Week 6 - Chapter 6: Business systems (IT) and business network infrastructure

Question Answer

IT infrastructure

What is an A system is a group of components that interact to achieve some purpose. An

information system? information system (IS) is a group of components that interact to produce
information.

Why is the difference ‘Information technology’ and ‘information system’ are two closely related terms but
between information they are different. Information technology (IT) refers to methods, inventions,
technology and standards and products. As the term implies, it refers to raw technology and it concerns
information systems only the hardware, software and data components of an information system. In
important to you? contrast, an information system is a system of hardware, software, data, procedures and
people that produce information.

What do business • Hardware consists of electronic components and related gadgetry that input,
professionals need to process, output and store data according to instructions encoded in computer
know about computer programs or software
hardware? • Basic components
• Input hardware
• CPU
• Main memory - RAM
• Special function cards
• Output hardware
• Storage hardware
• USB
• Computer data
• Binary digits: Computers represent data using binary digits called bits
• Sizing computer data
• How a computer works, in fewer 300 words
• Why should a manager care how about a computer work
• What is the difference between a client and a server
• Users employ client computers for word processing, spreadsheets,
database access, and so forth. Most client computers also have
software, in the form of client-server applications, that enables them to
connect to a network. It could be a private network at their company
or university, or it could be the internet, which is a public network

1
 • Servers , as their name implies, provide some service, and each server
can be accessed by many clients simultaneously.

What do business Every computer has an operating system, which is a program that controls that
professionals need to computer’s resources. Some of the functions of an operating system are to read and
know about operating write data, allocate main memory, perform memory swapping, start and stop
systems software? programs, respond to error conditions, and facilitate backup and recovery. In addition,
the operating system creates and manages the user interface, including the display,
keyboard, mouse and other devices. Although the operating system makes the
computer usable, it does little application-specific work.
• What are the major operating systems?
• Non-mobile client operating systems
• Microsoft windows
• Mac OS
• Unix
• Linux
• Mobile client operating systems
• BlackBerry OS
• IOS
• Android
• Server operating systems
• Virtualisation
• Virtualisation is the process whereby multiple operating systems share
the same hardware, allowing one computer to host the appearance of
many computers. One operating system, called the host operating
system , runs one or more other operating systems as applications.
Those hosted operating systems are called virtual machines (vm) . Each
virtual machine has disk space and other resources allocated to it, but
the virtual machines are isolated from each other, so it will appear to
each that it has exclusive control over the server computer.

2
 • Three types of virtualisation exist: PC virtualisation, server
virtualisation, desktop virtualisation.
• Owning versus Licensing

What do business Application software is software that runs on top of the operating system and performs
professionals need to a business function.
know about
application software? What categories of application programs exist?
• Horizontal-market application software provides capabilities common across
all organisations and industries. Word processors, graphics programs,
spreadsheets and presentation programs are all horizontal-market application
software.
• Vertical-market application software serves the needs of a specific industry.
Vertical applications usually can be altered or customised
• One-of-a-kind application software is developed for a specific, unique need.
Thin clients versus thick clients
• Applications that process code on both the client and the server are called
client-server applications . A thick-client application is an application program
that must be pre-installed on the client. A thin-client application is one that
runs within a browser, and does not need to be pre-installed. When the user of
a thin-client application starts that application, if any code is needed the
browser loads that code dynamically from the server.
• Thin applications run only within a browser on phones and tablets; thick
applications are apps that are usually downloaded and installed from a store
such as iTunes or Google Play.
• To summarise, the relationship of user application types is as follows: desktop
application, client-server application ( thick-client application, thin-client
application).
How do organisations acquire application software?
• buy computer software in the same three ways: off the shelf , off the shelf with
alterations or tailor-made. Tailor-made software is called custom-developed
software
Thin-client Versus Thick-client Mobile Custom Software
• In most cases, it is easier to build a thin-client custom application than a thick-
client one. The programming languages are simpler, and fewer skills are
required to develop them. However, until recently, the user experience of a
thin-client application was not as fully featured or as interesting as on a thick
client. Recently, new technology has made thin clients’ user experience
competitive with thick ones.
What is Firmware?

3
 • Firmware is computer software that is installed into devices such as printers,
print servers and various types of communication devices.

Telecommunications
and Networks

Foundational topics in Evolution of computer networking

networking • Centralized computing
• Distributed computing
• Collaborative computing
• Network services
Types of network
• Private branch exchange
• Local area network (LAN)
• Wide area network (WAN)
• Campus area network (CAN)
• Metropolitan area network (MAN)
• Enterprise WAN
• Value-added network (VANs)
• Global network
• Personal area network (PAN)
• For any network (LAN or WAN) to work it requires the following
basic components to be present:
• Servers that provide services to facilitate various applications
and hardware sharing.
• Communication media includes conducted media for wire or
fibre optic cable and radiated media for wireless WANS.
• Wiring centre technologies, including routers, hubs and
switches provide a central interconnection point for
workstations, servers and other network equipment.
• Network Interface Cards (NIC) an expansion card that allows
a computer to communicate via a network.
Packet switching

4
 • Packet switching is based on the concept of turn taking and enables millions of
users to send large and small chunks of data across the network concurrently.
Network standards and Protocols
• Protocols
• The OSI model
• Transmission Control Protocol/Internet Protocol (TCP/IP)
• Ethernet
• Network topologies
• Media access control
Network technologies
• Networking hardware
• Cable media
• Twisted-pair cable
• Coaxial cable
• Fiber-optic cable
• Wireless media
• Infrared Line of Sight
• High-frequency radio
• Microwave transmission
The internet
• How did the internet get started
• Connecting independent networks
• Who manages the internet
• How to connect the internet
• Dial-Up
• Integrated services digital network
• Digital subscriber line
• Cable modems
• Satellite connections
• Wireless broadband
• Mobile wireless access
• Business internet connectivity
• Leased lines
• The current state of internet usage

Sway + Modules

IT infrastructure Phần đầu tiên

Basics of network tech What is data communications?

5
 • The message: For two entities to communicate, there must be a message
exchanged between them. This can vary in form such as text, audio, video or
image and be varying lengths. In business data communications, messages
include files, requests for data/information, responses to requests, network
status information, network control message and correspondence.
• A sender: The transmitter of the message. A sender can be either a person or a
machine. Computers can use a system with enough intelligence to originate a
message or respond to a message without needing human intervention.
Sensors, scanners and other input devices may also be senders in today's
networks.
• A receiver: Can include terminals, network printers, display devices, people
and computer controllable devices such as drill presses, lighting systems and air
conditioners. Even though a message and a sender can exist without a receiver,
communication cannot take place unless there is a receiver. For example, a
network server may transmit a message that the network will shut down in 30
minutes but if all the nodes are turned off at that moment, no communication
has occurred.
• The medium: Refers to the actual carrier of data signals between senders and
receivers. Business data communication networks often use a variety of media
to transmit data, including wires, radio waves and light pulses.
• An understanding of message by receiver: Interpretation of the message which
can involve encoding and decoding techniques. But unlike human
communications, data communication systems can also include error detection
and recovery mechanisms. Which involve the transmission of both the data
and additional information that helps the receiver determine whether the
message has been received correctly or changed on route.
Key data communication concepts and terminologies
• Examine the following list of key data concepts and terminologies:
• Session: communication dialogue between network users or
applications.
• Network: interconnected group of computers and communication
devices.
• Node: a network-attached computer.
• Link: connects adjacent nodes.
• Path: end-to-end route within a network.
• Circuit: the conduit over which data travels.
Data communication frameworks
• There are two major data communication frameworks that have been
developed to help ensure that networks meet business and communication
requirements:

6
 • Open Systems Interconnection (OSI) reference model developed by
the International Standards Organization (ISO)
• Transmission Control Protocol/Internet Protocol (TCP/IP) suite.

