can move in the event that the actual workplace is destroyed. 


Here is an example of one:



Disaster Recovery Plans ensure that an organisation’s critical business functions can continue to be executed in the event of a major disruption or disaster(Montrose Redbridge 1999). This allows the business to be more resilient, survive the event and able to minimize the impacts  of the failure on its business operations(Montrose Redbridge 1999).. If the plan is inadequate, it can lead to in the non-availability of critical resources which can result in major impacts being felt by the organisation(Montrose Redbridge 1999).Examples include: financial losses, loss of control of core business processes, an inability to carry on operations, legal and regulatory consequences, and damage to reputation and credibility(Montrose Redbridge 1999).








Reference: Montrose Redbridge, Business Continuity Plans/ Disaster Recovery Plans, Available: http://www.mrose.com.au/ Viewed 10 September 2010.

Posted by at 1 comment:

WEEKLY QUESTIONS FOR CHAPTER THREE- E-Business

1.What is an IP Address? What is it’s main function?
Each computer on the internet has an IP address, these can either be private or public, however every address must be unique. Its main function is to provide a unique address for each device on the network.

2. What is Web 2.0, how does it differ from 1.0?
 Web 2.0 is a set of economic, social and technology trends that collectively form the basis for the next generation of the internet. It is characterised by:
  • participation
  • openness
  • network effects. 
It advances internet technology and applications including:
  • blogs
  • wikis
  • RSS
  • social networks
It includes hanging what’s on the web and how it works (Turban, King, and Lang 2008). It doesn’t refer to a technical update of specifications; but rather refers to a change in the way software developers and end users use the web as a platform(Turban, King, and Lang 2008). The web is no longer linking just text; its linking people (ie sites such as Facebook).

Some believe that web usage has been increasingly moving towards interaction and rudimentary social networking, which can serve content that exploits the network effect with or without creating a visual, interactive web page(Turban, King, and Lang 2008).This brings the web closer to the concept of web as a democratic, personal, do it yourself medium of communication(Turban, King, and Lang 2008).

It is propelling companies into a new way to do business and gives them opportunities to gain a first movers advantage.

Web 2.0 tools include:
  • Google AdSense
  • Flickr
  • Blogs
  • Web Services
  • RSS and podcasting
  • Search engines
  • Napster
  • Social networks
  • Service oriented architecture
Statistics:
  • Over 1.4 billion people worldwide have the internet
  • There are 70 million blogs; and there are 120,000 blogs created a day or 1.4 every second.(Turban, King, and Lang 2008)
  •  17 posts are made to a blog per second (Turban, King, and Lang 2008)
  • 12% of all customers in the US use RSS (Turban, King, and Lang 2008)
  • 12 million Households will regularly subscribe to podcasts by 2010 (Turban, King, and Lang 2008)

The Main difference between Web 1.0 is the greater collaboration among users and other users, content providers and enterprises. Web 1.0 was organised around pages, software, technology &corporations. Web 2.0 is organised around ordinary people and services.

Here is a link to a YouTube video talking about the evolution from Web1.0 to Web 2.0 to Web 3.0.
http://www.youtube.com/watch?v=bsNcjya56v8&feature=related 

Reference:
Turban, E., King, D. and Lang, J. 2008. Introduction to Electronic Commerce 2E (International Edition) Pearson Prentice Hall, New Jersey.

 3. What is Web 3.0?
Web 3.0 is a term that has been coined to describe the evolution of the web usage and interaction among several separate paths including:
  • transformation of the web into a database
  • a move towards making content accessible by multiple non browser applications
  • the leverage of artificial intelligence technologies 
  • the semantic web (which is an extension of the world wide web where web content can be expressed in both natural language and in a special software format allowing software agents to find, share and integrate information more easily.)
Many agree that it encompasses one or more of the following:
  • transforming the web into a database
  • a path to artificial intelligence
  • the realisation of semantic web andservice oriented architecture
  • the evolution towards 3D.

4. What is eBusiness, how does it differ from eCommerce?
 e-Business is the conducting of business on the internet, including buying and selling, serving customers and collaborating with business partners. The difference with e-commerce and e-business is that e-business also refers to online exchanges of information; such as a business using online banking, ordering online, or monitoring production schedules online. Whereas e-commerce is the buying and selling of goods over the internet (business transactions only).

