full assignment answer for bis
DESCRIPTION
TRANSCRIPT
BB102 Business Information SystemsSep - Oct 2012
UPS COMPETES GLOBALLY WITH INFORMATION TECHNOLOGY
Q1.
Inputs, processing, and outputs are the three activities for the UPS’s package tracking system.
The inputs include package information, customer signature, pickup, delivery, time-card data,
current location, and billing and customer clearance documentation.
Processing is transmitting the data to a central computer and stored for retrieval. Data are also
reorganized so that they can be tracked by customer account, date, driver, and other criteria.
The outputs include pickup and delivery times, location while en route, and package
recipient. The outputs also include various reports, such as all packages for a specific account
or a specific driver or route, as well as summary reports for management. (UPS Assignment,
2011)
Q2.
The three dimensions of UPS tracking system are organizational, management and
technology. In the organizational dimension contains procedures for tracking packages and
managing inventory as well as providing package reports and information for UPS customers
and customer service representatives. UPS drivers are trained to use the package tracking
system in order to work efficiently and effectively. (Kenneth C. Laudon, Jane P. Laudon,
2002)
Besides that, in the management dimension is where the management monitors service levels
and costs. The management is also responsible to expand the product and services while
ensuring low cost. With that, the management uses automation to increase the ease of sending
a package via UPS and of checking its delivery status. Through this, UPS will increase its
sales revenues as well as to reduce its delivery cost. (Kenneth C. Laudon, Jane P. Laudon,
2002)
The technology dimension contains handheld computers, DIAD, bar-code scanners, wired
and wireless communications networks, desktop computers, UPS’s central computer, storage
technology for the package delivery data, UPS in-house package tracking software, and
software to access the World Wide Web. (Kenneth C. Laudon, Jane P. Laudon, 2002)
Page 1 of 17
BB102 Business Information SystemsSep - Oct 2012
Q3.
UPS uses handheld computers (DIAD), scanning system, wireless network, large mainframe
computers, the internet and many other different pieces of software such as tracking
packages, calculating the fees of the package, maintaining the customer accounts and
managing logistics. (UPS Assignment, 2011)
These technologies had helped UPS to maintain its competitive advantage with FedEx and
Airborne Express. UPS aims to maintain a high level of customer service while keeping cost
low. Besides that, the technology used by UPS had helped the company to increase their
work efficiency as well as profitably thus increases its operational excellence. These
technologies in the long run will bring the company higher revenue.
Q4.
In terms of the company, UPS’s package tracking systems provide value by reducing the
amount of paper work. With the introduction of the Delivery Information Acquisition Device
(DIAD), the company can now capture customer’s signatures along with pickup and delivery
information through the handheld device. This has tremendously reduced the amount of paper
work to be process and the amount of paper to be provided.
UPS’s package tracking systems also save fuel cost. The dispatchers download the label data
and use special software to create the most efficient delivery route for each driver considering
traffic, weather conditions and location of each stop. With that, the driver only needs to pick
up the handheld device, DIAD and his or her route is provided as soon as the driver logs on.
Besides that, the company is able to monitor the delivery cycle of the packages with the help
of the tracking system. This is another value that the system provides. UPS will be able to
monitor and re-route the packages throughout the delivery process. In addition, the company
is now able to answer customers’ inquiries in a much simpler manner. The customer service
representative is able to track the position and status of the package sender and to reply to
customer inquiry.
In the aspect of customers, the system has a web portal which is able to reduce the cost of the
company, allowing the fee to be cheaper. Another value that the system brings is customers
Page 2 of 17
BB102 Business Information SystemsSep - Oct 2012
are able to track their goods and calculate the cost of the deliveries. UPS website provides
customer with information and services regarding their inquiry and package shipping
including delivery routes, shipping rates, determine time in transit, print label, schedule a
pickup and track packages. With this, customers are able to determine the delivery route and
thereby able to calculate the shipping cost.
Q5.
Routing problem is one of the problems that the UPS’s information systems solve. With the
help of the system, UPS is now able to create the most efficient delivery route that helps
driver to overcome unavoidable circumstances such as traffic congestions. Another problem
that the information systems solve is keeping the level of services high yet brings the cost and
prices down to compete with other competitors. Other than that, UPS’s information systems
solve the problem of bad delivery and billing information. Customers are able to track the
movement of the packages from just accessing the company websites.
Q6.
