29 March, 2010

Enterprise Architectures

Question One - What is information architecture and what is information infrastructure and how do they differ and how do they relate to each other?

Information Architecture is a general plan of how IT is to be used by/within and organisation. Information architecture should focus upon:

  • Backup and Recovery
  • Disaster recovery
  • Information security

Information Infrastructure is the actual implementation of the information architecture that will provide for effective information systems, including the hardware, software, services and people involved.

Question Two - Describe how an organisation can implement a solid information architecture.

Solid information architecture can be implemented through ensuring that the three aforementioned areas are focused upon in the planning stages of information infrastructure. By ensuring that data is protected from all types of threats, organisations can ensure that they will have all bases covered. The maintenance of a hot site, whereby employees can move to to maintain the operation of a business in the event of an emergency, is a key example of how solid information architecture has been implemented.

Question Three - List and describe the five requirement characteristics of infrastructure architecture.

  • Reliability - ensures that all systems are functioning correctly and providing accurate information
  • Flexibility - systems must meet all types of business changes in order to be flexible.
  • Scalability - refers to how well a system can adapt to increase in demand. Planning for future increases in data retention allows a scalable system to be effectively designed.
  • Availability - addresses when systems can be accessed by employees, customers and partners.
  • Performance - measures how quickly a system performs a certain process or transaction in terms of efficiency IT metric or both speed and throughput.

Question Four - Describe the business value in deploying a service oriented architecture.

Service oriented architecture is a business driven IT architectural approach that supports integrating a business as linked, repeatable tasks or services. The benefits of implementing such a system ensures that IT systems can adapt quickly, easily and economically.

Question Five - What is an event?

An event is an electronic message indicating that something has happened. It detects threats and opportunities and alerts those who can act upon the information.

Question Six - What is a service?

A service contains a set of related commands that can be re-used. It is more like a software product in the sense that it can be used to describe a business process that is of importance to a company.

Question Seven - What emerging technologies can companies can use to increase performance and utilise their infrastructure more effectively?

  • Virtualisation - this is a framework that can be implemented to divide the resources of a computer into multiple execution environments. It increases physical resources to consequently maximise a business' investment in hardware. An example of virtualisation would be the running of Windows-based programs on an Apple Mac machine, whereby a virtualised environment is created within the Mac machine, maximising the hardware and minimising the cost that needs to be outlaid by the business.
  • Grid computing - this is the aggregation of geographically dispersed computing, storage and network resources to deliver improved performance, higher quality service, easier utilisation and access to data. It allows geographically separated functions of a business to be linked together within a virtualised environment, allowing productivity to flourish.
Posted by at No comments:

20 March, 2010

Ethics and Security

Question One - Explain the ethical issues surrounding information technology.

Information technology has a variety of ethical issues that surround it's use. Some of these issues include:
  • Privacy: the interests of a person in protecting their life from unwanted intrusion and public scrutiny. Whilst no one person in Australia has a right to privacy, the unlawful interference with privacy is regulated by the Privacy Act 1988 (Cth).
  • Confidentiality: the principle that regulates that certain information will be kept outside of the public domain.
  • Intellectual property: collection of rights that protect creative and intellectual effort.
  • Copyright: the exclusive right to do, or omit to do, certain acts with an intangible property, such as a song, video game, or certain proprietary documents.
  • Pirated software: an unauthorised use, duplication, distribution or sale of copyrighted software.
  • Counterfeit software: software that is manufactured to look authentic, and sold on this premise, even though it is not.

Question Two - Describe the relationship between an "email privacy policy" and an "Internet usage policy".

An "email privacy policy" establishes policies pertaining to the use of electronic communication within an organisation. It usually addressed how employees may use email and the Internet for non-employment purposes, what activities are permitted, what information will be recorded and who will have access to this information, and provides for the monitoring and auditing process that will consider the information gathered.

An "Internet usage policy" contains general principles to guide the proper use of the Internet. It usually addresses what services are available for use by employees, defines the organisation's position on the use of Internet, describe user responsibilities, and states the ramifications for the breach or violation of the policy.

Question Three - Summarise the five steps to creating an information security policy.

