What is phishing, pharming, spoofing and click fraud?Phishing is the attempt to acquire sensitive information such as usernames, passwords, and credit card details (and sometimes, indirectly, money) by masquerading as a trustworthy entity in an electronic communication.Pharming is a cyber attack intended to redirect a website's traffic to another, bogus site.Spoofing also may involve redirecting a weblink to an address different from the intended one, with the site masquerading as the intended destinationWhy are the ethical issues associated with the protection of intellectual property in the age of the Internet?Information systems raise new ethical questions for both individuals and societies because they create opportunities for intense social change, and thus threaten existing distributions of power, money, rights and obligations.

Intellectual property is considered to be intangible property created by individual or corporations. Intellectual property is subject to a variety of protections under three different legal traditions:

Trade secrets- Intellectual work product used for a business purpose can be classified as a trade secret. Trade secret law protects the actual ideas in a work product, not only their manifestation. The limitation of trade secret protection is that, although virtually all software programs of any complexity contain unique elements of some sort, it is difficult to prevent the ideas in the work from falling into the public domain when the software is widely distributed.

Copyright- Copyright is a statutory grant that protects creators of intellectual property from having their work copied by others for any purpose during the life of the author plus an additional 70 years after the author’s death.

Patents- A patent grants the owner an exclusive monopoly on the ideas behind an invention for 20 years.

What are the Internet challenges to privacy?Websites can learn the identities of their visitors if the visitors voluntarily register at the site to purchase a product or service or to obtain a free service, such as information. Websites can also capture information about visitors without their knowledge using cookie technology. Cookies are small text files deposited on a computer hard drive when a user visits websites. Cookies identify the visitor’s web browser software and track visits to the website.

Web beacon are tiny objects invisibly embedded in email messages and web pages that are designed to monitor the behaviour of the user visited a website or sending email.

Other spyware can secretly install itself on an internet user’s computer by piggybacking on larger applications.

An opt-out model of informed consent permits the collection of personal information until the consumer specifically requests that the data not be collected. Privacy advocates would like to see wider use of an opt-in model of informed consent in which a business is prohibited from collecting any personal

information unless the consumer specifically takes action to approve information collection and use.

Technical Solutions- Many tools are used for encrypting email, for making email or surfing activities appear anonymous, for preventing client computers from accepting cookies, or for detecting and eliminating spyware.

What are sniffer and spyware?A sniffer is a type of eavesdropping program that monitors information travelling over a networkSpyware is software that aids in gathering information about a person or organization without their knowledge and that may send such information to another entity without the consumer's consent, or that asserts control over a computer without the consumer's knowledge

What are three most common core ERP components focusing on internal operations?ERP Core Component- Support the important internal activities of the organisation for producing their products and services. These components support internal operations such as:

Financial Management- accounting and financial reporting

Operations Management- standardise and automation

HR Management- employee recruitment and performance reviews

What is portfolio analysis? Portfolio analysis can be used to evaluate alternative system projects. Portfolio analysis inventories all of the organisation’s information systems projects and assets, including infrastructure, outsourcing contracts and licenses. Firms try to improve the return on their portfolios of IT assets by balancing the risk and return from their systems investments. Information intensive industries should have a few high risk, high benefit projects to ensure that they stay current with technology. Firms in non information intensive industries should focus on high benefit, low risk projects. By using portfolio analysis, management can determine the optimal mix of investment risk and reward for their firms, balancing riskier high reward projects with safer lower reward ones.

What is an acceptable use policy? An acceptable use policy (ATP_ defines acceptable uses of the firm’s

information resources and computing equipment, including desktop and laptop computers, wireless devices etc. A good AUP defines unacceptable and acceptable actions for every user and specifies consequences for noncompliance. Identity management consist of business processes and software tools for identifying the valid users of a system and controlling their access to system resources.

What is a scoring model?A scoring model is useful for selecting projects where many criteria must be considered. It assigns weights to various features of a system and then calculates the weighted totals. Scoring models are used most commonly to confirm, to rationalise, and to support decisions, rather than as the final arbiters of system selection.

