ISDS 351 Mid-Term Review Guide

Information Systems

Helps rework products and services, recognize and capitalize on IS opportunities, enhances career advancement opportunities, improves problem-solving and decision-making skills, defines IT policies and supports new IT solutions, increases productivity and sustains competitive advantage.

Key Management Responsibilities

Identifying and using information systems for competitive advantage; managing people, technology infrastructure, processes, and organizational structure.

Leavitt's Diamond Model

A framework for introducing new systems into the workplace with four key components: People, Technology Infrastructure, Processes, and Structure.

Reasons for Using Leavitt's Diamond Model

Reduces stress during system implementation, encourages teamwork and collaboration, increases success rates of IS implementation.

Fundamental Information System Types

Personal IS - Individual productivity tools (e.g., Excel, email); Workgroup IS - Supports team collaboration (e.g., Google Drive, Slack); Enterprise IS - Organization-wide systems (e.g., ERP, CRM); Interorganizational IS - Links multiple organizations (e.g., supply chain management systems).

Role of Information Systems in Value Chains

Supports primary activities like inbound logistics, operations, outbound logistics, marketing, and service; enhances competitive advantage through efficiency and innovation.

Benefits of Strategic Planning

Provides a structured framework for decision-making, ensures optimal use of resources, enhances adaptability to change, improves communication and coordination.

Key Forces of IS Organizational Strategy Development

New technology innovations, business needs and market trends, cost efficiency and resource allocation, competitive pressures.

Perceptions of IS Organization

Perception 1: Cost center → IS seen as a necessary expense, leading to minimal investment; Perception 2: Service provider → IS supports business functions but lacks strategic influence; Perception 3: Business partner/peer → IS is aligned with corporate strategy and contributes to innovation.

Non-Technical Skills for IS Professionals

Problem-solving and critical thinking, communication and teamwork, project management, business analysis.

Importance of Certification in IS Field

Validates expertise and skills, enhances career opportunities, helps stay current with industry standards, increases credibility in the job market.

Importance of Learning About Computer Crime

Growing threat to individuals and organizations, financial and reputational damage, protects personal and corporate data.

Reasons for Prevalence of Computer Crime

Increased reliance on technology, more sophisticated hacking tools, lack of security awareness, global connectivity makes cybercrime easier.

Types of Cyberattack Perpetrators

Hackers, cybercriminals, insider threats (disgruntled employees), hacktivists.

Attack Vector

A method used to breach a system, network, or device.

Commonly Used Attack Vectors

Not specified in the provided notes.

Phishing emails

Fraudulent emails designed to trick recipients into revealing personal information.

Malware and ransomware

Malicious software designed to harm or exploit any programmable device or network.

Weak passwords

Passwords that are easily guessable or not complex enough to provide security.

Exploiting software vulnerabilities

Taking advantage of flaws in software to gain unauthorized access or cause harm.

Malware

Software specifically designed to disrupt, damage, or gain unauthorized access to computer systems.

Phishing attacks

Attempts to obtain sensitive information by masquerading as a trustworthy entity in electronic communication.

Denial-of-Service (DoS) attacks

Attacks aimed at making a machine or network resource unavailable to its intended users.

Insider threats

Security risks that originate from within the organization, often involving employees or contractors.

Financial loss

The loss of money or assets due to a successful cyberattack.

Reputation damage

Harm to an organization's public image as a result of a cyber incident.

Legal penalties

Consequences imposed by law for violations related to cybersecurity.

Data theft

The unauthorized acquisition of sensitive information.

Computer Fraud and Abuse Act (CFAA)

Criminalizes unauthorized access to systems.

Electronic Communications Privacy Act (ECPA)

Protects electronic communication privacy.

USA PATRIOT Act

Expands surveillance capabilities.

Confidentiality

Access control and encryption measures to protect sensitive information.

Integrity

Data validation and error checking processes to ensure data accuracy.

Availability

Backup systems and redundancy measures to ensure access to information.

Self-assessment of computer habits

Helps identify security vulnerabilities and reduces risk of cyber threats.

Security risk assessment steps

Identify assets, assess threats and vulnerabilities, implement security measures.

Response to a successful cyberattack

Contain the breach, notify affected parties, improve security policies.

Managed security service provider (MSSP)

Monitors and manages cybersecurity for organizations.

Computer forensics

Investigating digital crimes by analyzing electronic evidence.

Ethics and ethical dilemmas

Helps in decision-making and encourages responsible behavior.