Step One: Develop the information security policies - identifies who is responsible and accountable for designing and implementing the organisation's information security policies.

Step Two: Communicate the information security policies - train all employees on the policies and establish clear expectations for the following of the policies.

Step Three: Identify critical information assets and risks - require the use of user ID, passwords and antivirus software on all computer systems, ensure that all networks are properly secured, and that the proper measures are implemented to deal with security threats.

Step Four: Test and re-evaluate risks - continually perform security reviews, audits, background checks and assessments.

Step Five: Obtain stakeholder support - Gain the approval and support from the board of directors and all stakeholders.

Question Four - What do the terms authentication and authorisation mean? How do they differ and provide some examples of each.

Authentication is the process of confirming users' identities. It is usually based upon something a user knows (e.g. a user ID and password), something a user has (e.g. a smart card or token), or something that is a part of the user (e.g. a fingerprint or voice signature).

Authorisation is the process of giving someone, who's identity has been authenticated, access information or permission to do or have something.




An example of these two working together would be logging onto a web-based email system, such as NineMSN's Hotmail. The process of authentication begins with the user entering their email address and password. Once both of these have been confirmed, the user is authorised to read emails in their inbox, send emails to other recipients, alter address book details etc.

Question Five - What are the five main types of security risks? Suggest one method to lessen the severity of a risk.

The five main types of security risks and related methods to lessen their severity are:
  • Human Error: as humans are not infallible, they are prone to create accidental error. These errors are not malicious in nature, but can still have a detrimental effect on an organisation. To lessen the severity of this risks, organisation should ensure employees are properly trained in their field and are kept up to date with relevant practices.
  • Natural Disasters: Natural disasters is our of the realm of control for organisations. Natural disasters include fire, earthquakes and destructive storming. The impact of this risk can be lessened through companies ensuring they have back up data located in alternative locations as so if they lose the primary location of operation, they do not lose all their data and records.
  • Technical Failures: technical failures affect the technology an organisation implements, such as computers and other related hardware. Example of technical failure include malicious softwares, viruses and hoaxes. This risk can be minimised through to proper installation of anti-virus software, anti-spyware software, and the constant review of technology and its application.
  • Deliberate Acts: deliberate acts is usually traced to the malicious intent and behaviour of employees and past employees. It involves events such as the hacking and exposing of sensitive data to the public. The risk can be minimised through ensuring passwords and encryption software is constantly altered so that employees may not have the chance to exploit a company's security once their employment has been terminated.
  • Management Failure: this is essentially the failure of management to uphold its duty to their organisation. it is usually present as a lack of procedure in which managers fail to coordinate the efforts of their organisation. This issue can be avoided by ensuring managers are properly trained and competent in their duties.
Posted by at No comments:

15 March, 2010

eBusiness

Question One - What is an IP Address? What is it’s main function?

An IP address is a unique numerical label that is assigned to all devices within a network that are communicating to each other via the Internet. Its main function is to identify where data originates and where it is destined, and to ensure that data is sent and received accordingly.

Question Two - What is Web 2.0, how does it differ from 1.0?

Web 2.0 is the second generation of the World Wide Web. The main difference between the two generations is focused upon interactivity between data and consumers of the data. Web 2.0 is characterised by user participation, openness and the effect of networking, whereas Web 1.0 was focused on a lesser interactive, presentation of solid, unchanging data to the consumer.

Question Three - What is Web 3.0?

Web 3.0 is the future generation of the World Wide Web. Web 3.0 will be a database-formed World Wide Web, where the "tagging" of certain forms of data will allow the Internet to construct profiles of certain goods, services, items, people, events etc. Web 3.0 will show greater integration of data, and could possibly form the evolutionary path to artificial intelligence. Web 3.0 is prophesied to also make use of three-dimensional visions, using 3D spaces as ways to present and store data.

