View
- Term
- Definition
- Both Sides
Study
- All (57)
Shortcut Show
Next
Prev
Flip
MIST 2090: EXAM 3
Systems Analysis and Design |
the process of completing an IS project4 Essential Ingredients:People, Methodology, Management, Tools
|
People |
IS project team; Stakeholders
|
Methodology |
provides a framework for both the management and technical processes of an IS project, Waterfall model, Evolutionary model, Agile model
|
Waterfall Model |
sequential
|
Evolutionary Model |
clear end and beginning (prototyping)
|
Agile Model |
break into small chunks; burn through as quickly as possible
|
Project |
temporary endeavor that has a defined start and end point and is undertaken to create a unique product, market or unit
|
Project Management in IS |
Project scope, resources needed, time
|
Risk Management |
recognize, address and eliminate sources of risk before they become a threat to the successful completion of the project
|
Responses to Risk |
Risk Transfer, Risk Deferral, Risk Reduction, Risk Acceptance, Risk Avoidance
|
Risk Transfer |
move risk to someone else; someone better able to deal
|
Risk Deferral |
adjust schedule to move activity to a later date when the risk is less
|
Risk Reduction |
reduce probability of risk
|
Risk Acceptance |
accept the risk, but make sure contingency plans are in place
|
Risk Avoidance |
eliminate risk entirely
|
Tools of Risk Management |
1. Project Management Software2. Computer Aided Software Engineering Tools
|
Risk Assessment |
Risk Identification, Risk Estimation, Risk Evaluation, Risk Mitigation
|
Risk Identification |
identification of factors that can cause potential loss
|
Risk Estimation |
estimation of the likelihood and impact of the risk
|
Risk Evaluation |
comparison of potential risks to risk acceptance/tolerance criteria and prioritization
|
Risk Mitigation |
determination of how to address high priority risk
|
Disaster Recovery |
how do we rebuild our IS when they are destroyed or rendered incapable
|
Business Continuity Planning |
how do we restore business operations when an event disrupts our ability to undertake business processes
|
Questions Asked Before Acquiring an IS |
1. Is there a distinct need?2. Is it feasible?3. make, buy, lease?4. Do we develop In-House or Outsource?
|
Feasibility Analysis |
Looking at the Technical, Financial and Operational factors to determine if an IS is feasible
|
Organizational |
Stakeholder analysis
|
Financial |
cost/benefit analysis (tangible and intangilble)
|
Development Choices |
Acquisition, Leasing, Building
|
Acquisition |
Advantages: faster, less costly than buildingDisadvantages: little or no competitive advantage, may need to compromise on features
|
Leasing |
Advantages: lowest cost and fastest, vendors handle maintenance and updates, does not require IS staffDisadvantages: no competitive advantage, no control over features
|
Building |
Advantages: provides competitive advantage, retain controlDisadvantage: longest time, highest cost
|
Open-Source |
source code can be modified by anyone or a select group
|
Closed-Source |
Proprietary software is computer software licensed under exclusive legal right of the copyright holder.
|
In-House |
Advantage: firm retains controlDisadvantage: higher time and cost
|
Outsourcing |
Advantage: higher level of skill and expertise w/ lower time and costDisadvantage: less control over project
|
Systems Development Life Cycle |
Pre-Inception, Inception, Elaboration, Construction, Transition, Production, Retirement
|
Pre-Inception |
the environment within the organization that fosters an idea for how US can be beneficial
|
Inception |
organization has a concrete idea to build an IS. Focus is on understanding problem and planning project
|
Elaboration |
systems team finalizes requirements for system and creates conceptual models of the systems
|
Construction |
team build initial runny party
|
Transition |
team finalizes system and puts it in place. Final training of users and management completion
|
Production |
after system is up and running, it must be monitored, maintained and evaluated. System must be keep date
|
Retirement |
system loses its value to company and must be replaced
|
Personally Identifiable Information |
any information that can be used to uniquely or individually identify, contact, or locate a single person
|
PII in Use |
Good:online payments, air travel, university gradingBad: identity theftcredit card fraud
|
Privacy Policies |
3 Main Purposes:1. Provide assurance that info will be confidential2. Outline exactly what info will be shared3. Protect the organization from lawsuit
|
CIAs of Security |
Confidentiality: deals with preventing disclosure of info to unauthorized individualsIntegrity: keeping data intact and retaining an audit trail of modifications to dataAvailability: the system is online and accessible to users
|
Security Breaches |
Unintended disclosureHacking and malwarePayment Card FraudInsiderLoss of Asset
|
Unintended Disclosure |
sensitive info is provided to unauthorized parties
|
Hacking/Malware |
electronic entry by an outside parts
|
Payment Card Fraud |
fraud involving debit/ credit cards not accomplished via hacking
|
Insider |
individual with legitimate access intentionally breaches security
|
Social Engineering |
involves manipulating people into performing actions or divulging information
|
Spoofing |
websites pretending to be someone they are not
|
Phishing |
"fishing" for PII which may use spoofish as a technizue
|
Prevention |
automates, less expensive to maintaingAccess: who needs access to systemAuthorization: asking for permission before performing action
|
Detection |
occurs after incident happens, more $ to maintain
|