Information Systems Chapter 11 Quiz

Questions and Answers

Which of the following is not a general approach to acquiring information processing functionalities?

System selection and acquisition

Custom design and development

End-user development

Open source development (correct)

What are the key steps during the implementation phase of the Systems Development Life Cycle (SDLC)?

Programming, Testing, Installation

Investigation, Installation, Operations

Installation, Operations, Maintenance (correct)

Design, Development, Deployment

Which phases of the systems development life cycle (SDLC) differ most substantially from the system selection process?

Build

Testing

Definition

A and B (correct)

What is one of the principal risks associated with information system outsourcing?

Hidden coordination costs

How does technology change influence an organization over time?

It impacts structure and strategy.

What is an overlooked aspect that can critically affect business success?

Information systems functionality

Which is a challenge typically faced in coordinating with an outsourced provider?

Hidden coordination costs

What is one key benefit of purchasing off-the-shelf software?

Faster roll-out and implementation process

Which phase follows the definition phase in the software selection process?

Build phase

In the parallel installation approach, how are the old and new systems managed?

They are run simultaneously for a limited time

What is the main goal of knowledge infusion by software vendors?

To incorporate best practices into application code

What is true about the pilot installation approach?

It involves a test run in a single business unit before wider rollout

What approach is described as the most radical during software installation?

Direct

Which term refers to creating a model to gather user input for interface design?

Prototyping

One significant benefit of end-user development is:

Increased speed of development

What is one benefit of end-user development for end-users?

They can be more satisfied with the results.

Which risk is associated with unreliable quality standards in end-user development?

Inexperienced end-users might not follow rigorous development stages.

What is meant by the term 'make and buy' in software development?

Configuring or customizing off-the-shelf software before implementation.

How can end-user development increase the pressure on the IS function?

End-users create more requests for development support.

What is the primary goal of technical feasibility analysis?

To ensure the system's viability from a technology standpoint.

Which analysis ensures that a proposed new system is justifiable based on a cost benefit analysis?

Economic feasibility analysis.

What is a risk associated with the high incidence of errors in end-user developed applications?

End-users may overlook documentation and testing.

What is a potential continuity risk in end-user development?

The original developer may be the only one capable of maintaining the software.

What is the primary goal of Customer Relationship Management (CRM)?

To analyze customer behavior using data

What advantage does open source software have regarding costs?

Lower switching costs compared to proprietary software

Which of the following is a disadvantage of open source applications?

Security vulnerabilities due to open access to the code

What does behavioral feasibility assess in a new system?

The likelihood of user adoption and acceptance

What characteristic commonly associated with enterprise systems could pose challenges?

Complex integration processes

Why should security be a consideration for managers?

Is likely to remain underfunded

What does the term 'Robustness' mean in the context of open source applications?

Refers to enhancements made by individual developers

What is a potential issue with the support of open source software?

Support quality can vary significantly

What distinguishes a Trojan Horse from other types of malware?

It delivers a hidden, malicious payload after installation.

Which principle of Fair Information Practices emphasizes the right of individuals to know how their data is used?

Notice

What is the primary function of worms in the context of computer security?

To replicate themselves and overwhelm network resources.

Which of the following best describes spyware?

Software that monitors behavior and may transfer personal information.

What is the goal of a Denial-of-Service Attack?

To overwhelm an online service and force it offline.

The principle of harm minimization in an Ethics Code of Conduct is primarily focused on which aspect?

Reducing potential negative impacts on stakeholders.

Which principle of Fair Information Practices relates to individuals’ ability to correct their records?

Access

What is a key characteristic of an Information Systems Ethics Code of Conduct?

It identifies ethical principles relevant to the firm.

What is the primary purpose of firewalls in an organization?

To control access to and from the company network

Which of the following is a typical use of encryption in organizations?

Securing sensitive data like financial transactions

What challenge is often faced regarding information system ethics?

Determining ownership of digital data

Which of the following correctly describes the role of IT and IS?

IT is a technological infrastructure, while IS is a sociotechnical system

Moore’s Law states that the cost of storage continues to increase by what percentage?

25%

What is an example of a first degree change associated with the introduction of new technology?

Replacing an existing technology with a new one

What level of organizational change does automating processes represent?

First order change

Which of the following is a consequence of outsourcing call center operations?