Question Four - Describe the different methods an organisation can use to access information

An organisation has four different ways in which it can access information over the Internet:
  • Intranet: an intranet is an internalise portion of the Internet, protected from outside access. Organisations are able to access data and application software through their intranet.
  • Extranet: an extranet is an intranet available to the allies of a business, such as customers, suppliers and partners. It is a common area on the Internet where both the business and those associated with it can interact together and share information.
  • Portal: a portal is a website that offers a broad range of resources and services, such as email, online discussion boards, search engines and virtual shopping malls.
  • Kiosk: a kiosk is a publicly accessible computer that has been set up to allow interactive information browsing.

Question Five - What is eBusiness, how does it differ from eCommerce?

eBusiness is the conduction of business on the Internet. It involves not only buying and selling of products, but also interacting with customers to ascertain their needs and wants, serving customers and collaborating with business partners. eCommerce differs from eBusiness as eCommerce limited only to the online transactions of buying and selling.

Question Six - List and describe the various eBusiness models?

  • Business-to-Business (B2B): this model applies to businesses buying and selling to each other over the Internet, where data such as expected shipping date, delivery date and shipping status is shared.
  • Business-to-Consumer (B2C): this model applies to any business that sells its products or services to consumers over the Internet.
  • Consumer-to-Business (C2B): this model applies to any consumer that sells a product or service to a business over the Internet.
  • Consumer-to-Consumer (C2C): this model applies to sites that offer goods and services from consumers to consumers.

Question Seven - List 3 metrics would you use if you were hired to assess the effectiveness and the efficiency of an eBusiness web site?

  • Visitor Metrics: these metrics would identify to the business what type of visitors are engaging with the content of their web page. Depending on what type of visitor the consumer is will determine how frequent their visits to the site are, how much information the business knows about the consumer etc.
  • Exposure Metrics: these metrics would identify how many pages views the business' page has in a defined period of time, and the number of visitors to the website.
  • Visit Metrics: this data would reveal the length of time spent on certain pages of the business' site, as well how many raw pages a visitor is exposed to in one visit to a website.

Question Eight - Outline 2 opportunities and 2 challenges faced by companies doing business online?

Opportunities faced by companies in conducting business online include:

  • Increased accessibility, as businesses can operate 24 hours a day online.
  • Increases global reach, as businesses can reach into markets they may be geographically isolated from, however, with the assistance of the Internet, are now not isolated from

Challenges faces by companies in conducting business online include:

  • Issues with the protection of consumer information, as consumers must be protected from unsolicited goods and communication, illegal or harmful goods, insufficient informational about the goods or suppliers, protection against privacy invasion and cyberfraud.
  • Issues with increased liabilities, as the differing laws in different regions across the world may impose greater liabilities upon a business than those imposed within a home region.
Posted by at No comments:

08 March, 2010

Strategic Decision Making

Question One - Define TPS & DSS, and explain how an organisation can use these systems to make decisions and gain competitive advantages.

TPS: Transaction Processing Systems - TPS is the basic business system that serves the operational level of an organisation, for example an operation accounting system such as payroll.

DSS: Decision Support Systems - DSS looks at the effect decisions made have on other functional areas of a business.

When these two systems are implemented effectively, an organisation benefits holistically. TPS and DSS support executive information systems (EIS). When the three of these systems work together, the business becomes streamlined, with all functional levels and organisational levels working in harmony with each other and the overall goals of the organisation.

Question Two - Describe the three quantitative models typically used by decision support systems.

  • Sensitivity Analysis - analyses how changes in one area of a business model will impact upon other areas of the business model.

  • What-If Analysis - checks the impact of a change in an assumption on the proposed solution.

  • Goal Seeking Analysis - finds the inputs required for an organisation to achieve its goals.

Question Three - Describe business processes and their importance to an organisation.

Business processes are a set of standardised tasks that accomplish a set purpose. These processes are important to an organisation as they form the backbone of the operations of a business. The more effective and efficient business processes are, the more efficiently and effectively run the business will be.

Question Four - Compare business process improvement and business process re-engineering.

Business process improvement is a process where analysts attempt to understand and measure the current process' success and make performance improvements accordingly. This process takes an existing system and, after evaluation, will suggest ways to improve the process for optimal productivity.

On the other hand, business process re-engineering is a process where analysts assume the current process is irrelevant, and instead of making improvements, will redesign the work flow within and between enterprises through forming a new business process.