What are intangible benefits of information systems? Improved asset utilisation Improved resource control Improved organisational planning Increased organisational flexibility More timely information More information Enhanced employee goodwill Increased job satisfaction

What are the security problems posed by the Internet? *****The introduction of the internet has fostered for the potential to share data instantly with everyone that itself has created a huge cyber security What is disaster recovery and business continuity planning?Disaster recovery planning devises plans for the restoration of computing and communication services after they have been disrupted. They focus primarily on the technical issues involved in keeping systems up and running. Business continuity planning focuses on how the company can restore business operations after a disaster strikes. It identifies critical business processes and determines action plans for handling mission-critical functions if systems go down.

What is outsourcing and offshoring?What is a make-to-order process? In contrast, in the make-to-order process, raw materials, subcomponents, and accessories are procured based on forecasts, but actual manufacturing does not start until sales orders are received (pull based approach). Mass produced goods are typically produced under a make-to-stock approach.

What is the key use of manufacturing execution module of supply chain management?

Support production processes taking into account amount capacity and material constraintsWhat is vendor-managed inventory, just-in-time production?

Process sales order

(Design/Engineer Product)

Procure inputs

Schedule production Production Quality

ControlShip

product

A business model in which the suppliers to a manufacturer manage the manufacturer’s inventory levels based on pre-established service levels. To make VMI possible, the manufacturer allows the supplier to monitory stock levels and ongoing sales data. The manufacturer shares real time sale data with their suppliers, who maintain inventory levels based on pre-established agreements. Such arrangements can help to reduce the manufacturer’s inventory, both saving costs and minimising stockout situations; the supplier, in turn, benefits from the intense data sharing which helps produce more accurate forecasts, reduces ordering errors, and helps prioritise the shipment of goods.

What are data dictionaries and business rules? Databases: Effective Management- The two key elements of an organisational database are the data and the structure of that data. The structure of the data is typically captured in a data model, that is, a map or diagram that represents entities and their relationships. A common way to represent a data model is an entity relationship diagram. Each attribute in the database needs to be of a certain type. This data type helps the DBMS organise and sort the data, complete calculations, and allocate storage space. To finalise the data model in order t actually build the database, a process called normalisation is used to make sure the database will operate efficiently. Normalisation makes sure that each table contains only attributes that are related to the entity; hence, normalisation helps to eliminate data duplication. Once the data model is created, the format of the data is documented in a data dictionary. The data dictionary is a document explaining several pieces of information for each attribute. Data dictionary can be used to enforce business rules. Business rules are captured by the designers of the database and included in the database.

What is the system development lifecycle?

The remaining steps in the systems development process translate the solution specifications established during systems analysis and design into fully operational information systems.

Programming- System specifications that were prepared during the design stage are translated into software program code.

Testing- Exhaustive and thorough testing must be conducted to ascertain whether the system produces the right results. Testing is time consuming. Testing an information system can be broken down into three types of activities:

o Unit testing- Consists of testing each program separately in the system.

o System testing- Test the functioning of the information system as a whole. It tries to determine whether discrete modules will function together as planned and whether discrepancies exist between the way the system actually works and the way it was conceived.

o Acceptance testing- Provides the final certification that the system is ready to be used in a production setting. Systems tests are evaluated by users and reviewed by management.

Conversion is the process of changing from the old system to the new system. Four main conversion strategies can be employed:

o Parallel strategy- Both the old system and its potential replacement are run together for a time until everyone is assured that the new one functions correctly.

o Direct cutover strategy- Replaces the old system entirely with the new system on an appointed day.

o Pilot Study strategy- Introduces the new system to only a limited area of the organisation.

o Phase Approach strategy- Introduces the new system in stages, either by functions or by organisational units.

Production and Maintenance- After the new system is installed and conversion is complete, the system is said to be in production. During this stage, the system will be reviewed by both users and technical specialists to determine how well it has met its original objectives and to decide whether any revisions or modifications are in order. A post implementation audit document may be prepared. Changes in hardware, software, documentation or procedures to a production system to correct errors, meet new requirements, or improve processing efficiency are termed maintenance.

