- Control Of Information System
- Audit Of Information System
- Security Of Information System
- Consumer Layered Security Strategy
- Enterprise Layered Security Strategy
- Extended Validation And Ssl Certificate
- Remote Access Authentication
- Content Control And Policy Based Encryption
- Example Of Security In Ecommerce Transaction
- Enterprise Management Systems (Ems)
- 2.1. Enterprise Software (Erp/Crm/Scm)
- 2.2. Information Management And Technology Of Enterprise Software
- 2.3. Role Of Is And It In Enterprise Management
- 2.4. Enterprise Engineering, Electronic Organism, Loose Integration Vs Full Integration, Process Alignment, Framework To Manage Integrated Change, Future Trends
INFORMATION SYSTEM OLD QUESTION SOLUTION IOE 2075-MAGH
1. What is an Information system? How is it different from Information Technology?Explain the types of IS used in an organization.
An Information System (IS) is a set of interconnected components that collect, process, store, and distribute data or information to support decision-making and control in an organization. The components of an IS include hardware, software, data, procedures, and people. Information Systems can be used for a wide variety of purposes, including managing operations, analyzing business data, supporting decision-making, and collaborating with others.
Difference between information system and information technology are
There are several types of IS used in an organization some which are explained below:
Transaction Processing Systems (TPS): These systems are used to collect, process, and store data related to daily operations, such as sales transactions, inventory management, and payroll.
Management Information Systems (MIS): These systems provide information to managers to help them make informed decisions. The data provided by MIS is typically aggregated and summarized to provide a high-level view of an organization's performance.
Decision Support Systems (DSS): These systems are designed to help decision-makers analyze and evaluate different alternatives to make informed decisions. DSS uses data analysis tools and models to provide insights into different scenarios.
Executive Support Systems (ESS): These systems are designed to provide senior managers with strategic information to support long-term planning and decision-making. ESS typically provides information on external factors, such as market trends and competition.
Business Intelligence Systems (BI): These systems use advanced analytics to provide insights into an organization's performance. BI systems can be used to identify trends, track key performance indicators, and support decision-making.
Enterprise Resource Planning (ERP): These systems integrate different business processes, such as finance, manufacturing, and human resources, into a single system. ERP systems provide a centralized database for all business processes and support the coordination of activities across different departments.
2. What is authentication? Does SSL based implementation augment the security of any IS?Why is SSL also paired with TLS in most of the documentation? Prepare a detail on SSL.
Authentication is the process of verifying the identity of a user, system, or device. In the context of Information Systems, authentication is often used to control access to sensitive data or applications. The goal of authentication is to ensure that only authorized users are able to access the resources they need.
SSL (Secure Sockets Layer) is a cryptographic protocol used to secure communication over the internet. SSL works by establishing a secure channel between a client and server, encrypting data sent over the channel, and verifying the identity of the server.
SSL has now been replaced by the newer TLS (Transport Layer Security) protocol, which is used to secure communication over the internet. TLS is an improved version of SSL that provides
stronger encryption and better security features. However, the term SSL is still commonly used to refer to both SSL and TLS.
SSL works by using a combination of public key encryption and symmetric key encryption. When a client connects to a server using SSL, the server sends its SSL certificate to the client, which contains a public key that the client can use to establish a secure channel with the server.
The client and server then negotiate a shared symmetric key that is used to encrypt and decrypt data sent over the channel.
3. Explain Enterprise Management Systems? Discuss its Architecture. Explain the role of IS and IT in enterprise management.
Enterprise Management Systems (EMS) are a type of Information System (IS) used by organizations to manage various aspects of their business operations. These systems are designed to integrate different functions and processes across an organization into a single, cohesive system, providing managers with real-time visibility into their business operations.
EMS typically consist of following common modules
Finance and Accounting Management: This module helps organizations manage their financial transactions, including accounting, budgeting, and financial reporting.
Human Resource Management: This module helps organizations manage their employee-related activities, including payroll processing, employee benefits, and performance management.
Supply Chain Management: This module helps organizations manage their supply chain operations, including procurement, inventory management, and logistics.
Customer Relationship Management: This module helps organizations manage their customer interactions, including sales, marketing, and customer service.