Question Five - Describe the importance of business process modelling (or mapping) and business process models.

Business process modelling is the activity of creating a detailed flowchart or process map of a work process; it is making visible which is usually invisible. It shows the inputs, tasks and activities of a particular process in a structured sequence. A business process model is a graphic description of a process, developed for a specific purpose and from a selected viewpoint.

Business process modelling is important because:

  • It exposes process detail gradually and in a controlled manner

  • It encourages conciseness and accuracy in the process model

  • It focuses attention on the process model interfaces

  • It provides a powerful process analysis and consistent design vocabulary

There are two types of business process modelling; As-Is and To-Be process modelling. As-Is process models show the current state of operation within a business, and To-Be process modelling show the results of apply change improvement opportunities to the current as-is model.

The figure to the left displays the difference between As-Is and To-Be process modelling.


Posted by at No comments:

01 March, 2010

Information Systems in Business

Question One - Explain information technology's role in business and describe how you measure success?

Information technology is the use of technology in managing and processing information. As information is a strategic asset for all businesses, the supporting role information technology has in business is highly important.

If the implementation of information technology are successful, the benefits of using information technology extend to multiple functional areas of the business, such as customer service, finance, sales, marketing, operations management and human resources.

Success can be measured through establishing benchmarks. Benchmarks are ideal levels of performance an organisation aims to achieve. For information technology specifically, success can be measured through efficiency and effectiveness metrics. Efficiency metrics measure the performance of the IT systems itself, and determines if resources are being used optimally. Effectiveness metrics measure the impact IT has upon a certain business, and if this is assisting the business achieve its goals.

Efficiency metrics include:

  • Throughput - amount of information that can travel through a system at any point in time
  • Transaction speed - the time it takes a system to perform a transaction
  • System availability - number of hours a system is available or customers
  • Information accuracy - extent to which a system generate correct results when transactions are repeated
  • Web traffic - host of benchmarks dealing with web popularity
  • Response time - time taken to respond to user interactions

Effectiveness metrics include:

  • Usability - the ease of which people perform transaction and/or find information
  • Customer satisfaction - is measured by survey, the amount of customers retained and the increase in dollars per customer
  • Conversion rates - the number of customers an organisation persuades to purchase their product
  • Financial - looking at returns on investment and cost-benefit analysis

Question Two - List and describe each of the forces in Porter's Five Forces Model.

  • Buyer power: buyer power is the power a customer wields in relation to purchasing. Buyer power is high when buyers have many sellers to choose from, and low when choices are few.
  • Supplier power: supplier power refers to how much power a supplier has in terms of competing sellers and the demand from buyers. Supplier power is high when one supplier has concentrated power over a single market, as this diminishes the choice's buyers have. It is low when there are other, competing suppliers from which buyers can choose from.
  • Threat of substitute products or services: this force refers to the amount of alternatives buyers can choose from. The threat is high when there are many alternatives for buyers to consider and purchase, and low when there are few alternatives.
  • Threat of new entrants: this force pertains to the degree of ease in which new organisations can present their products to a market. The threat is high when it is easy for new competitors to enter a market, and low when there are many barriers to entry.
  • Rivalry among existing competitors: rivalry essentially refers to the amount of competition that exists between the different organisations that pitch their products/services to the same market. Rivalry is high when competition is fierce and low when it is complacent.
Question Three - Compare Porter's three generic strategies.

Broad Cost Strategy
A company that implements this strategy will aim to reach a broad market based on financial leadership.

Differentiation
A company that implements this strategy will aim to reach a large market through differentiating products tailored to specific needs.

Focused Strategy
A company that implements this strategy aims to focus their marketing and sales efforts to a niche market, wither through cost or differentiated products.

Question Four - Describe the relationship between business processes and value chains.

A business process is a set of activities that accomplish a specific task within an organisation. Value chains are a series of processes that entice customers to remain loyal to a particular company through the addition of value to the service they receive. The more sophisticated and refined business processes are within the company pertaining to customer service, the more likely the value chain will be improved.
Posted by at No comments:
Subscribe to: Posts (Atom)