![Page 1: Chapter 12 MIS Management Processes: Process Management, Systems Development, and Security Copyright © 2013 Pearson Education, Inc. Publishing as Prentice](https://reader030.vdocuments.site/reader030/viewer/2022032612/56649efb5503460f94c0e04d/html5/thumbnails/1.jpg)
Chapter 12
MIS Management Processes: Process Management, Systems Development,
and Security
Copyright © 2013 Pearson Education, Inc. Publishing as Prentice Hall 12-1
![Page 2: Chapter 12 MIS Management Processes: Process Management, Systems Development, and Security Copyright © 2013 Pearson Education, Inc. Publishing as Prentice](https://reader030.vdocuments.site/reader030/viewer/2022032612/56649efb5503460f94c0e04d/html5/thumbnails/2.jpg)
Learning Objectives
Q1. What are the activities of business process management?Q2. What are the activities in the systems development life cycle (SDLC) development process?Q3. Which comes first: process or systems development?Q4. What is information systems security?
Copyright © 2013 Pearson Education, Inc. Publishing as Prentice Hall 12-2
![Page 3: Chapter 12 MIS Management Processes: Process Management, Systems Development, and Security Copyright © 2013 Pearson Education, Inc. Publishing as Prentice](https://reader030.vdocuments.site/reader030/viewer/2022032612/56649efb5503460f94c0e04d/html5/thumbnails/3.jpg)
Learning Objectives
Q5. What are the components of an organization’s security program?Q6. What technical security safeguards are available?Q7. What human security safeguards are available?
Copyright © 2013 Pearson Education, Inc. Publishing as Prentice Hall 12-3
![Page 4: Chapter 12 MIS Management Processes: Process Management, Systems Development, and Security Copyright © 2013 Pearson Education, Inc. Publishing as Prentice](https://reader030.vdocuments.site/reader030/viewer/2022032612/56649efb5503460f94c0e04d/html5/thumbnails/4.jpg)
What Are the Activities of Business Process Management?
• BPMProcess
Figure 12-1Four Activities in theBPM Process Copyright © 2013 Pearson Education, Inc.
Publishing as Prentice Hall 12-4
![Page 5: Chapter 12 MIS Management Processes: Process Management, Systems Development, and Security Copyright © 2013 Pearson Education, Inc. Publishing as Prentice](https://reader030.vdocuments.site/reader030/viewer/2022032612/56649efb5503460f94c0e04d/html5/thumbnails/5.jpg)
What Are the Activities of Business Process Management?
• BPM Monitoring Activity– Monitoring for Performance on its Objectives• COBIT (Control Objectives for Information related
Technology)
– Monitoring for Changes in the Process Environment
Copyright © 2013 Pearson Education, Inc. Publishing as Prentice Hall 12-5
![Page 6: Chapter 12 MIS Management Processes: Process Management, Systems Development, and Security Copyright © 2013 Pearson Education, Inc. Publishing as Prentice](https://reader030.vdocuments.site/reader030/viewer/2022032612/56649efb5503460f94c0e04d/html5/thumbnails/6.jpg)
What Are the Activities of Business Process Management?
• BPM Modeling Activity– Three types of process change• Increase or decrease resources• Change the structure of the process• Change the process’s resource AND structure
Copyright © 2013 Pearson Education, Inc. Publishing as Prentice Hall 12-6
![Page 7: Chapter 12 MIS Management Processes: Process Management, Systems Development, and Security Copyright © 2013 Pearson Education, Inc. Publishing as Prentice](https://reader030.vdocuments.site/reader030/viewer/2022032612/56649efb5503460f94c0e04d/html5/thumbnails/7.jpg)
What Are the Activities of Business Process Management?
• BPM Create Components Activity– Create new IS components based on new process
• BPM Implement Process Activity– Make process change operational
Copyright © 2013 Pearson Education, Inc. Publishing as Prentice Hall 12-7
![Page 8: Chapter 12 MIS Management Processes: Process Management, Systems Development, and Security Copyright © 2013 Pearson Education, Inc. Publishing as Prentice](https://reader030.vdocuments.site/reader030/viewer/2022032612/56649efb5503460f94c0e04d/html5/thumbnails/8.jpg)
What Are the Activities of the Systems Development Life Cycle (SDLC)
Development Process?