Types of network
• Three basic types of network are outlined in the example below:
• local area network (LAN)
• metropolitan area network (MAN)
• wide area network (WAN).

7
 • Another way of classifying networks that you may have already come across is
based on who can access them: intranets and extranets. These are networks
built on technology similar to the internet but are not intended for general
access. An intranet is a network (typically a LAN) that uses internet
technologies such as web servers and allows access through a web browser for
people within the organisation. An extranet on the other hand, while still based
on internet technologies, allows certain invited parties to access information
services over the internet, typically by requiring them to authenticate using a
password.
Components of a network
• Network topology basics: Networks that link computers and computer devices
provide for flexible processing. Building a network involves two types of
design: logical and physical. A logical model shows how the network will be
organised and arranged. A physical model describes how the hardware and
software in the network will be physically and electronically linked. The
number of possible ways to logically arrange the nodes or computer systems
and devices on a network, may seem limitless, however there are actually four
basic types of network topologies which are logical models that describe how
networks are structured or configured. These types are bus, ring, star and mesh.
• For any network (LAN or WAN) to work it requires the following basic
components to be present:
• Servers that provide services to facilitate various applications and
hardware sharing.
• Communication media includes conducted media for wire or fibre
optic cable and radiated media for wireless WANS.
• Wiring centre technologies, including routers, hubs and switches
provide a central interconnection point for workstations, servers and
other network equipment.

8
 • Network Interface Cards (NIC) an expansion card that allows a
computer to communicate via a network.
Wired (cable) and wireless requirements
• Wired or cable media options that can be used in a network include twisted
pair cables, coaxial cables and fibre optics. Each of these have specific uses and
disadvantages that need to be taken into consideration.
• Wireless media options include infrared line of sight, high-frequency radio and
microwave transmissions. Infrared is most often used in remote controls.
High-frequency radio includes the networks that allow for mobile phone usage
and Wi-Fi. Microwave transmissions can be classified as either terrestrial (earth-
bound) or satellite. Satellite transmissions include television and digital radio
subscription services.
Connecting hardware
• Network hub: A hub is like a power board; it duplicates the number of points
available from the original source. Hubs, also known as repeaters, are network
devices that can operate on layer-1 (i.e. the OSI physical layer) to connect
network devices for communication, but cannot process layer-2 or 3 traffic.
Hubs are also prone to collisions and as more and more devices are added the
performance of the network falls. Hubs are generally not used anymore in
business or in home networks.
• Network switch: A network switch is a small hardware device that joins
multiple computers together within one local area network (LAN).
Technically, network switches operate at layer two (data link layer) of the OSI
model. Network switches appear nearly identical to network hubs, but a switch
generally contains more intelligence (and a slightly higher price tag) than a hub.
But unlike hubs, network switches are capable of inspecting data packets as
they are received, determining the source and destination device of each packet,
and forwarding them appropriately. By delivering messages only to the
connected device intended, a network switch conserves network bandwidth
and offers generally better performance than a hub.
• Network router: The router is a device that forwards data packets along
networks. A router is connected to at least two networks, commonly two
LANs or WANs or a LAN and its ISP network. Generally, routers are located
at gateways, the places where two or more networks connect. Routers use
headers and forwarding tables to determine the best path for forwarding the
packets, and they use protocols such as ICMP (internet control message
protocol) to communicate with each other and configure the best route
between any two hosts. Today most routers have combined the features and
functionality of a router and switch/hub into a single unit. Most routers now

9
 also include additional features like firewall facilities, web access functions as
well as being wireless enabled.
The application architecture
• The way in which the functions of the application software are spread across
the network can be called the application architecture. The application
architecture is determined by which of these functions are picked up by
various clients and servers. Clients include desktops, laptops, netbooks, 'dumb'
terminals, EFTPOS (electronic funds transfer at point of sale) devices, mobile
phones and handheld devices. Servers include mainframes, desktop-like
machines, clusters (a group of computers linked together to share processing
power, storage and other resources).
• Depending on how the application functions are spread between servers and
clients, we can identify four common types of application architectures
(Dennis, Fitzgerald & Durcikova 2012, p. 40):
• Host-based architectures: Server performs almost all functions.
• Client-based architectures: Client performs most functions.
• Client-server architectures: Functions shared between client and server.
• Peer-to-peer architecture: Each computer or device in the network
functions as both a client and server and shares the network.

Hosting a server on a • Server application types

business network • Web servers
• Application servers
• Specialised servers
• Media servers
• Mail (exchange) servers

The concept of Technology scalability

scalability in relation • The concept of scalability is whether the system (i.e. network, pc or server
to business systems hardware and the software) can expand to support increasing workloads. This
capability allows the business to continue using this equipment or software
over an extended time period, rather than needing to be replaced once an
overload threshold has been passed. Scalability in IT refers to more than just
network infrastructure, scalable hardware can refer to a single computer
system, a large network of computers, or other computer equipment. The
scalability of a single computer, such as a workstation, depends on how
expandable the computer is. In this context, the words 'scalable', 'expandable',
and 'upgradable' may be used interchangeably. For example:
• A computer that has multiple drive bays has scalable disk space, since
more internal storage devices may be added. A computer that includes

10
 multiple expansion (PCI) slots has scalable graphics and I/O
capabilities since PCI cards may be added or upgraded.
• While scalable software typically refers to business applications that
can adapt to support an increasing amount of data or a growing
number of users. For example, a scalable database management system
(DBMS) should be able to efficiently expand as more data is added to
the database.
Infrastructure scalability
• While scalability refers to a component's ability to adapt readily to a greater or
lesser intensity of use, volume, or demand while still meeting business
objectives. Understanding the scalability of the components of your eBusiness
infrastructure and applying appropriate scaling techniques can greatly improve
availability and performance. Scaling techniques are especially useful in multi-
tier architectures when you evaluate components associated with the edge
servers, the web presentation servers, the web application servers, and the data
and transaction servers.
• There are two key primary ways of scaling web applications which are in
practice today.
• Vertical scalability—Adding resources within the same logical unit to
increase capacity. An example of this would be to add CPUs to an
existing server, or expanding storage by adding hard drive on an
existing RAID/SAN storage.
• Horizontal scalability—Adding multiple logical units of resources and
making them work as a single unit. Most clustering solutions,
distributed file systems, load-balancers help you with horizontal
scalability.
• Most high-volume web sites experience volumes that can vary widely on a
seasonal or other cyclical basis, or that exhibit burstiness as a result of sudden
and unpredictable changes in user demand.

Redundancy and • Three cloud computing models are shown: private, public and hybrid.
reliability of a system

11
• The basic features of the three main cloud models are as follows:
• Public cloud: based on the standard cloud computing model, in which
a service provider makes resources, such as virtual machines (VMs),
applications or storage, available to the general public over the internet.
Public cloud services may be free or offered on a pay-per-usage model.
• Private cloud: A type of cloud computing that delivers similar
advantages to public cloud, including scalability and self-service, but
through a proprietary architecture. Unlike public clouds, which deliver
services to multiple organisations, a private cloud is dedicated to a
single organisation.
• Hybrid cloud: A cloud computing environment which uses a mix of
on-premises, private cloud and third-party, public cloud services with
orchestration between the two platforms.

12
 • Hardware redundancy should also be a consideration. This would include
selecting hardware with hot-swappable components, choosing between onsite
or cloud based data backup systems and choosing a UPS, a device that allows a
computer/server/network infrastructure to keep running for a short time
when a primary power source is lost.
Reliability
The five 9's – Availability is traditionally measured using a number of metrics,
including the percentage of time the network is available or the number of nines. A
system running at 99.999% availability would be running at five nines.

Summary

13
Week 7 - Chapter 7: ISs development and understanding supply chain systems

Question Answer

Information systems

What is system • Activities that go into producing an information system solution to an organizational
development problem or opportunity
and its • Components: hardware, software, data, procedures and people
components?