EMS are typically designed using a multi-tier architecture, which consists of several layers, each with a specific function. The three main layers of an EMS architecture include:
1. Presentation Layer: This layer provides a user-friendly interface for interacting with the EMS. This layer typically includes a web-based interface or a mobile application.
2. Application Layer: This layer contains the business logic and rules that govern the behavior of the EMS. This layer typically includes several modules, each of which is responsible for managing a specific aspect of the organization's operations.
3. Data Layer: This layer contains the databases and other data storage systems used to store the organization's data. This layer typically includes a variety of data storage technologies, including relational databases, data warehouses, and data marts.
IS and IT play a critical role in enabling organizations to implement and manage EMS effectively. They help organizations to automate various business processes, integrate data across different systems, and provide real-time visibility into business operations.IS and IT also enable organizations to manage their data more effectively, allowing them to make better-informed decisions. This is because they provide managers with real-time access to accurate and up-to-date data, allowing them to make decisions based on facts rather than guesswork.
4. What are the benefits of Cloud Computing? Explain different types of Cloud Computing.
There are several benefits of cloud computing are:
● Cost Savings: Cloud computing eliminates the need to invest in their own computing infrastructure, reducing upfront capital expenditures and ongoing maintenance costs.
● Scalability: Cloud computing allows users to quickly scale up or down their computing resources and services as needed, without having to invest in additional hardware or software.
● Flexibility: Cloud computing enables access to their computing resources and services from anywhere, using any device with an internet connection.
● Disaster Recovery: Cloud computing provides with a reliable disaster recovery solution, as data and applications are stored off-site and can be easily restored in the event of a disaster.
There are three main types of cloud computing:
● Infrastructure as a Service (IaaS):
IaaS provides organizations with virtualized computing resources over the internet, such as virtual machines, storage, and network infrastructure. With IaaS, organizations can quickly provision and scale resources as needed, paying only for what they use. This provides a cost-effective solution for organizations that require flexibility and scalability in their computing infrastructure. Examples of IaaS providers include Amazon Web Services (AWS), Microsoft Azure, and Google Cloud Platform.
● Platform as a Service (PaaS):
PaaS provides organizations with a platform to develop, test, and deploy applications without the need to manage the underlying infrastructure. PaaS providers offer a
complete development environment that includes application servers, databases, and programming languages. This allows developers to focus on writing code and building applications, rather than managing the infrastructure. PaaS is ideal for organizations that want to accelerate the development and deployment of their applications. Examples of PaaS providers include Heroku, Google App Engine, and Microsoft Azure App Service.
● Software as a Service (SaaS):
SaaS provides organizations with access to pre-built software applications that can be accessed over the internet. These applications are hosted and maintained by the SaaS provider, who is responsible for ensuring the application is secure, up-to-date, and
available to users. SaaS applications are typically delivered on a subscription basis, with users paying a monthly or annual fee to access the application. SaaS is ideal for
organizations that want to reduce the cost and complexity of deploying and maintaining software applications. Examples of SaaS providers include Salesforce, Microsoft Office 365, and Dropbox.