• SDLC – Define the system– Determine requirements– Design system components– Create, test, and implement– Maintain the system (assess process results)
Copyright © 2013 Pearson Education, Inc. Publishing as Prentice Hall 12-8
![Page 9: Chapter 12 MIS Management Processes: Process Management, Systems Development, and Security Copyright © 2013 Pearson Education, Inc. Publishing as Prentice](https://reader030.vdocuments.site/reader030/viewer/2022032612/56649efb5503460f94c0e04d/html5/thumbnails/9.jpg)
What Are the Activities of the Systems Development Life Cycle (SDLC)
Development Process?
• SDLC
Figure 12-5 BPM Provides Requirements forSystems Development
Copyright © 2013 Pearson Education, Inc.
Publishing as Prentice Hall 12-9
![Page 10: Chapter 12 MIS Management Processes: Process Management, Systems Development, and Security Copyright © 2013 Pearson Education, Inc. Publishing as Prentice](https://reader030.vdocuments.site/reader030/viewer/2022032612/56649efb5503460f94c0e04d/html5/thumbnails/10.jpg)
8/22/2011 Copyright © 2013 Pearson Education, Inc. Publishing as Prentice Hall 10
![Page 11: Chapter 12 MIS Management Processes: Process Management, Systems Development, and Security Copyright © 2013 Pearson Education, Inc. Publishing as Prentice](https://reader030.vdocuments.site/reader030/viewer/2022032612/56649efb5503460f94c0e04d/html5/thumbnails/11.jpg)
What Are the Activities of the Systems Development Life Cycle (SDLC)
Development Process?
• Define the system
Figure 12-6 SDLC: SystemDefinition Activity
Copyright © 2013 Pearson Education, Inc. Publishing as Prentice Hall 12-11
![Page 12: Chapter 12 MIS Management Processes: Process Management, Systems Development, and Security Copyright © 2013 Pearson Education, Inc. Publishing as Prentice](https://reader030.vdocuments.site/reader030/viewer/2022032612/56649efb5503460f94c0e04d/html5/thumbnails/12.jpg)
What Are the Activities of the Systems Development Life Cycle (SDLC)
Development Process?
• Determine requirements
Figure 12-8 SDLC: RequirementsAnalysis Activity
Copyright © 2013 Pearson Education, Inc. Publishing as Prentice Hall 12-12
![Page 13: Chapter 12 MIS Management Processes: Process Management, Systems Development, and Security Copyright © 2013 Pearson Education, Inc. Publishing as Prentice](https://reader030.vdocuments.site/reader030/viewer/2022032612/56649efb5503460f94c0e04d/html5/thumbnails/13.jpg)
What Are the Activities of the Systems Development Life Cycle (SDLC)
Development Process?
• Design components
Figure 12-9 SDLC: ComponentDesign Activity
Copyright © 2013 Pearson Education, Inc. Publishing as Prentice Hall 12-13
![Page 14: Chapter 12 MIS Management Processes: Process Management, Systems Development, and Security Copyright © 2013 Pearson Education, Inc. Publishing as Prentice](https://reader030.vdocuments.site/reader030/viewer/2022032612/56649efb5503460f94c0e04d/html5/thumbnails/14.jpg)
What Are the Activities of the Systems Development Life Cycle (SDLC)
Development Process?
• Implement the system
Figure 12-10 SDLC: ImplementationActivity
Copyright © 2013 Pearson Education, Inc. Publishing as Prentice Hall 12-14
![Page 15: Chapter 12 MIS Management Processes: Process Management, Systems Development, and Security Copyright © 2013 Pearson Education, Inc. Publishing as Prentice](https://reader030.vdocuments.site/reader030/viewer/2022032612/56649efb5503460f94c0e04d/html5/thumbnails/15.jpg)
What Are the Activities of the Systems Development Life Cycle (SDLC)
Development Process?
• System conversion– Pilot installation– Phased installation– Parallel installation– Plunge installation
Copyright © 2013 Pearson Education, Inc.
Publishing as Prentice Hall 12-15
![Page 16: Chapter 12 MIS Management Processes: Process Management, Systems Development, and Security Copyright © 2013 Pearson Education, Inc. Publishing as Prentice](https://reader030.vdocuments.site/reader030/viewer/2022032612/56649efb5503460f94c0e04d/html5/thumbnails/16.jpg)
What Are the Activities of the Systems Development Life Cycle (SDLC)
Development Process?