The difference • 3 kinds of software: off-the-shelf, off-the-shelf with adaptation and tailor-made
between • 2 kinds of IS: off-the-shelf with adaptation and tailor-made
software and
IS?

What is the Information technology architecture defines how those resources are used to achive desired
relationship outcomes
between • Technical aspects: hardware, operating systems, networking, data…
information • Management side: how managing the transition will occur and how other departments
technology will contribute and use the new system
architecture
and org’s
resources?

What are Five-phase process

the phases in
the systems
development
life cycle
(SDLC)?

14
Seven-phase process

15
Challenges in • Requirements are difficult to determine
systems • Requirements change as the system is developed
development? • Scheduling and budgeting difficulties
• Changing technology
• Diseconomies of scale (bigger teams → lesser individual contribution)

What are 4 • Automation

kinds of • Rationalization of procedures
organizational • Business process redesign
changes • Paradigm shifts
enabled by IT?

16
Benefits of • Increase efficiency
automation? • Replaces manual tasks

What is • Streamlines standard operating procedures

rationalization • Often found in programs for making continuous quality improvements
of procedures? o Total quality management (TQM)
o Six sigma

What is • Analyze, simplify, and redesign business processes

business • Reorganize workflow, combine steps, eliminate repetition
process Business process management (BPM)
redesign? • Variety of tools, methodologies to analyze, design, optimize processes
• Used by firms to manage business process redesign
• Steps
o Identify processes for change
o Analyze existing processes (as-is process)
o Design the new process

17
 o Implement the new process
o Continuous measurement

What is • Rethink nature of business

paradigm • Define new business model
shifts? • Change nature of organization

What is the six Six-phase process (sway)

phases of
systems
development
process?

18
What is • Analysis of problem to be solved by new system
systems o Defining the problem
analysis? o Identifying causes
o Specifying solutions
o Identifying information requirements
• Feasibility study
• Systems proposal report
• Information requirements
o Faulty requirements analysis → systems failure and high systems development
costs

Systems • Describes system specifications that will deliver identified functions in systems analysis
design? • Should address all managerial, organizational, and technological components of system
solution
• Role of end users
o User information requirements drive system building
o Users must have sufficient control over design process to ensure system reflects
their business priorities and information needs
o Insufficient user involvement in design effort → system failure

19
What is • System specifications from design stage are translated into software program code
involved in
programming?

Testing • Ensures system produces right results

• Unit testing: tests each program in system separately
• System testing: test functioning of system as a whole
• Acceptance testing: makes sure system is ready to be used in production setting
• Test plan: All preparations for series of tests

Conversion • Proces sof changing from old to new system

• 4 main strategies
o Parallel strategy
o Direct cutover
o Pilot study
o Phased approach
• Requires end-user training
• Finalization of detailed documentation showing how system works from technical and
end-user standpoint

20
Production • System reviewed to determine if revisions needed
and • May include post-implementation audit document
maintenance • Maintenance
o Changes in hardware, software, documentation, or procedures to a production
system to correct errors, meet new requirements, or improve processing
efficiency
o 20% debugging, emergency work
o 20% changes to hardware, software, data, reporting
o 60% of work: user nhancements, improving documentation, recoding for
greater processing efficiency

Traditional • Oldest method for building information systems

systems life • Phased approach
cycle? o Development divided into formal stages
o “Waterfall” approach: One stage finishes before next stage begins
• Formal division of labor between end users and information systems specialists
• Emphasizes formal specifications and paperwork
• Still used for building large complex systems
• Can be costly, time-consuming, and inflexible

Supply chain management

21
Elements of the
supply chain

The Effective and efficient SCM systems can enable an organisation to

importance of • Decrease the power of its buyers
supply chain • Increase its own supplier power
management • Increase switching costs to reduce the threat of substitute products or services
• Create entry barriers, thereby reducing the threat of new entrants
• Increase efficiencies while seeking a competitive advantage through cost leadership.

Supply chain • To have close linkage and coordination of activities involved in buying, making, and
management moving a product
functions • Integrates supplier, manufacturer, distributor, and customer, logistics, time
• Reduce time, redundant effort, and inventory costs

Supply chain Barcode

technologies Radio frequency identification
• embraces a range of data carrier technologies and associated products that facilitate the
exchange of data between a carrier and a host information management system by
means of a radio frequency link
• E.g: animal management using animal tags; motorway toll tags; general product tags
used in stores as stock control and security measures

22
Challenges to Without supply chain management
supply chain • Unexpected events: parts shortages, probs of suppliers’ factories,...
Bullwhip effect
• Change in consumer demand → companies in supply chain order more goods
• Start w/ retailer, wholesaler, distributor, manufacturer and raw material suppliers
• Cause: demand forecasts rather than actual demand

Benefits of • Essentially the optimisation of material flows and associated information flows
supply chain • Premier application of digital business
management? o Unifying concept that incorporates e-procurement
o Sell- side e-commerce
• Delivering profitability
• Customer satisfaction and repeat business
• Electronic procurement (e-procurement)
o Achieve significant savings
o Benefits – which directly impact upon the customer

What is Purchasing and/or procurement

purchasing • Activities involved with obtaining items from a supplier
and/or • Inbound logistics - transportation
procurement • Goods-in
and e- • Warehousing
procurement? Procurement
• Part of strategic sourcing for delivering commercially significant benefits

What is the 5 • At the right price

rights of • Delivered at the right time
eprocurement? • Are of the right quality
• Of the right quantity
• From the right source

What are some Inventory across all types of business broken down into
problems of • Manufacturers
supply chain • Retailers
management? • Merchant wholesales
Supply chain network
• Links with all partners
• Involved multiple supply chains

What are 4 keys Customer centric

elements of a • To serve its customers
• Upstream processes to sp an outstanding service

23
successful Powered by people
supply chain? • Utilize pp to add value
• Attract, retain and retrain are important elements
Transformed by technology
• Technological innovation & adoption have helped transform
Resilient and responsive
• The macro-environment, recognizing risks and impacts are requires a plan

Managing relationships with customers, suppliers and intermediaries is based on

• Info flow
• Transactions between parties

A simple Viewed from a systems perspective

model of • The acquisition of resources (input)
supply chain • Transformation (process) into products
• Services (outputs)
The position of the systems boundary for SCM extends beyond
• Involves improving internal processes
• Includes processes performed in conjunction with suppliers, distributors and
customers

Vendor- • Partners manage the replenishment of parts or items for sale through sharing of
managed information on variations in demand
inventory • Stocking level for goods used for manufacture or sale
(VMI)

What is Is essential to the efficient management of supply chain

logistics? Is classified into
• Inbound logistics: the management of material resources entering from suppliers and
other partners

24
 • Outbound logistics: the management of resources supplied from its customers and
intermediaries
Only technologically advanced retailers and logistics providers are able to offer same-day
delivery

What are the 4 • Products need to be locally available

supply chain • Retailers need to have a real-time overview of their inventories
and logistics • Picking and packing processes need to be fast
prerequisites • Flexible enough to pick up and deliver orders ad hoc during multiple times throughout
stages? the day

Push and pull • A change in supply chain thinking, and also in marketing communications thinking
supply chain • The move from push models of selling to pull models
model • To combined push–pull approaches

Push supply • Emphasizes distribution of a product to passive customers

chain • To optimize the production process for cost and efficiency

Pull supply • Emphasis on using the supply chain to deliver value to customers who are actively
chain involved in product and service specification
• Focused on the customer’s needs and starts with analysis of their requirements

25
Michael • Internal – boundaries of an organization
Porter’s value • External – activities performed by partners
chain (VC) • Improve their efficiency and effectiveness
o Within each element – procurement, manufacture, sales and distribution
o At the interface between elements – sales and distribution
• Value = (Benefit of each VC activity − Its cost) + (Benefit of each interface between
VC activities − Its cost)