Without the UPS’s information systems, UPS will not be able to compete efficiently and
productively with other competitors and it will not become the largest package delivery
company as what it is today. (UPS Assignment, 2011) In the case of technology, UPS will
not be able to track the movement of the goods and will only able to provide information at a
higher cost.
Reference
UPS Assignment. (2011, February). Retrieved from Studymode:
http://www.studymode.com/essays/Ups-Assignment-596382.html
Kenneth C. Laudon, Jane P. Laudon. (2002). Management Information Systems : Managing
The Digital Firm. Prentice-Hall International, Inc.
Page 3 of 17
BB102 Business Information SystemsSep - Oct 2012
ENTERPRISE APPLICATIONS MOVE TO THE CLOUD
Q1.
Types of companies that are most likely to adopt cloud-based ERP and CRM software
services are small to midsize companies that lack the knowledge about ERP and CRM.
Companies that are struggling with lots of data, using too many systems to perform business
functions and would like to cut cost are also companies that are most likely to adopt cloud-
based ERP and CRM software services.
These companies adopt cloud-based ERP and CRM software services because they want to
achieve operational excellence and customer intimacy. Besides that, it releases the companies
from infrastructural maintenance and its respective fixed (servers, storage, networking
components) and operational cost. Operational ubiquity is also one of the reasons the
companies would want to adopt cloud-based ERP and CRM software services. Moreover, it
allows them to subscribe and cancel the subscription without losing large up-front software
licenses and hardware investments.
Companies that might not be well-suited for this type of software are companies that are
concern about security issues. In addition, companies that are concern about control of their
data are also not well-suited for this software. Moreover, large companies that had made huge
investments on traditional and customized software that already work will also not be well-
suited for this software.
Q2.
One of the advantages of using cloud-based enterprise applications is availability. The
services are accessible irrespective of anything given that there is internet connection.
Another advantage is it is environmental friendly. Users who uses cloud-based enterprise
applications gets to reduce electricity expenses. Through saving electricity, the users also
save on resources to cool off computer and its component. Besides that, it has higher security.
Clouds tend to be more secure than traditional business models because clouds offer real-time
backup which results in less data loss. Moreover, it is easy to expand and uses less resources.
Users can immediately access more resources if they need to expand their business. They do
Page 4 of 17
BB102 Business Information SystemsSep - Oct 2012
not need to buy extra infrastructure but only need to inform their cloud provider about their
requirements.
Other advantages are it removes hardware and its complications, easier maintenance of cloud
computing application, reduce operational costs, maintenance and licensing per users,
increase operational efficiency, maintain customer service by enabling rapid response to
customer requests for information and virtualization technology allows server and storage
devices to be shared and utilization be increased.
One of the disadvantages of using cloud-based enterprise applications is internet access. This
is because it depends on an internet network to access its data but not all countries provide
cheap or reliable internet connection. Besides that, users will experience loss of control in
Cloud Service Providers. Users will have lack of control over data, system performance and
the ability to audit or change. Other disadvantages includes decreased flexibility,
Q3.
Management issue that should be addressed in deciding whether to use a conventional ERP or
CRM versus a cloud-based version is service level agreements (SLAs). There is a lack of
service level agreements concerning ERP and CRM cloud-based solutions and of method to
ease their respective certification. Besides that, risk assessment is also another issue. Risk
assessment is only done by large companies. It is hard to assess the risk when company does
not own the infrastructure that supports the ERP and CRM system. Dependability is another
management issues that should be addressed in deciding whether to use a conventional ERP
or CRM versus a cloud-based version. Companies using cloud-based CRM and ERP solution
might become dependent of their providers since they do not store data and might not be able
to easily export to another system if required. (AllBestEssays, 2011)
In the organization dimension, issue that should be addressed is human resource optimization.
While traditional ERP and CRM solutions demand for technical staff, cloud-based solutions
allow optimizing human resource to focus on operation. Another issue is difficult to
understand for ill-trained users attempting to contain a large, complex group of data.
Therefore the issue of training to use the system should be addressed. Moreover, poor
usability is also another issue. Poor usability and low usage rates lead many companies to
Page 5 of 17
BB102 Business Information SystemsSep - Oct 2012
indicate that it was difficult to justify investment in the software without the potential for
more tangible gains. (AllBestEssays, 2011)
Technology issue that should be addressed in deciding whether to use a conventional ERP or
CRM versus a cloud-based version is security. Using the web as infrastructure, cloud-based
ERP and CRM solutions have difficulties in offering security, comfort to companies that own
sensible data. Besides that, availability is also another issue that should be addressed. Due to
its web-failure tolerance model, cloud-based ERP and CRM solution suffers from availability
since that might cause business operation failures. (AllBestEssays, 2011)
Reference
AllBestEssays. (2011, December 11). Inteligencia Emocional. Retrieved from AllBestEssays:
http://allbestessays.com/Business/Inteligencia-Emocional/15777.html
Page 6 of 17
BB102 Business Information SystemsSep - Oct 2012
FACEBOOK: MANAGING YOUR PRIVACY FOR THEIR PROFIT
Q1.