• Maintain the system
Figure 12-12 SDLC: SystemMaintenance Activity
Copyright © 2013 Pearson Education, Inc.
Publishing as Prentice Hall 12-16
![Page 17: Chapter 12 MIS Management Processes: Process Management, Systems Development, and Security Copyright © 2013 Pearson Education, Inc. Publishing as Prentice](https://reader030.vdocuments.site/reader030/viewer/2022032612/56649efb5503460f94c0e04d/html5/thumbnails/17.jpg)
Which Comes First: Process or Systems Development?
• Business Process First
Figure 12-13Process-FirstDevelopment
Copyright © 2013 Pearson Education, Inc. Publishing as Prentice Hall 12-17
![Page 18: Chapter 12 MIS Management Processes: Process Management, Systems Development, and Security Copyright © 2013 Pearson Education, Inc. Publishing as Prentice](https://reader030.vdocuments.site/reader030/viewer/2022032612/56649efb5503460f94c0e04d/html5/thumbnails/18.jpg)
Which Comes First: Process or Systems Development?
• Information System First
Figure 12-14Classic Five-StepSystems DevelopmentLife Cycle
Copyright © 2013 Pearson Education, Inc. Publishing as Prentice Hall 12-18
![Page 19: Chapter 12 MIS Management Processes: Process Management, Systems Development, and Security Copyright © 2013 Pearson Education, Inc. Publishing as Prentice](https://reader030.vdocuments.site/reader030/viewer/2022032612/56649efb5503460f94c0e04d/html5/thumbnails/19.jpg)
Which Comes First: Process or Systems Development?
• Another Factor: Off-the-Shelf Software
• And the Answer Is…– Business processes first– Both + Project Mgmt Iterating
Copyright © 2013 Pearson Education, Inc. Publishing as Prentice Hall 12-19
![Page 20: Chapter 12 MIS Management Processes: Process Management, Systems Development, and Security Copyright © 2013 Pearson Education, Inc. Publishing as Prentice](https://reader030.vdocuments.site/reader030/viewer/2022032612/56649efb5503460f94c0e04d/html5/thumbnails/20.jpg)
What Is Information Systems Security?
• Information Systems Security– Process of protecting information systems
vulnerabilities from threats by creating appropriate safeguards
• What Are the Sources of Vulnerabilities?• What Are the Types of Security Threats?
Copyright © 2013 Pearson Education, Inc. Publishing as Prentice Hall 12-20
![Page 21: Chapter 12 MIS Management Processes: Process Management, Systems Development, and Security Copyright © 2013 Pearson Education, Inc. Publishing as Prentice](https://reader030.vdocuments.site/reader030/viewer/2022032612/56649efb5503460f94c0e04d/html5/thumbnails/21.jpg)
What Is Information Systems Security?
• What Are the Sources of Vulnerabilities?– Human error and mistakes– Malicious human activity– Natural events and disasters
Copyright © 2013 Pearson Education, Inc. Publishing as Prentice Hall 12-21
![Page 22: Chapter 12 MIS Management Processes: Process Management, Systems Development, and Security Copyright © 2013 Pearson Education, Inc. Publishing as Prentice](https://reader030.vdocuments.site/reader030/viewer/2022032612/56649efb5503460f94c0e04d/html5/thumbnails/22.jpg)
What Is Information Systems Security?
• What Are the Types of Security Threats?
Figure 12-15Security Threatsand Source
Copyright © 2013 Pearson Education, Inc. Publishing as Prentice Hall 12-22
![Page 23: Chapter 12 MIS Management Processes: Process Management, Systems Development, and Security Copyright © 2013 Pearson Education, Inc. Publishing as Prentice](https://reader030.vdocuments.site/reader030/viewer/2022032612/56649efb5503460f94c0e04d/html5/thumbnails/23.jpg)
What Is Information Systems Security?
• Information Systems Security– Process of protecting information systems
vulnerabilities from threats by creating appropriate safeguards
• What Are the Sources of Vulnerabilities?• What Are the Types of Security Threats?