Key weaknesses • Physical products as opposed to providing services

of traditional • Does not highlight the importance of understanding customer needs
VC • Does not emphasize the importance of

26
The value • A concept closely related to VC, defined as
stream o Prob-solving task
o Info management task
o Physical transformation task
• The combination of actions required to deliver value to the customer as products and
services

How to add Cutting out waste in each of these three management tasks
value? • Reducing new product development, production times and costs
• Increase customer value by decreasing fulfilment time or price
• Increasing product and service quality

What is the 5 1. Assess info intensity of value chain

step-step 2. Determine the role of IS in the industry structure
process of an 3. Identity and rank the ways in which IS might create competitve advantage
analytical 4. Investigate how IS might spawn new businesses
framework 5. Dev a plan for using IS, which is business-driven rather than technology-driven

Value chain Value stream analysis, creating new products and delivering products or services to customers
analysis and then categorise them as
• Create value as perceived - create no value
• Don’t add value
• Improvements in the value chain: create a consensus forecast
• Statistical of diff departments or companies for improved decision - creating a
preliminary delivery plan
• Reduce planning effort
• Create a preliminary production plan - integrate several entities
• Adjust delivery and production plan - visibility info
• Settle delivery and production plan - overall benefits

Value networks • Reduced time to market and increased customer responsiveness

• The result of reviewing the efficiency of internal processes and how IS are deployed
• How partners can be involved to outsource some processes
• External value chain or value network - links between an org and its strategic and non-
strategic partners

Value network • Supply-side partners

characteristics o Upstream supply chain
of partners o Fulfil primary or core value chain activities

27
 o Outsource
• Sell-side partners
o Downstream supply chain
o Value chain integrators or partners (e-infrastructure)

What can value The value network offers a diff perspective that is intended to emphasize
network offers • The digital interconnections between partners and the organization and directly
between partners that potentially enable real-time information exchange
• Dynamic nature of the network
• Diff types of links between diff types of partners

Options for Supply chain management options can be viewed as a continuum between
restructuring • Internal control (‘vertical integration’)
the supply o The extent to which supply chain activities are undertaken and controlled
chain • External control through outsourcing (‘virtual integration’)
o The majority of supply chain activities are undertaken and controlled outside
by third parties

28
 Three decisions of framework choices for vertical integration strategy
• The direction of any expansion
• Direct ownership at upstream or downstream - the extent of vertical
integration
• How far
• The balance amongst the vertically integrated stages
o What extend the supply chain focus on

Supply chain • To improve supply chain efficiency is dependent on effective exchange and sharing of
information
• The challenges of achieving standardized data formats and data exchange for
optimization

Information • An information-centric view of the supply chain

supply chain • Addresses the organizational and technologcial challenges
(ISC) • Achieving technology-enabled supply chain management efficiency and effectiveness
Two types of information sharing and coordination problems in the retail and consumer
goods industries
• The transactional information flow that allows for coordinating the physical demand
and supply chain
• The contextual information flow that ensures retailers and manufacturers interpret
data
Well-established problem is the ‘bullwhip effect’ or information asymmetry
• Imperfect information sharing between members of a supply chain
• Increases uncertainty about demand and pricing

29
Technology • Data transfer options in standards to enable eSCM, -EDI
options and • Established and relatively simple method of exchanging orders, delivery notes in
standards for invoices
Supply Chain • XML or XML-EDI based data transfer
management o Enable more sophisticated one-to-many data transfers
• Middleware or software
o Integrate or translate external systems in real time
• Manual email orders online purchase
o Traditional web-based e-commerce store for B2B

Benefits of e- • Increase the efficiency of individual processes: e-procurement

supply chain • Reduced the complexity of a supply chain: disintermediation
management • Improved data integration between elements of the supply chain: optimize the supply
with respect to process
B2B • Reduced-cost through Outsourcing: price competition
• Innovation: e-SCM

Supply chain Key activities of Upstream Supply Chain management

IS-supported • procurement and Upstream Logistics
upstream • RFID end The Internet of Things
supply chain Radio-frequency identification (RFID)
management • Microchip-based electronic tags are used for monitoring anything they are attached to
• Internet of Things (IoT): objects are uniquely identified in tagged through
technologies

Supply chain Key activities up downstream supply chain management

IS-supported • Outbound logistics
downstream • Fulfillment
supply chain Outbound logistics management
management • Relates to the expectations of offering direct sells through a website

IS Supply chain visibility - assess to all stakeholder

infrastructure
for supply
chain
management

30
Data Benefits approach for retailers
standardization • Order and item administration
and exchange • Coupon rejection
• Data management efforts
• Improvement of on-shelf availability, w/ out-of-stock items

The supply SOSTAC ™

chain
management
strategy process

31
eSCM
• Strategies for supply chain improvement according to the scope of change in a speed of
change
• 4 strategic options for the supply chain
• 2 strategies that are relatively limited scope apply
o Individual processes such as procurement or outbound logistics
o Delivery improvement and an operational level

32
How to • Cost in supply chain: all cost
manage eSCM • Profitability: ROI
effectively? • Customer responsiveness: time required
• Flexibility: volume, delivery, mix, new product
• Supply chain partnership: level and degree
• Producion level metric: range of product
• Delivery perf
• Customer service and satisfaction
• Supply chain finance and logistic cost
• Cost perf: material, labour, energy, inventory
• Internal and external time perf: time to market, setup
• Quality perf
• CRM for eSCM

Managing Modification of supply chain partnership

partnerships • Competencies
for eSCM o Focus
o Reduce suppliers

33
 o Develop strong partnership
o Share info and trust
Long-term arrangeent information exchange
• Short-term orders
• Medium-to-long-term capacity commitment
• Long-term financial or contractual agreement
• Product design - perf monitoring - logistics

7 actions of • Select distributors - do not let them select you

managing • Distributors capable - dev markets
global • Long-term partners - treat them well
distribution • Committing - money, managers and proven marketing ideas
• Maintain control - marketing strategy
• Detailed market and financial - from distributors
• Build links - distributors at earliest opportunity

Procurement
process

Types of Production-related - related to product manufacturing

procurement • Operating or non-production-related – whole business
• Office supplies
• Furniture
• Information systems
• MRO (maintenance, repair and operations) goods
• Range of services - travel, professional services like consulting and training
Businesses tend to buy 1 of 2 methods
• Systematic sourcing: regular supplier
• Spot sourcing: fulfillment of an immediate needs

34
8 types of • Traditional manufacturers
intermediary of • Direct sales manufacturers
developing an • Value-added procurement partners - intermediaries
e-procurement • Online hubs – vertical portals
strategy • Knowledge experts
• Online information services
• Online retailers
• Portal communities – seek different online information

Participants in • E-sourcing: finding potential new supplier

diff types of e- • E-tendering: process of screening supplier
procurement • RFI: request for information
• RPF: request for price
• E-informing: qualification of supplier for suitability
• E-reverse auctions: enable the purchasing to buy goods and services
• E-MRO and web-based ERP: purchase and supply

5 keys drivers Control

or supplier • Improve compliance, achieve centralisation, raise standards, optimise sourcings
selection strategy and improve auditing of data
criteria for e- Cost
procurement • Improve buying leverage (competition, monitoring saving targets and reducing
adoption transactional cost)
Process
• Retionalisation and standardisation
Individual perf
• Knowledge sharing, value-added productivity and improvements
Supplier management
• Reduce numbers

Potential Planning
benefits in • Increase dissemination quality
terms of Development
process • Be incorporated early in new product event
efficiency and Inbound
effectiveness • Efficiency gains (supplier)
and strategic • Vendor-managed inventory (VMI): supply chain partners managing replenishment
approach Production
• Integrate systems managing manufacturing
Outbound
• Fulfilment of products (customers)