5. Differentiate among the following with multiple aspect/feature distinction:
a) OLTP vs OLAP
|
OTP |
OLAP |
|
Operational Database |
Data Warehouse |
|
Transactional data |
Historical data |
|
Real-time processing |
Batch processing |
|
Maintains data consistency |
Provides data insights |
|
Examples: Banking transactions, retail sales |
Examples: Business intelligence, data mining |
b) Information security layers vs Information security policies
|
Information Security Layers |
Information Security Policies |
|
Technical and physical safeguards that protect an organization's information and systems. |
Guidelines and procedures that define how an organization will manage and protect its information assets. |
|
Focused on the "how" of information security. |
Focused on the "what" and "why" of information security. |
|
Provide the technical and physical barriers necessary to protect information and systems |
Provide guidance and direction on how to properly implement and use security layers. |
|
Can be costly to implement and maintain. |
May not require significant financial investment but may require significant effort to develop and enforce. |
|
Examples include firewalls, intrusion detection systems, access controls, and encryption. |
Examples include access control policies, data classification policies, incident response procedures, and risk management guidelines. |
c) Quality management vs Change management
|
Quality Management |
Change Management |
|
Focuses on ensuring that products or services meet established quality standards and customer expectations. |
Focuses on managing the people, processes, and technology involved in implementing changes to an organization. |
|
Involves identifying and documenting quality standards and procedures, measuring performance against those standards, and implementing continuous improvement processes. |
Involves assessing the impact of changes, developing a plan for implementing changes, communicating with stakeholders, and managing the change process. |
|
Aims to improve the overall quality of products or services, increase customer satisfaction, and reduce costs and waste. |
Aims to minimize the negative impacts of changes on an organization, while maximizing the benefits of those changes. |
|
May involve tools and techniques such as quality planning, quality control, and quality assurance. |
May involve tools and techniques such as change impact analysis, risk assessment, and stakeholder engagement. |
|
Examples include Six Sigma, Total Quality Management (TQM), and Lean Manufacturing. |
Examples include Agile Project Management, ITIL Change Management, and Kotter's 8-Step Change Model. |
d) Web content mining vs web uses mining
|
Web content mining |
Web uses mining |
|
Focuses on extracting useful information and knowledge from the content of web pages, such as text, images, and videos. |
Focuses on analyzing user behavior and interaction with web applications or websites. |
|
Uses techniques such as web scraping, text mining, and data mining to extract information from web pages. |
Uses techniques such as log file analysis, clickstream analysis, and session analysis to understand user behavior and preferences. |
|
Provides insights into the content of web pages, such as the topics covered, sentiment expressed, and keywords used. |
Provides insights into how users navigate and interact with web pages, such as which pages they visit, how long they stay on each page, and which links they click. |
|
Can be used for a wide range of applications, such as content recommendation, search engine optimization, and sentiment analysis. |
Can be used for a wide range of applications, such as user behavior analysis, personalization, and marketing automation. |
|
Examples include text mining for sentiment analysis, image classification for product recognition, and topic modeling for content analysis. |
Examples include clickstream analysis for user behavior analysis, session analysis for website optimization, and market basket analysis for cross-selling recommendations. |
6. Imagine you have got fresh assignment on your new job and your company is targeting to enter onto e-commerce business and you have to prepare following documents based on your IS expert exposure:
(a) System security specification document
Introduction:
The purpose of this document is to define the security requirements and protocols for the e-commerce system of our company. The system is intended to provide a safe and secure platform for conducting online transactions and managing customer data.
Objectives:
The security objectives for the e-commerce system are to ensure the confidentiality, integrity, and availability of data, prevent unauthorized access, and protect against cyber threats.
Threats:
The system is vulnerable to various types of cyber threats such as hacking, malware, and phishing attacks. The potential risks include data breaches, financial losses, and damage to the company's reputation.
Security Controls:
The following security controls will be implemented to mitigate identified risks:
● Use of SSL encryption to secure communication between the system and the customers' browsers.
● Implementation of firewalls and intrusion detection systems to prevent unauthorized access.
Incident Response:
The company will establish procedures for responding to security incidents or data breaches, including notification of affected parties, investigation of the incident, and recovery of the system.
Compliance:
The system will comply with relevant laws, regulations, and industry standards such as PCI DSS and GDPR.
b) Product recommender system design with data-mining methods Introduction:
The purpose of this document is to outline the design of a product recommender system that uses data-mining methods to provide personalized product recommendations to customers. The system will utilize customer browsing and purchase history to analyze customer behavior and preferences and generate personalized recommendations.
System Design:
The product recommender system will be developed using a combination of data-mining techniques such as association rule mining, collaborative filtering, and content-based filtering.
Data-Mining Techniques:
The product recommender system will utilize the following data-mining techniques:
● Association Rule Mining: This technique will be used to identify patterns in customer behavior and identify products that are frequently browsed and purchased together.
● Content-Based Filtering: This technique will be used to analyze product attributes and identify products that are similar in terms of attributes such as brand, category, and price.
Conclusion:
The product recommender system design with data-mining methods will provide personalized product recommendations to customers based on their browsing and purchase history. The system will utilize a combination of data-mining techniques such as association rule mining, collaborative filtering, and content-based filtering to generate recommendations.