Ethical vs. legal issues

Ethical issues are based on morals and values, while legal issues are defined by laws and regulations.

Promoting ethical behavior

Builds trust and credibility while reducing legal risks.

Ethical decision-making process steps

Recognize an ethical issue, get the facts, evaluate alternatives, make a decision, act and reflect.

Code of ethics intent and elements

Intent: Define expected behavior; Elements: High standards, decision-making guidance, accountability.

Benefits of following a code of ethics

Improves decision-making and builds public trust.

U.S. vs. EU information practices

U.S.: More industry-driven, less strict privacy laws; EU: Stronger privacy protections (e.g., GDPR).

Measures to protect personal data

Government regulations and corporate policies.

Measures individuals take for privacy

Use strong passwords, enable two-factor authentication, avoid sharing personal data unnecessarily.

Tradeoff between security and privacy

Strong security can limit privacy rights.

U.S. federal statutes on surveillance

Laws like ECPA and FISA regulate surveillance activities.

First Amendment and anonymous expression

Protects free speech and privacy in online communications.

Impact of censorship on ISPs

Limits access to information and can create compliance burdens.

Measures against defamation, hate speech, and pornography online

Content moderation policies and legal enforcement.

High-quality software vs. safety-critical systems

High-quality software: Reliable, efficient, user-friendly; Safety-critical systems: Must ensure zero failure in critical environments.

Development of safety-critical systems

Takes longer and costs more due to stringent requirements.

Safety-critical system

Requires extensive testing and compliance.

Ethical dilemmas for software developers

Data privacy vs. user tracking.

Ethical dilemmas for software developers

Security backdoors vs. Accessibility.

Data

Raw facts.

Information

Processed and organized data.

Knowledge

Understanding of information used for decision-making.

Entity

Object of interest (person, place, thing).

Attribute

Characteristic of an entity.

Primary Key

Uniquely identifies a record.

Foreign Key

Connects records between tables.

Database Management System (DBMS)

Manages and organizes databases.

Functions of DBMS

Data storage, retrieval, security, and backup.

Data Cleansing

Identifies and corrects inaccurate data.

Data Cleansing vs. Data Validation

Different from data validation.

Entity-Relationship (ER) Diagrams

Graphical representation of data structure.

Normalization

Reduces data redundancy and improves efficiency.

SQL

Language for database management (SELECT, FROM, WHERE).

ACID Properties

Ensures database integrity (Atomicity, Consistency, Isolation, Durability).

Database as a Service (DaaS)

Cloud-based database storage.

Data Governance

Defines roles and processes to ensure data integrity.

Data Management

Encompasses storage, security, and access policies.

Data Steward

Manages critical data entities.

Database Administrator (DBA)

Implements and manages database systems.

Big Data

Data is growing exponentially (nearly a zettabyte per year).

Sources of big data

Organizational databases, social media platforms, sensor and machine-generated data, transactional data from business operations.

Data Warehouses

Centralized storage for business data.

ETL process

Moves data from various sources to a warehouse.

Data Marts

Subset of a data warehouse, used by specific departments.

Data Lakes

Stores raw, unstructured data.

NoSQL Databases

Flexible data storage, not limited to table structures.

Hadoop

Open-source framework for big data storage and processing.

In-Memory Databases (IMDB)

Speeds up data retrieval.

Categories of NoSQL databases

Key-value, Document, Graph, Column.

Key-value

Uses key-value pairs (e.g., Redis).

Document

Stores and retrieves document-based data (e.g., MongoDB).

Graph

Analyzes relationships (e.g., Neo4j).

Column

Organizes data in columns for quick access (e.g., Cassandra).

Benefits of business intelligence (BI)

Enhances decision-making, identifies business trends, improves operational efficiency, enables predictive analytics.

Key components for effective BI and analytics

Strong data management program, skilled data scientists, commitment to data-driven decision-making.

E-commerce

Has transformed business operations and customer interactions.

Categories of e-commerce

Business-to-Business (B2B) - Companies selling to other businesses (e.g., suppliers, wholesalers).

Business-to-Consumer (B2C)

Direct sales to consumers (e.g., Amazon, Walmart).

Consumer-to-Consumer (C2C)

Peer-to-peer transactions through platforms (e.g., eBay, Etsy).

E-Government (G2C, G2B, G2G)

Government services online.

Key components of e-commerce technology infrastructure

Secure web hosting, online payment systems, mobile-friendly interfaces for m-commerce, search engine optimization (SEO), website personalization (implicit vs. explicit).