35
 • Efficient consumer response (ECR): focus on demand generation

Estimate e- Cost savings from e-procurement

procurement Savings = No. of requisitions x (Original cost - New cost)
cost

The impact of • Effect on profitability

cost savings on • Most model uses (as assumptions)
profitability • Calculate savings
• Return on investment

Barriers to • Competeition - exchanges using collaborative purchasing

adoption of e- • Negative perception - margins reduces
procurement • Negotiated - shared w/ other exchange users (competitors)
issues for • Creation - long process and costly
supplier • Culture - resistance to change

Types of Stock control system - production-related procurement

systems CD or web-based catalogue - quicker to find

Email-based or data-based workflow systems - extended to accounting systems

Order-entry on website - order directly
• Accounting systems
• Integrated e-procurement or ERP systems - integrate all facilities

36
Integrate Three models
company
systems w/
supplier
systems

37
B2B Electronic B2B marketplaces
marketplaces • Marketplaces, exchanges or hubs virtual locations
were heralded • Intermediaries part of the reintermediation

38
as transforming General digital marketplace
B2B purchases • Alibaba.com

Types of Metamediaries
marketplace • 3rd party provide a single point of contact and deliver a rage of services between
customers and supplier
A taxonomy of B2B marketplaces by existing classifications
• How businesses buy – systematic purchasing or spot purchasing
• What businesses buy – manufacturing inputs or operating resource inputs

The future of Software agents

e-procurement • A software programs that assists humans by automatically gathering info from
o The internet
o Exchanging data with another agents based on parameters supplied by user

Summary
1. Main elements of supply chain management and e-procurement
2. Potential of IS to sp supply chain management and procurement
3. Analyze procurement methods to evaluate cost savings

39
Week 8 - Chapter 8- Outsourcing and management of IT/IS infrastructure

Question Answer

1, What are the • plan the use of information systems (IS) to accomplish organisational goals and strategy
main functions of • manage outsourcing relationships
IT/IS ? • protect information assets
• develop, operate and maintain the organisation’s computing infrastructure
• develop, operate and maintain applications.

2, How is the
IT/IS Department
organized?

- CIO usually report directly to CEO, but sometimes they report to COO, then the COO will report
to CEO
- IT/ IS Department includes:
• Technology office: investigates new IS technology and determines how org can benefit from
them. CTO heads this group (they sort out ideas to identify which are most relevant to org).
• Operations: manage computing infrastructure: individual computers, computer center,
network, communication media,... They monitor user experience and respond to user
problems.
• Development: manage the process of creating new IS and maintaining existing IS
(maintenance in this context means either removing problems or adapting existing IS to
support new features and functions).
• Outsourcing relations: negotiate outsourcing agreements with other companies to provide
equipment, services,...
• Data administration: protect data and in4 assets by establishing data standards and data-
management policies.
-> In a larger org, there might be more groups: data warehousing, data marts,...

40
3, What is the - IS: exist to help the org achieve its goals and objective, it has 5 components: hardware, software,
difference database, network and people.
between IT and IS - IT: is just technology, it concerns the products, techniques, designs of computer- based technology.
? IT must be placed into the structure of IS before org can use it.

4, How do org • Align IS with with organisational strategy:

plan the use of - There are 2 organisational strategies:
IT/IS? • Org is the cost leader in the industry
• Org can differentiate its products across the industry.
-> Whatever the strategy, CIO and IT/IS Department must be vigilant to align IT/IS with it.
• Communicate IT/IS issues with Executive group:
- CIO is representative for IT/IS issues within executive staff
- CIO provides IT/IS perspective during discussions of problem solutions, proposals, and new
initiatives.
• Develop and enforce IS priorities within IS Department:
- CIO must ensure that priorities consistent with the overall org strategy are developed and then
communicated to the IT/IS department.
- CIO must also ensure that the department evaluates proposals and projects for using new tech in
light of those priorities.
- CIO must also enforce IS to be the most appropriate with org strategy.
• Sponsor the steering committee:
- A steering committee is a group of senior managers from the major business functions that works
with the CIO to set the IT/IS priorities and decide among major IT/IS projects and alternatives.
- The steering committee serves an important communication function between IT/IS and the users.
In the steering committee, information systems personnel can discuss potential IT/IS initiatives and
directions with the user community. At the same time, the steering committee provides a forum for
users to express their needs, frustrations and other issues they have with the IT/IS department.
- Typically, the IS department sets up the steering committee's schedule and agenda and conducts the
meetings. The CEO and other members of the executive staff determine the membership of the
steering committee.

41
5, What are the - Outsourcing: the process of hiring another org to perform service. It is done to save cost, gain
advantages and expertise and to free management time.
disadvantages of - Advantages:
Outsourcing? Management advantages:
• obtain expertise
• Avoid management problems
• Free up management time
Cost reduction:
• Obtain part- time services
• Gain economies of scale
Risk reduction:
• Cap financial risk
• Improve quality
• Reduce implementation risk.
*Note: - Gain economies of scale: means many companies have the same service vendors, so whenever
the service changes into a new one, the vendors just need one time to change all the services of those
companies -> the charge for each company will reduce.
• Reduce implementation risk: means prevent the risk of picking wrong hardware,...
- Disadvantages:
• Risk of exposing confidential data and IP: When an organisation outsourced HR,
payroll and recruitment services, it involves a risk of exposing confidential company
information to a third-party. This may also include intellectual property.
• Synchronising the deliverables: In case you do not choose the right partner for
outsourcing, some of the common problem areas include stretched delivery time frames,
sub-standard quality output and inappropriate categorisation of responsibilities. At times
it is easier to regulate these factors inside an organisation rather than with an outsourced
partner.
• Hidden costs: Although outsourcing most of the time is cost-effective. Hidden costs
involved in signing international contracts can result in unexpected outcomes.
• Lack of customer focus: An outsourced vendor may be catering to the expertise-needs of
multiple organisations at a time. In such situations vendors may lack complete focus on
your organisation’s tasks.
• Reputation and Social backlash: A company’s reputation may be damaged to their key
customers if the service provided by the outsourcing company is contrary to their social
values.

42
6, What are
alternatives to
outsourcing?
(p.169)

7, What are the • Loss of control

risks of - Vendor in the driver's seat.
outsourcing?
- Technology direction.
- Potential loss of intellectual capital.
- Product fixes, enhancements in vendor's priority.
- Vendor management, direction or identity changes.
- CIO superfluous?
• Benefits outweighed by long-term costs
- High unit cost, forever.
- Paying for someone else's mismanagement
- In time, the outsource vendor is the de facto sole source.
- May not get what you pay for but don't know it.
• No easy exit
- Critical knowledge in the minds of vendors, not employees.
- Expensive and risky to change vendors.

8, What is cloud - A way helps businesses solve their IT- infrastructure related issues.
computing? - A model for enabling ubiquitous, convenient, on- demand network access to a shared pool of
(p.174) configurable computing resources (e.g: network, servers, storage, application, services) that can be
rapidly provisioned and released with minimal management effort or service provider interaction.

43
9, What are cloud - On- demand self- service:
computing - Rapid elasticity:
characteristics? - Broad network access:
- Resource pooling:
- Measured service:

10, How many - Infrastructure as a service:

different cloud - Platform as a service:
computing service - Software as a service:
models?

11, What are 2 - Public cloud: can be used by any interested party
types of clouds? - Private cloud: used in internal org to balance demand and supply of cloud computing within org.

12, Various - Availability/ Reliability:

concerns that org - Scalability:
have to consider - Security, privacy, compliance:
when managing - Diversity of offering:
their cloud - Openness:
infrastructure - Costs:
-> There are various issues to consider when moving to cloud infrastructure, each org has to make
choices about how to harness the opportunities the cloud offers while minimizing potential
drawbacks.