5. What is pure and partial eCommerce? 
Partial EC or Click-and-mortar organizations are those that conduct some e-commerce activities, yet their business is primarily done in the physical world. EG: Fresh Direct.  A company may sell online and also have physical store fronts.Whereas Pure e-commerce or Virtual organizations are companies that are engaged only in EC with no physical store. And Brick-and-mortar organizations are purely physical organizations.

6. List and describe the various eBusiness models? 
B2B- is where businesses buy and sell to each other over the internet. Online access to data including expected shipping date, delivery date and shipping status widely support this model. Electronic marketplaces are an example of this.
B2C- This is where a business sells its goods and services online. An e-shop is an example of this e-business model.
C2B- This is where a consumer sells a good or service to a business over the internet EG: Amazon.com
C2C- This is where sites offering goods and services which assists consumers interacting with one another over the internet. Ebay is an example of this.

To learn more see this PDF 'E Management for Your Business':
 http://www.apms.com.au/papers/allan2000-ukcmg.pdf

7. List and describe the major B2B models?
a.      Sell Side- This describes a web-based marketplace in which one company sells to many business buyers from e-catalogs or auctions, frequently over an extranet. They can do this by selling from electronic catalogs; selling via forward auctions; or one-to-one selling (negotiating a contract). (1 seller/ many buyers)
b.      Buy Side or E-procurement- This describes a corporate-based acquisition site that uses reverse auctions, negotiations, group purchasing, or any other e-procurement method. This is where a company wants to buy goods or services. A Group of buyers open an e market place can invite buyers to bid on services / goods using a Request For Quote/Bid methodology. (1 buyer/ many sellers)
c.       Electronic Exchange- This is where is a marketplace with many buyers and many sellers.
d.      Collaborative Commerce- This involves activities other than buying/selling among business partners- for example- SC improvements, communicating, collaborating, sharing info for joint design, planning, learning. (involving the Government, sellers, buyers, Universities, etc).
8. Outline 2 opportunities and 2 challenges faced by companies doing business online?
Opportunities:
  • High Accessibility- there is a possibility that businesses can now operate 24 hours a day 365 days a year; allowing for more revenue and ease of access for customers.
  • Improved information content- consumers no longer have to order catalogs or physically travel to the physical store before they can compare qualities and prices. Electronic catalog and web pages allow consumers to see real time information about goods, services, and prices.

Challenges:
  • Protecting consumers- consumers must be protected against unsolicited goods and communication, illegal/harmful goods, insufficient information about suppliers and goods, invasion of privacy and cyber fraud.
  • Leveraging existing systems- it is important that e-business systems integrate with existing systems in a way that avoids duplicating functionality and maintains usability, performance and reliability.

To learn more about e-commerce and e-business. These sites are very useful and informative:

http://www.aim.com.au/DisplayStory.asp?ID=687
 
Posted by at No comments:

WEEKLY QUESTIONS FOR CHAPTER TWO- Strategic Decision Making

1. Define TPS & DSS, and explain how an organisation can use these systems to make decisions and gain competitive advantages. (PG 58-9)

A transaction processing system (TPS) is the basic business system that serves the analysis on the operational level in an organisation. Eg: Payroll system order entry system

Organisations use TPS to help support the daily operational tasks, repetitive decisions, and they are able to use this information to support more analytical decision making such as analysing daily sales to determine how much inventory to carry. If the transactional details are in order then this allows the more executive workers in the organisation to concentrate on the whole picture of the organisation to make broader decisions in order to gain a competitive edge or advantage above its competitors.



A TPS will improve productivity by re-engineering some of the core business processes (Avram 1995). This allows for one person to perform the functions once performed by two employees(Avram 1995). This means that with less employees simple tasks will become cheaper.

The identifying features of a transaction processing system are:
  •   TPSs are low level systems, which collect an organisations operating data and feed that data to the higher level planning systems (or to management); the information is used r to make short term, limited impact and tactical decisions (Avram 1995);
  • often operated by data entry operators, customer service staff, and the individual decisions have limited effects. Unlike DSS which are designed to be operated by management decision makers whose decisions are of a more wide ranging nature(Avram 1995).

A decision support system (DSS) models information to support managers and business professionals during the decision making process. This allows them to use technology in a way to gain a competitive edge to gain information which helps provide better services and better customer satisfaction. For example, Wellington Combined Taxis developed a GPS based system which reduced customer waiting times, reduced no jobs (where taxis arrive to find that the customer has taken another form of transportation) amd driver’s dead kilometres (time spent waiting for a job). This company became the largest of 27 cab companies in the region due to this DSS.

