Front Back
Systems Analysis and Design
the process of completing an IS project4 Essential Ingredients:People, Methodology, Management, Tools
People
IS project team; Stakeholders
Methodology
provides a framework for both the management and technical processes of an IS project, Waterfall model, Evolutionary model, Agile model
Waterfall Model
sequential
Evolutionary Model
clear end and beginning (prototyping)
Agile Model
break into small chunks; burn through as quickly as possible
Project
temporary endeavor that has a defined start and end point and is undertaken to create a unique product, market or unit
Project Management in IS
Project scope, resources needed, time
Risk Management
recognize, address and eliminate sources of risk before they become a threat to the successful completion of the project
Responses to Risk
Risk Transfer, Risk Deferral, Risk Reduction, Risk Acceptance, Risk Avoidance
Risk Transfer
move risk to someone else; someone better able to deal
Risk Deferral
adjust schedule to move activity to a later date when the risk is less
Risk Reduction
reduce probability of risk
Risk Acceptance
accept the risk, but make sure contingency plans are in place
Risk Avoidance
eliminate risk entirely
Tools of Risk Management
1. Project Management Software2. Computer Aided Software Engineering Tools
Risk Assessment
Risk Identification, Risk Estimation, Risk Evaluation, Risk Mitigation
Risk Identification
identification of factors that can cause potential loss
Risk Estimation
estimation of the likelihood and impact of the risk
Risk Evaluation
comparison of potential risks to risk acceptance/tolerance criteria and prioritization
Risk Mitigation
determination of how to address high priority risk
Disaster Recovery
how do we rebuild our IS when they are destroyed or rendered incapable
Business Continuity Planning
how do we restore business operations when an event disrupts our ability to undertake business processes
Questions Asked Before Acquiring an IS
1. Is there a distinct need?2. Is it feasible?3. make, buy, lease?4. Do we develop In-House or Outsource?
Feasibility Analysis
Looking at the Technical, Financial and Operational factors to determine if an IS is feasible
Organizational
Stakeholder analysis
Financial
cost/benefit analysis (tangible and intangilble)
Development Choices
Acquisition, Leasing, Building
Acquisition
Advantages: faster, less costly than buildingDisadvantages: little or no competitive advantage, may need to compromise on features
Leasing
Advantages: lowest cost and fastest, vendors handle maintenance and updates, does not require IS staffDisadvantages: no competitive advantage, no control over features
Building
Advantages: provides competitive advantage, retain controlDisadvantage: longest time, highest cost
Open-Source
source code can be modified by anyone or a select group
Closed-Source
Proprietary software is computer software licensed under exclusive legal right of the copyright holder.
In-House
Advantage: firm retains controlDisadvantage: higher time and cost
Outsourcing
Advantage: higher level of skill and expertise w/ lower time and costDisadvantage: less control over project
Systems Development Life Cycle
Pre-Inception, Inception, Elaboration, Construction, Transition, Production, Retirement
Pre-Inception
the environment within the organization that fosters an idea for how US can be beneficial
Inception
organization has a concrete idea to build an IS. Focus is on understanding problem and planning project
Elaboration
systems team finalizes requirements for system and creates conceptual models of the systems
Construction
team build initial runny party
Transition
team finalizes system and puts it in place. Final training of users and management completion
Production
after system is up and running, it must be monitored, maintained and evaluated. System must be keep date
Retirement
system loses its value to company and must be replaced
Personally Identifiable Information
any information that can be used to uniquely or individually identify, contact, or locate a single person
PII in Use
Good:online payments, air travel, university gradingBad: identity theftcredit card fraud
Privacy Policies
3 Main Purposes:1. Provide assurance that info will be confidential2. Outline exactly what info will be shared3. Protect the organization from lawsuit
CIAs of Security
Confidentiality: deals with preventing disclosure of info to unauthorized individualsIntegrity: keeping data intact and retaining an audit trail of modifications to dataAvailability: the system is online and accessible to users
Security Breaches
Unintended disclosureHacking and malwarePayment Card FraudInsiderLoss of Asset
Unintended Disclosure
sensitive info is provided to unauthorized parties
Hacking/Malware
electronic entry by an outside parts
Payment Card Fraud
fraud involving debit/ credit cards not accomplished via hacking
Insider
individual with legitimate access intentionally breaches security
Social Engineering
involves manipulating people into performing actions or divulging information
Spoofing
websites pretending to be someone they are not
Phishing
"fishing" for PII which may use spoofish as a technizue
Prevention
automates, less expensive to maintaingAccess: who needs access to systemAuthorization: asking for permission before performing action
Detection
occurs after incident happens, more $ to maintain

Access the best Study Guides, Lecture Notes and Practice Exams

Login

Join to view and access 3M+ class-specific study document.

or
We will never post anything without your permission.
Don't have an account?
Sign Up

Join to view 2 2 and access 3M+ class-specific study document.

or

By creating an account you agree to our Privacy Policy and Terms Of Use

Already a member?