13, How many - Service- oriented architecture: used for flexibly deploying new applications
various other - Grid computing: help solve large- scale computing problems
applications are - Content delivery networks: increase web application performance
provided by the - IP convergence: transmit voice, video communication over the Internet.
cloud?

14, Which are 3 - The on-demand business model: The on-demand economy is defined as the economic activity
new models of created by technology companies that fulfil consumer demand via the immediate provisioning of
business? goods and services.
- Crowd purchasing model: Also known as collective buying, offers products and services at
significantly reduced prices on the condition that a minimum number of buyers would make the
purchase.
- Platform business model: A platform business model is a business model that connects two or
more participating sides and allows them to interact with each other. The goal of the business model is
to enable interactions.
-> Generally, these models are often referred to under the umbrella of ‘disruptive innovation’. This
concept of 'disruption' describes a process whereby a smaller company with fewer resources is able to

44
 successfully challenge established incumbent businesses. Specifically, as incumbents focus on
improving their products and services for their most demanding (and usually most profitable)
customers, they exceed the needs of some segments and ignore the needs of others.

-> Business Canvas Model template:

15, What is the

- The on-demand economy is revolutionising commercial behaviour in cities around the world. The
on- demand
number of companies, the categories represented, and the growth of the industry is expanding at an
business model?
accelerating pace. The businesses in this new economy represent the manifestation of years of
technological innovation and an evolution in consumer behaviour.
- The new on-demand models have opened the door to real-time fulfilment of goods and services,
which consumers have embraced with a frequency that is unprecedented. It is no longer a question of
if the on-demand economy will revolutionise the way people transact or create thousands of jobs or
move governments ... this is all happening. The question is 'when' the services offered in this economy
will begin to be utilised by consumers outside of the tech-savvy, early adopters.

45
16, What is a
- Origins of group buying can be traced to China where team buying was executed to get discount
crowd purchasing
prices from retailers when a large group of people was willing to buy the same item. In recent times,
model?
group buying websites have emerged as a major player in online shopping business. Typically, these
websites feature a 'deal of the day', with the deal kicking in when a set number of people agree to buy
the product or service.
- Buyers then print off a voucher to claim their discount at the retailer. Many of the group-buying sites
work by negotiating deals with local merchants and promising to deliver a higher foot count in
exchange for better prices. One of the first B2C group-buying websites developed in the late 1990’s
was Mobshop of the U.S. Users allied with consumers of the same intent through the Internet,
developed a bargaining ability and then acquired merchandise at a lower price.
- This concept of group buying power has also been extended recently to entities that have no real
relationship with one another other than sharing a postcode or subscribing to a similar personal
service, like a gymnasium, car servicing, holiday destination, etc. The term of these relationships may
only last a few minutes and may only require a brief interview or signup process but the outcome of
these relationships is about producing an outcome that is mutually beneficial to all concerned. But the
outcome of these relationships, unlike the low level personal, instantaneous gratification outcomes,
these outcomes may also last for months and maybe years. These include:

• group energy provider (gas and electricity and solar panels)

• group data and mobile services (home and mobile communication plans)
• group car servicing
• group gym memberships.

17, What is the

- To differentiate platforms business models from other traditional business models, a traditional
platform business
business model works by the business creating value and pushes it out to consumers, and value
model?
essentially flows in one direction. The whole business works mainly in one way. If you think of
traditional manufacturing, traditional service delivery models, traditional media, all of them work one
way.
- A platform business model, instead of creating value and pushing it out, acts as an infrastructure on
which producers and consumers can connect and interact with each other and sets the conditions that
govern how the interactions should happen, what kinds of interactions are high quality, and which
kinds of interactions are not high quality.

18, What is green

Green technology refers to the use of technology that makes products and
technology?

46
 processes are more environmentally friendly, for example, by reducing CO2 emissions or by
making products more biodegradable. Overall, green technology aims at contributing to
environmental sustainability.
In general, terms green ICT and green IT are common terms used in various publications and literature.
These terms refer to more generic types of ICT and IT which are eco-friendly. The term green ICT is also
used in this context to refer to generic eco-friendly ICT products and applications.

Summary
- Main functions of IS/IT
- Departments of IS/IT and the ways org use IT/IS
- Pros and cons of Outsourcing and risks of outsourcing
- 3 new business models
- Green technology

47
Week 9 - Chapter 9: Business intelligence

Question Answer

What are data DIKW pyramid (data - information - knowledge - wisdom)

basics?

Data
• Raw facts (alphanumeric, image, audio, video)
Information
• Data in context
Wisdom
• Insights
Information creation process

48
 • Observation and codification of data and statistics → store relevant information as knowledge in
a file system (each used its own applications to access data; request info → create report → data
becomes useful info)

What is a • Is used to aid in the process of using data to create information and knowledge
database? o Alter 2002: data items stored, controlled, accessed on a computer, based on predefined
relationships
o Rob & Coronel 2002: computer structure housing related data (raw facts) and metadata
(data characteristics and relationships)
• Moore 2017: databases allow us to manage our data, look after the integrity of our data
and afford just-in-time reporting through queries to the database itself. The database
forms a repository for our information system
• Single user (Access) or multiple users (Oracle)

Data Shared access and simultaneous users

fundamentals? Databases and query language
Self-describing databases
• Extra data for stored data - metadata
Structured Query Language (SQL)
• A standard computer language for relational database management and data manipulation
• Query, insert, update and modify data

What are the 2 Flat file databases

most popular • Simple database w/ unrelated records and unlinked tables within the database (e.g. Excel)
types of Relational database
databases? • Most popular database
• Tables are related/linked
• Reduce redundant data by using ‘keys’
• E.g. Access
• One or more data or record characteristics relate to one or many records to form functional
dependencies:
o One to One: One table record relates to another record in another table
o One to Many: One table record relates to many records in another table
o Many to One: More than one table record relates to another table record
o Many to Many: More than one table record relates to more than one record in another
table
• Structure: tables containing
o rows
o a record equivalent to 1 of the entities the table is about
o attributes (or fields, represented by columns)

49
 o an attribute (a piece of data on an entity, e.g. student number, name, date of birth) with a
specific type (text, number, date).

5 integrity rules • Accuracy

of data • Completeness
• Consistency
• Timeliness
• Uniqueness

What is database • A collection of programs that enables you to store, modify, and extract information from a
management database
system (DBMS)? • Handles security, integrity constraints (ensure uniqueness) and who has access to certain areas
• A software package designed to define rules to validate and manipulate data, manipulate data
itself, the data format, field names, record structure and file structure, retrieve and manage data
in a database
• Include
o Software that permits centralisation of data
o Data management so that businesses have a single consistent source for all their data
needs

What is data Where data is stored

warehouse? • Data mart: subsets
• Data mining: for strategic decision making

Common DBMS • Providing a user view

functions? • Physically storing and retrieving data in a database
• Allowing the creation and modification of the database
• Manipulation of data and the generation of reports

Implement a Ensure database sps both business activities and goals

DBMS?