Reference:
Avram, C, New paradigms for transaction processing, Available: http://www.csse.monash.edu.au/~cavram/papers/tp/tr94-02h.html
Acessed 14 September 2010.


2. Describe the three quantitative models typically used by decision support systems. (PG 59)

a. Sensitivity analysis- which is the study of the impact that changes in one or more parts of the model have on other parts of the model. Users can change the value of the variables and observe the changes in results due to the change in variable.
To learn more about Sensitivity Analysis see:


b. What if analysis- which checks the impact of a change in an assumption on the proposed solution. The book gives the example of ‘What will happen to the supply chain if a cyclone off Brisbane reduces holding inventory from 30% to 10%?’. Users will continually repeat analysis until they understand all effects of various situations.
To learn more about a What if Analysis see:


c. Goal-seeking analysis- finds the inputs necessary to achieve a goal such as desired level of output, desired market share, or desired average time to produce item. Instead of observing how changes in a variable affect other variable, this type of quantitative model sets a goal or target value for a variable and repeatedly changes other variables until the target is achieved.

The book gives the example of ‘How many customers are required to purchase a new product to bring profits to $5 million.’

To learn more about Goal Seeking Analysis go to:



3. Describe a business processes and their importance to an organisation. (Pg 69)

A business process is a standardised set of activities that accomplish a specific task such as processing a customer’s order. One business process is the transform of inputs into a set of outputs (goods/services) by using people and tools (customer checkout process). Other business processes include: developing new products, building a new home, ordering clothes online, and administering Centerlink payments. Examining these processes helps businesses stay competitive, anticipate bottlenecks, combine related activities and optimize/automate business processes. An organisation is only as strong as its business processes. Improving a business process can have significant effects on the total distribution process.

4. Compare business process improvement and business process re-engineering. (71-3)

Business process improvement attempts to understand and measure the current process and make performance improvements accordingly.
Business process re-engineering is the analysis and redesign of workflow within and between enterprises. BPR relies on a different school of thought than BPI. BPR assumes that the current process is irrelevant, does not work or is broken and must be overhauled from scratch. BPR provides new opportunities for Information systems and technology and the on going wide spread deployment of data networks provide a challenge to IT (Avram 1995). There are now many new ways to deliver and collect information; old technology or dumb terminals attached to central computer systems are being replaced by personal computers and workstations allowing virtual terminal operation and client server operation (Avram 1995). 
Reference:
Avram, C, New paradigms for transaction processing, Available: http://www.csse.monash.edu.au/~cavram/papers/tp/tr94-02h.html
Acessed 14 September 2010.

5. Describe the importance of business process modelling (or mapping) and business process models.

Business Process modelling or mapping is where you create a detailed flowchart or process map of a work process, showing inputs, tasks and activities in a structured sequence.

A business process model is a graphic description of a process showing the sequence of process tasks, which is developed for a specific purpose and from a selected viewpoint.

The purpose and importance is to:
• Expose process detail gradually and in a controlled manner
• Encourage conciseness and accuracy on describing the process model
• Focus attention on the process model interfaces
• Provide a powerful analysis and consistent design vocabulary.


Below is an example of a model or map:
Posted by at No comments:

WEEKLY QUESTIONS FOR CHAPTER ONE- Information Systems in Business

Q1. Explain information technology’s role in business and describe how you measure success? (Pg 8 & 21)

The role of information technology is to:
  • improve productivity
  • generating growth
  • reduce cost
  • improve accuracy
  • improve communication
  • improve the speed and quality of decision making by automating the process
Guy’s theory is that IT brings people closer together. For example, now you can conduct a meeting online where managers are in different cities. It not only has an effect on business (ie on the business' process) but also has the potential to transform it (ie from a single person business to a large online business). Once this culture is embedded into the organisation; then the areas of customer service, finance, sales, marketing, HR and operations management can all benefit through effective IT solutions.
There are 2 metrics to measure success; efficiency and effectiveness. Efficiency IT metrics measure the performance of the IT system itself (ie throughput, speed & availability). Effectiveness IT metrics measure the impact IT has on business processes and activities (ie customer satisfaction, conversion rates and sell through increases). Peter Drucker explains that managers 'do things right' and/or 'do the right things'. Doing things right addresses efficiency (getting the most from each resource) and doing the right things addresses effectiveness (setting the right goals and objectives and ensuring they are accomplished).