The concept that is illustrated in this case is e-commerce. E-commerce refers to the use of the
Internet and the Web to transact business. In this case, Facebook is a website for users to
create a profile and join various types of self-contained networks without paying any money.
But base on its huge number of users, it offers opportunity for companies to do advertisement
on the site. Facebook on the other end uses its resource of user information to make profit.
The sellers can reach their target customers when they pay for the information and Facebook
increase its revenues by providing its user’s information.
One of the unique features of e-commerce is that it is ubiquity. This means that internet or
web technology is available everywhere and anytime. Facebook can be access anywhere and
anytime regardless whether the person is at home or at work as long as there is internet
connection. Another unique feature of e-commerce is it enables global reach. Facebook
allows users to connect with people from different backgrounds, culture, beliefs and even
from different nations. Universal standard is also one of e-commerce unique features. With
the implementation of the universal standard, users of Facebook can now communicate with
each other easily. Besides that, richness is another unique feature. Richness is the complexity
and content of message. (Laudon, K.C., & Laudon, J.P., 2010)Facebook is able to support
videos, audio and text messages. As a result, users may convey a richer message with videos,
audio and text message to large number of people.
Moreover, it enables interactivity. Interactivity is how e-commerce allows for two way
communication. (Laudon, K.C., & Laudon, J.P., 2010) Users of Facebook may communicate
to their friends and colleague about their personal thing and also business. Furthermore,
information density is also one of the unique features of e-commerce. Information density is
the total amount and quality of the information available to all market participants, consumers
and merchant. (Laudon, K.C., & Laudon, J.P., 2010) Facebook is able to support large
information density and this had increases the quality of information. Another feature is
personalization. The Facebook technology had permit users to modify their message and to
customize their profile. In addition, Facebook is a social technology. It promotes user content
generation and social networking.
Page 7 of 17
BB102 Business Information SystemsSep - Oct 2012
Q2.
The weaknesses of Facebook’s privacy policies and features started with the introduction of
Beacon. Beacon was a program that shared user’s purchase information with their friends
automatically because it was initially an opt-out program. Because of this, it shared
information which the users did not intent or agree.
Mishandling of News Feed is another weakness of Facebook’s privacy policies and features.
News Feed is a program that was abruptly introduced to the Facebook users that shares
actions with everyone on the Facebook Web. Users update of their profile, adding new
friends and adding applications were automatically appeared on user’s wall without the
options of invisible.
Another weakness is the inefficient methods of deleting an account. The account that the user
no longer wanted to use was impossible to delete. Facebook kept copies even though users
had removed their profiles.
In the management dimension, the factor that has contributed to the weakness is Facebook
assumed it had the consent of users to share information about them that it collected through
the Beacon advertising service if they did not use the opt-out feature. Facebook changed
Beacon to be an opt-in service and gave users the ability to disable it completely. The
company utterly failed to grasp the extent to which the service violated its users’ privacy as
well as the uproar such a service was likely to cause.
In the organization dimension, the factor that has contributed to the weakness is because the
original goal of the company is to gain profit and the profit of Facebook is from the pertinent
ads, which need to collect the user’s personal information. The personal information collected
on the site represents a mother load to advertisers, but one that will remain largely untapped
if Facebook users do not feel comfortable enough or have sufficient incentive to share it.
In the technology dimension, the factor that has contributed to the weakness is privacy and
user controls over the information granted to Facebook. Facebook grossly miscalculated user
privacy demands when it launched the company’s Beacon advertising service because it
shared information about users that they had not explicitly intended or agreed to shared. The
company’s servers also maintain copies of information indefinitely in accounts that have been
deactivated. The data mining technology also contributes to the weakness of the policy.
Without the data mining technology, we cannot obtain the useful information in the vast
Page 8 of 17
BB102 Business Information SystemsSep - Oct 2012
amount of data and if it could recognize the user’s information and match the ads need
automatically, the weakness of the policy will decline.
Q3.