(c) SCM based inventory management component training manual Introduction:
The purpose of this training manual is to provide an overview of the SCM-based inventory
management component and guide users on how to use the system effectively. The system is designed to manage inventory and streamline the supply chain process.
System Overview:
The SCM-based inventory management component is a web-based application that integrates with the e-commerce platform.
System Features:
The SCM-based inventory management component provides the following features:
● Inventory Management: The system allows users to manage inventory levels, track inventory movement, and set reorder points.
● Supply Chain Monitoring: The system allows users to monitor the supply chain process, track shipments, and receive alerts for supply chain disruptions.
● Reporting: The system provides a range of reports such as inventory levels, sales data, and supply chain performance reports.
Training Guide:
The following guide provides an overview of the steps to use the SCM-based inventory management component effectively:
Login to the System: To access the system, users must enter their login credentials. Once logged in, the user interface will be displayed.
Add Inventory: To add inventory to the system, click on the "Add Inventory" button and enter the product details, such as name, description, and quantity.
Generate Reports: To generate reports, navigate to the "Reporting" tab and select the type of report required, such as inventory levels, sales data, and supply chain performance reports.
Conclusion:
The SCM-based inventory management component training manual provides an overview of the system's features and guides users on how to use the system effectively.
7. What are the characteristics of voluminous data? Describe how Hadoop and Mapreduce work on big data over distributed architecture.
Voluminous data refers to large volumes of data that are too big to be processed by traditional data processing applications. The characteristics of voluminous data are
● Volume: Voluminous data refers to the vast amount of data that is generated and collected through various sources such as social media, IoT devices, and sensors.
● Velocity: Data is generated at a rapid pace and is continuously flowing. This requires real-time processing and analysis to gain valuable insights.
● Variety: Data comes in different formats, such as structured, semi-structured, and unstructured. It includes text, images, videos, audios, and more.
● Veracity: With large volumes of data, it becomes difficult to ensure the accuracy, consistency, and validity of the data.
● Value: The main goal of analyzing voluminous data is to extract valuable insights that can drive business decisions and provide a competitive advantage.
To process such large volumes of data, distributed computing systems such as Hadoop and MapReduce have been developed.
In Hadoop, data is broken down into smaller blocks and distributed across the cluster, allowing for parallel processing.
MapReduce is a programming model for processing large datasets in parallel across a Hadoop cluster. It breaks down a large dataset into smaller, manageable chunks that can be processed independently across multiple nodes in the cluster.
MapReduce consists of two phases: the map phase and the reduce phase. In the map phase, the input data is broken down into smaller, key-value pairs that are processed in parallel across the cluster. In the reduce phase, the results from the map phase are combined and reduced into a single output.
Hadoop also includes other tools and components, such as YARN (Yet Another Resource Negotiator) and Hadoop Common, that provide additional features and functionality for managing and processing large datasets across distributed environments.
8. Write short notes
a) GDSS
Group Decision Support System (GDSS) is a type of information system that facilitates group decision-making activities. GDSS is designed to help groups of people make decisions in a more structured and systematic manner. GDSS includes software, hardware, and communication technologies that support group decision-making activities such as brainstorming, idea generation, and evaluation of alternatives.
b) Balanced Scorecard
Balanced Scorecard is a performance management tool used by organizations to measure their strategic goals and objectives. It is a framework that helps organizations to align their business activities with their strategic objectives. Balanced Scorecard is divided into four perspectives:
financial, customer, internal processes, and learning and growth. It provides a holistic view of an organization's performance and enables managers to make informed decisions.
c) Collaborative Filtering
Collaborative filtering is a technique used by recommendation systems to suggest items to users based on their preferences and behavior. It works by analyzing user data and identifying patterns and similarities in the behavior of users. Collaborative filtering is based on the assumption that users who have similar preferences and behavior in the past are likely to have similar preferences in the future. Collaborative filtering is widely used in e-commerce websites, social networks, and content recommendation systems.
d) Neural Network:
Neural networks are a type of machine learning model that is based on the structure and function of the human brain. They are designed to learn and adapt from experience by adjusting the weights of the connections between neurons. Neural networks are used in various applications such as image recognition, speech recognition, natural language processing, and predictive analytics. They are particularly useful in applications where traditional programming approaches are not effective or feasible.