What are web services widgets and mashups?Web services are one of the critical components of sharing data. Web services allow data to be accessed without intimate knowledge of other organisations’ systems, enabling machine to machine interaction over the internet. The central

idea behind web services is that any device can use any network to access any service. A web service can offer several benefits for organisations, including:

Utilising the existing internet infrastructure Accessing remote or local data without having to know the

complexities of this access Creating unique and dynamic applications quickly and

easily By providing access to useful web services, organisations

build and strengthen customer relationships, providing a base for revenue-generating services.

Widgets are small interactive tools used for a single purpose such as taking notes, viewing pictures, or simply displaying a clock. Widgets can either be placed on a desktop or be integrated into a web page. Often, widgets use web services to pull their information from a remote source, such as Weather.com for weather information.

Together, web services and widgets enable the creation of mashups. In web 2.0, a mashup is a new application that integrates one or more web services. One web service frequently used to display geospatial information in mashups is Google Maps.

How can an information system enable a company to focus on a market niche?

The Long TailThe concept of the long tail refers to a focus on niche markets rather than purely on mainstream products. The distribution of consumers’ needs and wants can be compared to a statistical normal distribution, where there are people with very diverse needs and wants on the tails and many people with ‘mainstream’ needs and wants in the centre of the distribution. Because of high storage and distribution costs, most traditional brick-and-mortar retailers and service providers are forced to limit their product offerings to serving the needs and wants of the mainstream customers.Many e-tailers can focus on the long tails, that is, on products outside the mainstream tastes. Focusing on those that are on the long tails of the distribution of consumers’ wants can lead to a very successful business model in the digital world.

Drawbacks to E-Tailing Product Delivery Drawbacks- Example, delay in packaging and shipping

and delivering products when customer isn’t at home Direct Product Experience Drawbacks- Lack of sensory information such

as taste, smell and feel. E-tailing eliminates the social aspects of the purchase.

What are the porter five forces and how to recognize strategy enacted in relation to them? Porter’s Competitive Forces ModelThis model provides a general view of the firm, its competitors, and the firm’s environment.

Traditional Competitors- All firms share market space with competitors who are continuously devising new, more efficient ways to produce by introducing new products and services, and attempting to attract customers by developing their bands and imposing switching costs on their customers.

New Market Entrants- In some industries, there are very low barriers to entry, whereas in other industries, entry is very difficult. New companies have new equipment and younger workers but little brand recognition.

Substitute Products and Services- There are substitutes that customers might use if prices of other products become too high. The more substitute products and services in your industry, the less you can control pricing and the lower your profit margins.

Customers- A profitable company depends in large measure on its ability to attract and retain customers (while denying them to competitors), and charge high prices. The power of customers grows if they can easily switch to a competitor’s product and services, or if they can force a business and its competitors to compete on price alone in a transparent marketplace where there is little product differentiation.

Suppliers- The market power of suppliers can have a significant impact on firm profits, especially when the firm cannot raise prices as fast as can suppliers. The more different suppliers a firm has, the greater control it can exercise over suppliers in terms of price, quality and delivery schedules.

Information system strategies for dealing with competitive forces1. Reduce costs

Customer want to pay little for service Reduce costs to lower price Automation greatly reduces costs Web can automate customer service Efficient customer response system- Directly links consumer

behaviour to distribution and production and supply chains.2. Raise barriers to market entrants

Less competition is better for company Raise barriers to entrants to lower competition Techniques include obtaining copyrights and patents on

inventions, techniques and services Building unmatchable information systems blocks entrants

3. Establish high switching costs Switching cost- incurred when customer stops buying from

company and starts buying from another company Explicit- charge customer for switching Implicit- Indirect costs over period of time

High switching costs locks in customers4. Create new products or services

Having unique product or service gives competitive advantage First mover- Organisation that is first to offer a new product or

service- superior brand name, better technology, more experience Critical mass- Body of clients that is large enough to attract other

clients5. Differentiate product or services

Product differentiation- Persuading customers that product is better than competitions

