EIS Component 1: Processes and Protocols

Questions and Answers

What is a key component of a data backup and recovery protocol?

Quarterly recovery testing (correct)

Weekly software updates

Daily user access reviews

Monthly system performance evaluation

Which aspect of software development is emphasized in its protocol?

Mandatory CODE reviews (correct)

Direct deployment without testing

Real-time user feedback during deployment

Automated code generation

What might an incident response protocol include?

System repair guidelines

Automated monitoring tools (correct)

Regular user training sessions

Annual security audits

Which method is recommended for transferring sensitive data outside an organization?

SFTP or HTTPS

What is the main purpose of rules in an Enterprise Information System?

To regulate decision-making in organizational processes.

In the context of rules and protocols, what function do rules serve?

Specify actions that are permitted or prohibited

Which of the following is NOT a typical rule found in an Enterprise Information System?

Project Management Standards

What does the data handling rule require for sensitive data?

Encryption both in transit and at rest.

What is a characteristic of protocols within an organization?

Protocols dictate the steps to perform permitted actions

Which of the following best describes protocols in an Enterprise Information System?

Sets of steps detailing user and system interactions.

What must organizations decide regarding their rules and protocols?

Which rules and protocols are critical to digital operations

What is a common requirement of the incident reporting rule?

To report suspected data breaches within one hour.

What is one aspect of a communication protocol that might be included?

Mandating specific tools for sensitive communications

Which rule involves restrictions on personal internet use during work hours?

Acceptable Use

What is typically included in a password policy?

Passwords must include uppercase, lowercase, numbers, and special characters.

Which of the following is a function of access control rules?

To limit system access based on job functions.

Study Notes

Component 1: Processes, Rules and Protocols in EIS

• EIS comprises standard processes that organizations repeat to maintain efficiency and effectiveness.
• Processes include various organizational functions, such as manufacturing, sales, and employee onboarding.

Rules in EIS

• Definition: Rules are broad principles guiding employee decision-making within processes.
• Typical Rules:
  • Password Policies: Enforce complex passwords changed every 90 days; may require a combination of uppercase, lowercase, numbers, and special characters; restrict reuse of the last five passwords.
  • Access Control: Limits access based on job roles; employees access only data relevant to their functions.
  • Data Handling: Mandates encryption for sensitive data during transit and at rest.
  • Acceptable Use: Restricts personal internet use during work hours; specifies business-only use of company emails and bans unauthorized software installations.
  • Incident Reporting: Requires prompt reporting within an hour of any suspected data breach to IT.

Protocols in EIS

• Definition: Protocols are specific steps detailing how to communicate or interact within the system.
• Typical Protocols:
  • Data Backup and Recovery: Involves nightly full backups and quarterly restoration tests to ensure data recovery can occur within set timeframes.
  • Software Development and Deployment: Outlines steps for code review, testing phases (unit, integration, and user acceptance), and deployment processes.
  • Incident Response: Details steps for detecting and responding to security issues, often using automated tools for monitoring.
  • Data Handling and Protection: Specifies secure methods for transferring sensitive data and procedures for data deletion.
  • Communication: Designates tools for both internal and external communication, emphasizing security measures for sensitive information.

Relationship Between Rules and Protocols

• Rules and protocols are complementary; rules define what actions are permissible while protocols explain how to perform those actions safely and efficiently.

Scope of Rules and Protocols in EIS

• Organizations must subjectively determine which rules and protocols are essential for their EIS.
• All rules and protocols directly affecting digital operations are considered part of the organization's EIS.

Description

Explore the first component of an Enterprise Information System, focusing on processes, rules, and protocols that govern organizational operations. This quiz delves into the importance of these elements in ensuring efficiency in workflows like manufacturing, sales, and employee onboarding.