Link database to A large percentage of corporate databases are accessed over the internet through a standard web browser
the internet → convenient for individual users, increases effectiveness and efficiency for businesses and organisations

What is business • A technology-driven process for analysing data and presenting actionable information to help
intelligence? corporate executives, business managers and other end users make more informed business
decisions
• encompasses many tools, applications and methodologies that enable organisations to collect
data from internal systems and external sources for analysis to corporate decision makers as well
as operational workers

50
How to select a • Org’s info needs → the type of collected data, type of used database management system
database • Analyze database needs & characteristics:
management o Database size: The number of records or files in the database.
system? o Database cost: The purchase or lease costs of the database.
o Concurrent users: The number of people who need to use the database at the same time
(the number of concurrent users).
o Performance: How fast the database is able to update records.
o Integration: The ability to be integrated with other applications and databases.
o Vendor: The reputation and financial stability of the database vendor (Stair & Reynolds
2010).
• Database size doubles about every year or two

What is • Ss one aspect of business intelligence and

competitive • Is limited to information about competitors and the ways knowledge affects strategy, tactics and
intelligence? operations
• BI tech
o Sp strategic and tactical decision-making processes
o Data visualisation for charts/infographics...
o Build BI dashboards and performance scorecards showing visualised data on business
metrics and key performance indicators for faster understanding
o BI applications can be bought separately from different vendors or as part of a unified BI
platform from a single vendor
• Business intelligence data typically is stored in a data warehouse or smaller data marts that hold
subsets of a company's information

What do business • Decision support systems

intelligent • Query analysis
applications help • Ad hoc reports
with? • Analysis tools
• Reporting
• Trend line analyse
• Plan, budget and forecast
• Plan versus actual
• Performance management
• Scorecards - a semi-standard structured report to keep track of staff activities

Summary: Database management technology is another major component of IT infrastructure for information systems. A
database management system (DBMS) consists of software that permits centralisation of data and data management so that
businesses have a single consistent source for all their data needs. A single database services multiple applications. The DBMS
separates the logical and physical views of data so that the user does not have to be concerned with the data's physical

51
location. The principal capabilities of a DBMS include a data definition capability, a data dictionary capability, and a data
manipulation language (Laudon & Laudon 2010).

Week 10 - Chapter 11: Customer relationship management and enterprise resource

planning

Question Answer

Sway + Modules

Information silos • An issue facing many businesses is a problem named information

silos. This describes the situation where each department, or
functional application, within an organisation has held its own
information in separate databases, filing cabinets or even
individual computers.
• These silos of information bring issues as data is duplicated for
each functional application, the business process is separated by
department lines, creating disjointed systems these barriers
generally stifle collaboration and enforce inefficiencies.
• In response to information silos, organisations have sought to
integrate functions and their business processes. Allowing data
and information to flow freely between different parts of an
organisation greater organisational control, coordination and
responsiveness is achieved.

Enterprise system • A system that integrates an organisation's functions is referred to

as an enterprise system. These provide enterprise, or organisation,
wide support for operations and business processes. These
solutions are often generic products, but can also be highly
customisable and integrate business functions such as accounting,
manufacturing and marketing.
• Enterprise systems are implemented to gain efficiency in business
processes, effectiveness in supply chains and develop an overall
understanding of customer needs and behaviours.
• Two of these systems are customer relationship management
(CRM) and enterprise resource planning (ERP).

Customer relationship • CEOs, CIOs and chief marketing officers have become interested
management (CRM) in this topic because of the low-cost and ubiquitous access to

52
 information for customers, the rise of globalisation, and the "death
of distance" mean that customers are more empowered than
ever.(Smith 2015)
• At the same time, competitive differentiation—achieved through
a strategic decision to invent better products that are hard to
imitate, or by being the most efficient producer of a service—has
diminished over time. What remains the same is how challenging
it is to create a superior customer experience that will serve as a
sustainable differentiator.

The enterprise resource Enterprise Resource Planning (ERP)

planning process • The article What is ERP? A guide to enterprise resource planning
systems (Wailgum 2017) describes an ERP as a system that
combines the range of software systems that have been
traditionally required to operate a business into one system
running off one database. The aim of this is to allow departments
across an organisation to share information.
• ERP vanquishes the old standalone computer systems in finance,
HR, manufacturing and the warehouse and replaces them with a
single, unified software program divided into modules that
roughly approximate the old standalone systems. Finance,
manufacturing and the warehouse all still get their own software,
except now the software is linked together so that someone in
finance can look into the warehouse software to see if an order has
been shipped. (Wailgum 2017)
ERP: The core components
• Traditionally ERPs have focused on the internal operations of an
organisation focusing on accounting and finance, managing
accounting data and financial processes such as accounts payable,
budgeting and credit management, production and materials
management (operations), including procurement, inventory
management, shipping and human resources, managing
recruitment, payroll and performance reviews
• Over time these core roles have extended to include further
components of organisations to include the external operational
requirements:
• business intelligence (BI): collecting data throughout the
organisation, organising and applying analytical tools to
assist managers in decision-making
• customer relationship management

53
 • supply chain management
• eBusiness components: including eLogistics and
eProcurement. Customers and suppliers are more likely to
now expect access to some ERP information including
order status and inventory levels.

Challenges of ERP ERP systems contain multiple complex components that are not only
expensive to purchase but also expensive to implement. The high install
costs increase the ERP vendor’s negotiating power, which can increase
support, maintenance and upgrade expenses. The software must perform
many different tasks, this complexity can bring added difficulties in the
implementation of an ERP across an organisation. As most companies do
not carry ERP software expertise within their staff and do not understand
ERP as well as they should, it is easy for an organisation to choose the
wrong package. The costs of implementing an ERP needs to consider the
software and hardware expenses, consulting fees and training fees.

Sách INF

Supply Chain
Management

What is a supply Refer to a collection of companies and processes involved in moving a

chain? product from the suppliers of raw materials to the suppliers of
intermediate components, then to final production and ultimately to the
customer

B2B electronic • Electronic Data Interchange (EDI): refers to computer-to-

commerce: exchanging computer communication (without human intervention)
data in supply following certain standards as set by the UN Economic
networks Commision (for Europe) or the American National Standards
Institute
Portals
• Defined as access points or (front doors) through which a business
partner accesses secured, proprietary information that may be
dispersed throughout an org (typically using extranets)
• Supplier Portals: a subset of an org’s extranet designed to
automate the business processes that occur before, during and
after sales have been transacted between the org and its multiple
suppliers

54
 • Customer Portals: are designed to automate the business processes
that occur before, during and after ales have been transacted
between a supplier and multiple customers
B2B marketplaces

Managing complex
supply networks

Benefits of effectively Just-in-time production (JIT)

managing supply Vendor-managed inventory (VMI)
chain Reducing the bullwhip effect
Corporate social responsibility
• Product recalls
• Sustainable business practices

Optimizing the supply

chain through supply
chain management

Developing an SCM
strategy

Supply Chain 1. Demand Planning & Forecasting

Planning 2. Distribution Planning
3. Production Scheduling
4. Inventory & safety stock planning

Supply chain execution Product flow

• Radio frequency identification
Information flow
• Extensible markup language
Financial flow
• Managing B2B financial transactions
•

Supply chain visibility

& analytics

CRM

Developing a CRM • Policies and business processes

strategy • Customer services

55
 • Employee training
• Data collection, analysis and sharing

Architecture of CRM Operational CRM

system • Sale force automation
• Customer service and support
• Enterprise marketing management
Analytical CRM
• Social CRM
Collaborative CRM
• Greater customer focus
• Lower communication barriers
• Increased information integration

Ethical concerns with

CRM

Enterprise resource
planning

How do information Personal information systems

systems vary by scope? Workgroup information systems
Enterprise information systems
Inter-Enterprise information systems

How do enterprise How do information silos arise?

systems solve the What are the problems with information silos?
problems of How do organisations solve the probs of information silos?
departmental silos? An enterprise system for patient discharge
Enterprise resource planning (ERP) - systems
Enterprise application integration (EAI)
What are the challenges when implementing & upgrading enterprise
systems?
• Collaborative management
• Requirement gaps
• Transition problems
• Employee resistance

How do the inte-

enterprise information
systems solve the

56
 problems of enterprise
silos?