Potential job loss for local employees

Study Notes

Change Requirements

• Technological and business changes affect organizations over time.
• Coordination efforts between firms and outsourced providers are costly.
• Firms often underestimate the crucial role of information systems in business success.

Essay Questions

• Describe the relationship between the steering committee and the total cost of ownership of an IS project.
• Describe the drivers and risks of IS outsourcing.
• Describe typical IS systems funding methods, including advantages and disadvantages of each method. Provide 2 examples.

Chapter Eleven: Creating Information Systems

Multiple Choice Questions

• General approaches to acquiring information processing functionalities include: Custom design and development, System selection and acquisition, End-user development, Open source development.

• Open source development is NOT one of these approaches.

• Implementation phase steps of the Systems Development Life Cycle (SDLC) include Programming, Testing, and Installation

Additional Questions

• General or functional managers are most involved in the implementation phase.

• System selection and SDLC differ substantially during the implementation phase.

• The three generic phases of a system life-cycle process are Definition, Design, and Implementation.

• The Systems Development Life Cycle Methodology is often referred to as the waterfall model because phases are sequential and iteration (or going back) should be avoided.

• System selection process involves compiling an RFP, developing a vendor short list, and soliciting proposals.

• Approaches to acquiring information processing functionalities include: Custom Design, Custom Development, System Selection and Acquisition, End-user Development, and Open Source Development.

• The advantages of making your own systems include: Unique Tailoring, Flexibility, Control, but not Faster Roll-Out.

• The advantages of purchasing off-the-shelf systems include: Faster Roll-Out, Knowledge Infusion, Economical Attractiveness, and High Quality but not Unique Tailoring.

• The Systems Development Life Cycle has three major phases: Definition, Build, and Implementation..

• IS department workers who are experts in both technology and business processes are called IS specialists.

• The SDLC stage where a "go" or "no-go" decision is made is Feasibility Analysis.

• Migration approaches for upgrading computer systems include Parallel, Direct, Phased, and Pilot.

• The Build phase of the SDLC isn't used to ensure software integration.

• SDLC and Prototyping are not the same methodologies.

• Off-the-shelf systems enhance organizational knowledge infusion.

• End-user development is where non-IT specialists create applications.

• Custom software development is a systems approach that emphasizes design and development projects.

• System analysts create the structure of a system, based on requirements documents.

• Two advantages of custom software development include Unique Tailoring and Flexibility and Control.

• Two advantages of purchased software are Faster Roll-Out and reduced implementation time.

• Principle phases of the SDLC include Definition, Build, and Implementation.

• Software installation approaches include Parallel, Direct, Phased, and Pilot approaches.

• Prototyping is used in an SDLC to get user requirements.

• End-user development leads to increased speed of development due to faster independent completion.

• End-user development risks include Unreliable Quality Standards, High Incidence of Errors, Continuity Risks, and Increased Pressure on the IS function.

• End-user development can result in positive user satisfaction and reduces IS workload by letting users design their own features.

• "Make or Buy" is the idea that off-the-shelf software is frequently configured and adjusted before deployment.

Chapter 12 (Irrelevant)

Chapter 13 (Security, Privacy, and Ethics)

• Risk Audit is the basis for Risk Analysis.

• Security is a concern for managers because of underfunding.

• Security is a negative deliverable because it lacks revenue.

• Mitigation strategies include Acceptance, Avoidance, Reduction, and Transference (with increased potential for failure associated with avoidance).

• Insurance costs are most strongly associated with risk Transference.

• Risk mitigation is about matching the appropriate response to security threats with a desired level of security and cost.

• Strategies for security threats include Acceptance, Avoidance, Reduction, and Transference..

• Internal security threats include disgruntled or negligent employees.

• External threats include intrusion, social engineering, phishing, security weaknesses, backdoors, and malicious code.

• Examples of malicious code include viruses, Trojan horses, and worms.

• IT risk management involves identifying, measuring, and devising optimal mitigation strategies for information system security risks..

Description

This quiz covers Chapter Eleven on Creating Information Systems, focusing on the relationship between information systems, business success, and outsourcing. It includes essay and multiple-choice questions that explore key concepts like the total cost of ownership, funding methods for IS projects, and various approaches to information processing functionalities.