Copyright © 2013 Pearson Education, Inc. Publishing as Prentice Hall 12-23
![Page 24: Chapter 12 MIS Management Processes: Process Management, Systems Development, and Security Copyright © 2013 Pearson Education, Inc. Publishing as Prentice](https://reader030.vdocuments.site/reader030/viewer/2022032612/56649efb5503460f94c0e04d/html5/thumbnails/24.jpg)
What Are the Components of an Organization’s Security Program?• Security program– Senior-management involvement– Safeguards Figure 12-19 Security Safeguards as They Relate to the Five IS Components
– Planned response to security incidents
Copyright © 2013 Pearson Education, Inc. Publishing as Prentice Hall 12-24
![Page 25: Chapter 12 MIS Management Processes: Process Management, Systems Development, and Security Copyright © 2013 Pearson Education, Inc. Publishing as Prentice](https://reader030.vdocuments.site/reader030/viewer/2022032612/56649efb5503460f94c0e04d/html5/thumbnails/25.jpg)
What Technical Safeguards Are Available?
• Technical Safeguards
Figure 12-21Technical Safeguards
• Data Safeguards
Copyright © 2013 Pearson Education, Inc. Publishing as Prentice Hall 12-25
![Page 26: Chapter 12 MIS Management Processes: Process Management, Systems Development, and Security Copyright © 2013 Pearson Education, Inc. Publishing as Prentice](https://reader030.vdocuments.site/reader030/viewer/2022032612/56649efb5503460f94c0e04d/html5/thumbnails/26.jpg)
What Technical Safeguards Are Available?
• Identification and Authorization– Passwords– Smart Cards• Personal Identification Number (PINs)
– Biometric Authentication
Copyright © 2013 Pearson Education, Inc. Publishing as Prentice Hall 12-26
![Page 27: Chapter 12 MIS Management Processes: Process Management, Systems Development, and Security Copyright © 2013 Pearson Education, Inc. Publishing as Prentice](https://reader030.vdocuments.site/reader030/viewer/2022032612/56649efb5503460f94c0e04d/html5/thumbnails/27.jpg)
What Technical Safeguards Are Available?
• Encryption– Keys
Figure 12-22Basic Encryption Techniques
Copyright © 2013 Pearson Education, Inc. Publishing as Prentice Hall 12-27
![Page 28: Chapter 12 MIS Management Processes: Process Management, Systems Development, and Security Copyright © 2013 Pearson Education, Inc. Publishing as Prentice](https://reader030.vdocuments.site/reader030/viewer/2022032612/56649efb5503460f94c0e04d/html5/thumbnails/28.jpg)
What Technical Safeguards Are Available?
• Firewalls
• Malware Protection– Viruses, Trojan Horses, and Worms– Spyware and Adware– Malware Safeguards– Bots, Botnets, and Bot Herders
Copyright © 2013 Pearson Education, Inc. Publishing as Prentice Hall 12-28
![Page 29: Chapter 12 MIS Management Processes: Process Management, Systems Development, and Security Copyright © 2013 Pearson Education, Inc. Publishing as Prentice](https://reader030.vdocuments.site/reader030/viewer/2022032612/56649efb5503460f94c0e04d/html5/thumbnails/29.jpg)
What Technical Safeguards Are Available?
• Design Secure Applications– Code injection– SQL injection attacks– Cross-site scripting (XSS)
Copyright © 2013 Pearson Education, Inc. Publishing as Prentice Hall 12-29
![Page 30: Chapter 12 MIS Management Processes: Process Management, Systems Development, and Security Copyright © 2013 Pearson Education, Inc. Publishing as Prentice](https://reader030.vdocuments.site/reader030/viewer/2022032612/56649efb5503460f94c0e04d/html5/thumbnails/30.jpg)
What Technical Safeguards Are Available?
• Data Safeguards
Figure 12-25 Data Safeguards
Copyright © 2013 Pearson Education, Inc. Publishing as Prentice Hall 12-30
![Page 31: Chapter 12 MIS Management Processes: Process Management, Systems Development, and Security Copyright © 2013 Pearson Education, Inc. Publishing as Prentice](https://reader030.vdocuments.site/reader030/viewer/2022032612/56649efb5503460f94c0e04d/html5/thumbnails/31.jpg)
What Technical Safeguards Are Available?