One of the options that Facebook managers have in balancing privacy and profitability is
providing an environment that becomes richer and more entertaining as the amount of
information shared increases. Another option is to remove Beacon advertising service. With
the released of Beacon, it had helped people share information with their friends about things
they do on the web. The problem with this is, Beacon will share the information even if the
users did not intent or agree with. Besides that, Facebook managers should allow users to
either deactivate their account or to delete their account entirely and only saves information
after deactivation. Moreover, the managers must ensure that the new policy that the users had
previously set their privacy to be “friends only” for photo and profile information must not be
exposed.
To better safeguard user privacy, Facebook have to abandon a port of profit. They have to
improve the safeguard work but decline the profit. For example, creating a new feature that
gives users more control over how they share personal information on the site with other
users but without disclosing the confidential of themselves.
Facebook may well be struggling in its search for a profitable business model, but the
company has made an impact on multiple levels of the marketing chain. As the real-time web
service gains steam, more entities from big-time corporations to grassroots-level non-profits
are starting to benefit from its enormous reach. Most people are not particularly interested in
reading what others had for breakfast but Facebook's reputation as yet another social media
site with real-time news is gradually evolving toward one as a valuable source of information
across the media horizon.
Q4.
To some extent, we anticipate that Facebook will be successful in developing a business
model that monetizes their site traffic. This is because Facebook do provide a well-performed
and totally free platform for people share information from all over the world, although some
Page 9 of 17
BB102 Business Information SystemsSep - Oct 2012
critical comments on the privacy problem for some public people, however, now the business
network profile of (at least) the sellers should be integrated with the marketplace with the
users accepting that Facebook can use their data for security reasons (e.g. to eliminate users
with fake profiles from the start) while having them also add more data to be able to act as a
seller (more key data within Facebook).
This wealth of data enables Facebook to have a sufficiently lower fraud rate and even better
fitting custom offerings for every single user than e.g. Ebay, huge competitive advantages.
Special promotions for goods on Facebook will also make it easier for many users to accept
letting Facebook use their existing data strictly for security reasons.
Thus, it’s unworried about the profitability depends on their site.
Reference
Howard, J. E. (2011, January 30). Facebook: A Case Study. Retrieved from ALLVOICES:
http://www.allvoices.com/contributed-news/8044201-facebook-a-case-study
Laudon, K.C., & Laudon, J.P. (2010). Management information systems: Managing the
digital firm. Upper Saddle River, NJ: Prentice Hall.
Rahmatian, M. (2011, May 2). The Future Business Model of Facebook. Retrieved from
Ezine Articles: http://ezinearticles.com/?The-Future-Business-Model-of-
Facebook&id=6341454
Page 10 of 17
BB102 Business Information SystemsSep - Oct 2012
TOO MUCH TECHNOLOGY
Q1.
The usage of digital media brings many positives impact. The Internet is a source for
obtaining and sharing all kinds of information, with online resources that help organize
knowledge and making that knowledge accessible to the world. Besides that, supporters of
digital media believe that the Internet will increase publishing capability and collaboration as
well as the ability to share information to various users making a huge success for society as
a whole.
However, the use of digital media also carries many negative impacts. One of which is that
there will be a handful of negative points and critics against the widespread usage and
reliance on digital media. In addition, digital technologies are damaging our ability to think
clearly and focus, as users develop and inevitable desire to multitask, doing several things at
once. Moreover, the technologies also make us to be easily distracted and detract from our
ability to think deeply and retain information. The quality of media is also affected and is
lowered because of the creation of media such as written blogs, photos and videos by millions
of people. Because of this, the information is now delivered inconsistently and
unprofessionally through these resources.
Q2.
Constant digital media usage might affect the brains ability to think clearly. It also decreases
our capability to pay attention and focus. Technologies such as television, Internet and video
games detract from our ability to think deeply and critically and retain information. For
example, the Internet offers constant distractions and disruptions, as in hyperlinks to other
sites and being able to switch rapidly between multiple windows that prevent our brains from
creating the neural connections that constitute full understanding of a topic. Besides, our
capacity to multitask also reduces. Although all these gadgets make knowledge more
accessible to the world, there may be vast amount of false and inconsistent information
provided. With all this information within our grasp, we can no longer think for ourselves or
develop new information. Moreover, the convenience of the digital media world had made us
so busy multitasking that it makes it impossible for us to actually retain information. Some of
Page 11 of 17
BB102 Business Information SystemsSep - Oct 2012
this digital media technology would have a greater negative impact on children as well since
their brains are still developing and they already struggle to set priorities and resists impulses.
