Front Back
system definition phase
cost and schedule feasibility are only an approximation or back of the envelope analysis the purpose is to eliminate any obvious infeasible ideas as soon as possible
determining system
requirements is the most important phase in the systems development process if the requirements are wrong the system will be wrong if the requirements are determined completely and correctly, then design and implementation will be easier and more likely to result in success
system conversion
implies the process of converting business activity from the old system to the new conversion can be to the new system only or it can be to the new system including new business
5 major challenges to systems development
The difficulty of determining requirements one major purpose of the systems development process is to create an environment where difficult questions re asked and answered Changes in requirements aiming at a moving target Difficulties involving scheduling and budgeting how long to bu…
trade-off
is balancing 3 critical factors: requirements, cost and time
4 critical factors (Manage Development challenges):
Coordination an accurate and complete WBS facilitates coordination, but no project ever proceeds exactly in accordance with the WBS Diseconomies of scale the number of possible interactions among team members rises exponentially wih the number of team members Configuration control Un…
configuration control
a set of management policies, practices and tools that developers use to maintain control over project resources such resources include documents, schedules, designs program code, test suites and any other shared resource needed to complete the project
unexpected event
critical people can change companies, hurricane may destroy an office, the company may have an bad quarter and freeze hiring just as the project is staffing up technology changes, competitors may do something that make sthe project may or less important or he company may be sold ad new ma…
information system security 4 elements
threat- a person or organization that seeks to obtain data or other assets illegally without the owners permission and often without the owners knowledge vulnerability- an opportunity for threats to gain access to individual or organizational assests ex. when you buy online you provide …
security threats and loss
human errors and mistakes- accidental problems caused by both computer crime- intentional or malicious violation against data, software or hardware natural events and disasters- fires, floods, hurricanes, earthquakes, tsunamis, avalanches other acts of nature, initial loss of capability…
Unauthorized data disclosure by malicious activity
pretexting-the act of creating and using an invented scenario to trick a targeted victim into divulging information phishing spoofing- is a term for someone pretending to be someone else sniffing computer crime
denial of service
humans can inadvertently shut down a web server or corporate gateway router by starting a computationally intensive application
denial of service attacks
occur when a malicious hacker floods a web server ex. millions of bogus service requests
personal security safeguards
possible exception of cookie clearing all of them are low cost and easy to implement take security seriously create strong passwords/passphrases use multiple passwords do not send valuable data via email use HTTPS as trusted
System specific security policy elements
A general statement of organization’s security program. Issue-specific policy. System-specific policy.
risk management
risk- threats and consequences we now about uncertainty- things we do not know that we do not know
technical safeguards
identification and authentication encryption firewalls malware protection design for secure applications
malware
spyware and adware symptoms slow system start up sluggish system performance many pop-up advertisements suspicious changes to the taskbar and other system interfaces unusual hard-disk activity
Key Escrow
Trusted party has a copy of encryption key
human safeguards
in house staff-position definition separate duties and authorities determine least privilege document position sensitivity Hiring and screening dissemination and enforcement Termination (friendly and unfriendly non employee personnel contract personnel screening and security trai…
hot site
is a utility company that can take over another companies processing with no forewarning they are expensive, organizations pay 250,000 or more per month for such services
cold site
provide computers and office spaces where customers install and manage systems themselves train an rehearse cutover of operations from the primary center to the backup

Access the best Study Guides, Lecture Notes and Practice Exams

Login

Join to view and access 3M+ class-specific study document.

or
We will never post anything without your permission.
Don't have an account?
Sign Up

Join to view 2 2 and access 3M+ class-specific study document.

or

By creating an account you agree to our Privacy Policy and Terms Of Use

Already a member?