What is phishing, pharming, spoofing and click fraud?

Phishing is the attempt to acquire sensitive information such as usernames,

passwords, and credit card details (and sometimes, indirectly, money) by
masquerading as a trustworthy entity in an electronic communication.
Pharming is a cyber attack intended to redirect a website's traffic to another,
bogus site.
Spoofing also may involve redirecting a weblink to an address different from the
intended one, with the site masquerading as the intended destination
Why are the ethical issues associated with the protection of intellectual property
in the age of the Internet?
Information systems raise new ethical questions for both individuals and
societies because they create opportunities for intense social change, and thus
threaten existing distributions of power, money, rights and obligations.

Intellectual property is considered to be intangible property created by
individual or corporations. Intellectual property is subject to a variety of
protections under three different legal traditions:
Trade secrets- Intellectual work product used for a business purpose can
be classified as a trade secret. Trade secret law protects the actual ideas
in a work product, not only their manifestation. The limitation of trade
secret protection is that, although virtually all software programs of any
complexity contain unique elements of some sort, it is difficult to prevent
the ideas in the work from falling into the public domain when the
software is widely distributed.
Copyright- Copyright is a statutory grant that protects creators of
intellectual property from having their work copied by others for any
purpose during the life of the author plus an additional 70 years after the
authors death.
Patents- A patent grants the owner an exclusive monopoly on the ideas
behind an invention for 20 years.
What are the Internet challenges to privacy?
Websites can learn the identities of their visitors if the visitors voluntarily
register at the site to purchase a product or service or to obtain a free service,
such as information. Websites can also capture information about visitors
without their knowledge using cookie technology. Cookies are small text files
deposited on a computer hard drive when a user visits websites. Cookies identify
the visitors web browser software and track visits to the website.
Web beacon are tiny objects invisibly embedded in email messages and web
pages that are designed to monitor the behaviour of the user visited a website or
sending email.

Other spyware can secretly install itself on an internet users computer by
piggybacking on larger applications.

An opt-out model of informed consent permits the collection of personal
information until the consumer specifically requests that the data not be
collected. Privacy advocates would like to see wider use of an opt-in model of
informed consent in which a business is prohibited from collecting any personal
information unless the consumer specifically takes action to approve
information collection and use.

Technical Solutions- Many tools are used for encrypting email, for making email
or surfing activities appear anonymous, for preventing client computers from
accepting cookies, or for detecting and eliminating spyware.

What are sniffer and spyware?
A sniffer is a type of eavesdropping program that monitors information
travelling over a network
Spyware is software that aids in gathering information about a person or
organization without their knowledge and that may send such information to
another entity without the consumer's consent, or that asserts control over a
computer without the consumer's knowledge

What are three most common core ERP components focusing on internal
operations?
ERP Core Component- Support the important internal activities of the
organisation for producing their products and services. These components
support internal operations such as:
Financial Management- accounting and financial reporting
Operations Management- standardise and automation
HR Management- employee recruitment and performance reviews
What is portfolio analysis?
Portfolio analysis can be used to evaluate alternative system projects.
Portfolio analysis inventories all of the organisations information systems
projects and assets, including infrastructure, outsourcing contracts and licenses.
Firms try to improve the return on their portfolios of IT assets by balancing the
risk and return from their systems investments. Information intensive industries
should have a few high risk, high benefit projects to ensure that they stay current
with technology. Firms in non information intensive industries should focus on
high benefit, low risk projects. By using portfolio analysis, management can
determine the optimal mix of investment risk and reward for their firms,
balancing riskier high reward projects with safer lower reward ones.

What is an acceptable use policy?
An acceptable use policy (ATP_ defines acceptable uses of the firms
information resources and computing equipment, including desktop and
laptop computers, wireless devices etc. A good AUP defines unacceptable
and acceptable actions for every user and specifies consequences for
noncompliance. Identity management consist of business processes and
software tools for identifying the valid users of a system and controlling
their access to system resources.
What is a scoring model?
A scoring model is useful for selecting projects where many criteria must be
considered. It assigns weights to various features of a system and then calculates
the weighted totals. Scoring models are used most commonly to confirm, to
rationalise, and to support decisions, rather than as the final arbiters of system
selection.