• Technical Safeguards
Figure 12-21Technical Safeguards
• Data Safeguards
Copyright © 2013 Pearson Education, Inc. Publishing as Prentice Hall 12-31
![Page 32: Chapter 12 MIS Management Processes: Process Management, Systems Development, and Security Copyright © 2013 Pearson Education, Inc. Publishing as Prentice](https://reader030.vdocuments.site/reader030/viewer/2022032612/56649efb5503460f94c0e04d/html5/thumbnails/32.jpg)
What Human Security Safeguards Are Available?
• Human Safeguards– Human Resources– Account administration– Systems procedures– Security monitoring
Copyright © 2013 Pearson Education, Inc. Publishing as Prentice Hall 12-32
![Page 33: Chapter 12 MIS Management Processes: Process Management, Systems Development, and Security Copyright © 2013 Pearson Education, Inc. Publishing as Prentice](https://reader030.vdocuments.site/reader030/viewer/2022032612/56649efb5503460f94c0e04d/html5/thumbnails/33.jpg)
What Human Security Safeguards Are Available?
• Human Resources– Position Definitions – Hiring and Screening Processes– Dissemination and Enforcement– Termination Processes
Copyright © 2013 Pearson Education, Inc. Publishing as Prentice Hall 12-33
![Page 34: Chapter 12 MIS Management Processes: Process Management, Systems Development, and Security Copyright © 2013 Pearson Education, Inc. Publishing as Prentice](https://reader030.vdocuments.site/reader030/viewer/2022032612/56649efb5503460f94c0e04d/html5/thumbnails/34.jpg)
What Human Security Safeguards Are Available?
• Account Administration– Account Management; Password Management;
and Help-Desk Policies• Systems Procedures
Figure 12-28 SystemsProcedures
Copyright © 2013 Pearson Education, Inc. Publishing as Prentice Hall 12-34
![Page 35: Chapter 12 MIS Management Processes: Process Management, Systems Development, and Security Copyright © 2013 Pearson Education, Inc. Publishing as Prentice](https://reader030.vdocuments.site/reader030/viewer/2022032612/56649efb5503460f94c0e04d/html5/thumbnails/35.jpg)
What Human Security Safeguards Are Available?
• Security Monitoring– Activity logs– Organization Response to Security Incidents • Disaster Recovery Backup Sites• Incident-Response Plan
Copyright © 2013 Pearson Education, Inc. Publishing as Prentice Hall 12-35
![Page 36: Chapter 12 MIS Management Processes: Process Management, Systems Development, and Security Copyright © 2013 Pearson Education, Inc. Publishing as Prentice](https://reader030.vdocuments.site/reader030/viewer/2022032612/56649efb5503460f94c0e04d/html5/thumbnails/36.jpg)
Ethics Guide
• Security Privacy
Copyright © 2013 Pearson Education, Inc. Publishing as Prentice Hall 12-36
![Page 37: Chapter 12 MIS Management Processes: Process Management, Systems Development, and Security Copyright © 2013 Pearson Education, Inc. Publishing as Prentice](https://reader030.vdocuments.site/reader030/viewer/2022032612/56649efb5503460f94c0e04d/html5/thumbnails/37.jpg)
Conclusion
Q1. What are the activities of business process management?Q2. What are the activities in the systems development life cycle (SDLC) development process?Q3. Which comes first: process or systems development?Q4. What is information systems security?
Copyright © 2013 Pearson Education, Inc. Publishing as Prentice Hall 12-37
![Page 38: Chapter 12 MIS Management Processes: Process Management, Systems Development, and Security Copyright © 2013 Pearson Education, Inc. Publishing as Prentice](https://reader030.vdocuments.site/reader030/viewer/2022032612/56649efb5503460f94c0e04d/html5/thumbnails/38.jpg)
Conclusion
Q5. What are the components of an organization’s security program?Q6. What technical security safeguards are available?Q7. What human security safeguards are available?
Copyright © 2013 Pearson Education, Inc. Publishing as Prentice Hall 12-38
![Page 39: Chapter 12 MIS Management Processes: Process Management, Systems Development, and Security Copyright © 2013 Pearson Education, Inc. Publishing as Prentice](https://reader030.vdocuments.site/reader030/viewer/2022032612/56649efb5503460f94c0e04d/html5/thumbnails/39.jpg)
Copyright © 2013 Pearson Education, Inc. Publishing as Prentice Hall 12-39