Summary

Week 11 - Chapter 10- Ethics, laws and data security

Question Answer

1, What are the - Confidentiality: Also known as secrecy, meaning that the information assets can be accessed
concepts/ principles of and disclosed only by authorised parties.
information security? - Integrity: Meaning that the information assets can only be modified or deleted by
authorised parties in authorised ways, therefore they are always complete and true.
- Availability: Meaning that the information assets are accessible to the authorised parties in a
timely manner.
-> These are old principles, which do not seem to be sufficiently describing information
security any longer, the following principles are used rather consistently extending the
confidentiality, integrity and availability (CIA) principles as a description of information
security:
- Privacy: protecting the confidentiality and identity of a user (compared to Confidentiality
where the in4 asset itself is protected)
- Accountability: the ability to audit the level of protection provided for in4 assets and the
ability to identify where the responsibility lies to provide such protection.
- Assurance: the measurement of confidence in the level of protection of an in4 asset and the
degree to which a particular control enforces in4 security policy requirements.
- Non- repudiation (Legal enforceability): the ability to “prove” that a sender sent or
receiver received a message (or both), even if the sender or receiver wishes to deny it later.
- Authenticity: both genuineness (not corrupted from the original) and validity (verifying the
identity of a subject requesting the use) of an in4 asset.

2, What are threats to • technical failure (hardware)

information systems? • software failure or malfunction
• data theft
• data corruption: due to human error
• data corruption: due to malicious attack
• downstream effects
• supervisory control and data acquisition (SCADA) attack.

57
3, What are the Factors - More complex systems, distributed data, unmanaged devices
making security harder? - Criminals becoming cleverer leading to increased amount of possible threats
- Crimes often not detected for long periods
- Wide range of users, mostly non-expert and outsourcing issues
- Management unaware of problems
- Security measures often inconvenient
- Substantial costs
- Benefits are hard to quantify.

4, What are three areas 1. People- authentication and authorisation

of information security? 2. Data- prevention and resistance
3. Attacks- detection and response.

5, How many steps to • determine assets to protect from threats

create a security policy? • determine access to various system parts
• identify resources to protect assets
• develop written security policy
• commit resources.

6, What are security • Authentication

policy points ? • Access control
• Secrecy
• Data integrity
• Audit (what caused specific events to happen)

58
7, What are five
components required
balanced attention to
have
effective security ?

8, Monitoring security - Collect feedbacks to ensure that the entire system is working properly
- Capture processing details for evidence
- Check logs for unusual activities
- Verify whether attacks have been unsuccessful

9, Senior management The following are some common mistakes made by senior management when dealing with
mistakes information security:

• Assigning untrained people to maintain security

• Providing neither the training nor the time to learn on the job
• Failing to understand the relationship of information security to the business
problem
o Management often understands physical security but does not see the
consequences of poor information security.
• Failing to deal with the operational aspects of security
o making a few fixes and then not allowing the follow-through necessary
to ensure the problems stay fixed.
• Failing to realise how much money their information and organisational
reputations are worth
• Authorising reactive, short-term fixes so problems re-emerge rapidly
• Pretending the problem will go away if ignored.

10, Specific threats and • All the vulnerabilities that exist in a conventional wired network apply to wireless
vulnerabilities technologies.

59
for Wireless networks • Malicious entities may gain unauthorised access to an agency's computer network
security through wireless connections, bypassing any firewall protections.
• Sensitive information that is not encrypted (or that is encrypted with poor
cryptographic techniques) and that is transmitted between two wireless devices
may be intercepted and disclosed.
• DoS attacks may be directed at wireless connections or devices.
• Malicious entities may steal the identity of legitimate users and masquerade as
them on internal or external corporate networks.
• Sensitive data may be corrupted during improper synchronisation.
• Malicious entities may be able to violate the privacy of legitimate users and be able
to track their movements.
• Malicious entities may deploy unauthorised equipment (e.g., client devices and
access points) to surreptitiously gain access to sensitive information.
• Handheld devices are easily stolen and can reveal sensitive information.
• Data may be extracted without detection from improperly configured devices.
• Viruses or other malicious code may corrupt data on a wireless device and
subsequently be introduced to a wired network connection.
• Malicious entities may, through wireless connections, connect to other agencies or
organisations for the purposes of launching attacks and concealing their activities.
• Interlopers, from inside or out, may be able to gain connectivity to network
management controls and thereby disable or disrupt operations.
• Malicious entities may use third-party, untrusted wireless network services to gain
access to an agency's or other organisation's network resources.
• Internal attacks may be possible via ad hoc transmissions.

11, The difference

between the different
wireless security
methods

60
 Wired Equivalent Privacy (WEP) Wireless Protected Access (WPA and
Wired Equivalent Privacy (WEP) is an older WPA2)
network security method that's still available Wireless Protected Access encrypts
to support older devices, but it's no longer information and makes sure that the network
recommended. When you enable WEP, you security key has not been modified. Wi-fi
set up a network security key. This key Protected Access also authenticates users to
encrypts the information that one computer help ensure that only authorised people can
sends to another computer across your access the network. There are two types of
network. However, WEP security is WPA authentication: WPA and WPA2,
relatively easy to break into and compromise WPA is designed to work with all wireless
the networks integrity network adapters, but it might not work with
older routers or access points. WPA2 is more
secure than WPA, but it will not work with
some older network adapters.

12, Difference between - The key difference between laws and ethics is that laws carry the authority of a governing
ethics and laws body, and ethics do not .
- Laws: are rules that mandate or prohibit certain behaviour. They are drawn from ethics,
which define socially acceptable behaviours.
- Ethics: are based on cultural mores, the fixed moral attitudes or customs of a particular
group. Some ethical standards are universal.
E.g: murder, theft, assault, and arson are actions that deviate from ethical and legal codes
throughout the world.

13, Types of ethics

Descriptive ethics Normative ethics Information ethics (cyber

ethics)

Descriptive ethics is the Normative ethics is the Information ethics govern the
study of how people do study of how people ought ethical and moral issues arising
behave, and how they think to behave. It is an from the development and use
they should behave. It is argumentative discipline of information technologies, as
grounded in observation of aimed at sorting out what well as the creation, collection,
some sort—looking at duplication, distribution and

61
 people as they are, not behaviours (or rules for processing of information
necessarily as they should be. behaviour) would be best. itself.

14, Types of laws Civil law comprises a wide variety of laws that govern a nation or state and deal with the
relationships and conflicts between organisational entities and people.
Tort law is a way in which the law can interfere with relationships between private individuals
to correct a form of conduct or wrong. A large number of torts exist, and they generally derive
their legal status from the common law.
Criminal law addresses activities and conduct harmful to society, and is actively enforced by
the state. Law can also be categorised as private or public.
Private law encompasses family law, commercial law, and labour law, and regulates the
relationship between individuals and organisations.
Public law regulates the structure and administration of government agencies and their
relationships with citizens, employees, and other governments. Public law includes criminal,
administrative, and constitutional law

15, Four levels of Level 1: Accessing data or impairing electronic communication done with intention to
Australian Cybercrimes commit a serious offense
Act Level 2: Impairing or modifying data or impairing electronic communications done with
intent to cause harm or inconvenience
Level 3: Possession, control, production or supply of data with the intent to commit any of
the above computer offenses
Level 4: Accessing data that is subject to an access control restriction

16, Code of ethics The primacy of the public interest: You will place the interests of the public above those of
personal, business or sectional interests.
The enhancement of quality of life: You will strive to enhance the quality of life of those
affected by your work.
Honesty: You will be honest in your representation of skills, knowledge, services and
products.
Competence: You will work competently and diligently for your stakeholders.
Professional development: You will enhance your own professional development, and that
of your colleagues and staff.
Professionalism: You will enhance the integrity of the Society and the respect of its members
for each other.

62
Summary:
- In the past, there were only 3 principles of in4 security, but nowadays they are extended to 5 principles: privacy,
accountability, assurance, non- repudiation (Legal enforceability), authenticity.
- There are many threats that cause in4 systems and many factors that make in4 security become harder.
- There are 5 steps to create security policy and security policy has to adapt those points: Authentication, Access control,
Secrecy, Data integrity, and Audit.
- Common mistakes made by senior managers when dealing with in4 security
- Specific threats and vulnerabilities for Wireless networks security & difference between different Wireless network
security.
- 3 types of ethics and 5 types of laws

63