What are intangible benefits of information systems?
Improved asset utilisation
Improved resource control
Improved organisational planning
Increased organisational flexibility
More timely information
More information
Enhanced employee goodwill
Increased job satisfaction
What are the security problems posed by the Internet? *****
The introduction of the internet has fostered for the potential to share data
instantly with everyone that itself has created a huge cyber security
What is disaster recovery and business continuity planning?
Disaster recovery planning devises plans for the restoration of computing and
communication services after they have been disrupted. They focus primarily on
the technical issues involved in keeping systems up and running. Business
continuity planning focuses on how the company can restore business
operations after a disaster strikes. It identifies critical business processes and
determines action plans for handling mission-critical functions if systems go
down.
What is outsourcing and offshoring?
What is a make-to-order process?
In contrast, in the make-to-order process, raw materials, subcomponents, and
accessories are procured based on forecasts, but actual manufacturing does not
start until sales orders are received (pull based approach). Mass produced goods
are typically produced under a make-to-stock approach.



Process sales
order
(Design/Engineer
Product)
Procure inputs
Schedule
production
Production Quality Control Ship product
What is the key use of manufacturing execution module of supply chain
management?
Support production processes taking into account amount capacity and material
constraints
What is vendor-managed inventory, just-in-time production?
A business model in which the suppliers to a manufacturer manage the
manufacturers inventory levels based on pre-established service levels. To make
VMI possible, the manufacturer allows the supplier to monitory stock levels and
ongoing sales data. The manufacturer shares real time sale data with their
suppliers, who maintain inventory levels based on pre-established agreements.
Such arrangements can help to reduce the manufacturers inventory, both saving
costs and minimising stockout situations; the supplier, in turn, benefits from the
intense data sharing which helps produce more accurate forecasts, reduces
ordering errors, and helps prioritise the shipment of goods.

What are data dictionaries and business rules?
Databases: Effective Management- The two key elements of an organisational
database are the data and the structure of that data. The structure of the data is
typically captured in a data model, that is, a map or diagram that represents
entities and their relationships. A common way to represent a data model is an
entity relationship diagram. Each attribute in the database needs to be of a
certain type. This data type helps the DBMS organise and sort the data, complete
calculations, and allocate storage space. To finalise the data model in order t
actually build the database, a process called normalisation is used to make sure
the database will operate efficiently. Normalisation makes sure that each table
contains only attributes that are related to the entity; hence, normalisation helps
to eliminate data duplication. Once the data model is created, the format of the
data is documented in a data dictionary. The data dictionary is a document
explaining several pieces of information for each attribute. Data dictionary can
be used to enforce business rules. Business rules are captured by the designers
of the database and included in the database.

What is the system development lifecycle?

The remaining steps in the systems development process translate the solution
specifications established during systems analysis and design into fully
operational information systems.
Programming- System specifications that were prepared during the
design stage are translated into software program code.
Testing- Exhaustive and thorough testing must be conducted to ascertain
whether the system produces the right results. Testing is time consuming.
Testing an information system can be broken down into three types of
activities:
o Unit testing- Consists of testing each program separately in the
system.
o System testing- Test the functioning of the information system as a
whole. It tries to determine whether discrete modules will function
together as planned and whether discrepancies exist between the
way the system actually works and the way it was conceived.
o Acceptance testing- Provides the final certification that the system
is ready to be used in a production setting. Systems tests are
evaluated by users and reviewed by management.
Conversion is the process of changing from the old system to the new
system. Four main conversion strategies can be employed:
o Parallel strategy- Both the old system and its potential
replacement are run together for a time until everyone is assured
that the new one functions correctly.
o Direct cutover strategy- Replaces the old system entirely with the
new system on an appointed day.
o Pilot Study strategy- Introduces the new system to only a limited
area of the organisation.
o Phase Approach strategy- Introduces the new system in stages,
either by functions or by organisational units.
Production and Maintenance- After the new system is installed and
conversion is complete, the system is said to be in production. During this
stage, the system will be reviewed by both users and technical specialists
to determine how well it has met its original objectives and to decide
whether any revisions or modifications are in order. A post
implementation audit document may be prepared. Changes in hardware,
software, documentation or procedures to a production system to correct
errors, meet new requirements, or improve processing efficiency are
termed maintenance.