Q3.
These arguments do not outweigh the positives of digital media usage because the
introduction to digital technologies had made information more accessible to all. It gives easy
access to connect the world. Since knowledge is easily attainable, the desire for learning has
increased and people especially children are becoming keener and more well-rounded. More
importantly, it solves an inextricable problem we cannot avoid. No matter who you are,
where you are from, you have a brain with limited storage as long as you are human-beings.
In the future, technology will continue to develop and become a greater asset to the world.
So, people should be optimistic of all the new developments in digital media.
Q4.
The additional concern is that children have developing brains and digital technologies may
contribute to the child’s struggles to set priorities and resist impulses. Children under the age
of 8 should not use cell phones. At such a young age, children shouldn’t have a reason to
carry around this kind of device especially since they should always be under the supervision
of their parents or other adults. Another reason is because the ability to communicate face-to-
face is very important. If they do not have enough practice now, they may lose confidence
and may get scared of speaking in public in the near future. Moreover, the radiation from the
computers and cell phones can affect children more because they experience brain evolution
which may absorb more radiation.
However, computer usage should be encouraged even at the age of 8 or younger. This is the
age at which children comprehend the world actively and during this time, a computer can
help with the development of certain skills. Psychologists, for example, state that work on a
computer develops concentration skills. (Parenting - Guidelines for Computer Use Involving
Children, 2012) So the knowledge presented through computers should be taught to
elementary school kids. There are programs and games for computers that are informative
Page 12 of 17
BB102 Business Information SystemsSep - Oct 2012
and help children learn and develop in ways that may be different than in school or from
parents.
On the other hand, computer usage may bring forth many negative effects. One of the
negative effects is lack of exercise. Children who spend a lot of time in front of screens can
be overweight due to less activity. (Monahan, 2011) Another negative effect is physical
complain. Too much time spent in front of a computer screen can cause eye, neck and back
strain in children. Additionally, inappropriate content is also one of the negative effects. It is
possible for your child to accidentally click on an inappropriate link to get the website of
which you wouldn’t approve. (Monahan, 2011) Therefore, parents have to monitor their
children computer usage.
Reference
Parenting - Guidelines for Computer Use Involving Children. (2012). Retrieved from
Woman Knows: http://www.womanknows.com/parenting/news/142/
Monahan, E. (2011, May 1). LIVESTRONG. Retrieved from Negative Effect Of Computers
On Young Children: http://www.livestrong.com/article/127152-negative-effects-
computers-young-children/?utm_source=undefined_R1&LS-2659
Page 13 of 17
BB102 Business Information SystemsSep - Oct 2012
A ROGUE TRADER AT SOCIETE GENERALE ROILS THE WORLD FINANCIAL
SYSTEM
Q1.
One of the concepts that are illustrated in this case is system vulnerability. System can be
vulnerable because of accessibility of networks, hardware problems such as breakdowns,
configuration errors and damage from improper use or crime, software problems such as
programming errors, installation errors and unauthorized changes, disasters, use of networks
or computer outside of firm’s control and loss and theft of portable devices. System
vulnerability can be linked to computer crime. Computer crime is using computers as
instruments of crime to defraud the bank, customers and other financial institutions. In
addition, internal threats from employees are also considered system vulnerability. Kerviel
has access to privileged information and he was able to run through the organization’s system
without leaving a trace.
Another concept illustrated is role of auditing. MIS audit examines the firm’s overall security
environment as well as controls governing individual information systems. Besides that,
security policy is also another concept illustrated in this case. Security policy determines
acceptable user’s information resources and which members of the company have access to
its information assts.
Moreover, risk assessment is also a concept that is illustrated. Risk assessment determines the
level of risk to the firm if a specific activity or process is not properly controlled.
Furthermore, information system controls is also the concept. General controls govern the
design, security and use of computer programs and the security of data files in general
throughout the organization’s information technology infrastructure. Application controls is
an automated and manual procedures that ensure that only authorized data are completely and
accurately processed by that application.
Q2.
Factors of management, Kerviel’s supervisors saw a balanced book however they did not
recognize the substantial risk exposed to the bank. This is because of the way Kerviel entered
the transaction. Kerviel worked late into night and took four vacation days over the course of
Page 14 of 17
BB102 Business Information SystemsSep - Oct 2012
2007, which prevent his activities from be detected. Managers did not enforce vacation
policies that would allowed them to scrutinize his work when he gone. Allegedly he used his
manager’s computer to execute several of his fraudulent trades while the manager watched
him. Kerviel's lawyers had argued that he acted the acquiescence of superiors during his
early success of fraudulent activity.