Achieved through advertising Exemplified by brand name success Promotes brand name

6. Enhance products or services Enhance existing products to services to increase value to

consumer Many products and services have been enhanced by the web

7. Establish alliances

Alliance- Two companies combining services Make products more attractive Reduce costs Provides one stop shopping

Affiliate program- Linking to other companies and rewarding the linker for click throughs

8. Lock in suppliers or buyers Accomplished by achieving bargaining power Bargaining power- Leverage to influence buyers and suppliers

Achieved by being major competitor or eliminating competitors

Uses purchases volume as leverage Lock in clients by creating high standards

What is reinter mediation and disintermediation? Transaction Support- By providing ways for clients and firms to conduct business online without human assistance, the internet and web have greatly reduced transaction costs while enhancing operational efficiency. Many companies are utilising the web to provide automated transaction support.

Disintermediation allows producers or service providers to offer products at lower prices however they also have to take on those activities previously performed by a function of the business. Re-intermediation refers to the design of business models that reintroduce the function of business to reduce the chaos brought by disintermediation.

What is a click-and mortar business strategy? Click-and-mortar business strategic approach operates in both physical and virtual environments. Conducting physical and virtual operations presents special challenges for these firms, as business activities muss be tailored to each of these different environments in order for the firms to compete effectively. Companies must design, develop and deploy systems and applications to accommodate an open computing architecture that must be globally and persistently available.

What is the collective intelligence? One major benefit of social software is the ability of collective intelligence. The concept of collective intelligence is based on the notion that distributed groups of people with a divergent range of information and expertise will be able to outperform the capabilities of individual experts. In addition to the benefits of harness the wisdom of crowds, social changes, brought about by globalisation, increasing wealth and consumerisms, as well as the web, are key drivers for Enterprise 2.0.

What is drill-down capability?Drill down is a capability that takes the user from a more general view of the data to a more specific one at the click of a mouse. For example, a report that shows sales revenue by state can allow the user to select a state, click on it and see sales revenue by county or city within that state. It is called “drill down” because it is a feature that allows the user to go deeper into more specific layers of the data or information being analyzed.

What are the 4 scenarios related to data quality when businesses are modeling business situations? What are potential problems associated with data deficiency associated with each of the 4 scenarios above?What are the 3 tenets of the Business Process Redesign perspective?

Business Process Redesign- Business processes are analysed, simplified and redesigned. Business process redesign reorganises workflows, combining steps to cut waste and eliminate repetitive, paper intensive tasks

What are the core components of the ERP and how could they improve organizational business processes?

ERP Core Component- Support the important internal activities of the organisation for producing their products and services. These components support internal operations such as:

Financial Management- accounting and financial reporting Operations Management- standardise and automation HR Management- employee recruitment and performance

reviews

ERP Extended Components- Support the primary external activities of the organisation for dealing with suppliers and customers. ERP extended components focus primarily on customer relationship management and supply chain management.

When companies realise that legacy systems can create dramatic inefficiencies within their orgnaisations, the next step is to integrate legacy information on a company wide basis. Applications that integrate business activities across departmental boundaries are often referred to as enterprise resource planning (ERP) systems. Integrating data to integrate applicationsERP replaces stand-alone applications by providing various modules based on a common database and similar application interfaces that service the entire enterprise rather than a portion of it. ERP applications make accessing information easier by providing a central information repository. Rather than information flowing from one department to the next, it can be accessed and updated at will, meaning that the next business activity can access information in the data warehouse whenever it needs to. Information can be shared throughout the organisation using ERP. Storing data in a single place and making it available

to everyone within the organisation empowers everyone to be aware of the current state of business and to perform their jobs better.Choosing an ERP SystemManagement must carefully select an ERP application that will meet the unique requirements of the particular company, and must consider a number of factors.

ERP Control- Refers to the locus of control over the computing systems and data obtained in these systems, as well as decision making authority. Companies typically either opt for centralised control, or allow particular business units to govern themselves. In the context of ERP, these decisions are based on the level of detail in the information that must be provided to management.