What are web services widgets and mashups?
Web services are one of the critical components of sharing data. Web services
allow data to be accessed without intimate knowledge of other organisations
systems, enabling machine to machine interaction over the internet. The central
idea behind web services is that any device can use any network to access any
service. A web service can offer several benefits for organisations, including:
Utilising the existing internet infrastructure
Accessing remote or local data without having to know the
complexities of this access
Creating unique and dynamic applications quickly and
easily
By providing access to useful web services, organisations
build and strengthen customer relationships, providing a
base for revenue-generating services.
Widgets are small interactive tools used for a single purpose such as taking
notes, viewing pictures, or simply displaying a clock. Widgets can either be
placed on a desktop or be integrated into a web page. Often, widgets use web
services to pull their information from a remote source, such as Weather.com for
weather information.
Together, web services and widgets enable the creation of mashups. In web 2.0, a
mashup is a new application that integrates one or more web services. One web
service frequently used to display geospatial information in mashups is Google
Maps.

How can an information system enable a company to focus on a market
niche?
The Long Tail
The concept of the long tail refers to a focus on niche markets rather than purely
on mainstream products. The distribution of consumers needs and wants can be
compared to a statistical normal distribution, where there are people with very
diverse needs and wants on the tails and many people with mainstream needs
and wants in the centre of the distribution. Because of high storage and
distribution costs, most traditional brick-and-mortar retailers and service
providers are forced to limit their product offerings to serving the needs and
wants of the mainstream customers.
Many e-tailers can focus on the long tails, that is, on products outside the
mainstream tastes. Focusing on those that are on the long tails of the distribution
of consumers wants can lead to a very successful business model in the digital
world.

Drawbacks to E-Tailing
Product Delivery Drawbacks- Example, delay in packaging and shipping
and delivering products when customer isnt at home
Direct Product Experience Drawbacks- Lack of sensory information such
as taste, smell and feel. E-tailing eliminates the social aspects of the
purchase.

What are the porter five forces and how to recognize strategy enacted in relation
to them?
Porters Competitive Forces Model
This model provides a general view of the firm, its competitors, and the firms
environment.
Traditional Competitors- All firms share market space with competitors
who are continuously devising new, more efficient ways to produce by
introducing new products and services, and attempting to attract
customers by developing their bands and imposing switching costs on
their customers.
New Market Entrants- In some industries, there are very low barriers to
entry, whereas in other industries, entry is very difficult. New companies
have new equipment and younger workers but little brand recognition.
Substitute Products and Services- There are substitutes that customers
might use if prices of other products become too high. The more
substitute products and services in your industry, the less you can control
pricing and the lower your profit margins.
Customers- A profitable company depends in large measure on its ability
to attract and retain customers (while denying them to competitors), and
charge high prices. The power of customers grows if they can easily
switch to a competitors product and services, or if they can force a
business and its competitors to compete on price alone in a transparent
marketplace where there is little product differentiation.
Suppliers- The market power of suppliers can have a significant impact on
firm profits, especially when the firm cannot raise prices as fast as can
suppliers. The more different suppliers a firm has, the greater control it
can exercise over suppliers in terms of price, quality and delivery
schedules.
Information system strategies for dealing with competitive forces
1. Reduce costs
Customer want to pay little for service
Reduce costs to lower price
Automation greatly reduces costs
Web can automate customer service
Efficient customer response system- Directly links consumer
behaviour to distribution and production and supply chains.
2. Raise barriers to market entrants
Less competition is better for company
Raise barriers to entrants to lower competition
Techniques include obtaining copyrights and patents on
inventions, techniques and services
Building unmatchable information systems blocks entrants
3. Establish high switching costs
Switching cost- incurred when customer stops buying from
company and starts buying from another company
Explicit- charge customer for switching
Implicit- Indirect costs over period of time
High switching costs locks in customers
4. Create new products or services
Having unique product or service gives competitive advantage
First mover- Organisation that is first to offer a new product or
service- superior brand name, better technology, more experience
Critical mass- Body of clients that is large enough to attract other
clients
5. Differentiate product or services
Product differentiation- Persuading customers that product is
better than competitions
Achieved through advertising
Exemplified by brand name success
Promotes brand name
6. Enhance products or services
Enhance existing products to services to increase value to
consumer
Many products and services have been enhanced by the web
7. Establish alliances
Alliance- Two companies combining services
Make products more attractive
Reduce costs
Provides one stop shopping
Affiliate program- Linking to other companies and rewarding the
linker for click throughs
8. Lock in suppliers or buyers
Accomplished by achieving bargaining power
Bargaining power- Leverage to influence buyers and suppliers
Achieved by being major competitor or eliminating
competitors
Uses purchases volume as leverage
Lock in clients by creating high standards