Q2. List and describe each of the forces in Porter’s Five Forces Model? (Pg 26-29)

Here is the diagram that explains this model:



A. Supplier Power
Supplier power is high when one supplier has concentrated power over an industry. If supplier power is high, the supplier can directly influence the industry by charging higher prices, limiting the quality of services and shifting costs to industry participants. When supplier power is high, buyers lose revenue because they can't pass on the price increase of the final product to the customer. For example, if Microsoft raises the price of its operating system, it will decrease the profitability of its buyers.

B. Threat of New Entrants
The threat of new entrants is high when it is easy for new competitors to enter a market and low when there are significant barriers to entering a market. An entry barrier includes a feature of a product/service that customers have come to expect from a particular industry (and hard to replicate) and must be offered by the new organisation in order to survive. (EG: a bank must offer ATMs, online internet banking etc)

C. Buyer Power
Buyer power is high when buyers have many sellers to choose from and is low when their are fewer choices. This type of power is reflected by their ability to impact the price they are willing to pay for an item. Strong buying power is similar to a monopsony- a market where there are many suppliers and only one buyer. Here the buyer sets the price. One way to reduce buyer power is to create a competitive advantage so that it is harder for customers to leave (ie loyalty program).

D. Threat of Substitutes
The threat of substitute products or services is high when there are many alternatives to a product or service and low when there are few alternative to choose from. However it is seldom possible in the real world to have no alternatives, but companies can create a competitive advantage by using switching costs. Switching costs are costs that can make customers reluctant to switch to another product or service. Note that it doesn’t need to have an associated monetary cost. For example, Amazon.com develops a unique profile of shopping & purchasing habits. Therefore if the customer decides to shop elsewhere, there is an associated switching cost because the site won’t have a profile of their past purchases.

E. Industry Rivalry amongst existing competitors
Rivalry amongst existing competitors is high when competition is fierce in a market and low when competition is more complacent. There is an overall trend towards competition in most industries. EG: super markets. Ways to reduce this are loyalty programs or using switching costs.

For more information about this model see:
http://www.12manage.com/methods_porter_five_forces.html


3. Describe the relationship between business processes and value chains? (Pg 31)
 
A business process is a standardised set of activities that accomplish a specific task, such as processing a customer's order. To evaluate the effectiveness of its business processes, an organisation can use Michael Porter's value chain approach. An organisation creates value by performing a series of activities that Porter identifies as the value chain. The value chain approach views an organisation as a series of processes, each which adds value to the product or service (ie the frontline activities). To achieve a competitive advantage, the VC must enable the organisation to prove a unique value to its customers. In addition to these value chain adding activities, the firm operates in a value system of vertical activities including those of upstream suppliers and downstream channel members. To achieve a competitive advantage, the firm must perform one or more value creating activity in a way that creates more overall value than do competitors. Added value is created though lower costs and superior benefits/ features of the product/ service (differentiation).

Examining the organisation as a VC leads to identifying the important activities that add value for the customer and finding IT systems that support those activities. Support value activities include infrastructure, HR Management, technology development and procurement (the buying of inputs) to help support value adding activities. They help streamline and reduce costs.

Organisations should attempt to use IT to add value to both primary and support value activities. For example, the development of a marketing campaign management system (primary value activity) that could target marketing campaigns more efficiently and therefore reducing marketing costs. This system would also help the organisation pinpoint the target market's needs; therefore increasing sales.

Another example, is the development of an HR system (support activity) that could more effectively reward employees based on performance and identify employees who are at risk of leaving their jobs, allowing the organisation to find additional challenges/opportunities that would help retain these employees, therefore reducing turnover costs.


4. Compare Porter’s three generic strategies? (pg 30)
The three strategies are:


A. Broad Cost Leadership
B. Broad Differentiation
C. Focused Strategy


The broad strategies reach a large market segment and the focused strategy targets a smaller niche market segment. A focused strategy concentrates on either cost leadership or differentiation

A Cost Leadership Strategy involves the firm winning market share by appealing to cost-conscious or price-sensitive customers. This is achieved by having the lowest prices in the target market segment. To succeed at offering the lowest price while still achieving profitability, the firm must be able to operate at a lower cost than its rivals.

The Differentiation Strategy involves the creation of a product or services that is perceived throughout its industry as unique. The company may then charge a premium for its product. This specialty can be associated with design, brand image, technology, features, dealers, network, or quality of customer service. Increased costs can usually be passed on to the buyers. Examples of the successful use of a differentiation strategy are Nike, Apple Computer, and Mercedes-Benz automobiles.
Posted by at No comments:
Subscribe to: Posts (Atom)