Factors of organization, Kerviel gained familiarity with many of the security of company is
procedures and back-office system. After that, he moved to another job and uses that
knowledge. He knew the system of SocGen’s internal control for which allowed him to false
his fake trades. The bank ignored many warning about the level of fraud he was capable of.
Last, the bank failed to follow all the warning about Kerviel.
Factors of technology, Kerviel was able to using other employees’ access codes and user’s
information to enter fake trades. The system failed to detect his performed legitimate
transaction in one direction, but falsified the hedges that were supposed to offset the
legitimate ones. He entered the false transactions in a separate portfolio, distinct from his real
trades. SocGen’s controls are capable of detecting more complicated errors and fraudulent
transaction than the simple ones that Kerviel allegedly committed.
Q3.
In the beginning, we consider that managers and executives who work in SocGen should be
held responsible for Kerviel’s trading losses, because they are the ones who should be setting
policies and manage and enforcing them to prevent these kinds of activities from happening.
However, later on, we think about the MIS auditors actually should be held responsible for
the trading losses.
Since SocGen’s systems were capable of detecting complicated errors and fraudulent
transactions which were more advanced than those committed by Kerviel. Still, Kerviel was
able to commit very simple fraudulent transactions, and at same time cannot be detected.
Obviously, the system controls were not perfect as they should have been. Yet there were
several other system vulnerabilities, Kerviel was able to utilize to commit its fraud.
Page 15 of 17
BB102 Business Information SystemsSep - Oct 2012
Through the article, we can know that managers decided to unload Kerviel’s activities
positions soon after discovering the fraud, despite the fact that the market conditions at the
time were decidedly unfavourable. That led to even greater problems in the global financial
world.
As further mentioned in the article, the SEC launched an investigation into whether or not
SocGen violated U.S. securities laws by unwinding Kerviel’s positions covertly after the
fraud was revealed as well as whether or not insider information played a role in the selling
of SocGen stock prior to the announcement of the scandal.
Q4.
One way SocGen could have prevented Kerviel’s fraud is placing and enforces stronger
auditing procedures. Auditors can trace the flow of sample transactions through the system
and perform tests using automated audit software. Besides that, banks should institute access
controls to prevent improper access to systems by unauthorized insiders and outsiders. The
bank could have used other sophisticated authentication technologies such as tokens, smart
cards or biometric authorization instead of simple passwords. With that, it could have
prevented Kerviel from being able to use other employees’ access codes to enter transactions.
Using forensic techniques and technologies is also another way. Electronic evidence in the
form of computer files exists in the computer storage media and is not visible to the general
users. Data that Kerviel deleted on the bank’s storage media could have been recovered
through various techniques as the data could have been used as evidence at his trials.
Moreover, intrusion detection systems could have been installed that would have been
detected few of Kerviel’s activities. These systems will help to generate alarms if they find an
exquisite or suspicious event. They also check to see whether the important files have been
modified or not. This is because monitoring software examines the events as once they took
place to find out security attacks during the progress. Many Kerviel’s errors, like ‘offsetting’
transactions could have been detected by using one of these systems.
Page 16 of 17
BB102 Business Information SystemsSep - Oct 2012
Q5.
General controls govern the design, security, and use of computer programs and the security
of data files in general throughout the organization’s information technology infrastructure.
These controls which could be separated and addressed to software controls, physical
hardware controls, computer operations controls, data security controls, controls over
implements of system processes, and administrative controls.
Application controls is a specific controls unique to computerized application. It includes
both automated and manual procedures that ensure only authorized data are completely and
accurately processed by applications. In addition, application controls include input controls,
processing controls, and output controls.
Acceptable use policy: SocGen should create an AUP to define acceptable uses of the firm’s
information resources and computing equipment, including desktop and laptop computers,
wireless devices, telephones, along with the Internet. A good AUP defines unacceptable and
acceptable actions for every user and specifies consequences for non-compliance.
Authorization management system establishes where and when a user is permitted to access
certain parts of a Web site or a corporate database. Such system would allow each user access
merely via to those portions of a system that himself is permitted to enter, based on the
information established by a set of access rules.
Reference
Whitmire, E. (2009, 12 5). Retrieved from docstoc:
http://www.docstoc.com/docs/5871267/Bus270_SG-CSQ_ekw
Page 17 of 17