What is reinter mediation and disintermediation?
Transaction Support- By providing ways for clients and firms to conduct
business online without human assistance, the internet and web have greatly
reduced transaction costs while enhancing operational efficiency. Many
companies are utilising the web to provide automated transaction support.
Disintermediation allows producers or service providers to offer products at
lower prices however they also have to take on those activities previously
performed by a function of the business. Re-intermediation refers to the design
of business models that reintroduce the function of business to reduce the chaos
brought by disintermediation.

What is a click-and mortar business strategy?
Click-and-mortar business strategic approach operates in both physical and
virtual environments. Conducting physical and virtual operations presents
special challenges for these firms, as business activities muss be tailored to each
of these different environments in order for the firms to compete effectively.
Companies must design, develop and deploy systems and applications to
accommodate an open computing architecture that must be globally and
persistently available.

What is the collective intelligence?
One major benefit of social software is the ability of collective intelligence. The
concept of collective intelligence is based on the notion that distributed groups
of people with a divergent range of information and expertise will be able to
outperform the capabilities of individual experts. In addition to the benefits of
harness the wisdom of crowds, social changes, brought about by globalisation,
increasing wealth and consumerisms, as well as the web, are key drivers for
Enterprise 2.0.


What is drill-down capability?
Drill down is a capability that takes the user from a more general view of the
data to a more specific one at the click of a mouse. For example, a report that
shows sales revenue by state can allow the user to select a state, click on it and
see sales revenue by county or city within that state. It is called drill down
because it is a feature that allows the user to go deeper into more specific layers
of the data or information being analyzed.

What are the 4 scenarios related to data quality when businesses are
modeling business situations?
What are potential problems associated with data deficiency associated with
each of the 4 scenarios above?
What are the 3 tenets of the Business Process Redesign perspective?
Business Process Redesign- Business processes are analysed, simplified and
redesigned. Business process redesign reorganises workflows, combining steps
to cut waste and eliminate repetitive, paper intensive tasks
What are the core components of the ERP and how could they improve
organizational business processes?
ERP Core Component- Support the important internal activities of the
organisation for producing their products and services. These components
support internal operations such as:
Financial Management- accounting and financial reporting
Operations Management- standardise and automation
HR Management- employee recruitment and performance
reviews
ERP Extended Components- Support the primary external activities of the
organisation for dealing with suppliers and customers. ERP extended
components focus primarily on customer relationship management and supply
chain management.
When companies realise that legacy systems can create dramatic inefficiencies
within their orgnaisations, the next step is to integrate legacy information on a
company wide basis. Applications that integrate business activities across
departmental boundaries are often referred to as enterprise resource planning
(ERP) systems.
Integrating data to integrate applications
ERP replaces stand-alone applications by providing various modules based on a
common database and similar application interfaces that service the entire
enterprise rather than a portion of it. ERP applications make accessing
information easier by providing a central information repository. Rather than
information flowing from one department to the next, it can be accessed and
updated at will, meaning that the next business activity can access information in
the data warehouse whenever it needs to. Information can be shared throughout
the organisation using ERP. Storing data in a single place and making it available
to everyone within the organisation empowers everyone to be aware of the
current state of business and to perform their jobs better.
Choosing an ERP System
Management must carefully select an ERP application that will meet the unique
requirements of the particular company, and must consider a number of factors.
ERP Control- Refers to the locus of control over the computing systems
and data obtained in these systems, as well as decision making authority.
Companies typically either opt for centralised control, or allow particular
business units to govern themselves. In the context of ERP, these
decisions are based on the level of detail in the information that must be
provided to management.